Todd C. Miller
|
4cf3d1c416
|
Implement sudo_intercept.so.
Uses protobuf to talk to main sudo process over a socketpair.
|
2021-08-09 15:50:25 -06:00 |
|
Todd C. Miller
|
cede7dd92d
|
Define protocol for sudo <-> sudo_intercept.so communication.
Uses google protocol buffers.
|
2021-08-09 15:50:25 -06:00 |
|
Todd C. Miller
|
5d4120fa5d
|
Add separate convenience lib for protobuf-c
We need to use it for sudo <-> sudo_intercept.so communication.
|
2021-08-09 15:50:25 -06:00 |
|
Todd C. Miller
|
cc3b4ffb04
|
Remove vsyslog(3) emulation, it is no longer used.
|
2021-06-14 13:11:39 -06:00 |
|
Todd C. Miller
|
dfaa9b95f1
|
Add getgids utility to simular "id -G" using sudo_getgrouplist2()
|
2021-06-07 14:18:09 -06:00 |
|
Todd C. Miller
|
177816b787
|
Send outgoing messages to the relay server on startup.
Also attempt to retry messages that could not be relayed periodically.
|
2021-05-01 16:27:21 -06:00 |
|
Todd C. Miller
|
84a01d3a93
|
Move local iolog log functions to logsrvd_local.c
|
2021-04-27 14:46:27 -06:00 |
|
Todd C. Miller
|
8a65893435
|
Add a suppression file for the libpython leaks.
This is a big hammer but it seems like the best we can do for now.
Allows "make check" to succeed when address sanitizer is used.
|
2021-04-26 08:58:00 -06:00 |
|
Todd C. Miller
|
5e5131dec3
|
Treat a lone backslash at the end of a string as a literal backslash.
GitHub issue #99
|
2021-04-24 14:19:46 -06:00 |
|
Todd C. Miller
|
c2d3070fa1
|
Journal messages to disk when store_first is set in the relay section.
Instead of forwarding messages immediately, they are journaled
locally in wire format.
This will be used to implement relay store-and-forward mode.
|
2021-04-23 16:55:30 -06:00 |
|
Todd C. Miller
|
fbbf602664
|
Move python.m4 and runlog.m4 to the m4 directory.
Previously they were inline in aclocal.m4.
|
2021-04-16 13:41:43 -06:00 |
|
Todd C. Miller
|
2db9e64214
|
Move reference-counted string code from sudoers to libsudo_util.
It will be used by sudo_logsrvd too.
|
2021-04-06 14:44:19 -06:00 |
|
Todd C. Miller
|
d60b8a791c
|
Add a relay mode to sudo_logsrvd where it forwards instead of stores.
Relay hosts are be specified in the server section of sudo_logsrvd.conf.
|
2021-04-06 14:44:19 -06:00 |
|
Todd C. Miller
|
72c40ae0e1
|
Move common TLS client code to tls_client.c and use it in sendlog.c.
|
2021-04-06 14:44:19 -06:00 |
|
Todd C. Miller
|
71e5275a1c
|
Move common TLS initialization code to tls_init.c.
|
2021-03-10 16:29:27 -07:00 |
|
Todd C. Miller
|
d4517e0a1c
|
Move autoconf auxiliary files to the scripts directory.
|
2021-04-06 14:23:38 -06:00 |
|
Todd C. Miller
|
06df3a1b47
|
Add simple regress check to display the network interfaces found.
|
2021-03-22 12:26:36 -06:00 |
|
Todd C. Miller
|
977f238d35
|
Add dictionary file for fuzz_logsrvd_conf.
|
2021-03-18 19:46:08 -06:00 |
|
Todd C. Miller
|
6eff3b313b
|
Move corpus files to a seed subdirectory.
|
2021-03-18 15:28:29 -06:00 |
|
Todd C. Miller
|
3e5cf7baa3
|
Do not redefine system group and passwd functions for testsudoers.
Instead, prefix the replacements with "testsudoers_" and use a
custom pwutil backend so they get used.
|
2021-03-18 11:39:54 -06:00 |
|
Todd C. Miller
|
851247e58c
|
Split iolog_fileio.c into multiple files.
|
2021-02-26 21:07:48 -07:00 |
|
Todd C. Miller
|
d51d4af7a6
|
Break out I/O log config handling into iolog_conf.c.
|
2021-02-26 15:02:58 -07:00 |
|
Todd C. Miller
|
d160dac355
|
Add test to exercise RunasSpec without a RunasUser.
|
2021-02-26 10:05:45 -07:00 |
|
Todd C. Miller
|
2e0ca52b50
|
Remove unused regress files.
|
2021-02-26 10:04:51 -07:00 |
|
Todd C. Miller
|
f5d7db56e7
|
Call public getters in logsrvd.conf fuzzer and add to corpus.
Now exercises the syslog config erorr path.
|
2021-02-25 16:00:31 -07:00 |
|
Todd C. Miller
|
24e1774ce3
|
Add regress test with all current Defaults settings.
Currently skips SELinux and Solaris privilege settings.
|
2021-02-25 11:26:55 -07:00 |
|
Todd C. Miller
|
e7b414ce4e
|
Move env hooks into sudoers_hooks.c.
|
2021-02-24 19:09:46 -07:00 |
|
Todd C. Miller
|
38c381a0cc
|
Split fmtsudoers.c into the parts used by sudoers plugin and cvtsudoers.
Only testsudoers and cvtsudoers use the full set of formatting functions.
|
2021-02-24 17:14:51 -07:00 |
|
Todd C. Miller
|
05767145b3
|
Add fuzzer-specific stubs source file.
|
2021-02-24 16:43:59 -07:00 |
|
Todd C. Miller
|
a56f7daeea
|
Split iolog_util.c into iolog_loginfo.c and iolog_timing.c.
Also rename check_iolog_util -> check_iolog_timing.
|
2021-02-24 14:40:33 -07:00 |
|
Todd C. Miller
|
2a657e2a12
|
Move legacy I/O log info file parsing to iolog_legacy.c
|
2021-02-24 14:34:14 -07:00 |
|
Todd C. Miller
|
4128582723
|
Move eventlog config code into eventlog_conf.c
|
2021-02-24 14:25:39 -07:00 |
|
Todd C. Miller
|
f399c449ad
|
Move eventlog_free() into its own file.
|
2021-02-24 13:59:17 -07:00 |
|
Todd C. Miller
|
cbd11c44d2
|
Update Defaults settings after parsing sudoers.
Also stub out dump_defaults when fuzzing as it is not used.
|
2021-02-24 12:29:34 -07:00 |
|
Todd C. Miller
|
5a85543c16
|
Move alias checking code out of visudo.c and into check_aliases.c.
|
2021-02-23 18:42:37 -07:00 |
|
Todd C. Miller
|
081e219e23
|
Add dictionary files for fuzzers where possible.
|
2021-02-23 11:28:47 -07:00 |
|
Todd C. Miller
|
d235083342
|
Add simple fuzzer for sudo_logsrvd.conf parser.
|
2021-02-15 15:52:17 -07:00 |
|
Todd C. Miller
|
25f50e2f07
|
Add simple fuzzer for sudo.conf parser.
|
2021-02-15 13:17:26 -07:00 |
|
Todd C. Miller
|
ea7a70e85d
|
For "make fuzz" only fuzz the seed corpus.
This way we avoid files generated by the fuzzer itself.
|
2021-02-15 07:35:19 -07:00 |
|
Todd C. Miller
|
df2931588a
|
Fuzz sudoers policy module API.
Includes a test case to reproduce CVE-2021-3156.
|
2021-02-12 15:36:18 -07:00 |
|
Todd C. Miller
|
1f97ef92b7
|
Move audit.c from libparsesudoers to the sudoers module itself.
Now that audit.c contains the audit module it doesn't belong in
libparsesudoers.
|
2021-02-12 11:13:52 -07:00 |
|
Todd C. Miller
|
41fa461fe1
|
Add a GNU-compatible version of basename(3).
Unlike POSIX basename(3), the GNU variant does not modify its argument.
Note that basename of a path ending in "/" returns an empty string.
|
2021-02-10 14:26:26 -07:00 |
|
Todd C. Miller
|
63a3f62547
|
Add fuzz Makefile target and run fuzzer corpus in make check.
|
2021-02-08 04:56:17 -07:00 |
|
Todd C. Miller
|
30d9497eb6
|
Add stub library that just feeds files to the fuzzing target.
This will allow the fuzzers to be run as part of "make check".
|
2021-02-07 15:43:51 -07:00 |
|
Todd C. Miller
|
1c02c14c35
|
Add more test files for fuzzers.
|
2021-02-05 19:30:00 -07:00 |
|
Todd C. Miller
|
5c2a21350d
|
fuzzer for I/O log timing files
|
2021-02-04 19:22:15 -07:00 |
|
Todd C. Miller
|
d2901f4121
|
Add fuzzer for legacy I/O log info file.
|
2021-02-03 07:41:20 -07:00 |
|
Todd C. Miller
|
f30670a42f
|
Plug a few more parser leaks.
|
2021-02-01 19:56:52 -07:00 |
|
Todd C. Miller
|
1e3cecc608
|
Add initial fuzzers to be used by oss-fuzz.
These are not yet hooked up to the sudo build.
|
2021-02-01 15:17:57 -07:00 |
|
Todd C. Miller
|
8f114c2aae
|
Add plugins/sudoers/strvec_join.c
|
2021-01-28 16:25:48 -07:00 |
|