2023-12-29  Todd C. Miller  <Todd.Miller@sudo.ws>

	* .hgtags:
	Added tag SUDO_1_9_15p5 for changeset 4418cfdc5b2a
	[c1df7aef0fa8] [tip] <1.9>

	* NEWS, configure, configure.ac:
	Sudo 1.9.15p5
	[4418cfdc5b2a] [SUDO_1_9_15p5] <1.9>

2023-12-28  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/cvtsudoers_pwutil.c, plugins/sudoers/pwutil_impl.c:
	Properly handle sysconf(_SC_LOGIN_NAME_MAX) returning -1 on failure.

	The cast to size_t needs to be outside the MAX() macro or the -1
	will get cast to unsigned.
	[343b22c1fc59] <1.9>

2023-12-22  Todd C. Miller  <Todd.Miller@sudo.ws>

	* config.h.in, configure, configure.ac, plugins/sudoers/timestamp.c:
	Automatically migrate lecture file path from name-based to uid-
	based.

	GitHub issue #342.
	[cfa82cf5ac29] <1.9>

2023-12-19  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/ldap_conf.c:
	Disable netgroup_query when netgroup_base is not set.

	The logic was inverted when support for netgroup_query was added.
	This supercedes PR #341.
	[a575b106220e] <1.9>

	* docs/sudoers.man.in, docs/sudoers.mdoc.in:
	In the NOEXEC example make it clear that "shanty" is a host. Bug
	#1064
	[18e3b6a981d4] <1.9>

2023-12-16  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/defaults.c:
	Fix printing of warning when a Defaults setting is missing a value.

	This is a bug in parse_default_entry() introduced in sudo 1.8.19
	when support for using the default syslog facility was added at the
	wrong place in a switch().
	[f9de87a2f501] <1.9>

2023-12-15  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/defaults.c:
	Fix evaluation of a tuple used in "true" boolean context.

	Previously, a tuple in boolean context was always treated as a
	negated entry, which doesn't match the documentation. We assume that
	there are at least two tuple entries where the first maps to boolean
	false and the second maps to boolean true.
	[39a6e634c9d6] <1.9>

	* .hgtags:
	Added tag SUDO_1_9_15p4 for changeset cc9d22d261de
	[382e15393814] <1.9>

	* NEWS, configure, configure.ac:
	Sudo 1.9.15p4
	[cc9d22d261de] [SUDO_1_9_15p4] <1.9>

	* plugins/sudoers/lookup.c:
	sudoers_lookup_pseudo: init match to UNSPEC for
	sudo_nss_can_continue().

	Otherwise, processing will stop after the first sudoers nsswitch
	service specification where [SUCCESS=return] is present.
	[053be548771c] <1.9>

2023-12-13  Todd C. Miller  <Todd.Miller@sudo.ws>

	* .hgtags:
	Added tag SUDO_1_9_15p3 for changeset 20d368229c6a
	[e01ee9945d11] <1.9>

	* NEWS, configure, configure.ac:
	Sudo 1.9.15p3
	[20d368229c6a] [SUDO_1_9_15p3] <1.9>

2023-12-11  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/policy.c:
	Pass back Solaris privs as "runas_privs" and "runas_limitprivs".

	The "runas_" prefix got inadvertantly removed in the big
	sudoers_context refactor.
	[25f183bdd61e] <1.9>

2023-12-09  Todd C. Miller  <Todd.Miller@sudo.ws>

	* include/sudo_util.h, lib/util/term.c, lib/util/ttysize.c,
	lib/util/util.exp.in, src/sudo.h, src/ttyname.c:
	sudo_term_is_raw: only try to lock the fd if it is a tty

	This moves sudo_isatty() to libsudo_util so sudo_term_is_raw() can
	use it. Fixes GitHub issue #335
	[5e7dd2580c9b] <1.9>

2023-12-07  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/sudoreplay.c:
	setup_terminal: fix an editing error introduced in 1.9.15.
	[690c82d4ebd4] <1.9>

2023-12-04  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/sethost.c:
	Fall back to "localhost" if gethostname() fails.

	GitHub issue #332
	[c6993fd61aac] <1.9>

	* plugins/sudoers/match_command.c:
	command_matches_glob: fix comparison of canonicalized parent
	directories

	Bug #1062
	[78b789de1df8] <1.9>

2023-11-09  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/sudo.c:
	Always disable core dumps when sudo sends itself a fatal signal.

	When a command exits due to a fatal signal, sudo will re-send that
	signal to itself so the shell does not ignore keyboard-generated
	signals. However, now that sudo disables core dumps by default for
	the command, we cannot rely on WCOREDUMP() telling us whether or not
	the signal will lead to a core dump. It is safest to always disable
	core dumps before sending the signal to ourself.
	[4ce4bedf84fe] <1.9>

	* .hgtags:
	Added tag SUDO_1_9_15p2 for changeset 4d03c1608a23
	[b46c7b3c67b4] <1.9>

2023-11-08  Todd C. Miller  <Todd.Miller@sudo.ws>

	* NEWS, configure, configure.ac, lib/util/term.c:
	Merge sudo 1.9.15p2 from tip.
	[4d03c1608a23] [SUDO_1_9_15p2] <1.9>

	* NEWS, configure, configure.ac:
	Sudo 1.9.15p2
	[7a5afe66a935]

	* scripts/pp:
	Update PolyPkg from upstream.
	[fef8f49977c3]

	* lib/util/term.c:
	sudo_term_restore: don't check c_cflag on systems with TCSASOFT.

	If TCSASOFT is present, tcsetattr() will ignore c_cflag. Fixes a bug
	where sudo_term_restore() would refuse to change the terminal
	settings back if the PARENB control flag was set. GitHub issue #326.
	[bcd3c9f5736a]

	* scripts/mkpkg:
	Quote $osversion since it may include whitespace.
	[fb4aac7003c6]

2023-11-07  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/sudoers.h:
	Use C99 designated struct initializers.

	This is less error-prone and would have avoided GitHub issue #325.
	[f7fad7f54d1b]

	* .hgtags:
	Added tag SUDO_1_9_15p1 for changeset d23f72517e07
	[f67d129d3e36] <1.9>

	* NEWS, configure, configure.ac:
	Merge sudo 1.9.15p1 from tip.
	[d23f72517e07] [SUDO_1_9_15p1] <1.9>

	* NEWS, configure, configure.ac:
	Sudo 1.9.15p1
	[9aae361b70ef]

	* plugins/sudoers/sudoers.h:
	Correct the order of the strings in SUDOERS_CONTEXT_INITIALIZER.

	Fixes GitHub issue #325, a bug introduced in sudo 1.9.15.
	[0266ed6c95f9]

2023-11-06  Todd C. Miller  <Todd.Miller@sudo.ws>

	* NEWS:
	In the sudo 1.9.14p3 section, "Python python" should be "Python
	plugin".
	[dee39187deda]

	* .hgtags:
	Added tag SUDO_1_9_15 for changeset 277833c12efb
	[3517bf78fcf5] <1.9>

	* MANIFEST, NEWS, config.h.in, configure, configure.ac,
	include/sudo_compat.h, include/sudo_util.h, lib/util/hexchar.c,
	lib/util/regress/hexchar/hexchar_test.c, lib/util/term.c,
	logsrvd/iolog_writer.c, logsrvd/tls_init.c,
	plugins/python/pyhelpers.c, plugins/python/python_convmessage.c,
	plugins/python/python_loghandler.c,
	plugins/python/python_plugin_common.c,
	plugins/python/regress/testhelpers.c,
	plugins/python/sudo_python_module.c, plugins/sudoers/Makefile.in,
	plugins/sudoers/log_client.c, plugins/sudoers/logging.c,
	plugins/sudoers/lookup.c, plugins/sudoers/match_command.c,
	plugins/sudoers/parse.c, plugins/sudoers/parse.h,
	plugins/sudoers/regress/cvtsudoers/test31.sh,
	plugins/sudoers/regress/cvtsudoers/test32.sh,
	plugins/sudoers/regress/cvtsudoers/test35.sh,
	plugins/sudoers/regress/cvtsudoers/test36.sh,
	plugins/sudoers/regress/cvtsudoers/test39.sh,
	plugins/sudoers/regress/fuzz/fuzz_policy.c,
	plugins/sudoers/regress/testsudoers/test20.sh,
	plugins/sudoers/regress/testsudoers/test21.sh,
	plugins/sudoers/regress/testsudoers/test22.sh,
	plugins/sudoers/regress/testsudoers/test23.sh,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c,
	src/exec_monitor.c, src/exec_nopty.c, src/exec_ptrace.c,
	src/exec_pty.c:
	Merge sudo 1.9.15 from tip.
	[277833c12efb] [SUDO_1_9_15] <1.9>

	* NEWS:
	Sudo now logs the submitenv in the JSON logs.
	[c1a5e609352f]

	* docs/sudo.conf.man.in, docs/sudo.conf.mdoc.in, docs/sudoers.man.in,
	docs/sudoers.mdoc.in:
	Document special cases for AIX-style shared libraries.

	The shared object is a member of an archive file that is specified
	in parentheses.
	[bb9a50249072]

2023-11-04  Todd C. Miller  <Todd.Miller@sudo.ws>

	* docs/sudo.conf.man.in, docs/sudo.conf.mdoc.in:
	Add sudoers plugin Debug example and x-ref sudoers man page for
	details.
	[ef23f00ac8ad]

	* docs/sudo.conf.man.in, docs/sudo.conf.mdoc.in:
	The HP-UX getgrouplist() code has been disabled due to bugs.
	[0bc060c69389]

2023-11-03  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/util/sudo_conf.c:
	sudo_conf_debug_files: special handling of DSO members for AIX

	When matching debug files for AIX-style DSOs like
	sudoers.a(sudoers.so) we want to match on the full name, the name
	without the member and on the member itself. This makes it possible
	to use the existing examples in the sudo.conf fiile on AIX.
	[2ec138dbc507]

	* plugins/sudoers/pwutil.c:
	sudo_set_grlist and sudo_set_gidlist: set auth registry based on
	username

	Previously we used the global registry but since we have the user's
	passwd info we should use that when storing the group and gid lists.
	[71b6647d4cb0]

2023-11-02  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/parse_ldif.c:
	role_to_sudoers: only try to reuse a privilege if one is present
	[91207af2554c]

	* plugins/sudoers/defaults.c:
	store_plugin: avoid potential NULL deref in boolean context

	Coverity CID 330466
	[5c7ebbaf83c4]

	* plugins/sudoers/sudoreplay.c, src/conversation.c:
	Avoid passing sudo_term_is_raw() -1 for the fd.

	Coverity CID 330472 Coverity CID 330468
	[b28a472152ab]

	* logsrvd/sendlog.c:
	fmt_info_messages: bump info_msgs_size for submitenv
	[e36bfd74abb9]

	* NEWS:
	Better log message when rejecting a setid command in intercept mode.
	[06d161998e22]

	* plugins/sudoers/logging.c, plugins/sudoers/lookup.c,
	plugins/sudoers/match_command.c, plugins/sudoers/parse.h,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h:
	Move the check for running setid commands in intercept mode to
	later.

	Checking for setid commands in intercept mode after command matching
	allows us to log a proper error message. Previously, we simply
	ignored setid commands when matching and the only indication of why
	was in the debug logs.
	[b07b8fcff911]

	* plugins/sudoers/timestamp.c:
	timestamp_open: add some debugging
	[dc7070cbadd9]

2023-10-31  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/auth/sia.c:
	sudo_sia_begin_session: add missing struct sudoers_context * arg.
	[4caf619af53b]

	* plugins/sudoers/auth/kerb5.c:
	verify_krb_v5_tgt: auth name must be const to match struct
	sudo_auth.
	[e4d6a0b15003]

	* .circleci/config.yml:
	Disable PAM before enabling Kerberos V.
	[55523956e9ff]

	* .circleci/config.yml, docker/debian/latest/Dockerfile,
	docker/debian/testing/Dockerfile, docker/fedora/latest/Dockerfile,
	docker/fedora/rawhide/Dockerfile, docker/ubuntu/devel/Dockerfile,
	docker/ubuntu/latest/Dockerfile, docker/ubuntu/rolling/Dockerfile:
	Add Kerberos V build and test to CI.
	[7cf8ab128064]

2023-10-31  Renato Botelho  <garga@FreeBSD.org>

	* plugins/sudoers/auth/kerb5.c:
	Add missing sudoers_context to verify_krb_v5_tgt()

	Commit 244017495421 added ctx variable to log_warningx() call but
	that variable was not declared in that context, breaking the build.
	[7b89c1b61e19]

2023-10-30  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po,
	plugins/sudoers/po/ko.mo, plugins/sudoers/po/ko.po:
	Updated translations from translationproject.org
	[2a5a4f1350ee]

2023-10-27  Todd C. Miller  <Todd.Miller@sudo.ws>

	* logsrvd/logsrvd.c:
	Set the open file descriptor limit to the maximum allowed value.

	Each connection can require up to 9 descriptors.
	[72b6593b631d]

2023-10-23  Todd C. Miller  <Todd.Miller@sudo.ws>

	* NEWS:
	Mention new Indonesian translation and sudo_logsrvd fd limit change.
	[753002967fc0]

	* plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/fr.mo, plugins/sudoers/po/fr.po,
	plugins/sudoers/po/hr.mo, plugins/sudoers/po/hr.po,
	plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/ro.mo, plugins/sudoers/po/ro.po,
	plugins/sudoers/po/ru.mo, plugins/sudoers/po/ru.po,
	plugins/sudoers/po/sr.mo, plugins/sudoers/po/sr.po,
	plugins/sudoers/po/sv.mo, plugins/sudoers/po/sv.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/zh_TW.mo, plugins/sudoers/po/zh_TW.po, po/hr.mo,
	po/hr.po, po/ja.mo, po/ja.po, po/sr.mo, po/sr.po, po/zh_CN.mo,
	po/zh_CN.po:
	Updated translations from translationproject.org
	[619098603afe]

	* docs/CONTRIBUTORS.md:
	Add Andika Triwidada
	[7e6293a4a00a]

	* MANIFEST, po/id.mo, po/id.po:
	New Indonesian translation from translationproject.org
	[568e33cb694c]

2023-10-22  Todd C. Miller  <Todd.Miller@sudo.ws>

	* NEWS:
	Mention GitHub issue #318
	[4b4c1d8da478]

	* plugins/sudoers/env.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	Avoid a double-free in fuzz_policy caused by the early
	env_init(NULL).

	This adds an env_free() function to explicitly free both the old and
	new copies of the environment. It is really only needed by
	fuzz_policy, which calls the policy module multiple times.
	[9cb4400fe76c]

	* include/sudo_eventlog.h, lib/eventlog/eventlog.c,
	lib/eventlog/eventlog_free.c, lib/eventlog/parse_json.c,
	logsrvd/iolog_writer.c, logsrvd/sendlog.c, plugins/sudoers/iolog.c,
	plugins/sudoers/log_client.c, plugins/sudoers/logging.c,
	plugins/sudoers/logging.h:
	Store submitenv in eventlog and pass it to sudo_logsrvd.
	[3ef684a6f888]

2023-10-21  Todd C. Miller  <Todd.Miller@sudo.ws>

	* include/sudo_eventlog.h, lib/eventlog/eventlog.c,
	lib/eventlog/eventlog_free.c, lib/eventlog/parse_json.c,
	lib/iolog/iolog_loginfo.c, logsrvd/iolog_writer.c,
	logsrvd/sendlog.c, plugins/sudoers/iolog.c,
	plugins/sudoers/log_client.c, plugins/sudoers/logging.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/sudoreplay.c:
	struct eventlog: rename argv/env to runargv/runenv.

	This matches the JSON logs.
	[df2ac695bcf7]

	* plugins/sudoers/logging.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	struct sudoers_user_context: rename env_vars to env_add
	[f57859bca061]

	* plugins/sudoers/audit.c, plugins/sudoers/logging.c:
	Only log the run environment for commands that are allowed.

	It may not be available otherwise and unless the command is being
	run it has no real meaning.
	[98b79f16e06e]

	* plugins/sudoers/policy.c, plugins/sudoers/sudoers.c:
	Free the private copy of the environment in sudoers_check_cmnd().

	This reverts 5118eb5797fb, which had the side-effect of the PAM
	session code running with the run environment instead of the
	invoking user's environment. Issue #318
	[6b4abada2e55]

2023-10-19  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/iolog/iolog_swapids.c:
	iolog_swapids: short circuit if effective ids match iolog ids.
	[6871a2a50eae]

	* lib/iolog/iolog_mkdirs.c, logsrvd/iolog_writer.c:
	logsrvd: display error string in message if iolog_mkpath() fails
	[4a601c7e1248]

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	Update .pot files for 1.9.15
	[39ac757a80c9]

2023-10-18  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/sudoers.in:
	Add example for disabling intercept/log_subcmds for certain
	commands.
	[52d01bcd6e3a]

	* lib/util/mksiglist.c, lib/util/mksigname.c:
	Use NSIG instead of nitems(array) for the loop bound.

	This matches the sudo_sys_siglist[] and sudo_sys_signame[]
	declarations.
	[d515abb232ae]

	* plugins/sudoers/tsdump.c:
	tsdump: fix compiler warnings
	[4e5d80f29845]

2023-10-17  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/eventlog/regress/logwrap/check_wrap.c, lib/util/mksiglist.c,
	lib/util/mksigname.c, logsrvd/sendlog.c,
	plugins/python/regress/iohelpers.c, plugins/sudoers/tsdump.c:
	Avoid using %zu or %zd with printf() and fprintf().

	This prevents problems on systems where the system printf(3) is not
	C99-compliant. We use our own snprintf() on such systems so that is
	safe.
	[7ff250c66e05]

	* plugins/sudoers/sudo_printf.c, src/conversation.c:
	Use vsnprintf() instead of vfprintf() for sudo_printf() to avoid
	problems on systems where the system printf(3) is not C99-compliant.
	We use our own snprintf() on such systems.
	[053c94c3db03]

	* include/sudo_compat.h, lib/util/getdelim.c, lib/util/realpath.c,
	lib/util/regress/getdelim/getdelim_test.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l:
	strlcpy_expand_host, sudo_getdelim, sudo_realpath: add restrict
	qualifier
	[8669d4d9b4d9]

	* NEWS:
	Fixed GitHub issue #312.
	[b6e269e7eeaa]

2023-10-16  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/util/term.c:
	Better handling of multiple sudo processes modifying terminal
	settings. 1. Lock the terminal before tcgetattr/tcsetattr 2. Don't
	restore terminal settings if changed by another process 3. Don't set
	terminal to raw mode if it is already raw GitHub issue #312
	[8d5664300c7e]

2023-10-16  Rose  <83477269+AtariDreams@users.noreply.github.com>

	* plugins/sudoers/prompt.c, plugins/sudoers/strlcpy_unesc.c,
	plugins/sudoers/sudoers.h:
	Add restrict to strlcpy and expand_prompt
	[b26d50f82d2f]

2023-10-16  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/exec_pty.c:
	Add a little extra debugging info.
	[b2533548f50b]

2023-10-15  Rose  <83477269+AtariDreams@users.noreply.github.com>

	* lib/util/regress/hexchar/hexchar_test.c,
	lib/util/regress/parse_gids/parse_gids_test.c, lib/util/sudo_conf.c:
	Swap calloc arguments to use them properly.
	[1d4877da5233]

2023-10-14  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/exec_ptrace.c:
	ptrace_intercept_execve: make flags unsigned to match
	command_details
	[97ee796e74ec]

2023-10-13  Rose  <83477269+AtariDreams@users.noreply.github.com>

	* include/sudo_util.h, src/exec_ptrace.h:
	Specify 1U over 1 for bitmaps
	[8eaecce2e3c6]

2023-10-12  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/auth/sudo_auth.h, plugins/sudoers/parse.h,
	plugins/sudoers/sudoers.h:
	Fix spelling: resistent -> resistant
	[df6b986b8d31]

2023-10-05  Todd C. Miller  <Todd.Miller@sudo.ws>

	* .gitignore, .hgignore:
	Add plugins/sudoers/tsgetusershell.c to ignore files.
	[5e9538b2aaae]

2023-10-02  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/mkdefaults:
	Fix compatibility with older versions of (new) awk.

	Do not rely on awk supporting "-f -" to read the program from stdin.
	Avoid using POSIX character classes in regular expressions.
	[0e67e9ba4ddf]

2023-10-02  Alexander F. Rødseth  <alexander.fet.rodseth@schibsted.com>

	* plugins/sudoers/visudo.c:
	Add Orbiton ("o") to the list of editors that supports +lineno
	[28e192d4be9b]

	* plugins/sudoers/visudo.c:
	Sort the list of editors that supports +lineno
	[6467309f5ac3]

2023-09-28  Todd C. Miller  <Todd.Miller@sudo.ws>

	* docs/sudoers.man.in, docs/sudoers.mdoc.in:
	Mention potential problems with log_subcmds and intercept.
	[9c93f9315924]

	* src/sudo.c:
	Add more user info to the list of objects to be garbage-collected at
	exit.
	[caeb35967cd2]

2023-09-27  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/python/pyhelpers.c, plugins/python/pyhelpers.h:
	Use long, not long long, when getting/setting numeric attributes.

	We use int or long, not long long, in the Python plugin.
	[d1008ce69cf6]

	* plugins/sudoers/file.c:
	sudo_file_open: initialize parser before calling open_sudoers().

	Otherwise, the parser_conf settings in the context passed to
	sudo_file_open() will not be honored by open_sudoers(). Affected
	settings include ignore_perms, sudoers mode, uid and gid.
	[21e56d49521a]

	* lib/eventlog/parse_json.c, lib/iolog/iolog_legacy.c,
	lib/iolog/iolog_timing.c, logsrvd/iolog_writer.c,
	logsrvd/logsrvd_conf.c, logsrvd/logsrvd_journal.c,
	logsrvd/logsrvd_local.c, logsrvd/sendlog.c,
	plugins/sudoers/defaults.c, plugins/sudoers/iolog.c,
	plugins/sudoers/log_client.c:
	Add casts when storing values in a struct timespec.

	Fixes -Wconversion warnings on some 32-bit systems where time_t is
	still 32-bit.
	[b090ed40a1d0]

2023-09-27  Rose  <83477269+AtariDreams@users.noreply.github.com>

	* lib/util/roundup.c:
	Use U, not UL, for 32-bit platforms

	size_t is an unsigned int on 32-bit platforms, not an unsigned long.
	[9f4a9b73c954]

2023-09-26  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/match_digest.c:
	digest_matches: actually use fd2 in place of fd as needed.
	[9db51e4a8521]

	* plugins/sudoers/match_digest.c:
	digest_matches: if fd argument is -1, try to open path before
	failing
	[5b323859cbd0]

	* plugins/sudoers/regress/cvtsudoers/test31.sh,
	plugins/sudoers/regress/cvtsudoers/test32.sh,
	plugins/sudoers/regress/cvtsudoers/test35.sh,
	plugins/sudoers/regress/cvtsudoers/test36.sh,
	plugins/sudoers/regress/cvtsudoers/test39.sh,
	plugins/sudoers/regress/testsudoers/test20.sh,
	plugins/sudoers/regress/testsudoers/test21.sh,
	plugins/sudoers/regress/testsudoers/test22.sh,
	plugins/sudoers/regress/testsudoers/test23.sh,
	plugins/sudoers/regress/testsudoers/test24.sh,
	plugins/sudoers/regress/testsudoers/test25.sh,
	plugins/sudoers/regress/testsudoers/test26.sh,
	plugins/sudoers/regress/testsudoers/test27.sh,
	plugins/sudoers/regress/testsudoers/test28.sh,
	plugins/sudoers/regress/testsudoers/test29.sh,
	plugins/sudoers/regress/testsudoers/test30.sh,
	plugins/sudoers/regress/testsudoers/test31.sh:
	Add missing execute bit on some test scripts.
	[07af3341fc1a]

2023-09-25  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/sudoers.h:
	max_groups in sudoers_plugin_settings is no longer used.
	[99848d0ee951]

	* include/sudo_conf.h, include/sudo_debug.h, include/sudo_event.h,
	include/sudo_eventlog.h, include/sudo_fatal.h, include/sudo_json.h,
	include/sudo_util.h, lib/eventlog/eventlog.c,
	lib/eventlog/eventlog_conf.c, lib/eventlog/eventlog_free.c,
	lib/eventlog/logwrap.c, lib/eventlog/parse_json.c,
	lib/eventlog/parse_json.h,
	lib/eventlog/regress/eventlog_store/store_json_test.c,
	lib/eventlog/regress/eventlog_store/store_sudo_test.c,
	lib/eventlog/regress/logwrap/check_wrap.c,
	lib/eventlog/regress/parse_json/check_parse_json.c,
	lib/fuzzstub/fuzzstub.c, lib/iolog/host_port.c,
	lib/iolog/hostcheck.c, lib/iolog/iolog_clearerr.c,
	lib/iolog/iolog_close.c, lib/iolog/iolog_conf.c,
	lib/iolog/iolog_eof.c, lib/iolog/iolog_filter.c,
	lib/iolog/iolog_flush.c, lib/iolog/iolog_gets.c,
	lib/iolog/iolog_json.c, lib/iolog/iolog_legacy.c,
	lib/iolog/iolog_loginfo.c, lib/iolog/iolog_mkdirs.c,
	lib/iolog/iolog_mkdtemp.c, lib/iolog/iolog_mkpath.c,
	lib/iolog/iolog_nextid.c, lib/iolog/iolog_open.c,
	lib/iolog/iolog_openat.c, lib/iolog/iolog_path.c,
	lib/iolog/iolog_read.c, lib/iolog/iolog_seek.c,
	lib/iolog/iolog_swapids.c, lib/iolog/iolog_timing.c,
	lib/iolog/iolog_util.c, lib/iolog/iolog_write.c,
	lib/iolog/regress/fuzz/fuzz_iolog_json.c,
	lib/iolog/regress/fuzz/fuzz_iolog_legacy.c,
	lib/iolog/regress/fuzz/fuzz_iolog_timing.c,
	lib/iolog/regress/host_port/host_port_test.c,
	lib/iolog/regress/iolog_filter/check_iolog_filter.c,
	lib/iolog/regress/iolog_mkpath/check_iolog_mkpath.c,
	lib/iolog/regress/iolog_path/check_iolog_path.c,
	lib/iolog/regress/iolog_timing/check_iolog_timing.c,
	lib/logsrv/log_server.pb-c.c, lib/protobuf-c/protobuf-c.c,
	lib/ssl_compat/ssl_compat.c, lib/util/aix.c, lib/util/arc4random.c,
	lib/util/arc4random_buf.c, lib/util/arc4random_uniform.c,
	lib/util/basename.c, lib/util/cfmakeraw.c, lib/util/closefrom.c,
	lib/util/digest.c, lib/util/digest_gcrypt.c,
	lib/util/digest_openssl.c, lib/util/dup3.c, lib/util/event.c,
	lib/util/event_poll.c, lib/util/event_select.c,
	lib/util/explicit_bzero.c, lib/util/fatal.c, lib/util/fchmodat.c,
	lib/util/fchownat.c, lib/util/fnmatch.c, lib/util/freezero.c,
	lib/util/fstatat.c, lib/util/getaddrinfo.c, lib/util/getdelim.c,
	lib/util/getentropy.c, lib/util/getgrouplist.c,
	lib/util/gethostname.c, lib/util/getopt_long.c, lib/util/gettime.c,
	lib/util/getusershell.c, lib/util/gidlist.c, lib/util/glob.c,
	lib/util/gmtime_r.c, lib/util/hexchar.c, lib/util/inet_ntop.c,
	lib/util/inet_pton.c, lib/util/isblank.c, lib/util/json.c,
	lib/util/key_val.c, lib/util/lbuf.c, lib/util/localtime_r.c,
	lib/util/locking.c, lib/util/logfac.c, lib/util/logpri.c,
	lib/util/memrchr.c, lib/util/mkdir_parents.c, lib/util/mkdirat.c,
	lib/util/mksiglist.c, lib/util/mksigname.c, lib/util/mktemp.c,
	lib/util/mmap_alloc.c, lib/util/multiarch.c, lib/util/nanosleep.c,
	lib/util/openat.c, lib/util/parseln.c, lib/util/pipe2.c,
	lib/util/pread.c, lib/util/progname.c, lib/util/pw_dup.c,
	lib/util/pwrite.c, lib/util/rcstr.c, lib/util/reallocarray.c,
	lib/util/regex.c, lib/util/regress/closefrom/closefrom_test.c,
	lib/util/regress/digest/digest_test.c,
	lib/util/regress/fnmatch/fnm_test.c,
	lib/util/regress/fuzz/fuzz_sudo_conf.c,
	lib/util/regress/getdelim/getdelim_test.c,
	lib/util/regress/getgrouplist/getgids.c,
	lib/util/regress/getgrouplist/getgrouplist_test.c,
	lib/util/regress/glob/globtest.c,
	lib/util/regress/hexchar/hexchar_test.c,
	lib/util/regress/json/json_test.c,
	lib/util/regress/mktemp/mktemp_test.c,
	lib/util/regress/multiarch/multiarch_test.c,
	lib/util/regress/open_parent_dir/open_parent_dir_test.c,
	lib/util/regress/parse_gids/parse_gids_test.c,
	lib/util/regress/progname/progname_test.c,
	lib/util/regress/regex/regex_test.c,
	lib/util/regress/strsig/strsig_test.c,
	lib/util/regress/strsplit/strsplit_test.c,
	lib/util/regress/strtofoo/strtobool_test.c,
	lib/util/regress/strtofoo/strtoid_test.c,
	lib/util/regress/strtofoo/strtomode_test.c,
	lib/util/regress/strtofoo/strtonum_test.c,
	lib/util/regress/sudo_conf/conf_test.c,
	lib/util/regress/sudo_parseln/parseln_test.c,
	lib/util/regress/tailq/hltq_test.c,
	lib/util/regress/uuid/uuid_test.c, lib/util/roundup.c,
	lib/util/secure_path.c, lib/util/setgroups.c, lib/util/sha2.c,
	lib/util/sig2str.c, lib/util/snprintf.c, lib/util/str2sig.c,
	lib/util/strlcat.c, lib/util/strlcpy.c, lib/util/strndup.c,
	lib/util/strnlen.c, lib/util/strsignal.c, lib/util/strsplit.c,
	lib/util/strtobool.c, lib/util/strtoid.c, lib/util/strtomode.c,
	lib/util/strtonum.c, lib/util/sudo_conf.c, lib/util/sudo_debug.c,
	lib/util/sudo_dso.c, lib/util/sys_siglist.h, lib/util/sys_signame.h,
	lib/util/term.c, lib/util/timegm.c, lib/util/ttyname_dev.c,
	lib/util/ttysize.c, lib/util/unlinkat.c, lib/util/utimens.c,
	lib/util/uuid.c, logsrvd/iolog_writer.c, logsrvd/logsrv_util.c,
	logsrvd/logsrvd.c, logsrvd/logsrvd.h, logsrvd/logsrvd_conf.c,
	logsrvd/logsrvd_journal.c, logsrvd/logsrvd_local.c,
	logsrvd/logsrvd_queue.c, logsrvd/logsrvd_relay.c,
	logsrvd/regress/fuzz/fuzz_logsrvd_conf.c,
	logsrvd/regress/logsrvd_conf/logsrvd_conf_test.c, logsrvd/sendlog.c,
	logsrvd/sendlog.h, logsrvd/tls_client.c, logsrvd/tls_common.h,
	logsrvd/tls_init.c, plugins/audit_json/audit_json.c,
	plugins/group_file/getgrent.c, plugins/group_file/group_file.c,
	plugins/group_file/plugin_test.c, plugins/python/pyhelpers.c,
	plugins/python/pyhelpers.h, plugins/python/python_plugin_common.c,
	plugins/python/regress/check_python_examples.c,
	plugins/python/regress/iohelpers.h,
	plugins/python/regress/testhelpers.h,
	plugins/python/sudo_python_debug.c,
	plugins/python/sudo_python_debug.h, plugins/sample/sample_plugin.c,
	plugins/sample_approval/sample_approval.c, plugins/sudoers/alias.c,
	plugins/sudoers/audit.c, plugins/sudoers/auth/afs.c,
	plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/bsdauth.c,
	plugins/sudoers/auth/dce.c, plugins/sudoers/auth/fwtk.c,
	plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/rfc1938.c,
	plugins/sudoers/auth/secureware.c, plugins/sudoers/auth/securid5.c,
	plugins/sudoers/auth/sia.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/b64_decode.c, plugins/sudoers/b64_encode.c,
	plugins/sudoers/boottime.c, plugins/sudoers/bsm_audit.c,
	plugins/sudoers/canon_path.c, plugins/sudoers/check.c,
	plugins/sudoers/check_aliases.c, plugins/sudoers/check_util.c,
	plugins/sudoers/cvtsudoers.c, plugins/sudoers/cvtsudoers.h,
	plugins/sudoers/cvtsudoers_csv.c, plugins/sudoers/cvtsudoers_json.c,
	plugins/sudoers/cvtsudoers_ldif.c,
	plugins/sudoers/cvtsudoers_merge.c,
	plugins/sudoers/cvtsudoers_pwutil.c, plugins/sudoers/defaults.c,
	plugins/sudoers/defaults.h, plugins/sudoers/digestname.c,
	plugins/sudoers/display.c, plugins/sudoers/editor.c,
	plugins/sudoers/env.c, plugins/sudoers/env_pattern.c,
	plugins/sudoers/exptilde.c, plugins/sudoers/file.c,
	plugins/sudoers/filedigest.c, plugins/sudoers/find_path.c,
	plugins/sudoers/fmtsudoers.c, plugins/sudoers/fmtsudoers_cvt.c,
	plugins/sudoers/gc.c, plugins/sudoers/gentime.c,
	plugins/sudoers/getdate.c, plugins/sudoers/getdate.y,
	plugins/sudoers/getspwuid.c, plugins/sudoers/goodpath.c,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/group_plugin.c, plugins/sudoers/insults.h,
	plugins/sudoers/interfaces.c, plugins/sudoers/iolog.c,
	plugins/sudoers/iolog_path_escapes.c, plugins/sudoers/ldap.c,
	plugins/sudoers/ldap_conf.c, plugins/sudoers/ldap_innetgr.c,
	plugins/sudoers/ldap_util.c, plugins/sudoers/linux_audit.c,
	plugins/sudoers/locale.c, plugins/sudoers/log_client.c,
	plugins/sudoers/log_client.h, plugins/sudoers/logging.c,
	plugins/sudoers/lookup.c, plugins/sudoers/match.c,
	plugins/sudoers/match_addr.c, plugins/sudoers/match_command.c,
	plugins/sudoers/match_digest.c, plugins/sudoers/parse.h,
	plugins/sudoers/parse_ldif.c, plugins/sudoers/parser_warnx.c,
	plugins/sudoers/pivot.c, plugins/sudoers/policy.c,
	plugins/sudoers/prompt.c, plugins/sudoers/pwutil.c,
	plugins/sudoers/pwutil_impl.c, plugins/sudoers/redblack.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/editor/check_editor.c,
	plugins/sudoers/regress/env_match/check_env_pattern.c,
	plugins/sudoers/regress/exptilde/check_exptilde.c,
	plugins/sudoers/regress/fuzz/fuzz_policy.c,
	plugins/sudoers/regress/fuzz/fuzz_stubs.c,
	plugins/sudoers/regress/fuzz/fuzz_sudoers.c,
	plugins/sudoers/regress/fuzz/fuzz_sudoers_ldif.c,
	plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/regress/parser/check_base64.c,
	plugins/sudoers/regress/parser/check_digest.c,
	plugins/sudoers/regress/parser/check_fill.c,
	plugins/sudoers/regress/parser/check_gentime.c,
	plugins/sudoers/regress/serialize_list/check_serialize_list.c,
	plugins/sudoers/regress/starttime/check_starttime.c,
	plugins/sudoers/regress/unescape/check_unesc.c,
	plugins/sudoers/resolve_cmnd.c, plugins/sudoers/serialize_list.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sethost.c,
	plugins/sudoers/solaris_audit.c, plugins/sudoers/sssd.c,
	plugins/sudoers/starttime.c, plugins/sudoers/strlcpy_unesc.c,
	plugins/sudoers/strlist.c, plugins/sudoers/strvec_join.c,
	plugins/sudoers/stubs.c, plugins/sudoers/sudo_nss.c,
	plugins/sudoers/sudo_printf.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoers_cb.c,
	plugins/sudoers/sudoers_ctx_free.c, plugins/sudoers/sudoers_debug.c,
	plugins/sudoers/sudoers_debug.h, plugins/sudoers/sudoers_hooks.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/testsudoers_pwutil.c,
	plugins/sudoers/testsudoers_pwutil.h, plugins/sudoers/timeout.c,
	plugins/sudoers/timestamp.c, plugins/sudoers/timestr.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/toke_util.c, plugins/sudoers/tsdump.c,
	plugins/sudoers/tsgetgrpw.c, plugins/sudoers/unesc_str.c,
	plugins/sudoers/visudo.c, plugins/sudoers/visudo_cb.c,
	plugins/system_group/system_group.c, src/apparmor.c,
	src/conversation.c, src/copy_file.c, src/edit_open.c,
	src/env_hooks.c, src/exec.c, src/exec_common.c,
	src/exec_intercept.c, src/exec_iolog.c, src/exec_monitor.c,
	src/exec_nopty.c, src/exec_preload.c, src/exec_ptrace.c,
	src/exec_pty.c, src/get_pty.c, src/hooks.c, src/intercept.pb-c.c,
	src/limits.c, src/load_plugins.c, src/openbsd.c, src/parse_args.c,
	src/preload.c, src/preserve_fds.c,
	src/regress/net_ifs/check_net_ifs.c,
	src/regress/noexec/check_noexec.c,
	src/regress/ttyname/check_ttyname.c, src/selinux.c, src/sesh.c,
	src/signal.c, src/solaris.c, src/sudo.c, src/sudo.h,
	src/sudo_edit.c, src/sudo_intercept.c, src/sudo_intercept_common.c,
	src/sudo_noexec.c, src/suspend_parent.c, src/tgetpass.c,
	src/ttyname.c, src/utmp.c:
	Use #include <foo.h> instead of #include "foo.h" in most cases.

	We rely on the include path to find many of these headers. It
	especially doesn't make sense to use #include "foo.h" for headers in
	the top-level include directory.
	[4a7d27e429e9]

	* .circleci/config.yml:
	Bump xcode to 14.2.0
	[f4775577c9b0]

2023-09-24  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/defaults.c, plugins/sudoers/defaults.h,
	plugins/sudoers/mkdefaults:
	Add support for "plugin" defaults type.
	[423dc640d220]

	* plugins/sudoers/mkdefaults:
	Support multiple input files.
	[1fff41f962f5]

2023-09-22  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/exec_monitor.c, src/exec_pty.c:
	No need to loop reading from/writing to a blocking socketpair.

	This removes some infinite loops that can cause static analyzer
	warnings. The fds are not in non-blocking mode and we use
	restartable system calls so there is no need to loop.
	[132aad609392]

	* plugins/sudoers/check.c:
	check_user: fix return value for intercept mode

	Also use early return on error to quiet a PVS-Studio warning.
	[ecd721208013]

2023-09-21  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/exec_pty.c:
	Set ec->term_raw to false even if sudo_term_restore() fails.

	Either the fd is not a terminal or we don't have the controlling
	terminal. Either way, we can't know the current status of the
	terminal and will need to set to raw mode again (if possible). Also
	make sure to set ec->term_raw to false if sudo_term_raw() fails.
	[6287218771a9]

2023-09-20  Todd C. Miller  <Todd.Miller@sudo.ws>

	* pathnames.h.in, plugins/sudoers/env.c, plugins/sudoers/sudoers.c:
	Only define _PATH_ENVIRONMENT on systems where we use
	/etc/environment.
	[5a3752401dc9]

	* config.h.in, configure, configure.ac:
	Sudo assumes that a uid_t can be cast to unsigned int without
	problems.

	Add a configure check and error out if sizeof(uid_t) > 4.
	[4b7657e4ce3d]

	* docs/UPGRADE.md:
	Mention the time stamp and lecture file name changes in 1.9.15.
	[8c23b36928ad]

	* docs/sudoers.man.in, docs/sudoers.mdoc.in,
	plugins/sudoers/iolog_path_escapes.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l:
	Replace '/' with '_' in paths using the user, group or host name.
	[2862df9bcab7]

2023-09-19  Todd C. Miller  <Todd.Miller@sudo.ws>

	* config.h.in, configure, configure.ac, m4/sudo.m4,
	plugins/sudoers/cvtsudoers_pwutil.c, plugins/sudoers/env.c,
	plugins/sudoers/iolog.c, plugins/sudoers/ldap.c,
	plugins/sudoers/policy.c, src/sudo.c, src/sudo_edit.c:
	Replace MAX_UID_T_LEN with calls to STRLEN_MAX_UNSIGNED.
	[f2f1ee9c5a16]

	* include/sudo_util.h, lib/eventlog/eventlog.c,
	lib/iolog/iolog_timing.c, lib/util/json.c, lib/util/lbuf.c,
	lib/util/sudo_debug.c, plugins/sudoers/cvtsudoers_ldif.c,
	plugins/sudoers/display.c, plugins/sudoers/fmtsudoers.c,
	plugins/sudoers/logging.c, src/exec_preload.c, src/limits.c:
	Add macros to determine the length of an integer type in string
	form.

	Adapted from answer #6 in:
	https://stackoverflow.com/questions/10536207/ansi-c-maximum-number-
	of-characters-printing-a-decimal-int
	[e62734abe89c]

2023-09-18  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/visudo.c:
	visudo: use verbose and strict in parser_conf

	Where the sudoers_context is available we can use the values of
	verbose and strict instead of passing around quiet and strict flags.
	[bc7a60ce0e36]

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/callbacks.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoers_cb.c:
	Rename callbacks.c -> sudoers_cb.c.
	[558d6896ebfa]

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/visudo.c,
	plugins/sudoers/visudo_cb.c:
	Add a separate file for visudo callbacks.
	[72e491607a4e]

	* MANIFEST, plugins/sudoers/Makefile.in,
	plugins/sudoers/check_aliases.c, plugins/sudoers/defaults.c,
	plugins/sudoers/parse.h, plugins/sudoers/parser_warnx.c:
	Add parser_warnx() and parser_vwarnx() that displays file:line:col

	Used by defaults.c and check_aliases.c.
	[1b4eff914e92]

	* plugins/sudoers/sudoers.h, plugins/sudoers/visudo.c:
	Promote strict field in sudoers_parser_config from bool to int.

	This will be used by visudo to indicate when "visudo -s" is run.
	[d0f6c8c37e4a]

