mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-22 01:49:11 +00:00
Code Issues Releases Wiki Activity
12,976 Commits 6 Branches 326 Tags
Commit Graph

562 Commits

Author SHA1 Message Date
Todd C. Miller
fce45b2767 Make ignore_dot the default 
Add --disable-ignore-dot to disable it and deprecate --with-ignore-dot.
 2025-03-08 17:59:32 -07:00
Todd C. Miller
7c075c100d Add an OFF_T_MAX define 
This will be used for integer overflow checks when copying files.
 2025-01-15 08:39:36 -07:00
Todd C. Miller
cc8c43c4d6 Format ttydev as (signed) long long, not unsigned. 
Now that we parse ttydev as a long long it makes more sense to
format it the same way.  This completely avoids the sign extension
issue on systems where dev_t is signed.
 2024-08-14 07:53:00 -06:00
Todd C. Miller
46274e725e Fix formatting of ttydev on systems with signed 32-bit dev_t 
If dev_t is 32-bit and signed, formatting as an unsigned long long
may result in a bogus value due to sign extension.
 2024-08-13 20:07:28 -06:00
Todd C. Miller
f0823c70c6 Remove offensive insults that were disabled by default anyway. 
Bug #1058
 2024-03-18 09:14:15 -06:00
Todd C. Miller
ad4dc22d5a Automatically migrate lecture file path from name-based to uid-based. 
GitHub issue #342.
 2023-12-22 09:39:24 -07:00
Todd C. Miller
0c67456923 Sudo assumes that a uid_t can be cast to unsigned int without problems. 
Add a configure check and error out if sizeof(uid_t) > 4.
 2023-09-20 11:25:48 -06:00
Todd C. Miller
94b80e3ad4 Replace MAX_UID_T_LEN with calls to STRLEN_MAX_UNSIGNED. 2023-09-19 15:16:30 -06:00
Todd C. Miller
49c7c1f4d3 Only cast TIOCSWINSZ to int on systems that might require it (AIX). 
Otherwise we end up with a -Wconversion warning on systems where
the ioctl() request argument is unsigned long.
 2023-09-15 10:26:29 -06:00
Todd C. Miller
e6d14c95b6 Use SSL_read_ex() and SSL_write_ex() instead of SSL_read() and SSL_write(). 2023-08-05 10:38:01 -06:00
Todd C. Miller
980e0216ac Add basic support for 32-bit and 64-bit LD_PRELOAD equivalents. 
The noexec and intercept DSO settings may now include both a 32-bit
DSO and a 64-bit DSO specified by a colon.  For example:
/usr/libexec/sudo/sudo_intercept.so:/usr/libexec/sudo/sudo_intercept_64.so.
 2023-07-31 13:46:57 -06:00
Todd C. Miller
a432aed4f0 realpath.c: include limits.h and use sysconf(_SC_SYMLOOP_MAX) 
This is more portable and eliminates the need to check for SYMLOOP_MAX
(and provide it if missing) in configure.  Also quiet some -Wconversion
warnings.
 2023-07-10 15:52:16 -06:00
Todd C. Miller
f7801f2160 Add configure check for restrict keyword. 2023-07-07 15:06:53 -06:00
Todd C. Miller
bfb6132d9c Add configure tests for __builtin_clz/__builtin_clzl 2023-07-04 12:39:31 -06:00
Todd C. Miller
a0b074cc9c Fix undefined symbol on macOS for intercept mode and log_subcmds. 
macOS does not support direct access to the environ pointer from a
shared object.  We need to redirect through _NSGetEnviron() instead.
Fixes GitHub issue #276.
 2023-06-28 10:59:26 -06:00
Todd C. Miller
a7e906ff66 Regenerate with latest autoconf from git. 2023-05-01 09:35:34 -06:00
Todd C. Miller
65c0b5a089 Move CONFIGURE_ARGS from sudo_usage.h.in to config.h.in. 2023-04-18 07:29:37 -06:00
Todd C. Miller
f0f5e1b5bc Use built-in tests for bit types instead of using AC_CHECK_TYPES. 
This should be more portable as it handles the quirks of some older
systems.
 2023-03-22 15:37:12 -06:00
Todd C. Miller
f5d0b7abf7 Remove portable getcwd.c, nothing uses it anymore. 
Any operating system supported by sudo already includes getcwd(3).
 2023-03-16 15:01:41 -06:00
Todd C. Miller
0443d14578 Add checks for realpath(3) and a version from NetBSD for those without it. 2023-02-12 13:27:17 -07:00
Todd C. Miller
ffb09be49d Add configure test for NSIG, _NSIG or __NSIG. 
This is better than just defining NSIG in sudo_compat.h if it is
not defined since signal.h may not have been included.
 2023-01-31 11:30:45 -07:00
Todd C. Miller
fd0021ee5c Regen with latest autoconf git. 2023-01-27 14:44:45 -07:00
Todd C. Miller
f7265f5de2 Eliminate usage of obsolete 2-argument AC_CHECK_TYPE macro. 2023-01-19 13:59:05 -07:00
Todd C. Miller
9ddae66818 Add support for the struct kinfo_proc on Dragonfly BSD. 2023-01-19 13:22:32 -07:00
Todd C. Miller
f6e0e87ba9 sudo 1.9.13 
Document the changes to AIX plugins in docs/UPGRADE.md and regenerate
configure using the latest autoconf from git.
 2022-12-26 10:47:51 -07:00
Todd C. Miller
16ae61dcd7 Use C23 [[__fallthrough__]] and [[__noreturn__]] attributes if supported. 
If the C23 attributes are not supported, use gcc-style attributes
where possible.
 2022-11-29 16:28:27 -07:00
Todd C. Miller
0044893961 Use AC_SYS_YEAR2038 instead of setting _TIME_BITS by hand. 2022-11-16 19:29:22 -07:00
Todd C. Miller
920d384941 Regenerate with the autoconf 2.72a pre-release. 2022-11-16 10:26:08 -07:00
Todd C. Miller
28dbad3342 Remove checks for random() and lrand48(), they are no longer used. 
Also remove duplicate checks for arc4random() and getentropy().
 2022-11-11 09:37:49 -07:00
Todd C. Miller
feba299f22 configure: avoid running unnecessary tests on modern systems. 
Remove AC_SYS_POSIX_TERMIOS, AC_TYPE_MODE_T, AC_TYPE_UID_T.
Add missing checks for int16_t, uint16_t, int32_t, and int64_t.
Only check for intmax_t, uintmax_t and bit-width types if missing
both inttypes.h and stdint.h.
Remove unused clockid_t replacement.
 2022-11-11 07:05:26 -07:00
Todd C. Miller
d37710b0f6 Use mkdtempat_np() and mkostempsat_np() on macOS 2022-09-22 11:34:00 -06:00
Todd C. Miller
376d18b5da Add fchownat() systems without it. 2022-09-21 19:08:12 -06:00
Todd C. Miller
86c108b50b Add mkdtempat() and mkostempsat() for systems without them. 2022-09-21 19:08:11 -06:00
Todd C. Miller
304726a215 Move gcc-style __attribute__ macros to config.h.in 
Renamed __malloc -> sudo_malloclike, __printflike -> sudo_printflike,
__printf0like -> sudo_printf0like.
Add sudo_noreturn instead of __attribute__((__noreturn__)).
We do not use stdnoreturn.h since it has been deprecated in C23
in favor of the [[noreturn]] attribute.
 2022-09-07 07:48:31 -06:00
Todd C. Miller
14356c1940 Use process_vm_readv(2) and process_vm_writev(2) if available. 
This is faster than reading/writing from/to the remote process one
word at a time using PTRACE_PEEKDATA and PTRACE_POKEDATA.
 2022-08-25 12:37:19 -06:00
Todd C. Miller
7689b8718c Check for SECCOMP_MODE_FILTER not SECCOMP_SET_MODE_FILTER. 
This matches the actual prctl() call we use.
 2022-06-07 10:50:59 -06:00
Todd C. Miller
25a26f5042 Avoid using vfork(2) in the DSO system(3) wrapper. 
Traditional vfork(2) semantics make it unsafe for use for more than
just vfork(2) + execve(2).
 2022-06-03 09:43:34 -06:00
Todd C. Miller
cec83a05a3 Add configure check for vfork(2) and fall back to fork(2) if missing. 2022-05-31 14:47:39 -06:00
kernelmethod
0b541c2029 Add a --with-apparmor build flag 
Add a new build flag, --with-apparmor, that builds sudo with AppArmor
support. Modify the build script for Debian and Ubuntu to enable this
flag by default.
 2022-05-23 13:41:14 -06:00
Todd C. Miller
ec5164ced2 Define _TIME_BITS=64 on systems that define __TIMESIZE, like GNU libc. 
This should be replaced by a specialized autoconf macro when one
becomes available.
 2022-04-19 13:28:39 -06:00
Todd C. Miller
f1a697a8ff Use close_range(2) in closefrom() emulation if available. 
On Linux, prefer our own closefrom() emulation since the glibc
version may fail if /proc is not present and close_range() is not
supported.  On FreeBSD, closefrom(3) will either call the closefrom
or close_range system call, depending on which is available.
 2022-03-01 09:54:23 -07:00
Todd C. Miller
c13b21c199 Avoid TOCTOU in sudo_mkdir_parents() using openat(2) and mkdirat(2). 
This also allows us to make path const as it should be.
 2021-12-11 08:35:18 -07:00
Todd C. Miller
19065cb221 Use strtoul() on systems without strtoull(). 
We can assume that systems without strtoull() have 32-bit resource limits.
 2021-11-08 18:21:15 -07:00
Todd C. Miller
4eebd53bce parse_gentime: use timegm() to generate time since the epoch 
The timegm() function is non-standard but widely available.
Provide an implementation for those systems that lack it.
Bug #1006
 2021-10-31 09:27:34 -06:00
Todd C. Miller
fc5fa1bbd4 wolfSSL not WolfSSL 2021-10-26 19:00:16 -06:00
Todd C. Miller
cc6157d7d4 Add support for WolfSSL's OpenSSL compatibility layer. 
Based on changes from Hayden Roche
 2021-10-25 13:17:57 -06:00
Todd C. Miller
ef3eb25a1b arc4random: need to include sys/random.h on Solaris too. 
This was removed when Linux genentropy() was disabled.
 2021-10-22 10:44:34 -06:00
Todd C. Miller
23eef895f4 Add an explicit check for sys/sysctl.h. 
This test needs to be done after AC_LANG_WERROR to avoid including
sys/sysctl.h on systems where it is marked as deprecated via a
#warning directive.
 2021-10-20 10:31:35 -06:00
Todd C. Miller
00e53b32e5 Use our own getentropy() by default on Linux. 
The glibc getentropy() emulation will fail on older kernels that
don't support getrandom().
Also use sudo_fatal() instead of sending SIGKILL on getentropy() failure.
GitHub issue #117.
 2021-10-20 09:53:01 -06:00
Todd C. Miller
476f00b82f Emulate closefrom() on macOS using proc_pidinfo(). 
This avoids relying on /dev/fd which may not exist in a chroot jail.
Adapted from a change in OpenSSH by likan_999.student AT sina.com
 2021-09-27 13:44:41 -06:00