mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-30 22:05:46 +00:00
Code Issues Releases Wiki Activity

process tls config options

Browse Source
This commit is contained in:
Laszlo Orban
2019-11-28 13:17:37 +01:00
parent 3ce51d40ce
commit a409d8f1fc
2 changed files with 28 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
plugins/sudoers/iolog.c
View File

@@ -363,6 +363,20 @@ iolog_deserialize_info(struct iolog_details *details, char * const user_info[],
TIME_T_MAX, NULL); TIME_T_MAX, NULL);
continue; continue;
} }
#if defined(HAVE_OPENSSL)
if (strncmp(*cur, "log_server_cabundle=", sizeof("log_server_cabundle=") - 1) == 0) {
details->ca_bundle = *cur + sizeof("log_server_cabundle=") - 1;
continue;
}
if (strncmp(*cur, "log_server_peer_cert=", sizeof("log_server_peer_cert=") - 1) == 0) {
details->cert_file = *cur + sizeof("log_server_peer_cert=") - 1;
continue;
}
if (strncmp(*cur, "log_server_peer_key=", sizeof("log_server_peer_key=") - 1) == 0) {
details->key_file = *cur + sizeof("log_server_peer_key=") - 1;
continue;
}
#endif /* HAVE_OPENSSL */
break; break;
case 'm': case 'm':
if (strncmp(*cur, "maxseq=", sizeof("maxseq=") - 1) == 0) { if (strncmp(*cur, "maxseq=", sizeof("maxseq=") - 1) == 0) {
@@ -583,7 +597,6 @@ sudoers_io_open_remote(void)
ret = -1; ret = -1;
goto done; goto done;
} }
if (!client_closure_fill(&client_closure, sock, &iolog_details, &sudoers_io)) { if (!client_closure_fill(&client_closure, sock, &iolog_details, &sudoers_io)) {
close(sock); close(sock);
ret = -1; ret = -1;

14
plugins/sudoers/policy.c
View File

@@ -734,6 +734,20 @@ sudoers_policy_exec_setup(char *argv[], char *envp[], mode_t cmnd_umask,
if (asprintf(&command_info[info_len++], "log_server_timeout=%u", def_log_server_timeout) == -1) if (asprintf(&command_info[info_len++], "log_server_timeout=%u", def_log_server_timeout) == -1)
goto oom; goto oom;
} }
if (def_log_server_cabundle != NULL) {
if ((command_info[info_len++] = sudo_new_key_val("log_server_cabundle", def_log_server_cabundle)) == NULL)
goto oom;
}
if (def_log_server_peer_cert != NULL) {
if ((command_info[info_len++] = sudo_new_key_val("log_server_peer_cert", def_log_server_peer_cert)) == NULL)
goto oom;
}
if (def_log_server_peer_key != NULL) {
if ((command_info[info_len++] = sudo_new_key_val("log_server_peer_key", def_log_server_peer_key)) == NULL)
goto oom;
}
if (def_command_timeout > 0 || user_timeout > 0) { if (def_command_timeout > 0 || user_timeout > 0) {
int timeout = user_timeout; int timeout = user_timeout;
if (timeout == 0 || def_command_timeout < timeout) if (timeout == 0 || def_command_timeout < timeout)