]>
granicus.if.org Git - sudo/log
Todd C. Miller [Tue, 26 May 2015 20:14:06 +0000 (14:14 -0600)]
Fix sudo_strnlen() prototype.
Todd C. Miller [Tue, 26 May 2015 20:05:26 +0000 (14:05 -0600)]
Add strndup() for those without it. As strndup.c uses strnlen(),
use our own if it is missing.
Todd C. Miller [Tue, 26 May 2015 20:01:37 +0000 (14:01 -0600)]
Add missing sudo_ prefix and include sudo_compat.h.
Todd C. Miller [Tue, 26 May 2015 19:55:18 +0000 (13:55 -0600)]
Add strnlen() replacement needed for glob.c.
Only used if no glob() and no strnlen().
Todd C. Miller [Thu, 21 May 2015 17:26:44 +0000 (11:26 -0600)]
Get rid of SUDO_MAIN. Modern compilers don't warn about mixing
extern and auto declarations unless they conflict.
Todd C. Miller [Thu, 21 May 2015 17:13:20 +0000 (11:13 -0600)]
Avoid using a leading underbar in defines as they are reserved in
ISO C.
Todd C. Miller [Thu, 21 May 2015 17:07:13 +0000 (11:07 -0600)]
Add target for "make splint". A few files need extra guards to avoid
errors on systems where they would not otherwise be compiled.
No warnings from splint.
Todd C. Miller [Mon, 18 May 2015 19:42:06 +0000 (13:42 -0600)]
There should be no need to check for tzset() as it is POSIX.
Todd C. Miller [Mon, 18 May 2015 19:39:21 +0000 (13:39 -0600)]
Add sudo_reallocarrary to util.exp.in if reallocarray is not found.
Todd C. Miller [Fri, 15 May 2015 21:50:00 +0000 (15:50 -0600)]
NLS now works on Mac OS X properly.
Todd C. Miller [Fri, 15 May 2015 21:48:24 +0000 (15:48 -0600)]
Force flat namespace on darwin to make the getenv() hooking work
as it does on ELF.
Todd C. Miller [Thu, 14 May 2015 16:47:09 +0000 (10:47 -0600)]
No need to cast malloc() return value.
Todd C. Miller [Thu, 14 May 2015 16:21:58 +0000 (10:21 -0600)]
Use reallocarray where possible.
Todd C. Miller [Thu, 14 May 2015 16:13:18 +0000 (10:13 -0600)]
Add reallocarray() for those without it.
Todd C. Miller [Wed, 13 May 2015 17:06:50 +0000 (11:06 -0600)]
The getenv() hook still doesn't work on Mac OS X.
Todd C. Miller [Tue, 12 May 2015 21:58:05 +0000 (15:58 -0600)]
In sudo_warn_gettext_v1() call dgettext() not gettext() to make
sure the domain is set correctly. The sudoers plugin uses its own
text domain.
Todd C. Miller [Mon, 11 May 2015 23:01:41 +0000 (17:01 -0600)]
man pages should explicitly depend on config.status since it is
used to substitute in variables/settings.
Todd C. Miller [Mon, 11 May 2015 22:52:58 +0000 (16:52 -0600)]
regen
Todd C. Miller [Mon, 11 May 2015 22:51:27 +0000 (16:51 -0600)]
Sudo 1.8.14
Todd C. Miller [Mon, 11 May 2015 20:51:32 +0000 (14:51 -0600)]
Instead of trying to make weak functions work on all platforms,
just use a registration function for a plugin-specific setlocale
function. The sudoers version just wraps sudoers_setlocale().
Todd C. Miller [Mon, 11 May 2015 19:34:41 +0000 (13:34 -0600)]
Fix indentation of -a flag help line.
Todd C. Miller [Mon, 11 May 2015 19:26:16 +0000 (13:26 -0600)]
Fix compilation when HAVE_DECL_SIG2STR_MAX is not defined.
Todd C. Miller [Mon, 11 May 2015 16:22:05 +0000 (10:22 -0600)]
Add lint target to run "mandoc -Tlint" over the manuals.
Todd C. Miller [Fri, 8 May 2015 23:31:31 +0000 (17:31 -0600)]
HAVE_DECL_SIG2STR_MAX is always defined so use a !HAVE_DECL_SIG2STR_MAX
check instead of #ifndef.
Todd C. Miller [Thu, 7 May 2015 17:20:49 +0000 (11:20 -0600)]
Sync tty_present() with sudoers version.
Todd C. Miller [Thu, 7 May 2015 17:05:05 +0000 (11:05 -0600)]
sudo_check_plugin() returns bool.
Todd C. Miller [Thu, 7 May 2015 16:56:12 +0000 (10:56 -0600)]
In usergr_matches() matched should be bool but we have to take care
to handle group_plugin_query() returning a value other than 0/1.
Todd C. Miller [Thu, 7 May 2015 16:43:26 +0000 (10:43 -0600)]
sudo_ldap_check_non_unix_group() returns bool, not int.
Todd C. Miller [Thu, 7 May 2015 16:40:46 +0000 (10:40 -0600)]
Convert two debug_return_int to debug_return_bool.
Todd C. Miller [Thu, 7 May 2015 16:33:23 +0000 (10:33 -0600)]
Previously, debug_return_bool was the same as debug_return_int
except that it logged true/false for 1/0. However, this appears
to trigger a bug in some compilers. To avoid this, debug_return_bool
now uses bool, not int. Callers that were passing it an int have
been converted to use debug_return_int instead.
Todd C. Miller [Thu, 7 May 2015 15:43:19 +0000 (09:43 -0600)]
get_pty() should return bool
Todd C. Miller [Thu, 7 May 2015 15:42:48 +0000 (09:42 -0600)]
Make tty_present static to tgetpass.c
Todd C. Miller [Thu, 7 May 2015 13:34:50 +0000 (07:34 -0600)]
Add configure check for SIG2STR_MAX, which may be missing on UnixWare.
Todd C. Miller [Thu, 7 May 2015 13:17:00 +0000 (07:17 -0600)]
Need to quote $GCC as it may include arguments. From Tim Rice.
Todd C. Miller [Thu, 7 May 2015 13:16:11 +0000 (07:16 -0600)]
Add missing m4/ax_sys_weak_alias.m4
Todd C. Miller [Tue, 28 Apr 2015 20:54:44 +0000 (14:54 -0600)]
There's no point in building i386 binaries for Mac OS X 10.7 and higher.
Todd C. Miller [Mon, 27 Apr 2015 20:12:11 +0000 (14:12 -0600)]
Sync with translationproject.org
Todd C. Miller [Sun, 26 Apr 2015 13:55:33 +0000 (07:55 -0600)]
Only fall back on AUE_DARWIN_sudo if au_preselect() fails.
Todd C. Miller [Sun, 26 Apr 2015 01:44:52 +0000 (19:44 -0600)]
Work around a problem on Mac OS X 10.10 which defines AUE_sudo but
where au_preselect() only accepts AUE_DARWIN_sudo (the old value).
Todd C. Miller [Wed, 22 Apr 2015 19:38:02 +0000 (13:38 -0600)]
Don't use dlsym() to find the libc getenv() since this may allocate
memory on some systems (glibc) which leads to a hang if malloc()
calls getenv() (jemalloc).
Todd C. Miller [Wed, 22 Apr 2015 19:30:58 +0000 (13:30 -0600)]
Defer conversation initialization until right before plugins
are initialized.
Todd C. Miller [Wed, 22 Apr 2015 19:30:58 +0000 (13:30 -0600)]
Split variable declaration out of debug_decl into debug_decl_vars()
so we can use it in main() when we know sudo_debug_enter() cannot
succeed.
Todd C. Miller [Thu, 16 Apr 2015 19:19:04 +0000 (13:19 -0600)]
When creating a passwd struct from a uid that is not in the passwd
database, set pw_gid to the user's gid instead of whatever the user
specified via the -g flag (or 0 if no -g).
Todd C. Miller [Tue, 14 Apr 2015 15:50:40 +0000 (09:50 -0600)]
Add some ldap_err2string() debugging when the LDAP search fails.
Adapted from a diff from Steven Soulen.
Todd C. Miller [Mon, 13 Apr 2015 20:04:49 +0000 (14:04 -0600)]
Sync with translationproject.org
Todd C. Miller [Fri, 10 Apr 2015 15:07:02 +0000 (09:07 -0600)]
Add David Michael and Andrey Klyachkin.
Todd C. Miller [Fri, 10 Apr 2015 15:03:15 +0000 (09:03 -0600)]
Sync tmpfiles.d/sudo.conf with init.d/sudo.conf.in
Todd C. Miller [Fri, 10 Apr 2015 13:43:54 +0000 (07:43 -0600)]
Avoid struct assignment when stashing mtime since AIX at least uses
a struct st_timespec that differs from struct timespec.
From Andrey Klyachkin.
Todd C. Miller [Fri, 10 Apr 2015 00:14:38 +0000 (18:14 -0600)]
Work around a bug in pp that caused a warning when exampledir is a
subdir of docdir.
Todd C. Miller [Thu, 9 Apr 2015 17:01:41 +0000 (11:01 -0600)]
Add sys/types.h
Todd C. Miller [Thu, 9 Apr 2015 16:58:04 +0000 (10:58 -0600)]
Include sys/types.h instead of unistd.h to get uid_t and gid_t.
Add missing include of sys/types.h to a few places.
Todd C. Miller [Wed, 8 Apr 2015 21:29:59 +0000 (15:29 -0600)]
Remove unintended commit
Todd C. Miller [Wed, 8 Apr 2015 13:14:33 +0000 (07:14 -0600)]
Add tmpfiles.d/sudo.conf template.
Todd C. Miller [Tue, 7 Apr 2015 21:35:01 +0000 (15:35 -0600)]
Create template tmpfiles.d/sudo.conf for installation instead of
creating one via echo commands in the Makefile.
Add --enable-tmpfiles.d configure option to enable/disable use of
tmpfiles.d and override the default directory.
Use --disable-tmpfiles.d in mkpkg so we no longer need to ignore
tmpfiles.d/sudo.conf in sudo.pp.
Todd C. Miller [Mon, 6 Apr 2015 21:10:26 +0000 (15:10 -0600)]
Make exampledir configurable and default to DATAROOTDIR/examples/sudo
on BSD systems.
Todd C. Miller [Tue, 7 Apr 2015 16:15:45 +0000 (10:15 -0600)]
Fix setting of pp_rpm_version when there is no patchlevel present.
Also tighten up the regexp for pp_rpm_release.
Todd C. Miller [Mon, 6 Apr 2015 21:08:37 +0000 (15:08 -0600)]
Install /usr/lib/tmpfiles.d/sudo.conf on systems with systemd but
do not package it. For packages we create /usr/lib/tmpfiles.d/sudo.conf
as needed in the postinstall script.
Todd C. Miller [Sun, 22 Mar 2015 19:09:26 +0000 (13:09 -0600)]
Fix "mandoc -Tlint" warnings.
Sync AUTHORS section in man pages.
Regenerate all man pages.
Todd C. Miller [Sun, 22 Mar 2015 14:16:22 +0000 (08:16 -0600)]
Make libsudo_util depend on libintl instead of requiring users of
libsudo_util to link with libintl directly. Bug #690
Todd C. Miller [Sat, 21 Mar 2015 21:41:59 +0000 (15:41 -0600)]
Use saved errno in vlog_warning() before calling sudo_vwarn_nodebug().
Fixes the error message printed if set_perms() fails.
Todd C. Miller [Wed, 18 Mar 2015 17:04:43 +0000 (11:04 -0600)]
Update for 1.8.13 final.
Todd C. Miller [Tue, 17 Mar 2015 02:19:24 +0000 (20:19 -0600)]
For sudoedit, run the editor with the user's original environment
as per the documentation (and as in sudo 1.7.x). Bug #688
Todd C. Miller [Mon, 16 Mar 2015 20:11:19 +0000 (14:11 -0600)]
Sync with translationproject.org
Todd C. Miller [Tue, 10 Mar 2015 17:09:25 +0000 (11:09 -0600)]
Update function names in debug_decl.
Todd C. Miller [Tue, 10 Mar 2015 14:55:01 +0000 (08:55 -0600)]
Use TCSAFLUSH instead of TCSANOW in sudo_term_copy().
Be consistent with where we put TCSASOFT in the action flags.
Todd C. Miller [Mon, 9 Mar 2015 17:16:09 +0000 (11:16 -0600)]
Sync with translationproject.org
Todd C. Miller [Mon, 9 Mar 2015 00:53:58 +0000 (18:53 -0600)]
Include unistd.h since sudo_compat.h uses gid_t.
Todd C. Miller [Thu, 5 Mar 2015 21:43:06 +0000 (14:43 -0700)]
Add --disable-weak-symbols option to disable use of weak symbols
in libsudo_util.
Todd C. Miller [Thu, 5 Mar 2015 19:57:14 +0000 (12:57 -0700)]
regen
Todd C. Miller [Thu, 5 Mar 2015 19:44:48 +0000 (12:44 -0700)]
When checking for weak aliases, check the gcc attribute format last
since some C compilers just ignore unsupported attributes.
Todd C. Miller [Thu, 5 Mar 2015 19:43:50 +0000 (12:43 -0700)]
Update copyright year.
Todd C. Miller [Thu, 5 Mar 2015 19:28:51 +0000 (12:28 -0700)]
Sync with translationproject.org
Todd C. Miller [Thu, 5 Mar 2015 19:27:26 +0000 (12:27 -0700)]
Fix symbol name collision with systems that have their own sha2
implementation. This can result in PAM using the wrong sha2
implementation on Solaris systems configured to use SHA512 for
passwords.
Todd C. Miller [Thu, 5 Mar 2015 17:10:29 +0000 (10:10 -0700)]
Use SSP_LDFLAGS when linking sudo_noexec.la
Todd C. Miller [Tue, 3 Mar 2015 23:57:55 +0000 (16:57 -0700)]
Remove compat/utime.h, it was only useful for ancient systems that
are no longer capable of compiling sudo.
Todd C. Miller [Mon, 2 Mar 2015 23:05:57 +0000 (16:05 -0700)]
Link libsudo_util with -lrt on systems where clock_gettime is in -lrt.
Todd C. Miller [Mon, 2 Mar 2015 22:38:47 +0000 (15:38 -0700)]
Update.
Todd C. Miller [Mon, 2 Mar 2015 21:43:38 +0000 (14:43 -0700)]
Update OpenBSD CVS Ids
Todd C. Miller [Mon, 2 Mar 2015 21:42:17 +0000 (14:42 -0700)]
Make comment match code.
Todd C. Miller [Mon, 2 Mar 2015 21:28:46 +0000 (14:28 -0700)]
Fix compilation error on systems without futimes().
Todd C. Miller [Mon, 2 Mar 2015 20:58:50 +0000 (13:58 -0700)]
Use futimens() and utimensat() instead of futimes() and utimes().
Todd C. Miller [Mon, 2 Mar 2015 20:58:45 +0000 (13:58 -0700)]
Fix compiler warning on systems where mode_t is not unsigned int,
such as 32-bit Solaris.
Todd C. Miller [Mon, 2 Mar 2015 18:37:43 +0000 (11:37 -0700)]
Fix logic for verifypw/listpw all in sudoers LDAP and sssd.
Todd C. Miller [Mon, 2 Mar 2015 15:49:04 +0000 (08:49 -0700)]
Fix cut & pasto that prevented the SIGPIPE handler from being
restored before returning from tgetpass(). From mancha
Todd C. Miller [Sat, 28 Feb 2015 22:13:19 +0000 (15:13 -0700)]
Our utimes() emulation support futime() too.
Todd C. Miller [Fri, 27 Feb 2015 21:48:41 +0000 (14:48 -0700)]
regen
Todd C. Miller [Fri, 27 Feb 2015 14:10:20 +0000 (07:10 -0700)]
Define YYDEBUG to 0 if not already defined so we can protect use
of sudoersdebug with "#if YYDEBUG" like the generated parser does.
From David Michael.
Todd C. Miller [Thu, 26 Feb 2015 23:54:14 +0000 (16:54 -0700)]
Document that Aliases may not be redefined and that "sudo -f /etc/sudo.d/foo"
will not catch the redefinition.
Todd C. Miller [Thu, 26 Feb 2015 16:55:01 +0000 (09:55 -0700)]
Only create /usr/lib/tmpfiles.d/sudo.conf if
/usr/lib/tmpfiles.d/systemd.conf also exists. Some other package
may have created /usr/lib/tmpfiles.d even though it is not used.
Todd C. Miller [Thu, 26 Feb 2015 16:40:10 +0000 (09:40 -0700)]
regen
Todd C. Miller [Thu, 26 Feb 2015 16:21:18 +0000 (09:21 -0700)]
Clear the ts dir instead of just making sure it exists.
Todd C. Miller [Thu, 26 Feb 2015 16:19:08 +0000 (09:19 -0700)]
Only substiture init.d scripts that we are going to use.
Todd C. Miller [Wed, 25 Feb 2015 23:45:12 +0000 (16:45 -0700)]
Create /usr/lib/tmpfiles.d/sudo.conf when systemd is used.
Todd C. Miller [Wed, 25 Feb 2015 14:10:25 +0000 (07:10 -0700)]
Check the return value of gettimeofday(), even though it should
never fail.
Todd C. Miller [Tue, 24 Feb 2015 18:19:21 +0000 (11:19 -0700)]
We cannot (easily) use clock_gettime(CLOCK_MONOTONIC) directly as
it may be present but not implemented. Add sudo_gettime_real() and
sudo_gettime_mono() functions to get the real and monotonic times
respectively. Now sudo_gettime_mono() checks the value of
sysconf(_SC_MONOTONIC_CLOCK) before calling clock_gettime(CLOCK_MONOTONIC)
and falls back on sudo_gettime_real() as needed. The Mach version
of sudo_gettime_mono() uses mach_absolute_time().
This should fix problems with timestamp files on systems where
the CLOCK_MONOTONIC is defined but not actually implemented.
Todd C. Miller [Tue, 24 Feb 2015 16:53:50 +0000 (09:53 -0700)]
Check clock_gettime() return value and warn if it fails.
Currently, the timestamp will be ignored if clock_gettime() fails.
Todd C. Miller [Mon, 23 Feb 2015 22:40:37 +0000 (15:40 -0700)]
Plug memory leak when debug file cannot be opened.
Use %zu printf format now that our snprintf support it.
Todd C. Miller [Mon, 23 Feb 2015 18:12:45 +0000 (11:12 -0700)]
Pam conversation function changes:
o use PAM_BUF_ERR as the return value when calloc() fails.
o sanity check the value of num_msg
o remove the workaround for old Apple PAM
o PAM_AUTH_ERR is not a valid PAM conversation function return value
If getpass_error is set after a call to pam_verify (usually because
the user pressed ^C), return AUTH_INTR immediately instead of
checking the pam_verify return value.
Todd C. Miller [Mon, 23 Feb 2015 18:12:43 +0000 (11:12 -0700)]
On AIX use the value of auth_type in /etc/security/login.cfg to
determine whether to use LAM or PAM unless the user specified the
--with-pam or --with-aixauth configure flags.
Todd C. Miller [Mon, 23 Feb 2015 13:32:43 +0000 (06:32 -0700)]
Fix cast.