Merge sudo 1.9.8p1 from tip

--HG--
branch : 1.9

NEWS

@@ -1,3 +1,17 @@
+What's new in Sudo 1.9.8p1
+
+ * Fixed support for passing a prompt (sudo -p) or a login class
+   (sudo -l) on the command line.  This is a regression introduced
+   in sudo 1.9.8.  Bug #993.
+
+ * Fixed a crash with "sudo ALL" rules in the LDAP and SSSD back-ends.
+   This is a regression introduced in sudo 1.9.8.  Bug #994.
+
+ * Fixed a compilation error when the --enable-static-sudoers configure
+   option was specified.  This is a regression introduced in sudo
+   1.9.8 caused by a symbol clash with the intercept and log server
+   protobuf functions.
+
 What's new in Sudo 1.9.8
 
  * It is now possible to transparently intercepting sub-commands
@@ -34,6 +48,10 @@ What's new in Sudo 1.9.8
    commands run in a privileged shell.  It uses the same mechanism as
    the intercept support described above and has the same limitations.
 
+ * The new "log_exit_status" sudoers setting can be used to log
+   the exit status commands run via sudo.  This is also a corresponding
+   "log_exit" setting in the sudo_logsrvd.conf eventlog stanza.
+
  * Support for logging sudo_logsrvd errors via syslog or to a file.
    Previously, most sudo_logsrvd errors were only visible in the
    debug log.

configure

@@ -1,6 +1,6 @@
 #! /bin/sh
 # Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.71 for sudo 1.9.8.
+# Generated by GNU Autoconf 2.71 for sudo 1.9.8p1.
 #
 # Report bugs to <https://bugzilla.sudo.ws/>.
 #
@@ -621,8 +621,8 @@ MAKEFLAGS=
 # Identity of this package.
 PACKAGE_NAME='sudo'
 PACKAGE_TARNAME='sudo'
-PACKAGE_VERSION='1.9.8'
-PACKAGE_STRING='sudo 1.9.8'
+PACKAGE_VERSION='1.9.8p1'
+PACKAGE_STRING='sudo 1.9.8p1'
 PACKAGE_BUGREPORT='https://bugzilla.sudo.ws/'
 PACKAGE_URL=''
 
@@ -1631,7 +1631,7 @@ if test "$ac_init_help" = "long"; then
   # Omit some internal or obsolete options to make the list less imposing.
   # This message is too long to be a string in the A/UX 3.1 sh.
   cat <<_ACEOF
-\`configure' configures sudo 1.9.8 to adapt to many kinds of systems.
+\`configure' configures sudo 1.9.8p1 to adapt to many kinds of systems.
 
 Usage: $0 [OPTION]... [VAR=VALUE]...
 
@@ -1697,7 +1697,7 @@ fi
 
 if test -n "$ac_init_help"; then
   case $ac_init_help in
-     short | recursive ) echo "Configuration of sudo 1.9.8:";;
+     short | recursive ) echo "Configuration of sudo 1.9.8p1:";;
    esac
   cat <<\_ACEOF
 
@@ -1982,7 +1982,7 @@ fi
 test -n "$ac_init_help" && exit $ac_status
 if $ac_init_version; then
   cat <<\_ACEOF
-sudo configure 1.9.8
+sudo configure 1.9.8p1
 generated by GNU Autoconf 2.71
 
 Copyright (C) 2021 Free Software Foundation, Inc.
@@ -2639,7 +2639,7 @@ cat >config.log <<_ACEOF
 This file contains any messages produced by compilers while
 running configure, to aid debugging if configure makes a mistake.
 
-It was created by sudo $as_me 1.9.8, which was
+It was created by sudo $as_me 1.9.8p1, which was
 generated by GNU Autoconf 2.71.  Invocation command line was
 
   $ $0$ac_configure_args_raw
@@ -23674,7 +23674,7 @@ fi
 	    else
 		enable_openssl=yes
 	    fi
-	    LIBTLS="${LIBTLS} -lcrypto -lssl"
+	    LIBTLS="${LIBTLS} -lssl -lcrypto"
 
 	    # Use OpenSSL's sha2 functions if possible
 	    { printf "%s\n" "$as_me:${as_lineno-$LINENO}: checking for SHA224_Update in -lcrypto" >&5
@@ -31497,7 +31497,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
 # report actual input values of CONFIG_FILES etc. instead of their
 # values after options handling.
 ac_log="
-This file was extended by sudo $as_me 1.9.8, which was
+This file was extended by sudo $as_me 1.9.8p1, which was
 generated by GNU Autoconf 2.71.  Invocation command line was
 
   CONFIG_FILES    = $CONFIG_FILES
@@ -31565,7 +31565,7 @@ ac_cs_config_escaped=`printf "%s\n" "$ac_cs_config" | sed "s/^ //; s/'/'\\\\\\\\
 cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
 ac_cs_config='$ac_cs_config_escaped'
 ac_cs_version="\\
-sudo config.status 1.9.8
+sudo config.status 1.9.8p1
 configured by $0, generated by GNU Autoconf 2.71,
   with options \\"\$ac_cs_config\\"
 

configure.ac

@@ -18,7 +18,7 @@ dnl ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
 dnl OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
 dnl
 AC_PREREQ([2.70])
-AC_INIT([sudo], [1.9.8], [https://bugzilla.sudo.ws/], [sudo])
+AC_INIT([sudo], [1.9.8p1], [https://bugzilla.sudo.ws/], [sudo])
 AC_CONFIG_HEADERS([config.h pathnames.h])
 AC_CONFIG_SRCDIR([src/sudo.c])
 AC_CONFIG_AUX_DIR([scripts])
@@ -2995,7 +2995,7 @@ if test "${enable_openssl-no}" != no; then
 	    else
 		enable_openssl=yes
 	    fi
-	    LIBTLS="${LIBTLS} -lcrypto -lssl"
+	    LIBTLS="${LIBTLS} -lssl -lcrypto"
 
 	    # Use OpenSSL's sha2 functions if possible
 	    AC_CHECK_LIB(crypto, SHA224_Update, [

plugins/sudoers/Makefile.in

@@ -165,7 +165,7 @@ LIB_FUZZING_ENGINE = @FUZZ_ENGINE@
 FUZZ_PROGS = fuzz_policy fuzz_sudoers fuzz_sudoers_ldif
 FUZZ_SEED_CORPUS = ${FUZZ_PROGS:=_seed_corpus.zip}
 FUZZ_LIBS = libparsesudoers.la @SUDOERS_LIBS@ $(LIB_FUZZING_ENGINE)
-FUZZ_LDFLAGS = @LDFLAGS@
+FUZZ_LDFLAGS = @LDFLAGS@ @SUDOERS_LDFLAGS@
 FUZZ_MAX_LEN = 4096
 FUZZ_RUNS = 8192
 

plugins/sudoers/defaults.c

@@ -206,6 +206,9 @@ parse_default_entry(struct sudo_defs_types *def, const char *val, int op,
     int rc;
     debug_decl(parse_default_entry, SUDOERS_DEBUG_DEFAULTS);
 
+    if (file == NULL)
+	file = "front-end";
+
     sudo_debug_printf(SUDO_DEBUG_INFO, "%s: %s:%d:%d: %s=%s op=%d",
 	__func__, file, line, column, def->name, val ? val : "", op);
 

plugins/sudoers/ldap_util.c

@@ -408,15 +408,13 @@ sudo_ldap_role_to_priv(const char *cn, void *hosts, void *runasusers,
 	    free(cmndspec);
 	    goto oom;
 	}
-	if (strcmp(cmnd, "ALL") != 0) {
-	    if ((c = calloc(1, sizeof(*c))) == NULL) {
-		free(cmndspec);
-		free(m);
-		goto oom;
-	    }
-	    m->name = (char *)c;
-	    TAILQ_INIT(&c->digests);
+	if ((c = calloc(1, sizeof(*c))) == NULL) {
+	    free(cmndspec);
+	    free(m);
+	    goto oom;
 	}
+	m->name = (char *)c;
+	TAILQ_INIT(&c->digests);
 
 	/* Negated commands have precedence so insert them at the end. */
 	if (negated)
@@ -584,8 +582,8 @@ sudo_ldap_role_to_priv(const char *cn, void *hosts, void *runasusers,
 
 	/* Fill in command member now that options have been processed. */
 	m->negated = negated;
-	if (c == NULL) {
-	    /* No command name for "ALL" */
+	if (strcmp(cmnd, "ALL") == 0) {
+	    /* TODO: support digests with ALL */
 	    m->type = ALL;
 	    if (cmndspec->tags.setenv == UNSPEC)
 		cmndspec->tags.setenv = IMPLIED;

plugins/sudoers/policy.c

@@ -224,7 +224,7 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults)
 	if (MATCHES(*cur, "prompt=")) {
 	    /* Allow epmpty prompt. */
 	    user_prompt = *cur + sizeof("prompt=") - 1;
-	    if (!append_default("passprompt_override", "true", true, NULL, defaults))
+	    if (!append_default("passprompt_override", NULL, true, NULL, defaults))
 		goto oom;
 	    continue;
 	}
@@ -285,7 +285,7 @@ sudoers_policy_deserialize_info(void *v, struct defaults_list *defaults)
 	if (MATCHES(*cur, "login_class=")) {
 	    CHECK(*cur, "login_class=");
 	    login_class = *cur + sizeof("login_class=") - 1;
-	    if (!append_default("use_loginclass", "true", true, NULL, defaults))
+	    if (!append_default("use_loginclass", NULL, true, NULL, defaults))
 		goto oom;
 	    continue;
 	}

src/exec_intercept.c

@@ -100,7 +100,7 @@ intercept_setup(int fd, struct sudo_event_base *evbase,
 	goto bad;
     }
 
-    /* If we've already seen a ClientHello, expect a policy check first. */
+    /* If we've already seen an InterceptHello, expect a policy check first. */
     closure->state = sudo_token_isset(intercept_token) ?
 	RECV_SECRET : RECV_HELLO_INITIAL;
     closure->details = details;
@@ -636,7 +636,7 @@ intercept_read(int fd, struct intercept_closure *closure)
 	default:
 	    /* Only accept hello on a socket with an accepted command. */
 	    sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
-		"got ClientHello without an accepted command");
+		"got InterceptHello without an accepted command");
 	    goto done;
 	}
 	break;
@@ -850,7 +850,7 @@ intercept_write(int fd, struct intercept_closure *closure)
 	closure->state = RECV_CONNECTION;
 	break;
     case POLICY_ACCEPT:
-	/* Re-use event to read ClientHello from sudo_intercept.so ctor. */
+	/* Re-use event to read InterceptHello from sudo_intercept.so ctor. */
 	if (sudo_ev_set(&closure->ev, fd, SUDO_EV_READ|SUDO_EV_PERSIST, intercept_cb, closure) == -1) {
 	    /* This cannot (currently) fail. */
 	    sudo_warn("%s", U_("unable to add event to queue"));