isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
12,536 Commits 1 Branch 0 Tags
f6291bf83e434c44b51b47322a19d5c93f4eb956
Commit Graph

240 Commits

Author SHA1 Message Date
Todd C. Miller
e178b85821 Store the source of the matching rule and store in the event log. 
The JSON logs will store the matching rule source.
 2023-08-08 09:57:09 -06:00
Todd C. Miller
a38b714667 sudoers plugin: silence most -Wconversion warnings. 2023-07-07 15:07:04 -06:00
Rose
e54ba33ea0 Avoid compiler casting warnings by assigning to the same type where possible 
This saves instructions that are related to casting as well as compiler warnings.
 2023-06-28 17:25:26 -04:00
Todd C. Miller
0a4c8872a8 The I/O log file name is not just the basename of the full iolog_path. 
The audit plugin already has the correct value for iolog_file, don't
overwrite it with basename(iolog_path).  In the future we may wish
to pass in iolog_file and iolog_dir in addition to iolog_path.
Fixes Bug #1046.
 2023-03-31 15:51:14 -06:00
Todd C. Miller
f066ff9e01 Eliminate a few harmless dead stores. 
Quiets warnings from Infer.
 2022-11-22 11:18:24 -07:00
Todd C. Miller
13672f28df Make sudo pass -Wwrite-strings 2022-06-28 16:33:15 -06:00
Todd C. Miller
f5ac1317c4 Make sudo pass -Wmissing-prototypes 2022-06-27 12:48:03 -06:00
Todd C. Miller
d04810c4f2 Save a pointer to the event_alloc parameter in the plugin open function. 
That way we don't need to pass event_alloc around to the log client
functions.
 2022-06-09 13:05:21 -06:00
Todd C. Miller
65e5b89f1d Pass file, line and column to sudoers defaults callbacks. 2022-03-10 13:35:58 -07:00
Todd C. Miller
c5027c796c Free potential leaks of passprompt_regex_handle. 
Coverity CID 249057
 2022-02-10 09:08:31 -07:00
Todd C. Miller
5ea0bf4ee2 Escape/unescape commas when serializing/deserializing a stringlist. 2022-01-28 08:52:42 -07:00
Todd C. Miller
0efe280037 Add a new sudoers settings log_passwords and passprompt_regex. 
When logging terminal input, if log_passwords is disabled and any
of the regular expressions in the passprompt_regex list are found
in the terminal output, terminal input will be replaced with '*'
characters until a newline or carriage return is found in the input
or an output character is received.
 2022-01-28 08:52:41 -07:00
Todd C. Miller
86f123cd9d Pass the operator to the Defaults callback too. 
That way we can tell what to do in callbacks for lists.
 2022-01-28 08:52:41 -07:00
Todd C. Miller
00f0c233b2 Only include log_client.h if SUDOERS_LOG_CLIENT is defined. 2021-10-21 19:46:35 -06:00
Todd C. Miller
dc90df8de5 Check snprintf() return values even if we preallocated the correct amount. 
There are no remaining unchecked snprintf() that can actually overflow.
 2021-09-21 19:13:35 -06:00
Todd C. Miller
bb5843055e Replace messages like "unknown foo: %s" with "unknown foo %s". 
The colon really doesn't belong there; we generally use a colon to
separate a message from the warning detail.
 2021-08-19 09:44:11 -06:00
Todd C. Miller
2e99450d40 Fix logging intercepted commands to a log server in sudoers. 
Only available when the server supports the subcommands capability.
 2021-08-09 15:50:26 -06:00
Todd C. Miller
af0345e238 Fix cut & pasto that prevented the verify_server option from being set. 
The "log_server_verify" setting passed from the policy plugin was
applied to the "keepalive" option instead of "verify_server".
From Krisztian Kovacs.
 2021-04-30 11:03:23 -06:00
Todd C. Miller
d1969b4f0b Plug memory leak if there are duplicate user_info or command_info entries. 2021-02-14 07:21:00 -07:00
Todd C. Miller
0663ffbc3f Use sudo_basename() instead of doing the equivalent manually. 2021-02-10 15:14:08 -07:00
Todd C. Miller
62525dcc94 Log reject and alert messages to the log server if one is defined. 2020-11-09 17:15:02 -07:00
Todd C. Miller
e56c3b342b Rename iolog_plugin.h to log_client.h. 
It is no longer I/O log specific and is used by sudoers_audit too.
 2020-11-09 17:13:04 -07:00
Todd C. Miller
62547746d3 Rename iolog_client -> log_client. 
The logsrvd client code is now used for more than just I/O logging.
 2020-11-09 17:13:04 -07:00
Todd C. Miller
2112d9beb1 Log accept messages in sudoers_audit if not I/O logging. 2020-11-04 05:39:16 -07:00
Todd C. Miller
e264767eaa Refactor sudoers_io_open_remote() into log_server_open(). 
Also rename client_close() to log_server_close().
This keeps more of the client code details out of iolog.c and
will be used when logging accept messages from the audit plugin.
 2020-11-04 05:29:03 -07:00
Todd C. Miller
2d888380a4 Move argv and envp setting into iolog_deserialize_info(). 2020-11-04 05:20:08 -07:00
Todd C. Miller
3ca3bfaab7 Make a copy of the strings stored in iolog_details and struct eventlog. 
Previously, we just made the strings const and relied on the front-end
not changing them.  Now the sudoers I/O log plugin behavior is
consistent with the policy plugin.
 2020-10-26 15:40:04 -06:00
Todd C. Miller
2d45becd4a Use struct eventlog in iolog_details. 2020-10-26 15:40:01 -06:00
Todd C. Miller
db72498257 Use struct eventlog in place of struct iolog_info. 2020-10-26 15:31:41 -06:00
Todd C. Miller
bd254e1042 Read/write runchroot and runcwd entries in the JSON event log. 2020-09-01 06:26:05 -06:00
Todd C. Miller
961a4afe67 Fix some warnings from pvs-studio 2020-08-12 13:45:09 -06:00
Todd C. Miller
985af422d2 Rename __dso_public -> sudo_dso_public and move to config.h. 2020-08-12 09:57:42 -06:00
Todd C. Miller
2a29daee18 Clear the write bit from the I/O log timing file when it is complete. 
This matches the behavior of sudo_logsrvd.
 2020-05-18 13:16:29 -06:00
Todd C. Miller
446ae3f507 Include string.h unconditionally and only use strings.h for strn?casecmp() 
In the pre-POSIX days BSD had strings.h, not string.h.
Now strings.h is only used for non-ANSI string functions.
 2020-05-18 07:59:24 -06:00
Todd C. Miller
0cf2e09e0c Apply spelling fixes. 
Fixes from PR #30 (ka7) and Bug #925 (fossies.org codespell)
 2020-05-06 09:27:43 -06:00
Todd C. Miller
8186b98208 Adapt sudoers iolog client to log server dual port changes. 
The TLS handshake now occurs before the ServerHello message is read.
This fixes potential man-in-the-middle attacks and works better with
TLS 1.3.
 2020-05-05 13:23:26 -06:00
Todd C. Miller
132b943a2d Only display error string once on I/O error. 
We already include the error string in the format so no need to use
errno too.
 2020-04-17 15:36:45 -06:00
Todd C. Miller
ae7bb12335 Free passwd and group caches in I/O plugin after log_warning(), not before. 
The logging functions may try to use the cache via set_perms(PERM_ROOT).
 2020-04-17 15:07:25 -06:00
Todd C. Miller
ea9b711a70 Write an extended I/O info log in JSON format. 
This will be used by sudoreplay if it exists to get more information
about the command being replayed.
 2020-03-29 05:05:08 -06:00
Todd C. Miller
bf2bc931ab Revert change to initialize io_operations earlier. 
Instead, check io_operations.open for NULL which is the case for
"sudo -V".  Also move the early return in sudoers_io_open() for
"sudo -V" until after we have initialized debugging.
 2020-03-01 13:36:54 -07:00
Todd C. Miller
f590f81b3c Initialize io_operations earlier. 2020-02-28 07:03:15 -07:00
Todd C. Miller
5635c22f6b Add --disable-log-server and --disable-log-client configure options. 
These can be used to optionally disable building sudo_logsrvd and
support for remote I/O logging in the sudoers plugin respectively.
 2020-02-26 13:17:40 -07:00
Todd C. Miller
b9bea25592 Read ServerHello message synchronously before the command is executed. 
Otherwise, the command could be run before the TLS handshake completes.
 2020-01-31 19:48:27 -07:00
Todd C. Miller
45e589d443 Pass back a failure or error string to the front end. 
The audit_failure() function now stores the failure string.
This will allow an audit plugin to log the reason if the user's
request is a rejected.
 2020-01-30 13:25:36 -07:00
Laszlo Orban
6f3f45aa24 sudoers: disable SO_KEEPALIVE socket option based on log_server_disable_keepalive flag in sudoers 2020-01-22 10:52:18 -07:00
Todd C. Miller
c3bd025052 Store the server host name and IP in client_closure_fill(). 
Also check for getpeername() and inet_ntop() failure.
 2020-01-20 14:03:41 -07:00
Todd C. Miller
5a86073bd0 Portability fixes and correct path to hostcheck.h in MANIFEST. 
Include sys/socket.h for getpeername().
Link with -lnsl on Solaris to get inet_pton().
 2020-01-18 11:32:45 -07:00
Laszlo Orban
de02745a3f save a pointer to the currently connected audit server in the closure object 2020-01-18 05:49:54 -07:00
Todd C. Miller
bbb9520c3a Use SUDOERS_DEBUG_* not SUDO_DEBUG_* in debug_decl() for the sudoers plugin. 2020-01-15 14:11:18 -07:00
Todd C. Miller
486ee2b71f debug_decl and debug_decl_vars now require a semicolon at the end. 2019-12-22 08:48:16 -07:00