isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
12,018 Commits 1 Branch 0 Tags
f0530b66d31282d5ff18f03377d25592e36f43a9
Commit Graph

250 Commits

Author SHA1 Message Date
Todd C. Miller
b89cf34b53 Replace sudo_fatal(NULL) with an "unable to allocate memory" message 
that includes the function name.
 2018-10-12 08:39:12 -06:00
Todd C. Miller
cf07dc0757 Add a suspend event type to the I/O log to log suspend/resume of 
the command so we can skip that delay during replay.
 2018-10-05 14:16:08 -06:00
Todd C. Miller
e2570307e6 Initialize the pty rows/cols based on the values we stored in user_details. 
This fixes a minor issue where we would send an extra window size
change event the first time the command was suspended.
 2018-10-05 14:04:29 -06:00
Todd C. Miller
59e5e379be Move the loop to free the monitor_messages list into free_exec_closure_pty() 2018-08-23 11:10:57 -06:00
Todd C. Miller
5cca421867 Close the pty slave in the parent so that when the command and 
monitor exit, the pty gets recycled without our having to close
it directly.
 2018-08-20 10:04:15 -06:00
Todd C. Miller
6953e7fc79 Move updating of the window size to the monitor process. 
This will allow us to close the slave in the main sudo process in
the future so only the command and monitor have it open.
 2018-08-20 10:04:14 -06:00
Todd C. Miller
dc1e0e7168 Work around a bug on AIX where closing the pty slave causes the 
main sudo process to lose its controlling tty (which was *not* the
pty slave).
 2018-07-23 11:37:26 -06:00
Todd C. Miller
a42cf67acb In pty_close() we still need to check whether the pty master and 
slave fds are open before closing them.  When no tty is present but
we are I/O logging pty_close() will be called when there is no
actual pty in use.
 2018-03-27 16:00:08 -06:00
Todd C. Miller
2336496347 In pty_close() there is no need to remove events associated with 
the pty slave as there are none.  We also don't need to check for
the pty fds being -1 since they are not closed elsewhere and
pty_close() is only called if pty_setup() succeeds.
 2018-03-26 06:28:23 -06:00
Todd C. Miller
4df454310d In pty_close() close the slave and remove any events associated 
with it.  Fixes a potential hang when performing the final flush
on non-BSD systems.
 2018-03-25 06:03:19 -06:00
Todd C. Miller
d5d170252a In pty_cleanup() we need to call sudo_term_restore() even if no I/O 
plugins are present as long as /dev/tty exists.  Fixes the use_pty
case with no I/O plugins.
 2018-02-19 11:00:12 -07:00
Todd C. Miller
42fe0409f6 Add sudo_ev_dispatch(), a wrapper for ev_loop() with no flags. 
Similar the dispatch function in libevent.
 2018-02-19 11:00:10 -07:00
Todd C. Miller
cd0b700543 No need for a loop around the recv() now that we don't have to worry 
about EINTR.  CID 180697
 2017-12-12 21:44:23 -07:00
Todd C. Miller
48fba3c2cc update my email to Todd.Miller@sudo.ws 2017-12-03 17:53:40 -07:00
Todd C. Miller
a2eff11509 Track window size changes that happen while sudo is suspended 2017-12-02 21:30:11 -07:00
Todd C. Miller
116c5d7eff Move call to sudo_ev_loopcontinue() into schedule_signal() itself. 
We always want to prioritize signal forwarding.
 2017-11-30 10:02:15 -07:00
Todd C. Miller
b9adb3dd51 Don't loop over read/write, recv/send or tcgetpgrp/tcsetpgrp trying 
to handle EINTR.  We now use SA_RESTART with signals so this is not
needed and is potentially dangerous if it is possible to receive
SIGTTIN or SIGTTOU (which it currently is not).
 2017-11-30 09:53:21 -07:00
Todd C. Miller
54acf4f991 Handle receipt of SIGTTIN/SIGTTOU when reading/writing from/to the tty. 
We can't use a signal event for these since that would restart the
system call after the signal was handled and the callback would not
get a chance to run.  Fixes running a command in the background that
write to the tty when the TOSTOP terminal flag is set.
 2017-11-29 12:06:12 -07:00
Todd C. Miller
5ccc7ab879 We don't need to be the foreground process to be able to write to 
the terminal in most cases.  If the background process tries to
modify the terminal flags it will receive SIGTTOU which is relayed
to the sudo front-end.  This currently mishandles terminals with
the TOSTOP local flag set.
 2017-11-29 12:06:12 -07:00
Todd C. Miller
3b88cdfcd8 Fix stair-stepped output when the output of a sudo command is piped 
to another command and use_pty is set.
 2017-09-26 14:21:11 -06:00
Todd C. Miller
8949992040 Set ec->cmnd_pid to the correct value when receiving the command's 
process ID from the monitor.
 2017-09-07 13:22:10 -06:00
Todd C. Miller
84af812b8c If /dev/tty is not available and no I/O logging plugins are configured, 
fall back on exec_nopty() even if the policy plugin requested a pty.
We never allocate a pty when sudo is not run from a terminal anyway.
 2017-09-07 11:32:30 -06:00
Todd C. Miller
2c2476f07f Do not set utmp_user if we did not actually allocate a pty. 2017-09-07 11:00:19 -06:00
Todd C. Miller
0849e2cac4 No need to call sudo_ev_del() before sudo_ev_free(); sudo_ev_free() 
will delete the event from its base before freeing it.
 2017-07-27 14:12:57 -06:00
Todd C. Miller
1cfaf6c344 Terminate the command if an I/O log function returns 0 or -1. This 
was mistakenly removed by 25b7fd056614 in Sudo 1.8.18 with the
removal of the ignore_iolog_errors variable.
 2017-07-27 14:10:44 -06:00
Todd C. Miller
7f8765d327 If we free the default base in sudo_ev_base_free(), reset the default 
base to NULL.
 2017-07-14 10:09:58 -06:00
Todd C. Miller
d2a0bfbb12 Add the ability to set a default event base, to be used by plugins 
which don't have access to the event base.
 2017-07-13 13:59:31 -06:00
Todd C. Miller
8898ec1f9c Pass window size change events to the plugin. 2017-07-12 05:47:28 -06:00
Todd C. Miller
6d4d4594b7 Use _PATH_DEV consistently 2017-06-29 18:10:53 -06:00
Todd C. Miller
ad8c1ae07a To avoid overwriting existing command status, check for CMD_INVALID 
instead of CMD_ERRNO or CMD_WSTATUS.
 2017-05-18 13:53:15 -06:00
Todd C. Miller
c91b6777d3 On HP-UX 11.0, sys/ioctl.h is not sufficient to make struct winsize 
visisble, we need termios.h too.
 2017-05-15 09:37:58 -06:00
Todd C. Miller
d979898e71 Remove use of non-standard sigaction_t 2017-05-12 10:02:18 -06:00
Todd C. Miller
1186f39842 Use SUDO_EV_SIGNAL and SUDO_EV_SIGINFO instead of managing the 
signal_pipe explicitly.
 2017-05-12 10:02:17 -06:00
Todd C. Miller
44dc15d02d If any of std{in,out,err} are not hooked up to a tty only interpose 
ourselves with a pipe if the plugin will actually log the data.
This avoids a problem with non-interactive commands where no tty
is present where sudo will consume stdin even when log_input is not
enabled in sudoers.
 2017-05-05 14:27:42 -06:00
Todd C. Miller
dab8651ed2 We no longer need to write to the tty if the command was killed by 
a signal.  Sudo will terminate itself with the same signal the
command died from.  Unfortunately, we lose the "core dumped" bit
since sudo itself will not dump core, but there doesn't appear to
be a way around that.
 2017-04-28 10:32:15 -06:00
Todd C. Miller
9f1afe23fe Use the standard idiom for popping all entries from a tail queue. 
The llvm checker gets confused by TAILQ_REMOVE and generate
use-after-free false positives.
 2017-04-20 16:13:14 -06:00
Todd C. Miller
6e75179528 init io_pipe[][] to -1, not 0 2017-04-20 15:09:07 -06:00
Todd C. Miller
867fd16343 Move SIGCHLD handling into handle_sigchld() functions and move the 
remaining bits of dispatch_signal() into signal_pipe_cb()
 2017-03-09 08:36:40 -07:00
Todd C. Miller
a788144094 change debug info when suspending sudo 2017-03-03 11:20:25 -07:00
Todd C. Miller
6dba84dca9 Reorganize the command execution code to separate out the pty and 
non-pty code paths into their own event loops.  The non-pty exec
code is now contained in exec_nopty.c and the pty exec code is split
between exec_pty.c (parent process) and exec_monitor.c (session leader).
This results in a small bit of duplicated code but improves readability.
Some of the duplicated code will fall out in future changes to the
event subsystem (the signal pipe).
 2017-03-03 10:35:11 -07:00
Todd C. Miller
4b1f0c4176 Remove support for the TIOCGSIZE ioctl. Systems that use this 
rather than TIOCGWINSZ are too old for sudo to build on anyway.
 2017-02-26 16:41:25 -07:00
Todd C. Miller
13fcdb4f5f Set the child pid to -1 after we've waited for it and take care to 
avoid killing pid -1.  This makes it a bit more explicit and removes
the need for a separate variable to track the child's status.
Sudo already stops processing signals after it receives SIGCHLD so
it is not vulnerable to CVE-2017-2616.
 2017-02-24 15:14:56 -07:00
Todd C. Miller
dde2b5eb2c Close execfd in parent processes where it is not needed. 2017-01-22 18:56:13 -08:00
Todd C. Miller
2f0295373a When waiting for the parent to grant us the tty, use nanosleep 
instead of spinning to avoid hogging the CPU.
 2017-01-12 10:44:26 -07:00
Todd C. Miller
5a7936209e Quiet a PVS-Studio warning about the spin loop when waiting for the 
parent to assign us the terminal pgrp.
 2016-10-26 13:49:04 -06:00
Todd C. Miller
fc1b4155d7 Replace bare ";" in the body of for() loops with "continue;" for 
improved readability.
 2016-10-26 10:42:28 -06:00
Todd C. Miller
9b886f6b2c The flush parameter of sudo_term_restore() is bool, not int. 2016-10-17 08:57:17 -06:00
Todd C. Miller
533c9ce108 Add back line mistakenly removed in 0cf2a9351740 2016-09-11 14:37:42 -06:00
Todd C. Miller
3f022419ae Be consistent with the naming of the variable used to store the 
function return value.  Previously, some code used "rval", some
used "ret".  This standardizes on "ret" and uses "rc" for temporary
return codes.
 2016-09-08 16:38:08 -06:00
Todd C. Miller
3e4c7eed31 Move the ignoring of I/O log plugin errors into the I/O log plugin 
itself.
 2016-08-17 14:38:00 -06:00