mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-28 12:57:50 +00:00
Code Issues Releases Wiki Activity
11,089 Commits 6 Branches 326 Tags
Commit Graph

279 Commits

Author SHA1 Message Date
Todd C. Miller
bb5843055e Replace messages like "unknown foo: %s" with "unknown foo %s". 
The colon really doesn't belong there; we generally use a colon to
separate a message from the warning detail.
 2021-08-19 09:44:11 -06:00
Todd C. Miller
e17003b35c Sync warning messages with sudoers/logging.c 
Avoids 3 translation strings that were effectively duplicated.
 2021-08-19 09:09:19 -06:00
Todd C. Miller
bfcc31b19b Print the section when warning about an illegal key in the conf file. 
This should make it easier to tell when a setting is present in the
wrong section.
 2021-08-16 10:44:48 -06:00
Todd C. Miller
9248ea6bbe Set umask to be less restrictive before creating parent directories. 
Otherwise we could end up creating them with a more restrictive
mode than indended.  Coverity CID 221592
 2021-08-14 10:49:51 -06:00
Todd C. Miller
6d3cf0ffda store_alert_local: fix memory leak on error path 
Coverity CID 238642
 2021-08-14 09:18:55 -06:00
Todd C. Miller
4add9c2c00 store_accept_local: fix return value on error 2021-08-14 08:47:44 -06:00
Todd C. Miller
4aefd43948 For intercepted commands, log an offset into the current I/O log. 
This can be used with sudoreplay to jump to when a specific command
was executed within a session log.
 2021-08-13 16:00:00 -06:00
Todd C. Miller
064981fb14 Don't overwrite closure->evlog for sub-commands. 2021-08-13 15:59:59 -06:00
Todd C. Miller
0e2094471b Call shutdown() on sockets before closing() if they are connected. 
This should ensure that the other side sees any queued data before
the connection is dropped.
 2021-08-11 14:08:48 -06:00
Todd C. Miller
79129613e5 If SSL_shutdown() returns 0 it needs to be called one more time. 2021-08-11 10:16:36 -06:00
Todd C. Miller
9d776b4e7b Allow multiple accept/reject messages during a logsrv conversation. 
The log server now advertises a subcommands flag if it supports
logging subcommands (e.g. commands run from a sudo-spawned program
like a shell).  The client should only log additional commands
during a session if this flag is set in the ServerHello message.
 2021-08-09 15:50:25 -06:00
Todd C. Miller
aee82efe45 Display the correct error message if X509_verify_cert() fails. 
We must use X509_STORE_CTX_get_error() and X509_verify_cert_error_string()
instead of the generic OpenSSL error functions.
 2021-07-27 14:49:28 -06:00
Todd C. Miller
36fbb13c4c Use TLS_method() instead of TLS_client_method() throughout. 
OpenSSL returns an error for SSL_accept() if TLS_client_method()
was used to generate the context (LibreSSL doesn't care).

Prior to sudo 1.9.7, TLS_client_method() and TLS_server_method()
were used in the TLS client and server initialization code respectively.
This was refactored in sudo 1.9.7 to allow the code to be shared.
Bug #988
 2021-07-26 13:40:25 -06:00
Todd C. Miller
c234bab7b2 Remove unused info_cb and info arguments from eventlog_exit() 2021-07-15 11:07:25 -06:00
Todd C. Miller
fa7250ead7 Create a UUID and log it in the JSON version of the event log. 2021-07-15 11:07:25 -06:00
Todd C. Miller
0dd2b6442a Add log_exit setting in the sudo_logsrvd.conf eventlog stanza 
This causes sudo_logsrvd to log a record with the exit status or
terminating signal in response to an ExitMessage.
 2021-07-09 11:08:44 -06:00
Todd C. Miller
0b809cdafe regen 2021-06-22 15:23:00 -06:00
Todd C. Miller
030746ce57 Fix dead store found by clang analyzer. 2021-06-19 12:56:31 -06:00
Todd C. Miller
442778aee1 Fix prefix skipping when the prefix is embedded and not separate. 
This doesn't currently matter since the progname and the ": " are
stored in separate messages.  Found by clang analyzer.
 2021-06-19 12:56:04 -06:00
Todd C. Miller
f3deb3737d Remove dead store found by clang analyzer. 2021-06-19 12:53:34 -06:00
Todd C. Miller
efaa173fbe Replace logsrvd_is_early() with logsrvd_warn_stderr(). 
This is now defined in logsrvd_conf.c which removes a dependency
on another compilation unit for the fuzzer.
 2021-06-16 08:45:29 -06:00
Todd C. Miller
1d41937ca1 Silence a compiler warning on Solaris. 2021-06-15 14:59:59 -06:00
Todd C. Miller
74f034cbfb Reduce scope of errstr variable so it is only declared for OpenSSL. 2021-06-15 14:37:59 -06:00
Todd C. Miller
5a3bbba12b Use sudo_warnx?() instead of sudo_debug_printf for errors. 
We now hook the warn functions so the messages are logged.
The messages still show up in the debug log too.
 2021-06-15 13:58:12 -06:00
Todd C. Miller
d311c7b2ee If logsrvd_config not set fall back to using stderr for warnings. 
Also fix fuzz_logsrvd_conf link error.
 2021-06-13 18:42:09 -06:00
Todd C. Miller
2c1988410e Add support for logging server warning/error messages. 
We can use sudo_warn_set_conversation() to set a conversation
function that either writes to a log file or calls syslog().
 2021-06-13 18:27:36 -06:00
Todd C. Miller
7b33974f21 Remove logsrvd closure ERROR state and use a boolean flag instead. 
Fixes a bug where we would not insert a journal file that failed
to relay into the queue because its state was changed from CONNECTING
to ERROR after failing to connect.
 2021-06-08 19:51:54 -06:00
Todd C. Miller
b913a832e8 Make sure we link with libsudo_util *after* libfuzzstub. 
This only affects builds with a static libsudo_util.
Also fix a warning on HP-UX about main not being public.
 2021-06-07 15:53:57 -06:00
Todd C. Miller
0f5c8fe121 Remove line causing store_suspend_local() to return false on success. 
This is something that should have been removed as part of the local
I/O logging refactor.
 2021-05-10 13:44:31 -06:00
Todd C. Miller
9d734d57e7 sudo_sendlog: rename -m (max-time) to -s (stop-after). 2021-05-04 12:14:02 -06:00
Todd C. Miller
caf096e1a1 Update closure->elapsed_time in journal_seek(). 
Otherwise the commit point messages won't be accurate when restarting.
 2021-05-04 10:45:12 -06:00
Todd C. Miller
7376fa632f Add "-m elapsed" option to specify the max elapsed time of records to send. 
Useful for testing the ability of the server to handle restarted log
transfers.
 2021-05-04 08:22:34 -06:00
Todd C. Miller
5a39066343 Disable reading from client or relay when sending error to client. 
We treat an error from the relay as fatal and must stop processing
data from both client and relay to make sure we don't get out of sync.
 2021-05-03 19:18:10 -06:00
Todd C. Miller
c3534712de Fix I/O log restart of locally-store logs. 
This got broken a while ago when evlog in struct connection_closure
was changed to a pointer.
 2021-05-03 16:54:25 -06:00
Todd C. Miller
109a0331a5 Don't hard-code the TLS connect timeout, use normal connect timeout. 
For sudo_logsrvd, this is the relay connect_timeout setting.
For sudoers, this is the log_server_timeout setting.
 2021-05-03 09:01:00 -06:00
Todd C. Miller
06cb6459c1 Add missing closedir(3) in logsrvd_queue_scan(). 
Coverity CID 221591
 2021-05-02 12:33:49 -06:00
Todd C. Miller
f49930c62e Make the failed relay retry interval configurable. 
This is the amount of time to wait before trying to resend a
journal to the relay server after a connection error.
 2021-05-02 06:19:32 -06:00
Todd C. Miller
177816b787 Send outgoing messages to the relay server on startup. 
Also attempt to retry messages that could not be relayed periodically.
 2021-05-01 16:27:21 -06:00
Todd C. Miller
bc82430a6f Set relay name string to NULL after dropping the reference. 
Otherwise it is possible to decrement the reference more than once.
 2021-05-01 08:48:24 -06:00
Todd C. Miller
01bdfd3be2 Write client and server information to debug file on SIGUSR1 
This can be used to debug client problems such as a connection
not being closed as expected.
 2021-04-29 16:20:02 -06:00
Todd C. Miller
f92bb8840c Create journal files in an incoming directory, move to outgoing when complete. 
This will make it possible to process completed journal files
periodically if the relay server is down.
 2021-04-29 14:19:08 -06:00
Todd C. Miller
5c593d5a4a Add missing connection_close() call for relay-only connections. 
For an immediate relay we will close the connection when the client
disconnects (or there is a timeout).  However, for store-and-forward
mode the client has already disconnected at the time we are relaying.
 2021-04-29 14:19:07 -06:00
Todd C. Miller
d4bdc85d74 Replace non-ascii characters in warning string. 2021-04-27 16:39:43 -06:00
Todd C. Miller
84a01d3a93 Move local iolog log functions to logsrvd_local.c 2021-04-27 14:46:27 -06:00
Todd C. Miller
6d8942e82c Better client error reporting on relay server connection error. 
More detailed error messages may be found in the debug log.
 2021-04-27 12:25:19 -06:00
Todd C. Miller
e55991f244 Update debug pid string when sudo_logsrvd becomes a daemon. 2021-04-27 08:57:11 -06:00
Todd C. Miller
f25275ad5b Must call SSL_shutdown() before closing the underlying socket. 
This got broken by some code rearrangement when relay mode was added.
 2021-04-26 19:07:40 -06:00
Todd C. Miller
67029f3cc4 Recover if the client or relay server closes the TLS connection uncleanly. 
The other end of the connection should perform a proper TLS shutdown
but as long as we are in the correct state there is no need to treat
this as a user-visible error.
 2021-04-26 17:05:34 -06:00
Todd C. Miller
65a55497ec Avoid calling fread() with a NUL buffer if msg_len is 0. 
Coverity CID 221399
 2021-04-23 19:01:44 -06:00
Todd C. Miller
d9f0eba1fa Set a restrictive umask so new files are only read/write by owner. 
Coverity CID 221402
 2021-04-23 18:58:55 -06:00