isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
4,398 Commits 1 Branch 0 Tags
f54b69b0cc5a29e7c7e17d54fcbd5150f09e3dfd
Commit Graph

284 Commits

Author SHA1 Message Date
Todd C. Miller
f54b69b0cc Replace version.h with PACKAGE_VERSION set via AC_INIT in configure. 2009-05-19 21:24:05 +00:00
Todd C. Miller
8eae33753e Fix a warning when --without-ldap is specified. 2009-04-10 20:59:42 +00:00
Todd C. Miller
28ce9e96e1 Only check for ldap_sasl_interactive_bind_s if we can find sasl.h. 
Fixes compilation with ldapux.
 2009-03-14 01:04:58 +00:00
Todd C. Miller
838cb61086 Add support for AIX netsvc.conf (like nsswitch.conf). 2009-03-10 20:44:05 +00:00
Todd C. Miller
91f04dc3b4 Add --enable-env-debug flag to enable environment sanity checks. 2009-03-08 20:57:01 +00:00
Todd C. Miller
e43e319ae3 Fix SUDO_FUNC_PUTENV_CONST 2009-03-02 13:00:37 +00:00
Todd C. Miller
237d4e922f regen 2009-03-02 12:30:16 +00:00
Todd C. Miller
ef071fa655 Add support for Tivoli-based LDAP start TLS as seen in AIX. Untested. 2009-03-01 21:20:37 +00:00
Todd C. Miller
6fed38f323 Replace sudo_setenv/sudo_unsetenv with calls to setenv/unsetenv and 
provide our own setenv/unsetenv/putenv that operates on own env pointer.
Make sync_env() inline in setenv/unsetenv/putenv functions.
 2009-03-01 00:58:41 +00:00
Todd C. Miller
e7ee38d62c Remove unneeded AC_CANONICAL_TARGET; from Diego E. 'Flameeyes' 2009-02-23 14:18:46 +00:00
Todd C. Miller
f492e53056 Add bsm audit support from Christian S.J. Peron 2009-02-11 01:18:02 +00:00
Todd C. Miller
0bfb3394bb Don't try to build sudo_noexec.so on HP-UX with the bundled compiler as 
it cannot generate shared objects.
 2008-12-09 21:13:02 +00:00
Todd C. Miller
02a894a09c Use HAVE_SIA_SES_INIT instead of HAVE_SIA for Digital UNIX 2008-12-02 17:30:39 +00:00
Todd C. Miller
2464ba1f58 correctly enable SIA on Digital UNIX 2008-11-26 20:10:23 +00:00
Todd C. Miller
48329f0e43 Add isblank() function for systems without it. Needed for POSIX 
character class matching in fnmatch.c and glob.c.
 2008-11-03 18:19:14 +00:00
Todd C. Miller
13e2ccea68 Newer heimdal has 2-argument krb5_get_init_creds_opt_free() like MIT krb5. 
Really old heimdal has no krb5_get_init_creds_opt_alloc() at all.  Add
configure tests to handle all the cases.
 2008-10-23 16:06:23 +00:00
Todd C. Miller
99cdf6dc8d Add tests for __signed char and signed char. 2008-10-03 13:59:39 +00:00
Todd C. Miller
ca6eddf0df Replace the double fork with a fork + daemonize. 2008-06-22 20:19:42 +00:00
Todd C. Miller
c372928c38 Fix configure test for dirfd() on Linux where DIR is opaque. 2008-06-20 21:16:09 +00:00
Todd C. Miller
cfb45078b2 Add description for NO_PAM_SESSION, from a redhat patch. 2008-06-08 21:37:25 +00:00
Todd C. Miller
e2cbaa50a3 Redo the test for dgettext() in a way that hopefully will work around 
the libintl_dgettext() undefined problem.
 2008-05-18 17:54:48 +00:00
Todd C. Miller
f0a6827feb There was a missing space before the ldap libs in SUDO_LIBS for 
some configurations.
 2008-04-10 16:51:17 +00:00
Todd C. Miller
7fe25e284e remove duplicate check for dgettext 2008-04-07 18:26:13 +00:00
Todd C. Miller
241d0750f0 Back out AIX-specific change to set the sudo_noexec path to the .a 
file, we do really want to use the .so file.  Since libtool doesn't
do that correctly, just install the .so file ourselves in the Makefile.
 2008-03-23 14:18:56 +00:00
Todd C. Miller
52710ce517 AIX shared libs end in .a, not .so. 2008-03-14 12:11:57 +00:00
Todd C. Miller
229a79b6b8 update to libtool-1.5.26 2008-03-06 19:43:25 +00:00
Todd C. Miller
897239afe9 Add aix_setlimits() to set resource limits on AIX using a combination 
of getuserattr() and setrlimit().  Currently untested.
 2008-03-06 17:19:57 +00:00
Todd C. Miller
64d226e1d7 we are not going to ship a sudo-specific askpass 2008-03-04 22:16:49 +00:00
Todd C. Miller
ee04914164 Add support for running a helper program to read the password when 
no tty is present (or when specified with the -A flag).  TODO: docs.
 2008-03-02 14:31:57 +00:00
Todd C. Miller
f20935284b Disable use of gss_krb5_ccache_name() by default and add 
--enable-gss-krb5-ccache-name configure option to enable it.  It
seems that gss_krb5_ccache_name() doesn't work properly with some
combinations of Heimdal and OpenLDAP.
 2008-02-27 14:26:28 +00:00
Todd C. Miller
cf6bca4b07 Substitute in comment characters for lines partaining to login.conf, 
BSD auth and SELinux and only enable them if pertinent.
 2008-02-18 15:53:33 +00:00
Todd C. Miller
279ee07ee0 comment out SELinux manual bits unless --with-selinux was specified 2008-02-17 13:11:38 +00:00
Todd C. Miller
506285209d Treat k*bsd*-gnu like Linux, not BSD. 
Fixes compilation problems on Debian GNU/kFreeBSD.
 2008-02-15 20:23:54 +00:00
Todd C. Miller
9635907f29 regen 2008-02-09 14:48:21 +00:00
Todd C. Miller
f0dc1caa45 Use SUDO_DEFINE_UNQUOTED instead of AC_DEFINE_UNQUOTED to prevent 
ldap.conf and ldap.secret paths from going into config.h.
Avoid single quotes in variable expansion when using SUDO_DEFINE_UNQUOTED
since in some versions of bash they will end up literally in the resulting
define.
 2008-01-23 11:33:27 +00:00
Todd C. Miller
48df9c481b ldap_ssl.h depends on ldap.h being included first 2008-01-21 16:43:10 +00:00
Todd C. Miller
a3e6610e01 Include ldap_ssl.h if we can find it. Needed for the ldapssl_set_strength 
defines on HP-UX at least.
 2008-01-21 16:07:42 +00:00
Todd C. Miller
c268627f90 Substitute values for ldap.conf, ldap.secret and nsswitch.conf into 
sudoers.ldap.man.
 2008-01-20 15:15:47 +00:00
Todd C. Miller
49f2264ad6 substitute for sudoers.ldap.man 2008-01-20 01:35:54 +00:00
Todd C. Miller
0f6101bb26 include <mps/ldap_ssl.h> in ldap.c if available 2008-01-17 20:44:28 +00:00
Todd C. Miller
63f224f045 Don't add -llber twice. 2008-01-15 12:28:33 +00:00
Todd C. Miller
dde5143f08 Fix check that determines whether -llber is required. 2008-01-13 19:57:34 +00:00
Todd C. Miller
9a07c1a7f1 For netscape-based LDAP, use ldapssl_set_strength() to implement 
the checkpeer ldap.conf option.
 2008-01-13 19:22:11 +00:00
Todd C. Miller
1df9ca2dc1 Add check for ber_set_option() in -llber 2008-01-09 17:08:30 +00:00
Todd C. Miller
f1377429a1 Add check for ldap_sasl_bind_s() 
Remove -DLDAP_DEPRECATED from CFLAGS
 2008-01-05 12:56:39 +00:00
Todd C. Miller
b564d51861 add check for ldap_create 2008-01-04 14:56:10 +00:00
Todd C. Miller
86bd55fc6d Add sudo_ldap_get_first_rdn() to return the first rdn of an entry's dn 
using the mechanism appropriate for the LDAP SDK in use.
Use ldap_unbind_ext_s() instead of deprecated ldap_unbind_s().
Emulate ldap_unbind_ext_s() and ldap_search_ext_s() for SDK's without them.
 2008-01-03 21:11:33 +00:00
Todd C. Miller
32e4a98a69 add check for st__tim in struct stat as used by SCO 2008-01-02 20:29:48 +00:00
Todd C. Miller
6f2cd1b184 Rename read_nss -> sudo_read_nss 
Add --with-nsswitch to allow users to specify nsswitch.conf path or disable it.
If --with-nsswitch=no but --with-ldap, order is LDAP, then sudoers.
Fix --with-ldap-conf-file and --with-ldap-secret-file
 2008-01-01 18:22:03 +00:00
Todd C. Miller
56729b9a63 Use ldapssl_init() for ldaps support instead of trying 
to do it manually with ldap_init() + ldapssl_install_routines().
Use tls_cert and tls_key for cert7.db and key3.db respectively.
Don't print debugging info for options that are not set.
Add warning if start_tls specified when not supported.
 2007-12-19 19:28:57 +00:00