]> granicus.if.org Git - sudo/log
sudo
9 years agoUse a stack buffer for the validate_env_vars() error message.
Todd C. Miller [Thu, 28 May 2015 16:28:38 +0000 (10:28 -0600)]
Use a stack buffer for the validate_env_vars() error message.

9 years agoFix typo/thinko in static buffer conversion; use vsnprintf() not snprintf()
Todd C. Miller [Wed, 27 May 2015 22:41:46 +0000 (16:41 -0600)]
Fix typo/thinko in static buffer conversion; use vsnprintf() not snprintf()

9 years agoFix old gcc2 variadic macro support.
Todd C. Miller [Wed, 27 May 2015 22:38:59 +0000 (16:38 -0600)]
Fix old gcc2 variadic macro support.

9 years agoRestore old behavior where visudo prevents you from making the main
Todd C. Miller [Wed, 27 May 2015 19:34:28 +0000 (13:34 -0600)]
Restore old behavior where visudo prevents you from making the main
sudoers file zero length.

9 years agoNon-exiting allocators for log functions. If log_allowed() fails
Todd C. Miller [Wed, 27 May 2015 16:55:27 +0000 (10:55 -0600)]
Non-exiting allocators for log functions.  If log_allowed() fails
the user may not run the command.  We don't try to return early for
log_failure(), log_auth_failure() or log_denial() as we would not
run the command in that case.

9 years agoUse non-exiting allocators in the parser (much of it already did).
Todd C. Miller [Wed, 27 May 2015 16:36:03 +0000 (10:36 -0600)]
Use non-exiting allocators in the parser (much of it already did).

9 years agoUse non-existing allocators in the passwd/group cache functions.
Todd C. Miller [Wed, 27 May 2015 16:26:49 +0000 (10:26 -0600)]
Use non-existing allocators in the passwd/group cache functions.

9 years agoAdd standalone reallocarray.c from OpenBSD instead of rolling our own.
Todd C. Miller [Wed, 27 May 2015 16:04:32 +0000 (10:04 -0600)]
Add standalone reallocarray.c from OpenBSD instead of rolling our own.

9 years agoUse non-exiting allocators in the redblack tree and fix the fallout.
Todd C. Miller [Wed, 27 May 2015 15:51:54 +0000 (09:51 -0600)]
Use non-exiting allocators in the redblack tree and fix the fallout.
Also switch to non-exiting allocators in affected code blocks.

9 years agoThe error string returned by alias_add should be const.
Todd C. Miller [Wed, 27 May 2015 15:48:34 +0000 (09:48 -0600)]
The error string returned by alias_add should be const.

9 years agoFix typo, efree vs. free.
Todd C. Miller [Wed, 27 May 2015 15:48:31 +0000 (09:48 -0600)]
Fix typo, efree vs. free.

9 years agoAdd a few missing sudo_new_key_val() return value checks.
Todd C. Miller [Wed, 27 May 2015 15:42:51 +0000 (09:42 -0600)]
Add a few missing sudo_new_key_val() return value checks.
Also use non-exiting allocators for consistency.

9 years agoAdd unit tests for strsplit and parse_gid_list.
Todd C. Miller [Wed, 27 May 2015 02:25:08 +0000 (20:25 -0600)]
Add unit tests for strsplit and parse_gid_list.

9 years agoAdd sudo_strsplit(), similar to strtok_r() but non-destructive and
Todd C. Miller [Tue, 26 May 2015 21:46:41 +0000 (15:46 -0600)]
Add sudo_strsplit(), similar to strtok_r() but non-destructive and
operates on non-C strings (requires a length parameter).

9 years agoUse reallocarray() instead of sudo_emallocarray() and return an
Todd C. Miller [Wed, 20 May 2015 16:59:03 +0000 (10:59 -0600)]
Use reallocarray() instead of sudo_emallocarray() and return an
error on allocation failure.

9 years agoIn our krb5_get_init_creds_opt_alloc() replacement use malloc()
Todd C. Miller [Wed, 20 May 2015 16:58:17 +0000 (10:58 -0600)]
In our krb5_get_init_creds_opt_alloc() replacement use malloc()
instead of sudo_emalloc() and return KRB5_CC_NOMEM on allocation
failure.  Only old versions of Kerberos V will need this.

9 years agoUse non-exiting allocators.
Todd C. Miller [Wed, 20 May 2015 16:39:08 +0000 (10:39 -0600)]
Use non-exiting allocators.

9 years agoUse a static buffer for sudo_warn/sudo_fatal messages where possible.
Todd C. Miller [Tue, 26 May 2015 21:24:54 +0000 (15:24 -0600)]
Use a static buffer for sudo_warn/sudo_fatal messages where possible.

9 years agoFix sudo_strnlen() prototype.
Todd C. Miller [Tue, 26 May 2015 20:14:06 +0000 (14:14 -0600)]
Fix sudo_strnlen() prototype.

9 years agoAdd strndup() for those without it. As strndup.c uses strnlen(),
Todd C. Miller [Tue, 26 May 2015 20:05:26 +0000 (14:05 -0600)]
Add strndup() for those without it.  As strndup.c uses strnlen(),
use our own if it is missing.

9 years agoAdd missing sudo_ prefix and include sudo_compat.h.
Todd C. Miller [Tue, 26 May 2015 20:01:37 +0000 (14:01 -0600)]
Add missing sudo_ prefix and include sudo_compat.h.

9 years agoAdd strnlen() replacement needed for glob.c.
Todd C. Miller [Tue, 26 May 2015 19:55:18 +0000 (13:55 -0600)]
Add strnlen() replacement needed for glob.c.
Only used if no glob() and no strnlen().

9 years agoGet rid of SUDO_MAIN. Modern compilers don't warn about mixing
Todd C. Miller [Thu, 21 May 2015 17:26:44 +0000 (11:26 -0600)]
Get rid of SUDO_MAIN.  Modern compilers don't warn about mixing
extern and auto declarations unless they conflict.

9 years agoAvoid using a leading underbar in defines as they are reserved in
Todd C. Miller [Thu, 21 May 2015 17:13:20 +0000 (11:13 -0600)]
Avoid using a leading underbar in defines as they are reserved in
ISO C.

9 years agoAdd target for "make splint". A few files need extra guards to avoid
Todd C. Miller [Thu, 21 May 2015 17:07:13 +0000 (11:07 -0600)]
Add target for "make splint".  A few files need extra guards to avoid
errors on systems where they would not otherwise be compiled.
No warnings from splint.

9 years agoThere should be no need to check for tzset() as it is POSIX.
Todd C. Miller [Mon, 18 May 2015 19:42:06 +0000 (13:42 -0600)]
There should be no need to check for tzset() as it is POSIX.

9 years agoAdd sudo_reallocarrary to util.exp.in if reallocarray is not found.
Todd C. Miller [Mon, 18 May 2015 19:39:21 +0000 (13:39 -0600)]
Add sudo_reallocarrary to util.exp.in if reallocarray is not found.

9 years agoNLS now works on Mac OS X properly.
Todd C. Miller [Fri, 15 May 2015 21:50:00 +0000 (15:50 -0600)]
NLS now works on Mac OS X properly.

9 years agoForce flat namespace on darwin to make the getenv() hooking work
Todd C. Miller [Fri, 15 May 2015 21:48:24 +0000 (15:48 -0600)]
Force flat namespace on darwin to make the getenv() hooking work
as it does on ELF.

9 years agoNo need to cast malloc() return value.
Todd C. Miller [Thu, 14 May 2015 16:47:09 +0000 (10:47 -0600)]
No need to cast malloc() return value.

9 years agoUse reallocarray where possible.
Todd C. Miller [Thu, 14 May 2015 16:21:58 +0000 (10:21 -0600)]
Use reallocarray where possible.

9 years agoAdd reallocarray() for those without it.
Todd C. Miller [Thu, 14 May 2015 16:13:18 +0000 (10:13 -0600)]
Add reallocarray() for those without it.

9 years agoThe getenv() hook still doesn't work on Mac OS X.
Todd C. Miller [Wed, 13 May 2015 17:06:50 +0000 (11:06 -0600)]
The getenv() hook still doesn't work on Mac OS X.

9 years agoIn sudo_warn_gettext_v1() call dgettext() not gettext() to make
Todd C. Miller [Tue, 12 May 2015 21:58:05 +0000 (15:58 -0600)]
In sudo_warn_gettext_v1() call dgettext() not gettext() to make
sure the domain is set correctly.  The sudoers plugin uses its own
text domain.

9 years agoman pages should explicitly depend on config.status since it is
Todd C. Miller [Mon, 11 May 2015 23:01:41 +0000 (17:01 -0600)]
man pages should explicitly depend on config.status since it is
used to substitute in variables/settings.

9 years agoregen
Todd C. Miller [Mon, 11 May 2015 22:52:58 +0000 (16:52 -0600)]
regen

9 years agoSudo 1.8.14
Todd C. Miller [Mon, 11 May 2015 22:51:27 +0000 (16:51 -0600)]
Sudo 1.8.14

9 years agoInstead of trying to make weak functions work on all platforms,
Todd C. Miller [Mon, 11 May 2015 20:51:32 +0000 (14:51 -0600)]
Instead of trying to make weak functions work on all platforms,
just use a registration function for a plugin-specific setlocale
function.  The sudoers version just wraps sudoers_setlocale().

9 years agoFix indentation of -a flag help line.
Todd C. Miller [Mon, 11 May 2015 19:34:41 +0000 (13:34 -0600)]
Fix indentation of -a flag help line.

9 years agoFix compilation when HAVE_DECL_SIG2STR_MAX is not defined.
Todd C. Miller [Mon, 11 May 2015 19:26:16 +0000 (13:26 -0600)]
Fix compilation when HAVE_DECL_SIG2STR_MAX is not defined.

9 years agoAdd lint target to run "mandoc -Tlint" over the manuals.
Todd C. Miller [Mon, 11 May 2015 16:22:05 +0000 (10:22 -0600)]
Add lint target to run "mandoc -Tlint" over the manuals.

9 years agoHAVE_DECL_SIG2STR_MAX is always defined so use a !HAVE_DECL_SIG2STR_MAX
Todd C. Miller [Fri, 8 May 2015 23:31:31 +0000 (17:31 -0600)]
HAVE_DECL_SIG2STR_MAX is always defined so use a !HAVE_DECL_SIG2STR_MAX
check instead of #ifndef.

9 years agoSync tty_present() with sudoers version.
Todd C. Miller [Thu, 7 May 2015 17:20:49 +0000 (11:20 -0600)]
Sync tty_present() with sudoers version.

9 years agosudo_check_plugin() returns bool.
Todd C. Miller [Thu, 7 May 2015 17:05:05 +0000 (11:05 -0600)]
sudo_check_plugin() returns bool.

9 years agoIn usergr_matches() matched should be bool but we have to take care
Todd C. Miller [Thu, 7 May 2015 16:56:12 +0000 (10:56 -0600)]
In usergr_matches() matched should be bool but we have to take care
to handle group_plugin_query() returning a value other than 0/1.

9 years agosudo_ldap_check_non_unix_group() returns bool, not int.
Todd C. Miller [Thu, 7 May 2015 16:43:26 +0000 (10:43 -0600)]
sudo_ldap_check_non_unix_group() returns bool, not int.

9 years agoConvert two debug_return_int to debug_return_bool.
Todd C. Miller [Thu, 7 May 2015 16:40:46 +0000 (10:40 -0600)]
Convert two debug_return_int to debug_return_bool.

9 years agoPreviously, debug_return_bool was the same as debug_return_int
Todd C. Miller [Thu, 7 May 2015 16:33:23 +0000 (10:33 -0600)]
Previously, debug_return_bool was the same as debug_return_int
except that it logged true/false for 1/0.  However, this appears
to trigger a bug in some compilers.  To avoid this, debug_return_bool
now uses bool, not int.  Callers that were passing it an int have
been converted to use debug_return_int instead.

9 years agoget_pty() should return bool
Todd C. Miller [Thu, 7 May 2015 15:43:19 +0000 (09:43 -0600)]
get_pty() should return bool

9 years agoMake tty_present static to tgetpass.c
Todd C. Miller [Thu, 7 May 2015 15:42:48 +0000 (09:42 -0600)]
Make tty_present static to tgetpass.c

9 years agoAdd configure check for SIG2STR_MAX, which may be missing on UnixWare.
Todd C. Miller [Thu, 7 May 2015 13:34:50 +0000 (07:34 -0600)]
Add configure check for SIG2STR_MAX, which may be missing on UnixWare.

9 years agoNeed to quote $GCC as it may include arguments. From Tim Rice.
Todd C. Miller [Thu, 7 May 2015 13:17:00 +0000 (07:17 -0600)]
Need to quote $GCC as it may include arguments.  From Tim Rice.

9 years agoAdd missing m4/ax_sys_weak_alias.m4
Todd C. Miller [Thu, 7 May 2015 13:16:11 +0000 (07:16 -0600)]
Add missing m4/ax_sys_weak_alias.m4

9 years agoThere's no point in building i386 binaries for Mac OS X 10.7 and higher.
Todd C. Miller [Tue, 28 Apr 2015 20:54:44 +0000 (14:54 -0600)]
There's no point in building i386 binaries for Mac OS X 10.7 and higher.

9 years agoSync with translationproject.org
Todd C. Miller [Mon, 27 Apr 2015 20:12:11 +0000 (14:12 -0600)]
Sync with translationproject.org

9 years agoOnly fall back on AUE_DARWIN_sudo if au_preselect() fails.
Todd C. Miller [Sun, 26 Apr 2015 13:55:33 +0000 (07:55 -0600)]
Only fall back on AUE_DARWIN_sudo if au_preselect() fails.

9 years agoWork around a problem on Mac OS X 10.10 which defines AUE_sudo but
Todd C. Miller [Sun, 26 Apr 2015 01:44:52 +0000 (19:44 -0600)]
Work around a problem on Mac OS X 10.10 which defines AUE_sudo but
where au_preselect() only accepts AUE_DARWIN_sudo (the old value).

9 years agoDon't use dlsym() to find the libc getenv() since this may allocate
Todd C. Miller [Wed, 22 Apr 2015 19:38:02 +0000 (13:38 -0600)]
Don't use dlsym() to find the libc getenv() since this may allocate
memory on some systems (glibc) which leads to a hang if malloc()
calls getenv() (jemalloc).

9 years agoDefer conversation initialization until right before plugins
Todd C. Miller [Wed, 22 Apr 2015 19:30:58 +0000 (13:30 -0600)]
Defer conversation initialization until right before plugins
are initialized.

9 years agoSplit variable declaration out of debug_decl into debug_decl_vars()
Todd C. Miller [Wed, 22 Apr 2015 19:30:58 +0000 (13:30 -0600)]
Split variable declaration out of debug_decl into debug_decl_vars()
so we can use it in main() when we know sudo_debug_enter() cannot
succeed.

9 years agoWhen creating a passwd struct from a uid that is not in the passwd
Todd C. Miller [Thu, 16 Apr 2015 19:19:04 +0000 (13:19 -0600)]
When creating a passwd struct from a uid that is not in the passwd
database, set pw_gid to the user's gid instead of whatever the user
specified via the -g flag (or 0 if no -g).

9 years agoAdd some ldap_err2string() debugging when the LDAP search fails.
Todd C. Miller [Tue, 14 Apr 2015 15:50:40 +0000 (09:50 -0600)]
Add some ldap_err2string() debugging when the LDAP search fails.
Adapted from a diff from Steven Soulen.

9 years agoSync with translationproject.org
Todd C. Miller [Mon, 13 Apr 2015 20:04:49 +0000 (14:04 -0600)]
Sync with translationproject.org

9 years agoAdd David Michael and Andrey Klyachkin.
Todd C. Miller [Fri, 10 Apr 2015 15:07:02 +0000 (09:07 -0600)]
Add David Michael and Andrey Klyachkin.

9 years agoSync tmpfiles.d/sudo.conf with init.d/sudo.conf.in
Todd C. Miller [Fri, 10 Apr 2015 15:03:15 +0000 (09:03 -0600)]
Sync tmpfiles.d/sudo.conf with init.d/sudo.conf.in

9 years agoAvoid struct assignment when stashing mtime since AIX at least uses
Todd C. Miller [Fri, 10 Apr 2015 13:43:54 +0000 (07:43 -0600)]
Avoid struct assignment when stashing mtime since AIX at least uses
a struct st_timespec that differs from struct timespec.
From Andrey Klyachkin.

9 years agoWork around a bug in pp that caused a warning when exampledir is a
Todd C. Miller [Fri, 10 Apr 2015 00:14:38 +0000 (18:14 -0600)]
Work around a bug in pp that caused a warning when exampledir is a
subdir of docdir.

9 years agoAdd sys/types.h
Todd C. Miller [Thu, 9 Apr 2015 17:01:41 +0000 (11:01 -0600)]
Add sys/types.h

9 years agoInclude sys/types.h instead of unistd.h to get uid_t and gid_t.
Todd C. Miller [Thu, 9 Apr 2015 16:58:04 +0000 (10:58 -0600)]
Include sys/types.h instead of unistd.h to get uid_t and gid_t.
Add missing include of sys/types.h to a few places.

9 years agoRemove unintended commit
Todd C. Miller [Wed, 8 Apr 2015 21:29:59 +0000 (15:29 -0600)]
Remove unintended commit

9 years agoAdd tmpfiles.d/sudo.conf template.
Todd C. Miller [Wed, 8 Apr 2015 13:14:33 +0000 (07:14 -0600)]
Add tmpfiles.d/sudo.conf template.

9 years agoCreate template tmpfiles.d/sudo.conf for installation instead of
Todd C. Miller [Tue, 7 Apr 2015 21:35:01 +0000 (15:35 -0600)]
Create template tmpfiles.d/sudo.conf for installation instead of
creating one via echo commands in the Makefile.

Add --enable-tmpfiles.d configure option to enable/disable use of
tmpfiles.d and override the default directory.

Use --disable-tmpfiles.d in mkpkg so we no longer need to ignore
tmpfiles.d/sudo.conf in sudo.pp.

9 years agoMake exampledir configurable and default to DATAROOTDIR/examples/sudo
Todd C. Miller [Mon, 6 Apr 2015 21:10:26 +0000 (15:10 -0600)]
Make exampledir configurable and default to DATAROOTDIR/examples/sudo
on BSD systems.

9 years agoFix setting of pp_rpm_version when there is no patchlevel present.
Todd C. Miller [Tue, 7 Apr 2015 16:15:45 +0000 (10:15 -0600)]
Fix setting of pp_rpm_version when there is no patchlevel present.
Also tighten up the regexp for pp_rpm_release.

9 years agoInstall /usr/lib/tmpfiles.d/sudo.conf on systems with systemd but
Todd C. Miller [Mon, 6 Apr 2015 21:08:37 +0000 (15:08 -0600)]
Install /usr/lib/tmpfiles.d/sudo.conf on systems with systemd but
do not package it.  For packages we create /usr/lib/tmpfiles.d/sudo.conf
as needed in the postinstall script.

9 years agoFix "mandoc -Tlint" warnings.
Todd C. Miller [Sun, 22 Mar 2015 19:09:26 +0000 (13:09 -0600)]
Fix "mandoc -Tlint" warnings.
Sync AUTHORS section in man pages.
Regenerate all man pages.

9 years agoMake libsudo_util depend on libintl instead of requiring users of
Todd C. Miller [Sun, 22 Mar 2015 14:16:22 +0000 (08:16 -0600)]
Make libsudo_util depend on libintl instead of requiring users of
libsudo_util to link with libintl directly.  Bug #690

9 years agoUse saved errno in vlog_warning() before calling sudo_vwarn_nodebug().
Todd C. Miller [Sat, 21 Mar 2015 21:41:59 +0000 (15:41 -0600)]
Use saved errno in vlog_warning() before calling sudo_vwarn_nodebug().
Fixes the error message printed if set_perms() fails.

9 years agoUpdate for 1.8.13 final.
Todd C. Miller [Wed, 18 Mar 2015 17:04:43 +0000 (11:04 -0600)]
Update for 1.8.13 final.

9 years agoFor sudoedit, run the editor with the user's original environment
Todd C. Miller [Tue, 17 Mar 2015 02:19:24 +0000 (20:19 -0600)]
For sudoedit, run the editor with the user's original environment
as per the documentation (and as in sudo 1.7.x).  Bug #688

9 years agoSync with translationproject.org
Todd C. Miller [Mon, 16 Mar 2015 20:11:19 +0000 (14:11 -0600)]
Sync with translationproject.org

9 years agoUpdate function names in debug_decl.
Todd C. Miller [Tue, 10 Mar 2015 17:09:25 +0000 (11:09 -0600)]
Update function names in debug_decl.

9 years agoUse TCSAFLUSH instead of TCSANOW in sudo_term_copy().
Todd C. Miller [Tue, 10 Mar 2015 14:55:01 +0000 (08:55 -0600)]
Use TCSAFLUSH instead of TCSANOW in sudo_term_copy().
Be consistent with where we put TCSASOFT in the action flags.

9 years agoSync with translationproject.org
Todd C. Miller [Mon, 9 Mar 2015 17:16:09 +0000 (11:16 -0600)]
Sync with translationproject.org

9 years agoInclude unistd.h since sudo_compat.h uses gid_t.
Todd C. Miller [Mon, 9 Mar 2015 00:53:58 +0000 (18:53 -0600)]
Include unistd.h since sudo_compat.h uses gid_t.

9 years agoAdd --disable-weak-symbols option to disable use of weak symbols
Todd C. Miller [Thu, 5 Mar 2015 21:43:06 +0000 (14:43 -0700)]
Add --disable-weak-symbols option to disable use of weak symbols
in libsudo_util.

9 years agoregen
Todd C. Miller [Thu, 5 Mar 2015 19:57:14 +0000 (12:57 -0700)]
regen

9 years agoWhen checking for weak aliases, check the gcc attribute format last
Todd C. Miller [Thu, 5 Mar 2015 19:44:48 +0000 (12:44 -0700)]
When checking for weak aliases, check the gcc attribute format last
since some C compilers just ignore unsupported attributes.

9 years agoUpdate copyright year.
Todd C. Miller [Thu, 5 Mar 2015 19:43:50 +0000 (12:43 -0700)]
Update copyright year.

9 years agoSync with translationproject.org
Todd C. Miller [Thu, 5 Mar 2015 19:28:51 +0000 (12:28 -0700)]
Sync with translationproject.org

9 years agoFix symbol name collision with systems that have their own sha2
Todd C. Miller [Thu, 5 Mar 2015 19:27:26 +0000 (12:27 -0700)]
Fix symbol name collision with systems that have their own sha2
implementation.  This can result in PAM using the wrong sha2
implementation on Solaris systems configured to use SHA512 for
passwords.

9 years agoUse SSP_LDFLAGS when linking sudo_noexec.la
Todd C. Miller [Thu, 5 Mar 2015 17:10:29 +0000 (10:10 -0700)]
Use SSP_LDFLAGS when linking sudo_noexec.la

9 years agoRemove compat/utime.h, it was only useful for ancient systems that
Todd C. Miller [Tue, 3 Mar 2015 23:57:55 +0000 (16:57 -0700)]
Remove compat/utime.h, it was only useful for ancient systems that
are no longer capable of compiling sudo.

9 years agoLink libsudo_util with -lrt on systems where clock_gettime is in -lrt.
Todd C. Miller [Mon, 2 Mar 2015 23:05:57 +0000 (16:05 -0700)]
Link libsudo_util with -lrt on systems where clock_gettime is in -lrt.

9 years agoUpdate.
Todd C. Miller [Mon, 2 Mar 2015 22:38:47 +0000 (15:38 -0700)]
Update.

9 years agoUpdate OpenBSD CVS Ids
Todd C. Miller [Mon, 2 Mar 2015 21:43:38 +0000 (14:43 -0700)]
Update OpenBSD CVS Ids

9 years agoMake comment match code.
Todd C. Miller [Mon, 2 Mar 2015 21:42:17 +0000 (14:42 -0700)]
Make comment match code.

9 years agoFix compilation error on systems without futimes().
Todd C. Miller [Mon, 2 Mar 2015 21:28:46 +0000 (14:28 -0700)]
Fix compilation error on systems without futimes().

9 years agoUse futimens() and utimensat() instead of futimes() and utimes().
Todd C. Miller [Mon, 2 Mar 2015 20:58:50 +0000 (13:58 -0700)]
Use futimens() and utimensat() instead of futimes() and utimes().

9 years agoFix compiler warning on systems where mode_t is not unsigned int,
Todd C. Miller [Mon, 2 Mar 2015 20:58:45 +0000 (13:58 -0700)]
Fix compiler warning on systems where mode_t is not unsigned int,
such as 32-bit Solaris.