isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7,609 Commits 1 Branch 0 Tags
e9914a91b11308c58effc97bf6e8b72cd3b2ec27
Commit Graph

115 Commits

Author SHA1 Message Date
Todd C. Miller
e9914a91b1 The sudoers plugin now defines its own list of debugging subsystem names 
and defines.
 2014-10-22 13:30:52 -06:00
Todd C. Miller
866cfc4fc3 Add support for multiple Debug lines per program. Callers may 
register arbitrary debug facilities or use built-in defaults.  We
now use separate Debug statements for plugins and programs.
 2014-10-22 13:23:05 -06:00
Todd C. Miller
28f6ee5f9e Fix NULL deref if base64_decode returns -1. 2014-07-22 14:53:15 -06:00
Todd C. Miller
430ad0fa8a Be sure to NUL-terminate the decoded secret when converting from 
base64.
 2014-07-13 15:23:32 -06:00
Todd C. Miller
b5a6037a6c Fix a pointer signednes warning calling base64_decode(). 2014-07-13 14:27:20 -06:00
Todd C. Miller
36a5767e3e efree -> sudo_efree for consistency 2014-07-10 15:35:04 -06:00
Todd C. Miller
c35d7f2b04 Add support for base64 secrets in ldap.conf and ldap.secret. 
Based on an idea from anthony AT rlost DOT com
 2014-07-10 15:31:11 -06:00
Todd C. Miller
a8fa112a53 atobool -> sudo_strtobool 
atoid-> sudo_strtoid
atomode -> sudo_strtomode
 2014-06-27 14:53:54 -06:00
Todd C. Miller
2d61d38c23 Add sudo_ prefix to alloc.c functions and rename alloc.h -> sudo_alloc.h 2014-06-27 10:48:31 -06:00
Todd C. Miller
aecef4aa1d Rename warning/fatal -> sudo_warn/sudo_fatal to avoid namespace 
pollution in libsudo_util.so.
 2014-06-27 09:30:52 -06:00
Todd C. Miller
7bafa63c15 Don't pollute the namespace with lbuf struct and functions 2014-06-26 15:51:15 -06:00
Todd C. Miller
f029e3e744 Remove touch() from fileops.c and just call utimes/futimes directly. 
Rename lock_file -> sudo_lock_file to avoid namespace pollution
 2014-06-26 15:51:15 -06:00
Todd C. Miller
b5b75b2d8a Don't call gss_krb5_ccache_name() with a NULL pointer when restoring 
the old credential cache file name.  This can happen if there was
no old name returned by gss_krb5_ccache_name().  Fixes a crash on
kerberized LDAP on some platforms.
 2014-06-17 08:51:41 -06:00
Todd C. Miller
5086194c67 Eliminate calls to fatal()/fatalx()/log_fatal() in env.c and just 
pass back a return value.
 2014-04-30 16:57:12 -06:00
Todd C. Miller
134b2a4228 Rename emalloc2() -> emallocarray() and erealloc3() -> ereallocarray(). 2014-04-22 16:02:28 -06:00
Todd C. Miller
a78da37487 Make set_perms() and restore_perms() return an error instead of 
calling exit() on failure.
 2014-04-10 16:11:47 -06:00
Todd C. Miller
7d994b5032 Remove remaining calls to fatalx(); just pass the error to the caller. 2014-03-31 15:43:52 -06:00
Todd C. Miller
8287e21d36 Add use_netgroups sudoers option. For LDAP-based sudoers, netgroup 
support requires an expensive substring match on the server.  If
netgroups are not needed, this option can be disabled to reduce the
load on the LDAP server.
 2014-02-07 14:58:48 -07:00
Todd C. Miller
7a1cd11c0d Update copyright year. 2014-02-06 16:00:56 -07:00
Todd C. Miller
f7a419b5f9 Use a default LDAP search filter of (objectClass=sudoRole). When 
constructing the netgroup query, add (sudoUser=*) to the query so
we don't fall below the 3 character OpenLDAP substring threshold.
Otherwise the index for sudoUser will never be used for that query.
Pointed out by Michael Stroeder.
 2014-02-06 15:50:08 -07:00
Todd C. Miller
cbf41b8b96 The OpenBSD strtonum() uses very short error strings that can't 
be translated usefully.  Convert them to longer strings on error.
Also use the longer strings for atomode() and atoid().
 2013-12-11 13:43:10 -07:00
Todd C. Miller
8f9ce7249a Use strtonum() instead of atoi(), strtol() or strtoul() where possible. 2013-12-10 16:23:21 -07:00
Todd C. Miller
12f3bdf60e Add wrapper functions for dlopen() et al so that we can support 
statically compiling in the sudoers plugin but still allow other
plugins to be loaded.  The new --enable-static-sudoers configure
option will cause the sudoers plugin to be compiled statically into
the sudo binary.  This does not prevent other plugins from being
loaded as per sudo.conf.
 2013-11-22 16:35:15 -07:00
Todd C. Miller
96eb2c4f8f Add warning_gettext() wrapper function that changes to the user locale, 
then calls gettext().
Add U_ macro that calls warning_gettext() instead of gettext().
Rename warning2()/error2() back to warning_nodebug()/error_nodebug().
 2013-11-18 08:59:57 -07:00
Todd C. Miller
99b7351de0 Fix some #if vs. #ifdef and remove an extraneous semicolon. 
Bug #624; from Daniel Richard G.
 2013-11-17 16:15:36 -07:00
Todd C. Miller
6c71ad5c15 Add debug_return_const_str and debug_return_const_ptr for returning 
a const string or pointer.  Using const for the normal versions
produces warnings with the Tru64 compiler.
 2013-11-17 16:11:39 -07:00
Todd C. Miller
e2bfbe6039 If user specified start_tls and ldaps, display a warning and ignore 
start_tls.  There's no reason to make this a fatal error.
 2013-10-24 15:40:02 -06:00
Todd C. Miller
38a5b0a655 Should not attempt start_tls on an ldaps connection. 2013-10-24 07:16:57 -06:00
Todd C. Miller
07a804caf3 Quiet sign comparision warnings. 2013-10-23 15:03:31 -06:00
Todd C. Miller
994879c044 Ignore SIGPIPE when connecting to the LDAP server so we can get a 
proper error message with the IBM LDAP libs.  Also return LDAP_SUCCESS
instead of 0 from most sudo_ldap_* functions that return an int.
 2013-10-23 11:15:24 -06:00
Todd C. Miller
29361ec003 sudo_ldap_parse_uri() should join multiple URIs in the string list 
together but it was clearing the host entry each time through the
loop.  Fixes a bug with multiple URI entries in ldap.conf where
only the last one was being honored.
 2013-10-22 16:52:23 -06:00
Todd C. Miller
f85106ea67 Use SLIST and STAILQ macros instead of doing headless singly linked 
lists manually.  As a bonus we now use a tail queue for ldap.c and
sudoreplay.c.
 2013-10-22 09:08:09 -06:00
Todd C. Miller
923edabe6c Convert sudo to use BSD TAILQ macros instead of home ground tail 
queue functions.  This includes a private queue.h header derived
from FreeBSD.  It is simpler to just use our own header rather than
try to deal with macros that may or may not be present in various
queue.h incarnations.
 2013-10-22 09:00:37 -06:00
Todd C. Miller
925984d888 Fix error display from ldap_ssl_client_init(). There are two error 
codes.  The return value can be decoded via ldap_err2string() but the
ssl reason code cannot (you have to look it up in a table online).
 2013-08-17 07:08:20 -04:00
Todd C. Miller
62da46a9cb Add some warnings and debugging to sasl ccname handling. 2013-07-31 15:20:14 -06:00
Todd C. Miller
c0c782ae14 Fix write loop invariant in sudo_krb5_copy_cc_file() 2013-07-31 15:03:46 -06:00
Todd C. Miller
09e752274e Strip off leading FILE: or WRFILE: prefix before trying to copy 
the user's credential cache.
 2013-07-30 15:37:04 -06:00
Todd C. Miller
b1c8f0575b Now that the ldap code runs with the real and effective uid set to 
0, it is not possible for the gssapi libs to find the user's krb5
credential cache file.  To work around this, we make a temporary
copy of the user's credential cache specified by KRB5CCNAME (opened
with the user's effective uid) and point gssapi to it.  To set the
credential cache file name, we dynamically look up gss_krb5_ccache_name()
and use it if available, otherwise fall back to setting KRB5CCNAME.
 2013-07-28 17:06:43 -06:00
Todd C. Miller
fa6c857112 Allow ldap_conf and ldap_secret to be specified as plugin arguments 
in sudo.conf
 2013-04-25 14:49:02 -04:00
Todd C. Miller
a40de4135e Replace DPRINTF with DPRINTF1 and DPRINTF2 macros that use 
SUDO_DEBUG_DIAG and SUDO_DEBUG_INFO respectively for logging to the
debug file with the ldap subsystem.
The sudoers_debug setting in ldap.conf is still honored for now but
will be removed in a future release.
 2013-04-25 10:12:42 -04:00
Todd C. Miller
95b50f84af Use time(&now) instead of now = time(NULL) when storing the current 
time in a time_t (better compiler error checking).
Better parsing and printing of 64-bit time_t on 32-bit platforms.
 2013-04-23 13:15:22 -04:00
Todd C. Miller
39acd2fcba Rename error/errorx -> fatal/fatalx and remove the exit value as 
it was always 1.
 2013-04-18 14:07:59 -04:00
Todd C. Miller
cc3c76b85d Add digest support for sudoers in ldap and sss. 2013-04-16 16:03:37 -04:00
Todd C. Miller
35375a2b7e Initial implementation of checksum support in sudoers. 
Currently supports SHA-224, SHA-256, SHA-384, SHA-512.
TODO: checksum format validation in parser and base64 support.
      checksum support for ldap sudoers
 2013-04-14 07:00:21 -04:00
Todd C. Miller
1da8739c38 Use userpw_matches() for username matching so #uid works for 
sudoRunAsUser.
 2013-02-21 07:03:52 -05:00
Todd C. Miller
7aae6bd6e3 Add line continuation support to sudo_parseln() and make it use 
getline() instead of fgets() internally.
 2013-02-07 10:56:01 -05:00
Todd C. Miller
1d7072fe09 Don't include <sys/param.h>. We only needed it for MAXPATHLEN, 
MAXHOSTNAMELEN and the MIN/MAX macros.  We now use PATH_MAX and
HOST_NAME_MAX throughout without falling back on MAXPATHLEN or
MAXHOSTNAMELEN and define our own MIN/MAX macros as needed.
 2012-12-04 10:40:47 -05:00
Todd C. Miller
7b3d268687 Call gettext() on parameters for warning()/warningx() instead of 
having warning() do it for us.
 2012-11-25 09:34:04 -05:00
Todd C. Miller
595d3b2651 Display warning/error messages in the user's locale. 2012-11-08 15:37:44 -05:00
Todd C. Miller
bdf93e8d3e Enable non-Unix group support for LDAP sudoers. We now check for 
non-Unix groups and netgroups with the same query in the second
pass.  Bug #571
 2012-09-15 13:41:24 -04:00