Commit 244017495421 added ctx variable to log_warningx() call but that
variable was not declared...

Each connection can require up to 9 descriptors.

This adds an env_free() function to explicitly free both the old
and new copies of the environme...

This matches the JSON logs.

It may not be available otherwise and unless the command is being
run it has no real meaning.

This reverts 5118eb5797fb, which had the side-effect of the PAM
session code running with the ru...

This matches the sudo_sys_siglist[] and sudo_sys_signame[] declarations.

This prevents problems on systems where the system printf(3) is not
C99-compliant. We use our o...

problems on systems where the system printf(3) is not C99-compliant.
We use our own snprintf() on...

1. Lock the terminal before tcgetattr/tcsetattr
2. Don't restore terminal settings if changed by ...

def_sudoers_locale is already a char*

fprintf does extra work and meant for formatting strings.

Do not rely on awk supporting "-f -" to read the program from stdin.
Avoid using POSIX character...

We use int or long, not long long, in the Python plugin.

Otherwise, the parser_conf settings in the context passed to
sudo_file_open() will not be honore...

Fixes -Wconversion warnings on some 32-bit systems where time_t is
still 32-bit.

size_t is an unsigned int on 32-bit platforms, not an unsigned long.

We rely on the include path to find many of these headers. It
especially doesn't make sense to ...

This removes some infinite loops that can cause static analyzer
warnings. The fds are not in no...

Also use early return on error to quiet a PVS-Studio warning.

Either the fd is not a terminal or we don't have the controlling
terminal. Either way, we can't...

Add a configure check and error out if sizeof(uid_t) > 4.

Adapted from answer #6 in:
https://stackoverflow.com/questions/10536207/ansi-c-maximum-number-of...

Where the sudoers_context is available we can use the values
of verbose and strict instead of pa...

This will be used by visudo to indicate when "visudo -s" is run.

Used by defaults.c and check_aliases.c.

This is a convenience function that sets PERM_RUNAS and calls
find_path(). If the command is no...

This upgrades the error pipe to a bi-directional socketpair that
the parent will write to after ...

Quiets a warning on AIX where usersec.h defines AUTH_SUCCESS and
AUTH_FAILURE. We avoided this ...

Otherwise we end up with a -Wconversion warning on systems where
the ioctl() request argument is...

A negative verbosity will prevent non-error output from being
displayed.

They are unnecessary since struct sudoers_pivot is not opaque.
The implementation details are pr...

Adjust find_path()'s ignore_dot function argument to match.

These are needed by bsm_audit.c.

We can now use the stored ppid in ts_init_key().

We want to pass around a pointer, not the struct itself.

This fixes a logic goof introduced in sudo 1.9.14.

This avoids problems if the user name itself contains a path separator.

This will make it possible to support a different getusershell()
implementation for testsudoers ...

This will make it possible to support a different backend which may
be used by testsudoers in th...

The getpass callbacks are now defined in sudo_auth.c, which implements
auth_getpass(). As a res...

We now use ROWHAMMER-resistent values for ALLOW, DENY, AUTH_SUCCESS,
AUTH_FAILURE, AUTH_ERROR an...

The sudoers_sethost() function can be shared by the sudoers plugin,
visudo, cvtsudoers and tests...