mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-31 06:15:37 +00:00
Code Issues Releases Wiki Activity
12,255 Commits 6 Branches 326 Tags
8049e4e32f81424b01ac9c83eacefc3de3640ef5
Commit Graph

1194 Commits

Author SHA1 Message Date
Todd C. Miller
4220e6631b Move address sanitizer and fuzzer checks to m4/sanitizer.m4 2022-12-05 12:33:44 -07:00
Todd C. Miller
ea5668086c Move symbol visibility checks to m4/visibility.m4 2022-12-05 12:33:42 -07:00
Todd C. Miller
5bf5a4e26c Move hardening checks to m4/hardening.m4 2022-12-05 12:32:53 -07:00
Todd C. Miller
8718fc2083 Make cpp variadic arguments check into a macro and move to sudo.m4. 
Also move the PVS-Studio.cfg generation to sudo.m4.
 2022-12-05 09:47:21 -07:00
Todd C. Miller
cfdcd96b63 Move the check for the fallthrough attribute outside the warnings block. 
Use AX_APPEND_FLAG instead of addind to CFLAGS directly.
 2022-11-29 16:04:14 -07:00
Todd C. Miller
0044893961 Use AC_SYS_YEAR2038 instead of setting _TIME_BITS by hand. 2022-11-16 19:29:22 -07:00
Todd C. Miller
4af5e6293c Update macros from autoconf-archive. 2022-11-16 19:24:42 -07:00
Todd C. Miller
920d384941 Regenerate with the autoconf 2.72a pre-release. 2022-11-16 10:26:08 -07:00
Todd C. Miller
bef72f76f6 Add -Wvla and -Walloca to --enable-warnings 2022-11-15 11:05:42 -07:00
Todd C. Miller
3cfba230c5 configure: only check for getauxval() if getentropy() is missing. 2022-11-11 11:04:58 -07:00
Todd C. Miller
28dbad3342 Remove checks for random() and lrand48(), they are no longer used. 
Also remove duplicate checks for arc4random() and getentropy().
 2022-11-11 09:37:49 -07:00
Todd C. Miller
3d0fcc0ff2 Skip check for cpp variadic macro support if the compiler supports C99. 2022-11-11 09:09:31 -07:00
Todd C. Miller
6b005e8114 HI-UX/MPP is based on OSF-1, not HP-UX 
Completely untested.
 2022-11-11 08:45:58 -07:00
Todd C. Miller
a142bc1830 Only check for utmps.h on HP-UX. 2022-11-11 08:32:41 -07:00
Todd C. Miller
a3684d7f3b Only check for sys/syscall.h on Linux. 
We only use it in the Linux-specific getentropy() emulation code.
 2022-11-11 08:11:26 -07:00
Todd C. Miller
feba299f22 configure: avoid running unnecessary tests on modern systems. 
Remove AC_SYS_POSIX_TERMIOS, AC_TYPE_MODE_T, AC_TYPE_UID_T.
Add missing checks for int16_t, uint16_t, int32_t, and int64_t.
Only check for intmax_t, uintmax_t and bit-width types if missing
both inttypes.h and stdint.h.
Remove unused clockid_t replacement.
 2022-11-11 07:05:26 -07:00
Todd C. Miller
3df1e9a073 sudo 1.9.12p1 2022-11-04 14:19:27 -06:00
Todd C. Miller
366217571e configure: better test for -fstack-clash-protection 
The gcc front-end may accept -fstack-clash-protection even if the
machine-specific code does not support it.  We use a test program
with a large stack allocation to try to cause the compiler to insert
the stack clash protection code, or fail if not supported.
GitHub issue #191
 2022-10-27 20:02:37 -06:00
Todd C. Miller
6a2075b671 Check that compiler accepts -fstack-clash-protection and -fcf-protection. 
Previously, we only checked that linker accepted them.
GitHub issue #191
 2022-10-27 18:33:41 -06:00
Todd C. Miller
d37710b0f6 Use mkdtempat_np() and mkostempsat_np() on macOS 2022-09-22 11:34:00 -06:00
Todd C. Miller
376d18b5da Add fchownat() systems without it. 2022-09-21 19:08:12 -06:00
Todd C. Miller
86c108b50b Add mkdtempat() and mkostempsat() for systems without them. 2022-09-21 19:08:11 -06:00
Todd C. Miller
14356c1940 Use process_vm_readv(2) and process_vm_writev(2) if available. 
This is faster than reading/writing from/to the remote process one
word at a time using PTRACE_PEEKDATA and PTRACE_POKEDATA.
 2022-08-25 12:37:19 -06:00
Todd C. Miller
a366c623f1 Use our own arc4random() in preference to the glibc version. 
The glibc arc4random() may fail in chroot on older kernels and exit.
 2022-08-04 13:11:07 -06:00
Todd C. Miller
b422ddea75 Sudo 1.9.12. 2022-08-02 14:28:30 -06:00
Todd C. Miller
13672f28df Make sudo pass -Wwrite-strings 2022-06-28 16:33:15 -06:00
Todd C. Miller
b3a8cad346 A typo prevented -Wno-deprecated-declarations from being used on macOS. 2022-06-28 15:43:27 -06:00
Todd C. Miller
f5ac1317c4 Make sudo pass -Wmissing-prototypes 2022-06-27 12:48:03 -06:00
Todd C. Miller
01a9e5a157 Sudo 1.9.11p3 2022-06-20 16:58:03 -06:00
Todd C. Miller
04746d0e65 Sudo 1.9.11p2 2022-06-12 08:05:00 -06:00
Todd C. Miller
d2bf3aad06 Sudo 1.9.11p1 2022-06-08 08:31:27 -06:00
Todd C. Miller
7689b8718c Check for SECCOMP_MODE_FILTER not SECCOMP_SET_MODE_FILTER. 
This matches the actual prctl() call we use.
 2022-06-07 10:50:59 -06:00
Todd C. Miller
96c3c28194 Add EXAMPLES variables for use in the man pages for the examples directory. 2022-06-06 08:36:44 -06:00
Todd C. Miller
25a26f5042 Avoid using vfork(2) in the DSO system(3) wrapper. 
Traditional vfork(2) semantics make it unsafe for use for more than
just vfork(2) + execve(2).
 2022-06-03 09:43:34 -06:00
Todd C. Miller
cec83a05a3 Add configure check for vfork(2) and fall back to fork(2) if missing. 2022-05-31 14:47:39 -06:00
Todd C. Miller
1c83161622 On AIX, fmemopen(3) has a bug where feof() returns false at EOF. 
See https://www.ibm.com/support/pages/apar/IJ11845
 2022-05-29 15:52:48 -06:00
Todd C. Miller
9bb288d10e Regenerate files after merging AppArmor integration. 2022-05-27 08:30:34 -06:00
Todd C. Miller
583e8bf538 Use explicit library dependencies instead of implicit. 
We now include all the dependent libraries when linking.
Fixes a linking problem on CentOS Stream 9.
 2022-05-19 17:01:14 -06:00
Todd C. Miller
4ac1237bd3 Sudo 1.9.11 2022-04-29 19:03:24 -06:00
Todd C. Miller
ec5164ced2 Define _TIME_BITS=64 on systems that define __TIMESIZE, like GNU libc. 
This should be replaced by a specialized autoconf macro when one
becomes available.
 2022-04-19 13:28:39 -06:00
Todd C. Miller
a1e20ddd95 Fix check for EVP_MD_CTX_new() when -pthread is in Libs.private. 2022-04-04 10:13:28 -06:00
Todd C. Miller
dcb2fb26a5 Rename SSP_(C|LD)FLAGS -> HARDENING_(C|LD)FLAGS 2022-04-01 11:14:59 -06:00
Todd C. Miller
cc4d7196ff Update to libtool 2.4.7. 2022-03-31 16:14:10 -06:00
Todd C. Miller
90501b7000 Fix check for EVP_MD_CTX_new using static libcrypto with dependencies. 2022-03-31 16:14:10 -06:00
Todd C. Miller
c77cba373a --enable-openssl: don't add non-existent directories to PKG_CONFIG_LIBDIR 2022-03-30 11:21:44 -06:00
Todd C. Miller
75a0e51590 Add sudo_closefrom() regression test. 2022-03-01 11:31:19 -07:00
Todd C. Miller
f1a697a8ff Use close_range(2) in closefrom() emulation if available. 
On Linux, prefer our own closefrom() emulation since the glibc
version may fail if /proc is not present and close_range() is not
supported.  On FreeBSD, closefrom(3) will either call the closefrom
or close_range system call, depending on which is available.
 2022-03-01 09:54:23 -07:00
Todd C. Miller
c3177ce831 Repair --enable-pvs-studio on Linux. 2022-03-01 09:42:07 -07:00
Todd C. Miller
10ca59097e Mention apple radar 3710161 in the comment about broken macOS poll(2). 2022-03-01 09:25:14 -07:00
Todd C. Miller
a57e979962 Adapt test harness for lib/util and move to regress directory. 2022-02-28 14:15:43 -07:00