Sudo Change Log

2020-08-07  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/util/event.c, plugins/sudoers/cvtsudoers_pwutil.c,
	plugins/sudoers/defaults.c, plugins/sudoers/linux_audit.c,
	plugins/sudoers/logging.c, plugins/sudoers/pwutil.c,
	plugins/sudoers/pwutil_impl.c, src/selinux.c:
	Quiet some clang 10 analyzer warnings.
	[4147311f6278] [tip]

	* logsrvd/sendlog.c:
	Refactor freeing of InfoMessage list into free_info_messages(). Also
	fixes a false positive from the clang analyzer.
	[25a6f0035a33]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.h,
	plugins/sudoers/gram.y,
	plugins/sudoers/regress/testsudoers/test11.out.ok,
	plugins/sudoers/regress/testsudoers/test11.sh:
	Require that a @include line end with a newline or EOF. We now parse
	the entire line before reading the include file. This is less
	surprising behavior and results in better error messages.
	[ad6a2c991db6]

	* plugins/sudoers/defaults.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/parse.c,
	plugins/sudoers/regress/sudoers/test1.out.ok,
	plugins/sudoers/regress/sudoers/test10.out.ok,
	plugins/sudoers/regress/sudoers/test11.out.ok,
	plugins/sudoers/regress/sudoers/test12.out.ok,
	plugins/sudoers/regress/sudoers/test13.out.ok,
	plugins/sudoers/regress/sudoers/test14.out.ok,
	plugins/sudoers/regress/sudoers/test15.out.ok,
	plugins/sudoers/regress/sudoers/test16.out.ok,
	plugins/sudoers/regress/sudoers/test17.out.ok,
	plugins/sudoers/regress/sudoers/test18.out.ok,
	plugins/sudoers/regress/sudoers/test18.toke.ok,
	plugins/sudoers/regress/sudoers/test19.out.ok,
	plugins/sudoers/regress/sudoers/test2.out.ok,
	plugins/sudoers/regress/sudoers/test20.out.ok,
	plugins/sudoers/regress/sudoers/test21.out.ok,
	plugins/sudoers/regress/sudoers/test22.out.ok,
	plugins/sudoers/regress/sudoers/test23.out.ok,
	plugins/sudoers/regress/sudoers/test3.out.ok,
	plugins/sudoers/regress/sudoers/test4.out.ok,
	plugins/sudoers/regress/sudoers/test4.toke.ok,
	plugins/sudoers/regress/sudoers/test5.out.ok,
	plugins/sudoers/regress/sudoers/test5.toke.ok,
	plugins/sudoers/regress/sudoers/test6.out.ok,
	plugins/sudoers/regress/sudoers/test7.out.ok,
	plugins/sudoers/regress/sudoers/test7.toke.ok,
	plugins/sudoers/regress/sudoers/test8.out.ok,
	plugins/sudoers/regress/sudoers/test8.toke.ok,
	plugins/sudoers/regress/sudoers/test9.out.ok,
	plugins/sudoers/regress/testsudoers/test1.out.ok,
	plugins/sudoers/regress/testsudoers/test10.out.ok,
	plugins/sudoers/regress/testsudoers/test11.out.ok,
	plugins/sudoers/regress/testsudoers/test2.out.ok,
	plugins/sudoers/regress/testsudoers/test3.out.ok,
	plugins/sudoers/regress/testsudoers/test4.out.ok,
	plugins/sudoers/regress/testsudoers/test5.out.ok,
	plugins/sudoers/regress/testsudoers/test6.out.ok,
	plugins/sudoers/regress/testsudoers/test7.out.ok,
	plugins/sudoers/regress/testsudoers/test8.out.ok,
	plugins/sudoers/regress/testsudoers/test9.out.ok,
	plugins/sudoers/regress/visudo/test2.err.ok,
	plugins/sudoers/regress/visudo/test3.err.ok,
	plugins/sudoers/regress/visudo/test8.err.ok,
	plugins/sudoers/regress/visudo/test8.sh,
	plugins/sudoers/testsudoers.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, plugins/sudoers/visudo.c:
	Display more specific parser error messages when possible.
	[91dd5d67bb83]

	* plugins/sudoers/file.c:
	Let the sudoers parser recover after a parse error. We currently
	just discard the line with the error.
	[712537665215]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/regress/testsudoers/test11.out.ok,
	plugins/sudoers/toke.c, plugins/sudoers/toke.h,
	plugins/sudoers/toke.l:
	Keep track of the position of the current token for error messages.
	[a5f6bd38267e]

2020-08-06  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/Makefile.in:
	regen
	[28026a042255]

	* plugins/sample_approval/sample_approval.exp:
	Sync sample_approval.exp with sample_approval.c
	[e810da8a6772]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/regress/testsudoers/test11.out.ok,
	plugins/sudoers/toke.c, plugins/sudoers/toke.h,
	plugins/sudoers/toke.l:
	Store the current line in our own buffer for better error messages.
	[33b2042e0028]

2020-08-05  Todd C. Miller  <Todd.Miller@sudo.ws>

	* etc/sudo-logsrvd.pp, etc/sudo.pp, scripts/mkpkg:
	Fix libssl dependency on Debian-based systems. Older systems may
	still have libssl1.0.0, not libssl1.1.
	[0de802ec595a]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Add workaround for yyless() not resetting yy_at_bol.
	[5defcd893f6a]

2020-08-03  Todd C. Miller  <Todd.Miller@sudo.ws>

	* configure, configure.ac:
	Always use a linker script to hide symbols if it is supported. We
	use this even if the compiler has symbol visibility support so we
	will notice mismatches between the exports file and __dso_public
	annotations in the source code.
	[1679ac3124b1]

	* MANIFEST, configure, configure.ac, plugins/python/python_plugin.exp,
	plugins/python/python_plugin.exp.in:
	Rename python_plugin.exp.in -> python_plugin.exp There is nothing
	dynamic in this file.
	[f34cc08c026c]

	* MANIFEST, configure, configure.ac,
	plugins/python/python_plugin.exp.in,
	plugins/python/python_plugin_approval_multi.inc,
	plugins/python/python_plugin_audit_multi.inc:
	Add missing python_plugin.exp.in file and remove unneeded
	__dso_public This fixes building the python plugin on systems where
	the compiler doesn't support symbol hiding (but wherethe linker
	does).
	[e0305faf8282]

2020-08-02  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/mkdefaults:
	Use "foo in bar" syntax for testing existence of a key.
	[0807ae0db0a7]

	* plugins/sudoers/Makefile.in, plugins/sudoers/toke.c:
	Replace /*FALLTHROUGH*/ in generated code.
	[a7590ec10b16]

2020-08-01  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/zlib/infback.c, lib/zlib/inflate.c, lib/zlib/zconf.h.in:
	Add ZFALLTHROUGH macro to use instead of /* FALLTHROUGH */ comments.
	[92ec8a466095]

	* config.h.in, configure, configure.ac, include/sudo_compat.h,
	lib/util/arc4random_buf.c, lib/util/glob.c, lib/util/snprintf.c,
	lib/util/strtonum.c, logsrvd/sendlog.c, plugins/python/pyhelpers.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/check.c,
	plugins/sudoers/cvtsudoers_ldif.c, plugins/sudoers/defaults.c,
	plugins/sudoers/fmtsudoers.c, plugins/sudoers/ldap_util.c,
	plugins/sudoers/match.c, plugins/sudoers/parse_ldif.c,
	plugins/sudoers/sssd.c, plugins/sudoers/sudo_printf.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/timestamp.c,
	plugins/sudoers/visudo.c, src/conversation.c, src/exec_monitor.c,
	src/exec_pty.c, src/parse_args.c, src/regress/noexec/check_noexec.c,
	src/tgetpass.c:
	Use the fallthrough attribute instead of /* FALLTHROUGH */ comments.
	[ce33e87ddfd6]

2020-07-30  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/Makefile.in, plugins/sudoers/def_data.c,
	plugins/sudoers/def_data.h, plugins/sudoers/mkdefaults:
	Rewrite mkdefaults in awk.
	[f069ca4eae59]

2020-07-22  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/CONTRIBUTORS:
	Update translators.
	[5252e2d1a61a]

	* doc/sudo.man.in, doc/sudo.mdoc.in, src/copy_file.c:
	Prompt user before truncating a file to zero bytes. Bug #922.
	[8bfaa57d5bd4]

2020-07-21  kuberlog  <collinalexbell@gmail.com>

	* config.h.in, configure.ac:
	configure.ac: fix documentation about lecture
	[382c2809eda1]

2020-07-19  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
	plugins/sudoers/po/ko.mo, plugins/sudoers/po/ko.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt.mo, plugins/sudoers/po/pt.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/ro.mo, plugins/sudoers/po/ro.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po,
	plugins/sudoers/po/zh_TW.mo, plugins/sudoers/po/zh_TW.po, po/cs.mo,
	po/cs.po, po/de.mo, po/de.po, po/eo.mo, po/eo.po, po/ja.mo,
	po/ja.po, po/ko.mo, po/ko.po, po/pl.mo, po/pl.po, po/pt.mo,
	po/pt.po, po/pt_BR.mo, po/pt_BR.po, po/ro.mo, po/ro.po, po/tr.mo,
	po/tr.po, po/uk.mo, po/uk.po, po/zh_CN.mo, po/zh_CN.po, po/zh_TW.mo,
	po/zh_TW.po:
	Updated translations from translationproject.org
	[74fbf2ca39e1]

2020-07-16  Todd C. Miller  <Todd.Miller@sudo.ws>

	* configure, configure.ac:
	Handle openssl where there is no separate libcrypto pkgconfig file.
	In this case, just use the full openssl libs to get the sha2
	functions.
	[f724510bb416]

	* INSTALL, configure, configure.ac:
	Ignore --enable-gcrypt if --enable-openssl is also specified.
	[39d493d7e549]

2020-07-15  Todd C. Miller  <Todd.Miller@sudo.ws>

	* NEWS, configure, configure.ac:
	Sudo 1.9.2
	[9af764b239c2]

	* config.h.in, configure, configure.ac:
	Fix some warnings displayed by autoconf 2.69b This fixes the missing
	HAVE_GSSAPI_GSSAPI_H define in config.h.in. TODO: replace
	shadow_funcs variable in function checks with literals
	[9d8f67e1f8fe]

2020-07-12  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/audit.c:
	Initialize sudo_conv and sudo_printf in sudoers_audit_open(). We
	will need them if there is an error parsing sudoers and leaving them
	unset can result in NULL deref. Also set the text domain to
	"sudoers" like we do for the policy and I/O logging open functions.
	Bug #934.
	[e88919ff4900]

2020-07-11  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/ko.mo, plugins/sudoers/po/ko.po,
	plugins/sudoers/po/ro.mo, plugins/sudoers/po/ro.po, po/it.mo,
	po/it.po, po/ko.mo, po/ko.po, po/ro.mo, po/ro.po:
	Updated translations from translationproject.org
	[2488a1479208]

2020-07-06  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/sudoers.exp:
	Export sudoers_audit symbol for compilers without symbol visibility.
	[081f6729cb38]

	* doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document the contents of the log.json file.
	[b1ea749fffc2]

	* lib/iolog/iolog_fileio.c:
	Fix typo, runas_uid should be runas_gid.
	[7b2c0fd84a60]

	* examples/sudo.conf.in:
	Add sudoers_audit line for completeness, matching the documentation.
	When sudoers is loaded as a policy plugin, it will be loaded
	automatically as an audit plugin. Listing it explicitly in the
	default sudo.conf file helps bring attention to the fact that
	sudoers now supports the audit plugin type.
	[7145a02ed280]

	* plugins/sudoers/defaults.c:
	Add some debugging statements around Defaults lookup.
	[b95e2a9b6555]

	* plugins/sudoers/sudoers.in:
	Replace #includedir with @includedir in default sudoers file.
	[d18945ec728e]

2020-06-26  Todd C. Miller  <Todd.Miller@sudo.ws>

	* configure, m4/libtool.m4:
	Allow HP-UX share libs and modules to link against static libs.
	hppa64 and ia64 use PIC by default
	[0553c60b922a]

2020-06-25  Todd C. Miller  <Todd.Miller@sudo.ws>

	* configure, configure.ac:
	Use pkg-config to find the openssl cflags and libs if possible. We
	support linking against static openssl libs too.
	[55442f4fea5e]

2020-06-24  Todd C. Miller  <Todd.Miller@sudo.ws>

	* scripts/pp:
	Fix parsing of /etc/redhat-release on RHEL 8. RedHat dropped the
	word "server" from the release name in redhat-release which results
	in the awk script printing the wrong field. Instead of using awk,
	just use sed to pull out the version number immediately following
	the word "release".
	[a283acb4622a]

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen without `scare quotes'
	[31f021892137]

	* plugins/sudoers/def_data.c, plugins/sudoers/def_data.in,
	src/parse_args.c, src/sudo.c:
	Replace or remove use of `scare quotes' These don't translate well
	and look odd in many fonts.
	[3c7fa8f93543]

2020-06-20  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/zlib/infback.c, lib/zlib/inflate.c:
	Add FALLTHROUGH comments to quiet -Wimplicit-fallthrough
	[f724957b7cae]

	* src/solaris.c:
	Fix implicit fallthrough warning and add break to default cases.
	[74d8c68eb160]

	* configure, configure.ac, m4/ax_func_snprintf.m4, m4/sudo.m4:
	Fix some warnings from configure test programs.
	[6cff0cdb066a]

	* configure, configure.ac:
	Add -Wimplicit-fallthrough to --enable-warnings if available. Note
	that clang 10 has support for -Wimplicit-fallthrough in C code but
	doesn't recognize lint-style FALLTHROUGH comments like gcc does so
	we can't use it.
	[cf70a1ab3ea9]

	* configure, configure.ac:
	Drop old test for -lcposix for ISC Unix.
	[1bfd474c8819]

2020-06-19  Todd C. Miller  <Todd.Miller@sudo.ws>

	* README:
	Mention sudo-blog announce list.
	[526dc0cc1e83]

	* NEWS:
	Bugs #860 and #917 were fixed in 1.9.0.
	[51a347785dbf]

2020-06-18  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/po/sudoers.pot:
	regen to fix a typo
	[9755e76fcd8b]

	* MANIFEST, lib/iolog/Makefile.in,
	lib/iolog/regress/iolog_mkpath/check_iolog_mkpath.c:
	Add regress test to catch swapids() bug when called by
	iolog_mkdtemp()
	[deff1dc2f144]

	* plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po, po/ro.mo,
	po/ro.po:
	Updated translations from translationproject.org
	[9007c89029ea]

2020-06-16  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudo_plugin.man.in, doc/sudo_plugin.mdoc.in:
	Document the order in which the plugin open/close functions are
	called.
	[48ec66882e1a]

	* NEWS, lib/iolog/iolog_fileio.c:
	Fix a typo that prevented swapids() from restoring the original gid.
	This led to a regression when the iolog_file setting ends in six or
	more X's or when the I/O logs are stored on NFS.
	[522d8ec470cb]

2020-06-15  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/exec_monitor.c, src/exec_pty.c, src/get_pty.c, src/sudo.h,
	src/sudo_exec.h:
	Replace master/slave in code with leader/follower.
	[230f5343d961]

	* NEWS, doc/sudoers.man.in, doc/sudoers.mdoc.in, examples/sudoers,
	plugins/sudoers/regress/cvtsudoers/sudoers,
	plugins/sudoers/regress/cvtsudoers/sudoers.defs,
	plugins/sudoers/regress/cvtsudoers/test13.out.ok,
	plugins/sudoers/regress/cvtsudoers/test19.out.ok,
	plugins/sudoers/regress/visudo/test6.sh:
	Replace terms master and blacklist in docs and examples.
	[2908ac6c0fe0]

	* NEWS:
	Bug #929
	[c1f5a01d1af6]

2020-06-14  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/sudo_edit.c:
	Clean up temporary sudoedit files on success; Bug #929 This is a
	regression introduced in sudo 1.9.0.
	[2bc4822b7382]

2020-06-12  Todd C. Miller  <Todd.Miller@sudo.ws>

	* NEWS:
	New Romanian translation
	[fd753dfa0a84]

2020-06-11  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/fr.mo, plugins/sudoers/po/fr.po,
	plugins/sudoers/po/hr.mo, plugins/sudoers/po/hr.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt.mo, plugins/sudoers/po/pt.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/sr.mo, plugins/sudoers/po/sr.po,
	plugins/sudoers/po/sv.mo, plugins/sudoers/po/sv.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po,
	plugins/sudoers/po/zh_TW.mo, plugins/sudoers/po/zh_TW.po, po/cs.mo,
	po/cs.po, po/de.mo, po/de.po, po/eo.mo, po/eo.po, po/fi.mo,
	po/fi.po, po/fr.mo, po/fr.po, po/hr.mo, po/hr.po, po/pl.mo,
	po/pl.po, po/pt.mo, po/pt.po, po/pt_BR.mo, po/pt_BR.po, po/sv.mo,
	po/sv.po, po/tr.mo, po/tr.po, po/uk.mo, po/uk.po, po/zh_CN.mo,
	po/zh_CN.po, po/zh_TW.mo, po/zh_TW.po:
	Updated translations from translationproject.org
	[570aacc81015]

	* MANIFEST, doc/CONTRIBUTORS, plugins/sudoers/po/ro.mo,
	plugins/sudoers/po/ro.po, po/ro.mo, po/ro.po:
	Romanian translation from translationproject.org.
	[1e277907378e]

	* NEWS:
	Add missing entry for the LDAP/SSSD sudoHost regression. Also add
	new Romanian translation
	[624eb5e8e612]

2020-06-07  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/sudoers.c:
	Fix a typo in the audit string when "sudo -E" is not allowed.
	[85bcb3b1f7d8]

2020-06-06  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/python/regress/testhelpers.c:
	Check asprintf() return value.
	[456bb2d7c37f]

	* scripts/mkpkg:
	Prefer the python3 in /usr/bin on Solaris. The /opt/csw version, if
	it exists, may be a 32-bit version which we can't link with. Also
	handle the case where the /usr/bin/python3 link is missing.
	[2ed7715e6b2e]

	* config.h.in, configure, configure.ac, include/sudo_compat.h:
	Declare getdelim(3) if it exists in libc but is not prototyped in
	stdio.h. This can happen on systems with a gcc packages that was
	built on and older versions of the OS where getdelim(3) was not
	present.
	[e78803280641]

	* aclocal.m4, configure, configure.ac:
	For python3-config, only use -I and -L/-l from --cflags and
	--ldflags output. Otherwise we may get other flags used to build
	python that conflict with what sudo uses.
	[7a8d3c5fd2ae]

	* scripts/mkpkg:
	Build 64-bit binaries and the python package on Solaris 11 and
	above. No longer prefer the Solaris Studio C compiler over gcc, it
	causes issues with the Python plugin.
	[a92f9641bd07]

	* logsrvd/sendlog.c:
	Fix memory leak on error in fmt_info_messages().
	[511ac9ba6819]

	* NEWS:
	Update for 1.9.1b1
	[562b0add8e04]

2020-06-05  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen for sudo 1.9.1
	[8960aceb2519]

2020-06-04  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/audit.c, plugins/sudoers/logging.c,
	plugins/sudoers/logging.h:
	Add basic support for reject and error audit events to sudoers. This
	is only used when logging events from plugins other than sudoers,
	such as an approval plugin. With this change, if an approval plugin
	rejects the command the denial will be logged in the sudoers log
	file using the message from the approval plugin.
	[c7abc39b0e37]

	* plugins/sudoers/bsm_audit.c, plugins/sudoers/solaris_audit.c,
	scripts/mkpkg:
	Fix Solaris and BSM audit warnings. Use BSM audit on Illumos, which
	lacks Solaris audit.
	[3844e8a24f59]

	* plugins/sudoers/policy.c:
	Track whether the session was opened in sudoers. In
	sudoers_policy_close() only warn about being unable to run the
	command if we actually opened the session (and thus passed all
	approval plugins).
	[f99b434d121b]

	* src/sudo.c:
	Only display an error in the built-in policy close if command is
	set. If a policy or approval plugin denies the command,
	command_details will not have been filled out.
	[245024004df2]

	* plugins/sudoers/ldap.c, plugins/sudoers/parse.c,
	plugins/sudoers/sssd.c:
	Avoid passing NULL to printf in match debug code for LDAP/SSSD. The
	file name in struct userspec was not set for the LDAP and SSSD
	backends. There is no actual file in this case so set the name to
	LDAP/SSSD. Also add a guard to make sure we don't try to print NULL
	in sudoers_lookup_check() if name is left unset.
	[240efcda496e]

2020-06-03  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/linux_audit.c, plugins/sudoers/linux_audit.h:
	Add missing const to linux_audit_command()'s argv function argument.
	[cb219f1ccb6e]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	When converting LDAP to sudoers, ignore entries with no sudoHost
	attribute. Otherwise, sudo_ldap_role_to_priv() will treat a NULL
	host list as as the "ALL" wildcard. This regression was introduced
	in sudo 1.8.23, which was the first version to convert LDAP sudoRole
	objects to sudoers internal data structures. Thanks to Andreas
	Mueller for reporting and debugging this problem.
	[484d0d3b892e]

2020-06-02  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in, src/load_plugins.c:
	Load the sudoers module as an audit plugin if loaded as a policy
	plugin. Now that logging of successful commands is performed by
	sudoers as an audit plugin we need to load sudoers_audit if
	sudoers_policy is also loaded. Otherwise, accpted commands will not
	be logged.
	[f20bee20f4c7]

	* plugins/sudoers/audit.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/bsm_audit.c, plugins/sudoers/bsm_audit.h,
	plugins/sudoers/logging.c, plugins/sudoers/logging.h,
	plugins/sudoers/policy.c, plugins/sudoers/solaris_audit.c,
	plugins/sudoers/solaris_audit.h, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	Defer logging of the successful command until approval plugins have
	run. This adds audit plugin support to the sudoers module, currently
	only used for accept events. As a result, the sudoers file is now
	initially parsed as an audit plugin.
	[552c13bd0287]

	* doc/sudo_plugin.man.in, doc/sudo_plugin.mdoc.in,
	doc/sudo_plugin_python.man.in, doc/sudo_plugin_python.mdoc.in,
	include/sudo_plugin.h, plugins/audit_json/audit_json.c,
	plugins/python/sudo_python_module.c, src/sudo.c:
	Add support for "accept" audit events sent by the sudo front-end.
	With this change, the sudo front-end will send an "accept" audit
	event to the audit plugins after all the I/O logging plugins have
	been initialized. This can be used by an audit plugin that does not
	care about the result of the individual policy and approval plugins
	and only wants to receive a single "accept" event if all policy and
	approval plugins have succeeded. The plugin_type argument for events
	sent by the front-end is SUDO_FRONT_END (0).
	[6b3cb94fedb9]

	* src/exec_pty.c:
	If event loop fails due to ENXIO, remove /dev/tty events and
	recover. This fixes an issue on Solaris 11.4 (and probably others)
	with "sudo reboot" when I/O logging is enabled. Previously, sudo
	would kill the command if it was still running after the event loop
	terminated, leaving the system in a half-dead state.
	[e12e3040b067]

2020-06-01  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/exec_pty.c:
	Don't try to suspend sudo if the user's tty has gone away. Fixes a
	problem on Solaris 11.4 (and possibly others) where sudo continually
	tries to put itself in the background after the user's terminal has
	been revoked.
	[92f172b46b9c]

	* src/exec_pty.c:
	Back out WIP code that was mistakenly committed.
	[41f57239b2c4]

	* scripts/mkpkg:
	Don't enable BSM audit on Solaris 10, it is missing AUE_sudo
	[3b32087b1ed3]

	* src/exec_pty.c, src/get_pty.c:
	On Solaris 11.4 the openpty(3) prototype lives in termios.h.
	[d6e353e8b9df]

	* plugins/sudoers/solaris_audit.c:
	Add missing stdlib.h include and fix solaris_audit_failure() error
	return.
	[5748d8fd24c4]

	* scripts/mkpkg:
	Use Solaris audit for Solaris 11, not BSM audit. BSM audit is no
	longer supported in Solaris 11.4.
	[01f2189f439d]

2020-05-26  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/exec.c:
	Check audit plugins for a close function too before execing command
	directly. We cannot exec the command directly if any of the policy
	or audit plugins use a close function.
	[5aa6db56ce32]

2020-05-22  Todd C. Miller  <Todd.Miller@sudo.ws>

	* NEWS:
	Mention Bug #927.
	[0fd9e757d80b]

2020-05-20  Todd C. Miller  <Todd.Miller@sudo.ws>

	* configure, configure.ac, m4/sudo.m4:
	Add basic support for --runstatedir If the user specifies
	--runstatedir but not --with-rundir, use runstatdir as the parent
	directory of the sudo rundir.

	In the future we may deprecate --with-rundir in favor of
	--runstatedir but that will require changes for systems with no
	/var/run directory.
	[14879831fe6e]

	* MANIFEST, NEWS, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/gram.c, plugins/sudoers/gram.h,
	plugins/sudoers/gram.y,
	plugins/sudoers/regress/testsudoers/test10.out.ok,
	plugins/sudoers/regress/testsudoers/test10.sh,
	plugins/sudoers/regress/testsudoers/test11.out.ok,
	plugins/sudoers/regress/testsudoers/test11.sh,
	plugins/sudoers/regress/testsudoers/test2.out.ok,
	plugins/sudoers/regress/testsudoers/test2.sh,
	plugins/sudoers/regress/testsudoers/test3.out.ok,
	plugins/sudoers/regress/testsudoers/test3.sh,
	plugins/sudoers/regress/testsudoers/test4.sh,
	plugins/sudoers/regress/testsudoers/test5.sh,
	plugins/sudoers/regress/testsudoers/test8.out.ok,
	plugins/sudoers/regress/testsudoers/test8.sh,
	plugins/sudoers/regress/testsudoers/test9.out.ok,
	plugins/sudoers/regress/testsudoers/test9.sh,
	plugins/sudoers/sudoers_version.h, plugins/sudoers/testsudoers.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.h,
	plugins/sudoers/toke.l:
	Add support for @include and @includedir These are less confusing
	than #include and #includedir when the hash character is also the
	comment character.

	This commit also adds real parsing of include directives as opposed
	to the pure lexer approach used previously. As a result, it is now
	possible to include files with spaces by either using a double-
	quoted string or escaping the space characters with a backslash.
	[c422a5c8ea5d]

2020-05-19  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/iolog/iolog_fileio.c:
	In iolog_openat() enable the write bit on pre-existing files if
	needed. This prevents problems caused by the change to strip the
	write bit from the timing file when it is finished.
	[a6b0da3f7b94]

	* plugins/sudoers/visudo.c:
	In visudo check that an include file is regular file before using
	it. Avoids a generic "input in flex scanner failed" error message.
	[287d90d359a6]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Fix a memory leak on error when including a file or directory.
	[02db03f7b565]

2020-05-18  Todd C. Miller  <Todd.Miller@sudo.ws>

	* NEWS, configure, configure.ac:
	Sudo 1.9.1
	[57a1a5f05500]

	* doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in,
	plugins/sudoers/sudoreplay.c:
	Add a follow option (-F) to support replaying a live session. By
	default, sudoreplay will exit when it reaches the end of the timing
	file. With the -F option, it will keep going until the timing file
	is finished and its write bit is cleared.
	[12ab27768cad]

	* include/sudo_iolog.h, lib/iolog/iolog_fileio.c:
	Add iolog_clearerr() that acts like clearerr(3). Works for both
	compressed and uncompressed I/O logs.
	[c83b88285c2c]

	* plugins/sudoers/iolog.c:
	Clear the write bit from the I/O log timing file when it is
	complete. This matches the behavior of sudo_logsrvd.
	[0bc8a012db26]

	* logsrvd/logsrvd.c, logsrvd/sendlog.c:
	Use PACKAGE_VERSION instead of 0.1 as the client and server version.
	[d1e3ac049cf7]

	* lib/util/Makefile.in, lib/util/aix.c, lib/util/fatal.c,
	lib/util/getusershell.c, lib/util/gidlist.c, lib/util/json.c,
	lib/util/mkdir_parents.c, lib/util/strsignal.c, lib/util/strtoid.c,
	lib/util/strtomode.c, lib/util/strtonum.c, lib/util/sudo_conf.c,
	lib/util/sudo_debug.c:
	Set DEFAULT_TEXT_DOMAIN in lib/util's Makefile not individual .c
	files. We no longer need to include sudo_gettext.h before
	sudo_compat.h
	[ead9b6a434b8]

	* lib/iolog/iolog_fileio.c, lib/iolog/iolog_json.c,
	lib/iolog/iolog_path.c, lib/iolog/iolog_util.c,
	lib/iolog/regress/host_port/host_port_test.c,
	lib/iolog/regress/iolog_json/check_iolog_json.c,
	lib/iolog/regress/iolog_path/check_iolog_path.c,
	lib/iolog/regress/iolog_util/check_iolog_util.c,
	lib/util/digest_gcrypt.c, lib/util/event.c, lib/util/event_select.c,
	lib/util/fnmatch.c, lib/util/getaddrinfo.c, lib/util/getcwd.c,
	lib/util/getdelim.c, lib/util/getgrouplist.c,
	lib/util/getopt_long.c, lib/util/glob.c, lib/util/inet_pton.c,
	lib/util/json.c, lib/util/key_val.c, lib/util/lbuf.c,
	lib/util/locking.c, lib/util/mkdir_parents.c, lib/util/mktemp.c,
	lib/util/parseln.c, lib/util/progname.c, lib/util/pw_dup.c,
	lib/util/regress/fnmatch/fnm_test.c,
	lib/util/regress/getdelim/getdelim_test.c,
	lib/util/regress/getgrouplist/getgrouplist_test.c,
	lib/util/regress/glob/globtest.c,
	lib/util/regress/mktemp/mktemp_test.c,
	lib/util/regress/parse_gids/parse_gids_test.c,
	lib/util/regress/progname/progname_test.c,
	lib/util/regress/strsplit/strsplit_test.c,
	lib/util/regress/sudo_conf/conf_test.c,
	lib/util/regress/sudo_parseln/parseln_test.c,
	lib/util/regress/tailq/hltq_test.c,
	lib/util/regress/vsyslog/vsyslog_test.c, lib/util/secure_path.c,
	lib/util/sha2.c, lib/util/sig2str.c, lib/util/snprintf.c,
	lib/util/str2sig.c, lib/util/strndup.c, lib/util/strtobool.c,
	lib/util/sudo_conf.c, lib/util/sudo_debug.c, lib/util/sudo_dso.c,
	lib/util/term.c, lib/util/ttyname_dev.c, lib/util/vsyslog.c,
	plugins/audit_json/audit_json.c, plugins/group_file/getgrent.c,
	plugins/group_file/group_file.c, plugins/python/sudo_python_debug.c,
	plugins/sample/sample_plugin.c,
	plugins/sample_approval/sample_approval.c, plugins/sudoers/alias.c,
	plugins/sudoers/auth/afs.c, plugins/sudoers/auth/aix_auth.c,
	plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/dce.c,
	plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/kerb5.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/passwd.c,
	plugins/sudoers/auth/rfc1938.c, plugins/sudoers/auth/secureware.c,
	plugins/sudoers/auth/securid5.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/boottime.c,
	plugins/sudoers/check.c, plugins/sudoers/cvtsudoers.c,
	plugins/sudoers/cvtsudoers_json.c,
	plugins/sudoers/cvtsudoers_ldif.c,
	plugins/sudoers/cvtsudoers_pwutil.c, plugins/sudoers/defaults.c,
	plugins/sudoers/editor.c, plugins/sudoers/env.c,
	plugins/sudoers/env_pattern.c, plugins/sudoers/filedigest.c,
	plugins/sudoers/find_path.c, plugins/sudoers/fmtsudoers.c,
	plugins/sudoers/gentime.c, plugins/sudoers/getdate.c,
	plugins/sudoers/getdate.y, plugins/sudoers/getspwuid.c,
	plugins/sudoers/goodpath.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/group_plugin.c,
	plugins/sudoers/interfaces.c, plugins/sudoers/iolog.c,
	plugins/sudoers/iolog_path_escapes.c, plugins/sudoers/ldap.c,
	plugins/sudoers/ldap_conf.c, plugins/sudoers/ldap_util.c,
	plugins/sudoers/locale.c, plugins/sudoers/logging.c,
	plugins/sudoers/logwrap.c, plugins/sudoers/match.c,
	plugins/sudoers/match_addr.c, plugins/sudoers/match_command.c,
	plugins/sudoers/match_digest.c, plugins/sudoers/parse.c,
	plugins/sudoers/parse_ldif.c, plugins/sudoers/policy.c,
	plugins/sudoers/prompt.c, plugins/sudoers/pwutil.c,
	plugins/sudoers/pwutil_impl.c, plugins/sudoers/rcstr.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/env_match/check_env_pattern.c,
	plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/regress/parser/check_base64.c,
	plugins/sudoers/regress/parser/check_digest.c,
	plugins/sudoers/regress/parser/check_fill.c,
	plugins/sudoers/regress/parser/check_gentime.c,
	plugins/sudoers/regress/parser/check_hexchar.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sssd.c,
	plugins/sudoers/starttime.c, plugins/sudoers/strlist.c,
	plugins/sudoers/stubs.c, plugins/sudoers/sudo_nss.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers_debug.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/timeout.c, plugins/sudoers/timestamp.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/toke_util.c, plugins/sudoers/tsdump.c,
	plugins/sudoers/tsgetgrpw.c, plugins/sudoers/visudo.c,
	plugins/system_group/system_group.c, src/conversation.c,
	src/env_hooks.c, src/exec.c, src/exec_common.c, src/exec_monitor.c,
	src/exec_nopty.c, src/exec_pty.c, src/get_pty.c, src/hooks.c,
	src/limits.c, src/load_plugins.c, src/net_ifs.c, src/parse_args.c,
	src/preserve_fds.c, src/regress/noexec/check_noexec.c,
	src/regress/ttyname/check_ttyname.c, src/signal.c, src/sudo.c,
	src/sudo_edit.c, src/sudo_noexec.c, src/tcsetpgrp_nobg.c,
	src/tgetpass.c, src/ttyname.c, src/utmp.c:
	Include string.h unconditionally and only use strings.h for
	strn?casecmp() In the pre-POSIX days BSD had strings.h, not
	string.h. Now strings.h is only used for non-ANSI string functions.
	[f7f633de570a]

	* lib/iolog/host_port.c, lib/iolog/iolog_fileio.c,
	lib/iolog/iolog_json.c, lib/iolog/iolog_path.c,
	lib/iolog/iolog_util.c,
	lib/iolog/regress/host_port/host_port_test.c,
	lib/iolog/regress/iolog_json/check_iolog_json.c,
	lib/iolog/regress/iolog_path/check_iolog_path.c,
	lib/iolog/regress/iolog_util/check_iolog_util.c, lib/util/aix.c,
	lib/util/arc4random.c, lib/util/arc4random_buf.c,
	lib/util/arc4random_uniform.c, lib/util/cfmakeraw.c,
	lib/util/closefrom.c, lib/util/digest.c, lib/util/digest_gcrypt.c,
	lib/util/digest_openssl.c, lib/util/dup3.c, lib/util/event_poll.c,
	lib/util/event_select.c, lib/util/fatal.c, lib/util/fchmodat.c,
	lib/util/fnmatch.c, lib/util/fstatat.c, lib/util/getaddrinfo.c,
	lib/util/getcwd.c, lib/util/getdelim.c, lib/util/getgrouplist.c,
	lib/util/gethostname.c, lib/util/getopt_long.c, lib/util/gettime.c,
	lib/util/getusershell.c, lib/util/gidlist.c, lib/util/glob.c,
	lib/util/isblank.c, lib/util/json.c, lib/util/key_val.c,
	lib/util/lbuf.c, lib/util/locking.c, lib/util/logfac.c,
	lib/util/logpri.c, lib/util/memset_s.c, lib/util/mkdir_parents.c,
	lib/util/mksiglist.c, lib/util/mksigname.c, lib/util/mktemp.c,
	lib/util/openat.c, lib/util/parseln.c, lib/util/pipe2.c,
	lib/util/progname.c, lib/util/pw_dup.c, lib/util/reallocarray.c,
	lib/util/regress/fnmatch/fnm_test.c,
	lib/util/regress/getgrouplist/getgrouplist_test.c,
	lib/util/regress/glob/globtest.c,
	lib/util/regress/mktemp/mktemp_test.c,
	lib/util/regress/parse_gids/parse_gids_test.c,
	lib/util/regress/progname/progname_test.c,
	lib/util/regress/strsig/strsig_test.c,
	lib/util/regress/strsplit/strsplit_test.c,
	lib/util/regress/strtofoo/strtobool_test.c,
	lib/util/regress/strtofoo/strtoid_test.c,
	lib/util/regress/strtofoo/strtomode_test.c,
	lib/util/regress/strtofoo/strtonum_test.c,
	lib/util/regress/sudo_conf/conf_test.c,
	lib/util/regress/sudo_parseln/parseln_test.c,
	lib/util/regress/tailq/hltq_test.c,
	lib/util/regress/vsyslog/vsyslog_test.c, lib/util/roundup.c,
	lib/util/secure_path.c, lib/util/setgroups.c, lib/util/sha2.c,
	lib/util/sig2str.c, lib/util/snprintf.c, lib/util/str2sig.c,
	lib/util/strlcat.c, lib/util/strlcpy.c, lib/util/strndup.c,
	lib/util/strsignal.c, lib/util/strsplit.c, lib/util/strtobool.c,
	lib/util/strtoid.c, lib/util/strtomode.c, lib/util/strtonum.c,
	lib/util/sudo_conf.c, lib/util/sudo_debug.c, lib/util/sudo_dso.c,
	lib/util/term.c, lib/util/ttysize.c, lib/util/unlinkat.c,
	lib/util/utimens.c, lib/util/uuid.c,
	plugins/audit_json/audit_json.c, plugins/group_file/getgrent.c,
	plugins/group_file/group_file.c, plugins/group_file/plugin_test.c,
	plugins/python/regress/testhelpers.h,
	plugins/python/sudo_python_debug.h, plugins/sample/sample_plugin.c,
	plugins/sample_approval/sample_approval.c, plugins/sudoers/alias.c,
	plugins/sudoers/audit.c, plugins/sudoers/base64.c,
	plugins/sudoers/boottime.c, plugins/sudoers/bsm_audit.c,
	plugins/sudoers/check.c, plugins/sudoers/cvtsudoers.c,
	plugins/sudoers/cvtsudoers_json.c,
	plugins/sudoers/cvtsudoers_ldif.c,
	plugins/sudoers/cvtsudoers_pwutil.c, plugins/sudoers/defaults.c,
	plugins/sudoers/digestname.c, plugins/sudoers/editor.c,
	plugins/sudoers/env.c, plugins/sudoers/env_pattern.c,
	plugins/sudoers/file.c, plugins/sudoers/filedigest.c,
	plugins/sudoers/find_path.c, plugins/sudoers/fmtsudoers.c,
	plugins/sudoers/gc.c, plugins/sudoers/gentime.c,
	plugins/sudoers/getdate.c, plugins/sudoers/getdate.y,
	plugins/sudoers/getspwuid.c, plugins/sudoers/gmtoff.c,
	plugins/sudoers/goodpath.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/group_plugin.c,
	plugins/sudoers/hexchar.c, plugins/sudoers/interfaces.c,
	plugins/sudoers/iolog_client.c,
	plugins/sudoers/iolog_path_escapes.c, plugins/sudoers/ldap_conf.c,
	plugins/sudoers/linux_audit.c, plugins/sudoers/locale.c,
	plugins/sudoers/logging.c, plugins/sudoers/logwrap.c,
	plugins/sudoers/match.c, plugins/sudoers/match_command.c,
	plugins/sudoers/match_digest.c, plugins/sudoers/parse.c,
	plugins/sudoers/parse_ldif.c, plugins/sudoers/prompt.c,
	plugins/sudoers/pwutil.c, plugins/sudoers/pwutil_impl.c,
	plugins/sudoers/rcstr.c, plugins/sudoers/redblack.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/env_match/check_env_pattern.c,
	plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/regress/parser/check_base64.c,
	plugins/sudoers/regress/parser/check_digest.c,
	plugins/sudoers/regress/parser/check_fill.c,
	plugins/sudoers/regress/parser/check_gentime.c,
	plugins/sudoers/regress/parser/check_hexchar.c,
	plugins/sudoers/regress/starttime/check_starttime.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/solaris_audit.c,
	plugins/sudoers/sssd.c, plugins/sudoers/strlist.c,
	plugins/sudoers/stubs.c, plugins/sudoers/sudo_nss.c,
	plugins/sudoers/sudo_printf.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers_debug.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/timeout.c,
	plugins/sudoers/timestamp.c, plugins/sudoers/timestr.c,
	plugins/sudoers/toke_util.c, plugins/sudoers/tsdump.c,
	plugins/sudoers/tsgetgrpw.c, plugins/sudoers/visudo.c,
	plugins/system_group/system_group.c, src/conversation.c,
	src/copy_file.c, src/env_hooks.c, src/exec.c, src/exec_common.c,
	src/exec_nopty.c, src/get_pty.c, src/hooks.c, src/limits.c,
	src/load_plugins.c, src/openbsd.c, src/parse_args.c, src/preload.c,
	src/preserve_fds.c, src/selinux.c, src/sesh.c, src/signal.c,
	src/solaris.c, src/sudo_edit.c, src/tcsetpgrp_nobg.c,
	src/tgetpass.c, src/utmp.c:
	We no longer need to include headers we don't use for sudo*.h files.
	Previously we needed to include headers required by the various
	sudo*h files. Now those files are more self-sufficient and we should
	only include headers needed by code in the various .c files.
	[72cbeae218e7]

	* include/sudo_compat.h, include/sudo_conf.h, include/sudo_debug.h,
	include/sudo_iolog.h, include/sudo_json.h, include/sudo_util.h,
	plugins/sudoers/sudoers.h:
	Add dependent system includes to make sudo_*.h more standalone. In
	the past we've relied on the various .c files to include the system
	headers that define types that the sudo_*.h headers require. This is
	fragile and can cause issues when includes get re-ordered.
	[a9fb765c0fba]

	* plugins/sudoers/env.c:
	Fix typo in PERLIO_DEBUG (trailing whitespace). This has no effect
	unless env_reset is disabled. From Allan Wirth
	[bdf9c9e7f455]

2020-05-17  Sebastian Rasmussen  <sebras@gmail.com>

	* plugins/sudoers/visudo.c:
	Fix typo in warning message.
	[01b8fab9fdf5]

2020-05-15  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/util/mksiglist.h, lib/util/mksigname.h:
	Prefer SIGSYS if SIGUNUSED is defined to the same value. Fixes a
	regress failure on musl libc where SIGSYS and SIGUNUSED share the
	same value.
	[e030acf8a670]

	* plugins/python/regress/testhelpers.h:
	Add missing sys/wait.h include; fixes a compilation problem on musl
	libc.
	[9a6a09e74a14]

	* lib/iolog/hostcheck.c:
	Add missing sys/types.h include; fixes a compilation problem on musl
	libc.
	[7c8ea831203b]

	* include/sudo_compat.h:
	Only define WCONTINUED and WIFCONTINUED if neither are already
	defined. Fixes a warning on musl libc where WIFCONTINUED is defined
	in stdlib.h for some reason.
	[9f55ae24b479]

2020-05-16  Dan Robertson  <dan@dlrobertson.com>

	* include/sudo_debug.h:
	Fix includes when building with musl

	Include sys/types.h for mode_t and id_t in sudo_debug.h
	[15abb56a1edf]

2020-05-15  Todd C. Miller  <Todd.Miller@sudo.ws>

	* scripts/mkpkg:
	Enable OpenSSL on RHEL 6 too. The version of OpenSSL in RHEL 6 is
	new enough for the log server to use.
	[853fd8a74207]

	* logsrvd/logsrvd_conf.c:
	Don't print errno for the "TLS not supported" message.
	[c94540d3d632]

2020-05-14  Todd C. Miller  <Todd.Miller@sudo.ws>

	* etc/sudo-logsrvd.pp, etc/sudo-python.pp:
	Fix macOS bundle IDs for sudo-logsrvd and sudo-python packages
	[a9f6aea56e40]

2020-05-13  Todd C. Miller  <Todd.Miller@sudo.ws>

	* logsrvd/eventlog.c:
	Add iolog_path to the JSON-format event log
	[924d8836ead0]

	* logsrvd/logsrvd.c, logsrvd/logsrvd.h:
	Rename FLUSHED state to FINISHED This makes more sense when
	receiving event-only logs.
	[9e2736246e0d]

2020-05-12  Todd C. Miller  <Todd.Miller@sudo.ws>

	* logsrvd/logsrvd.c, logsrvd/logsrvd.h:
	Fix handling of connections without associated I/O logs. This fixes
	reject events as well as accept events without the expect_iobufs
	flag set.
	[3ddb52ae0af4]

	* logsrvd/sendlog.c:
	Fix handling of accept and reject messages without an I/O log. Only
	set expect_iobufs in AcceptMessage if sending I/O logs. Set state to
	FINISHED immediately after sending a RejectMessage.
	[767e75944d4f]

	* doc/sudo_sendlog.man.in, doc/sudo_sendlog.mdoc.in,
	logsrvd/sendlog.c, logsrvd/sendlog.h:
	Add -A and -R options to test logging of accept and reject events.
	If -A is specified, no I/O will be sent, only the accept event. For
	-R, a reject event with the specified reason is sent.
	[90db0e6f9b68]

	* configure, configure.ac:
	cfmakeraw(3) is broken on AIX, don't use it there The cfmakeraw(3)
	function exists but does not set VMIN to 1 or VTIME to 0 in c_cc[]
	in struct termios, which makes it useless. The AIX version also
	doesn't clear the CSIZE and PARENB flags from c_cflag.
	[bbdcae2c5fb5]

	* NEWS:
	fix pastos
	[cbf517081e74]

2020-05-11  Todd C. Miller  <Todd.Miller@sudo.ws>

	* MANIFEST, include/sudo_iolog.h, include/sudo_util.h,
	lib/iolog/Makefile.in, lib/iolog/host_port.c,
	lib/iolog/regress/host_port/host_port_test.c, lib/util/Makefile.in,
	lib/util/host_port.c, lib/util/regress/host_port/host_port_test.c,
	lib/util/util.exp.in, logsrvd/logsrvd_conf.c,
	plugins/sudoers/iolog_client.c:
	Rename sudo_parse_host_port -> iolog_parse_host_port and mv to
	lib/iolog It is not used outside of the I/O log client and server
	and the host:port syntax may change in the future.
	[706d726a2f8e] [SUDO_1_9_0]

	* plugins/sudoers/sudoreplay.c:
	Remove duplicate inclusion of time.h
	[f560858325d5]

2020-05-08  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudo_logsrvd.conf.man.in, doc/sudo_logsrvd.conf.mdoc.in,
	logsrvd/logsrvd.c, logsrvd/logsrvd_conf.c,
	plugins/sudoers/iolog_client.c:
	Only enable TLS listener by default if we have a cert for it. We
	want the log server to work with the default configuration. If the
	default certificate path exists, it will be used with the default
	listener. If the user explicitly enabled a TLS listener we always
	attempt to use it. If TLS was specified but no cert file was set,
	the default location will be used (and an error will occur if the
	cert cannot be loaded).
	[16ade34c38ee]

2020-05-07  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen for 1.9.0 final
	[99e507035253]

	* logsrvd/Makefile.in:
	regen
	[555d817825b0]

	* doc/sudo.man.in, doc/sudo.mdoc.in, src/parse_args.c:
	The --preserve-env=list option may be specified more than once.
	[8066a9d1b04b]

	* doc/sudo_logsrv.proto.man.in, doc/sudo_logsrv.proto.mdoc.in,
	doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Quiet some warnings from igor.
	[4df4fd274023]

	* MANIFEST, Makefile.in, etc/codespell.exclude, etc/codespell.ignore,
	etc/codespell.skip:
	Plumb in codespell with a "make spell" target.
	[4b1de7ee8648]

	* configure, configure.ac, install-sh:
	Fix a few more typos.
	[d22a8c46c743]

2020-05-06  Todd C. Miller  <Todd.Miller@sudo.ws>

	* NEWS, doc/sudo.man.in, doc/sudo.mdoc.in, src/parse_args.c:
	Don't allow duplicate values for command line options that take an
	argument. Previously, if multiple instances of the same command line
	option were specified, the last one would be used. This meant that,
	for example, "sudo -u someuser -u otheruser id" would run the
	command as "otheruser". This has the potential to cause problems for
	programs that run sudo with a user-specified command that do not use
	the "--" option to indicate that no more options should be
	processed. While this is a bug in the calling program, there is
	little downside to erroring out when multiple options of the same
	type are specified on the command line. Bug #924
	[66e2612e7672]

	* NEWS:
	Debian bug #734752
	[d3285c45ac4b]

	* src/sudo.c, src/sudo.h:
	Look up runas user by name, not euid, where possible. Fixes a
	problem when there are multiple users with the same user-ID where
	the PAM session modules could be called with the wrong user name.
	Debian bug #734752
	[b45608f29a02]

	* src/sesh.c:
	Fix ironic typo in spelling fixes. Bug #925
	[73de90df6ff9]

	* scripts/pp:
	Sync PolyPkg from upstream.
	[ac5e4b830177]

	* NEWS, TODO, config.h.in, configure.ac,
	doc/sudo_plugin_python.man.in, doc/sudo_plugin_python.mdoc.in,
	etc/sudo.pp, include/compat/getaddrinfo.h, include/sudo_event.h,
	include/sudo_util.h, lib/util/fnmatch.c, lib/util/getaddrinfo.c,
	lib/util/regress/vsyslog/vsyslog_test.c, logsrvd/logsrvd.c,
	plugins/audit_json/audit_json.c,
	plugins/python/example_debugging.py,
	plugins/python/regress/check_python_examples.c,
	plugins/python/regress/testhelpers.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/iolog.c,
	plugins/sudoers/iolog_client.c, plugins/sudoers/parse.h,
	plugins/sudoers/pwutil.h,
	plugins/sudoers/regress/cvtsudoers/test30.sh, scripts/mkdep.pl,
	src/exec.c, src/exec_monitor.c, src/exec_pty.c, src/sesh.c:
	Apply spelling fixes. Fixes from PR #30 (ka7) and Bug #925
	(fossies.org codespell)
	[1fb13dc3991b]

2020-05-05  Todd C. Miller  <Todd.Miller@sudo.ws>

	* Makefile.in, etc/sudo-python.pp:
	Use the proper python version in the libpython dependency on Debian.
	The configure script already detects the python version, we just
	need to use it.
	[4e49c53f206f]

	* plugins/sudoers/po/sv.mo, plugins/sudoers/po/sv.po, po/ja.mo,
	po/ja.po, po/sv.mo, po/sv.po:
	Updated translations from translationproject.org
	[abdb2d6fe7cb]

	* NEWS:
	Bug #922 and Bug #923
	[7a77f74c436f]

2020-05-04  Todd C. Miller  <Todd.Miller@sudo.ws>

	* etc/sudo.pp:
	Fix Debian ldap dependency broken in last commit.
	[4980b1b653ef]

	* etc/sudo.pp:
	Fix "make package" on Debian when linux_audit is not set.
	[a00d7dec5821]

	* doc/sudo_logsrv.proto.man.in, doc/sudo_logsrv.proto.mdoc.in,
	include/log_server.pb-c.h, lib/logsrv/log_server.pb-c.c,
	lib/logsrv/log_server.proto, logsrvd/logsrvd.c, logsrvd/sendlog.c,
	plugins/sudoers/iolog_client.c:
	Add a ClientHello message that client sends to the server. This
	makes it easier to detect a plaintext client sending to a TLS port.
	Without this, the TLS server will be silent as it waits for the
	client to initiate the TLS connection.
	[22c033bcf456]

	* logsrvd/sendlog.c, plugins/sudoers/iolog_client.c:
	Better error messages when there is a problem with the TLS
	connection. If SSL_read, SSL_write or SSL_connect fails we can use
	the reason string to let the user know what the problem is.
	[92f603e37e40]

	* doc/sudo_logsrvd.conf.man.in, doc/sudo_logsrvd.conf.mdoc.in,
	logsrvd/logsrvd_conf.c:
	Make the default certificate and key paths match the example file.
	[f642836bfcf0]

	* logsrvd/logsrvd.c, plugins/sudoers/iolog_client.c:
	Warn about tls errors during startup so the user has a clue. We
	write messages to stderr until we become a daemon.
	[25ad61aa7dab]

	* doc/sudo_logsrvd.conf.man.in, doc/sudo_logsrvd.conf.mdoc.in,
	doc/sudo_sendlog.man.in, doc/sudo_sendlog.mdoc.in,
	doc/sudoers.man.in, doc/sudoers.mdoc.in, include/log_server.pb-c.h,
	lib/logsrv/log_server.pb-c.c, lib/logsrv/log_server.proto,
	logsrvd/logsrvd.c, logsrvd/sendlog.c:
	Remove the tls parameter from the ServerHello message. The TLS
	connection is now initiated before ServerHello is received.
	[9d8b76f14cda]

	* doc/sudo_logsrvd.conf.man.in, doc/sudo_logsrvd.conf.mdoc.in,
	doc/sudoers.man.in, doc/sudoers.mdoc.in, plugins/sudoers/def_data.c,
	plugins/sudoers/def_data.h, plugins/sudoers/def_data.in,
	plugins/sudoers/defaults.c, plugins/sudoers/iolog.c,
	plugins/sudoers/iolog_client.c, plugins/sudoers/iolog_plugin.h,
	plugins/sudoers/policy.c:
	Adapt sudoers iolog client to log server dual port changes. The TLS
	handshake now occurs before the ServerHello message is read. This
	fixes potential man-in-the-middle attacks and works better with TLS
	1.3.
	[8137b029a3fe]

	* doc/sudo_logsrv.proto.man.in, doc/sudo_logsrv.proto.mdoc.in,
	doc/sudo_logsrvd.conf.man.in, doc/sudo_logsrvd.conf.mdoc.in,
	examples/sudo_logsrvd.conf, logsrvd/logsrv_util.h,
	logsrvd/logsrvd.c, logsrvd/logsrvd.h, logsrvd/logsrvd_conf.c,
	logsrvd/sendlog.c:
	Use port 30343 for plaintext and port 30344 for TLS. For TLS
	connections we now do the TLS handshake immediately before the
	ServerHello message. This lets the client recieve an alert from the
	server is there is a handshake error after the TLS connect has
	succeeded. It also means that the contents of the ServerHello are
	protected from a man-in-the-middle attack.
	[bb4d8b57b3dd]

	* include/sudo_util.h, lib/util/host_port.c,
	lib/util/regress/host_port/host_port_test.c, logsrvd/logsrvd_conf.c,
	plugins/sudoers/iolog_client.c:
	Add support for a tls flag in sudo_parse_host_port(). If the string
	"(tls)" appears at the end, the tls flag is set to true and the
	default tls port is used if necessary.
	[f0d9a225cd75]

	* logsrvd/sendlog.c, plugins/sudoers/iolog_client.c:
	Plug memory leaks in sudo_sendlog
	[886254bcae6a]

	* lib/util/event.c, lib/util/event_poll.c, lib/util/event_select.c:
	Handle EAGAIN like we do ENOMEM from poll() and select(). On some
	systems, poll() and select() can return EAGAIN instead of ENOMEM if
	there is a kernel resource shortage. In this case we just re-enter
	the event loop and retry.
	[048df2548dcc]

2020-05-03  Todd C. Miller  <Todd.Miller@sudo.ws>

	* configure, configure.ac:
	Use the --embed when running "python3-config --ldflags" if
	supported. Newer versions of python3-config only include libpython
	in the output when the --embed is used. Otherwise, "python3-config
	--libs" and "python3-config --ldflags" only list the libraries
	python is dependent on and not the python library itself.
	[d90dc892c726]

2020-04-30  Todd C. Miller  <Todd.Miller@sudo.ws>

	* logsrvd/sendlog.c, plugins/sudoers/iolog_client.c:
	On error, remove the connection with an error without freeing the
	closure. Fixes the final message at the end when there is a network
	error.
	[0e1952eb707b]

	* lib/util/event_poll.c:
	Do not call poll(2) or ppoll(2) with nfds > RLIMIT_NOFILE. Both
	poll(2) and ppoll(2) will return EINVAL if the nfds function
	argument is larger than the max files per process resource limit.
	Prevent this by limiting the max number entries in the pfds[] array
	to the RLIMIT_NOFILE soft limit.
	[ab0f798bb024]

2020-04-29  Todd C. Miller  <Todd.Miller@sudo.ws>

	* include/sudo_event.h, lib/util/event.c:
	The timeout parameter of sudo_ev_add() should be const.
	[de85c8897aad]

2020-04-28  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/iolog_client.c:
	Don't free TLS on error in tls_init(), it is freed in
	client_closure_free(). Fixes a double free on error introduced with
	the TLS state cleanup in client_closure_free().
	[f1b478f2ec13]

	* logsrvd/logsrvd.c:
	Check for tls_config->dhparams_path being non-NULL before using it.
	[09348a25bfd2]

2020-04-23  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudo_sendlog.man.in, doc/sudo_sendlog.mdoc.in:
	Document the TLS and test options.
	[e5f6b6c46c25]

	* logsrvd/sendlog.c:
	Allow -t option even without OpenSSL Also add -t to the usage
	message
	[d874c9a67ed6]

	* logsrvd/sendlog.c:
	Use sudo_strtonum() instead of relying on strtoll(). Older, pre-C99,
	systems may not include strtoll() in their C library.
	[a1a610bbe022]

	* include/protobuf-c/protobuf-c.h:
	Allow this to build on systems without stdint.h by using config.h.
	Old, pre-C99, systems may have inttypes.h but not stdint.h.
	[72e603875b82]

2020-04-22  Todd C. Miller  <Todd.Miller@sudo.ws>

	* etc/sudo-logsrvd.pp, scripts/pp:
	Fix support for pp_systemd_disabled and check for systemd existence.
	On our build schroots we don't have systemctl installed but do have
	the /etc/systemd and /lib/systemd (or /usr/lib/systemd) directories.
	[93917f4130b0]

	* etc/sudo-logsrvd.pp:
	Set pp_macos_service_id instead of
	pp_macos_default_service_id_prefix. It is only effective to set
	pp_macos_default_service_id_prefix in the indivisual %service
	sections (and not %set) so we may was well use pp_macos_service_id
	which includes the service name.
	[84ccf13e7076]

	* etc/sudo-logsrvd.pp:
	Set launchd service id prefix to "ws.sudo." The default value in
	PolyPkg is "com.quest.rc."
	[eb581d74573e]

	* scripts/pp:
	Fix macOS package creation.
	[556c0051c0fc]

2020-04-21  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/iolog_client.c:
	Shut down the TLS connection cleanly in client_closure_free(). Also
	free the SSL data which is part of the client closure.
	[258ec8832cbd]

	* src/exec_monitor.c, src/exec_nopty.c, src/selinux.c, src/sudo.c,
	src/sudo.h, src/sudo_edit.c, src/sudo_exec.h:
	Fix sudoedit when running with SELinux RBAC mode. We can't use
	run_command() to run sesh, that will use the sudo event loop (and
	might run it in a pty!). There's no need to relabel the tty when
	copying files. Get the path to sesh from sudo.conf.

	Currently, for SELinux RBAC, the editor runs with the target user's
	security context. This defeats the purpose of sudoedit. Fixing that
	requires passing file descriptors between the main sudo process
	(running with the invoking user's security context) and sesh
	(runnning with the target user's security context).
	[81c9ec600894]

	* MANIFEST, src/Makefile.in, src/copy_file.c, src/sesh.c,
	src/sudo_edit.c, src/sudo_exec.h:
	Refactor the sudoedit code to copy files so it can be shared. The
	SELinux sudoedit code now extends the destination file the same way
	the non-SELinux version does.
	[82c44299309e]

	* src/sudo_edit.c:
	Do not remove sudoedit temporary files if we cannot overwrite the
	real file. The warning message says the files were preserved but
	they actually got removed.
	[685f2de6bb2e]

	* include/compat/glob.h, lib/util/glob.c:
	Make gl_pathc, gl_matchc and gl_offs size_t in glob_t to match
	POSIX.
	[c3586082d3ea]

	* scripts/pp:
	Only remove the systemd unit service file if we copied it manually.
	If the service file was installed as part of the package it will be
	removed automatically when the package is uninstalled.
	[e98e1493c5bf]

2020-04-20  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudo_logsrv.proto.man.in, doc/sudo_logsrv.proto.mdoc.in:
	Document TLS settings in ServerHello
	[22ae16f41585]

2020-04-17  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/sudo_edit.c:
	Extend the original file before to the new size before updating it.
	Instead of opening the original file for writing w/ tuncation, we
	first extend the file with zeroes (by writing, not seeking), then
	overwrite it. This should allow sudo to fail early if the disk is
	out of space before it overwrites the original file.
	[aef4db03e9e1]

	* src/sudo.c:
	I/O log plugins should be closed *before* the policy plugin, not
	after.
	[dec6fccf63d4]

	* plugins/sudoers/set_perms.c:
	Fix typo
	[82b0efbb6c26]

	* plugins/sudoers/iolog.c:
	Only display error string once on I/O error. We already include the
	error string in the format so no need to use errno too.
	[59795855d6a2]

	* plugins/sudoers/iolog.c, plugins/sudoers/policy.c:
	Free passwd and group caches in I/O plugin after log_warning(), not
	before. The logging functions may try to use the cache via
	set_perms(PERM_ROOT).
	[652b925b9658]

2020-04-17  Laszlo Orban  <laszlo.orban@quest.com>

	* logsrvd/logsrvd.c:
	add missing shudown of TLS connection
	[14b25a0f4f6b]

2020-04-16  Todd C. Miller  <Todd.Miller@sudo.ws>

	* etc/sudo-logsrvd.pp, scripts/pp:
	Disable systemd support on Linux systems that don't use it.
	[3c01c91dbfb2]

2020-04-14  Todd C. Miller  <Todd.Miller@sudo.ws>

	* configure, configure.ac:
	1.9.0 final
	[acf3b4592384]

	* etc/sudo-logsrvd.pp, scripts/pp:
	Update PolyPkg from my branch with systemd support.
	[a7a487496209]

2020-04-09  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/python/example_conversation.py,
	plugins/python/example_io_plugin.py, plugins/python/regress/testdata
	/check_example_io_plugin_fails_with_python_backtrace.stdout:
	If the signal.Signals enum is not present, search the dictionary.
	The Signals enum was added in Python 3.5. If it is not present we
	need to iterate over the dictionary items, looking for signal name
	to number mappings. Fixes the signal tests with Python 3.4.
	[22811794ed46]

	* plugins/python/regress/check_python_examples.c,
	plugins/python/sudo_python_module.c:
	Python dictionaries are sparse so we cannot use pos as an index.
	When converting sudo options from a dictionary to a tuple we need to
	track the current index into the tuple separately from the position
	of the dictionary entry.
	[07cb8a0c7f21]

2020-04-08  Todd C. Miller  <Todd.Miller@sudo.ws>

	* etc/sudo-logsrvd.pp:
	Fix handling of /etc/sudo_logsrvd.conf in the sudo-logsrvd package.
	For rpm and deb we include the file directly and mark it volatile.
	For all others we copy it in the postinstall script from the example
	dir if the file doesn't already exist.
	[83264a96b923]

	* scripts/mkpkg:
	Check for the Sun Studio C compiler on Solaris under /opt. Also
	intialize with_python to false.
	[52e28d55f9a6]

	* po/sudo.pot:
	regen
	[faaacb7777d4]

	* lib/util/parseln.c:
	Explicitly include stdio.h for getdelim(3)
	[3b0bff3ef388]

	* logsrvd/logsrvd.c:
	Reload sudo.conf upon SIGUP This makes it possible to update the
	Debug settings in sudo.conf and have them take effect on reload.
	[9fb7baf9a3ad]

	* logsrvd/logsrvd.c, logsrvd/sendlog.c,
	plugins/sudoers/iolog_client.c:
	Store the result of ERR_get_error() so we can use it for both warn
	and debug. Otherwise, only the debug framework gets the actual error
	and the user won't see the problem.
	[039565f16d13]

	* logsrvd/logsrvd.c, logsrvd/logsrvd.h, logsrvd/logsrvd_conf.c:
	Disable IPv4-mapped IPv6 addresses in the listener. Also store the
	host + port string and use it in error messages.
	[3fbac477ef6b]

	* configure, configure.ac, examples/Makefile.in:
	Install the example sudo_logsrvd.conf unless one already exists
	[89c41b936c44]

2020-04-07  Todd C. Miller  <Todd.Miller@sudo.ws>

	* examples/sudo_logsrvd.conf:
	Make the path to logsrvd_cert.pem match the documentation.
	[b2a45e7c9cdb]

	* etc/sudo-logsrvd.pp, logsrvd/logsrvd.c:
	Create the pid file parent directory if it doesn't already exist.
	Also package the run directory in the sudo_logsrvd PolyPkg file.
	[ac8b573e8545]

	* configure, configure.ac:
	Sudo 1.9.0rc1
	[7d437646afc2]

	* MANIFEST:
	Include all python plugin files in MANIFEST, not the directory
	itself.
	[4aa09dd70b9e]

	* plugins/python/example_approval_plugin.py,
	plugins/python/example_audit_plugin.py,
	plugins/python/example_group_plugin.py,
	plugins/python/example_io_plugin.py,
	plugins/python/example_policy_plugin.py, plugins/python/regress/test
	data/check_example_io_plugin_fails_with_python_backtrace.stdout:
	Avoid using typing annotations so tests run with Python 3.4.
	[88b7048bc4a6]

	* plugins/python/python_plugin_common.c, plugins/python/regress/testda
	ta/check_loading_fails_missing_classname.stderr:
	Sort the list of possible plugins before printing it. This gives
	more reproducible error messages for the tests.
	[ea33f4970268]

	* plugins/python/regress/iohelpers.h, plugins/python/regress/testdata/
	check_example_group_plugin_is_able_to_debug.log, plugins/python/regr
	ess/testdata/check_example_io_plugin_command_log.stored, plugins/pyt
	hon/regress/testdata/check_example_io_plugin_command_log_multiple1.s
	tored, plugins/python/regress/testdata/check_example_io_plugin_comma
	nd_log_multiple2.stored, plugins/python/regress/testdata/check_examp
	le_io_plugin_failed_to_start_command.stored, plugins/python/regress/
	testdata/check_example_io_plugin_fails_with_python_backtrace.stderr,
	plugins/python/regress/testdata/check_loading_fails_wrong_path.stder
	r, plugins/python/regress/testdata/check_multiple_approval_plugin_an
	d_arguments.stdout, plugins/python/regress/testdata/check_python_plu
	gins_do_not_affect_each_other.stdout,
	plugins/python/regress/testhelpers.h:
	Use regular expressions when matching expected and actual text.
	[f2562728481a]

	* plugins/python/regress/iohelpers.h, plugins/python/regress/testdata/
	check_example_debugging_c_calls@info.log, plugins/python/regress/tes
	tdata/check_example_debugging_plugin@info.log,
	plugins/python/regress/testhelpers.c:
	Use regex to match __init__.py instead of hacking it in
	verify_log_lines()
	[8bf71289e585]

	* plugins/python/pyhelpers.c, plugins/python/python_plugin_common.c,
	plugins/python/regress/check_python_examples.c,
	plugins/python/regress/iohelpers.c,
	plugins/python/regress/plugin_approval_test.py, plugins/python/regre
	ss/testdata/check_example_debugging_c_calls@diag.log, plugins/python
	/regress/testdata/check_example_debugging_c_calls@info.log, plugins/
	python/regress/testdata/check_example_debugging_py_calls@diag.log, p
	lugins/python/regress/testdata/check_example_debugging_py_calls@info
	.log, plugins/python/regress/testdata/check_example_policy_plugin_va
	lidate_invalidate.log, plugins/python/regress/testdata/check_loading
	_fails_wrong_classname.stderr, plugins/python/regress/testdata/check
	_multiple_approval_plugin_and_arguments.stdout,
	plugins/python/regress/testhelpers.h:
	Make most python tests pass with Python 3.4 Dictionary order is not
	stable in Python < 3.6 so we need to sort by key to have consistent
	results. The LogHandler output is also different on older Python
	versions. Also, don't stop running python tests after the first
	error.
	[aaa06cb5fac1]

	* plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c:
	Increase the maximum delay again for slower systems. Otherwise we
	may get a spurious test failure.
	[6660908aa93d]

	* plugins/python/Makefile.in, plugins/sudoers/Makefile.in,
	scripts/mkdep.pl:
	Handle dependencies for .h files in the same directory as the
	source. Fixes missing header dependencies for the sudoers and python
	plugins.
	[3109dd5cf61e]

	* etc/sudo.pp:
	Remove bits for Tru64 kit-style packages
	[0e9a9580d76c]

	* MANIFEST, Makefile.in, configure, configure.ac, etc/sudo-logsrvd.pp,
	etc/sudo-python.pp, etc/sudo.pp:
	Split sudo_logsrvd and the python plugin into their own packages.
	[9aee8247f0ba]

	* scripts/mkpkg:
	Build python packages where possible.
	[7a2b993bb8ac]

2020-04-06  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/iolog_client.c:
	Don't pass a NULL submitcwd or ttyname value to the server. It is
	possible for the cwd and/or tty to be missing. If we send a NULL
	pointer to the server where it expects a string the AcceptMessage
	will fail to parse.
	[4f96d1c6e41c]

	* include/sudo_plugin.h:
	Disable -Wstrict-prototypes for sudo_hook_fn_t typedef.
	[15d2a1332865]

	* plugins/python/python_plugin_common.c:
	Fall back to using Py_Finalize() for Python version < 3.6
	[e7ad63e57c79]

2020-04-06  Robert Manner  <robert.manner@balabit.com>

	* logsrvd/eventlog.c:
	logsrvd/eventlog.c: add a newline after each log message for logfile
	output
	[457f77b8f3be]

	* lib/iolog/iolog_fileio.c:
	lib/iolog/iolog_fileio.c: do not call fchown on invalid fd

	Fixes the warning in the log: iolog_write_info_file_json: unable to
	fchown 0:0 /var/log/...: Bad file descriptor
	[bccdaf007db8]

	* logsrvd/iolog_writer.c:
	logsrvd/iolog_writer.c: treat runuid, rungid 0 as valid (usually
	==root)
	[5a7c447e9619]

2020-04-05  Todd C. Miller  <Todd.Miller@sudo.ws>

	* po/eo.mo, po/eo.po, po/sr.mo, po/sr.po:
	Updated translations from translationproject.org
	[6e47dbfdba2c]

2020-04-03  Todd C. Miller  <Todd.Miller@sudo.ws>

	* examples/Makefile.in:
	Install example sudo_logsrvd.conf file
	[c1c6f4c8119d]

	* doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Make it clear in the sudoers grammar that sudoedit needs file args.
	Debian bug #571621
	[b6358b602623]

2020-04-02  Todd C. Miller  <Todd.Miller@sudo.ws>

	* NEWS:
	Fixed Debian bugs #571621, #596631 and #669687
	[6058c1c46739]

	* doc/sudo.man.in, doc/sudo.mdoc.in, plugins/sudoers/env.c:
	Truncate the command args at 4096 chars when formatting
	SUDO_COMMAND. We have to limit the length of SUDO_COMMAND to avoid
	getting E2BIG from execve(2) for very long argument vectors. The
	command's environment also counts against the ARG_MAX limit. Debian
	bug #596631
	[ff1fa8e3377f]

	* plugins/sudoers/auth/pam.c:
	Do not try to delete creds we did not set. If pam_setcred() fails
	when opening the PAM session, we don't want to call it with
	PAM_DELETE_CRED when closing the session.
	[c31039431c46]

2020-04-01  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/auth/API, plugins/sudoers/auth/aix_auth.c,
	plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/fwtk.c,
	plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/secureware.c,
	plugins/sudoers/auth/sia.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/auth/sudo_auth.h, plugins/sudoers/check.c,
	plugins/sudoers/sudoers.h:
	Add a force flag to sudo_auth_cleanup() to force immediate cleanup.
	This is used for PAM authentication to make sure pam_end() is called
	via sudo_auth_cleanup() when the user authenticates successfully but
	sudoers denies the command. Debian bug #669687
	[98cb9d98f547]

	* plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c:
	Increase the maximum delay for slower systems. Otherwise we may get
	a spurious test failure.
	[e4c1fffd427c]

	* doc/sudo_plugin.man.in, doc/sudo_plugin.mdoc.in:
	Document when cwd_optional was added.
	[165447e1d7fa]

2020-03-31  Todd C. Miller  <Todd.Miller@sudo.ws>

	* NEWS, doc/sudo_plugin.man.in, doc/sudo_plugin.mdoc.in,
	plugins/sudoers/policy.c, src/exec.c, src/sudo.c, src/sudo.h:
	Add cwd_optional to command details and enable it in the sudoers
	plugin. If cwd_optional is set to true, a failure to set the cwd
	will be a warning, not an error, and the command will still run.
	Debian bug #598519
	[a6694704d92f]

	* doc/sudo.man.in, doc/sudo.mdoc.in:
	The policy close function is responsible for closing the PAM
	session.
	[db4af211ff75]

	* .clang-format:
	Config file for clang-format 8.x and higher based on webkit style.
	This approximates what I want the sudo coding style to look like.
	Only deviations from webkit style are included.
	[d3ec3a8401cf]

	* src/exec_pty.c:
	Don't kill the command just because the loop exited unexpectedly. We
	currently have no good way to distinguish between an error executing
	the command and an error while the command is running.

	In the future, we should have additional status codes so we can tell
	what type of condition caused the loop to exit.

	For now, only kill the command if cstat is left uninitialized.
	[9492d60783fe]

2020-03-29  Todd C. Miller  <Todd.Miller@sudo.ws>

	* logsrvd/logsrvd.c:
	Write process ID as an unsigned int (with a cast). On Solaris, pid_t
	may be typedef'd as a long but the actual range is 32 bits at most.
	[b9a818d77142]

	* doc/LICENSE:
	Add license info for a few other files. These are all ISC licensed
	but it is still best to have them all listed in one place.
	[dd37dc484ea5]

	* plugins/sudoers/po/ca.mo, plugins/sudoers/po/ca.po,
	plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/fr.mo, plugins/sudoers/po/fr.po,
	plugins/sudoers/po/hr.mo, plugins/sudoers/po/hr.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
	plugins/sudoers/po/ko.mo, plugins/sudoers/po/ko.po,
	plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt.mo, plugins/sudoers/po/pt.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/sv.mo, plugins/sudoers/po/sv.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po,
	plugins/sudoers/po/zh_TW.mo, plugins/sudoers/po/zh_TW.po, po/ca.mo,
	po/ca.po, po/cs.mo, po/cs.po, po/de.mo, po/de.po, po/eo.mo,
	po/eo.po, po/fi.mo, po/fi.po, po/fr.mo, po/fr.po, po/hr.mo,
	po/hr.po, po/it.mo, po/it.po, po/ja.mo, po/ja.po, po/ko.mo,
	po/ko.po, po/nb.mo, po/nb.po, po/pl.mo, po/pl.po, po/pt.mo,
	po/pt.po, po/pt_BR.mo, po/pt_BR.po, po/sv.mo, po/sv.po, po/tr.mo,
	po/tr.po, po/uk.mo, po/uk.po, po/vi.mo, po/vi.po, po/zh_CN.mo,
	po/zh_CN.po, po/zh_TW.mo, po/zh_TW.po:
	Updated translations from translationproject.org
	[58d62352abff]

	* lib/util/getusershell.c, lib/util/host_port.c, lib/util/roundup.c,
	logsrvd/iolog_writer.c, logsrvd/logsrv_util.c,
	logsrvd/logsrv_util.h, logsrvd/logsrvd.c, logsrvd/logsrvd.h,
	logsrvd/logsrvd_conf.c, logsrvd/sendlog.c, logsrvd/sendlog.h,
	plugins/sudoers/iolog_client.c, plugins/sudoers/iolog_plugin.h:
	Some new source files got created with my old email address.
	[ede435f55f5c]

	* .gitignore, .hgignore:
	Ignore __pycache__ directories.
	[5901cfb35a74]

	* include/sudo_iolog.h, lib/iolog/iolog_util.c, logsrvd/sendlog.c,
	plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c,
	plugins/sudoers/sudoreplay.c:
	iolog_parse_loginfo() now opens the log file itself.
	[bf03f505fc94]

	* include/sudo_iolog.h, lib/iolog/Makefile.in,
	lib/iolog/iolog_fileio.c, lib/iolog/iolog_util.c,
	logsrvd/eventlog.c, logsrvd/iolog_writer.c, logsrvd/logsrvd.h,
	logsrvd/sendlog.c, plugins/sudoers/Makefile.in,
	plugins/sudoers/iolog.c,
	plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c,
	plugins/sudoers/sudoreplay.c:
	Write an extended I/O info log in JSON format. This will be used by
	sudoreplay if it exists to get more information about the command
	being replayed.
	[5fc89148c214]

	* MANIFEST, doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in,
	include/sudo_iolog.h, lib/iolog/Makefile.in, lib/iolog/iolog_json.c,
	lib/iolog/iolog_util.c, plugins/sudoers/sudoreplay.c:
	Parse I/O JSON info file in JSON if present. The JSON version
	includes more information than the original "log" file in the I/O
	log dir.
	[269ae210ea34]

	* logsrvd/iolog_writer.c, logsrvd/logsrvd.h:
	Store runenv in the I/O log info file too.
	[15f90fb3748f]

	* plugins/sudoers/Makefile.in,
	plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c:
	Create files for check_iolog_plugin in the build dir, not src dir.
	[bdaea95b47fc]

	* include/sudo_json.h, lib/iolog/iolog_fileio.c, lib/util/json.c,
	logsrvd/eventlog.c, logsrvd/iolog_writer.c, logsrvd/logsrvd.h,
	plugins/audit_json/audit_json.c:
	Do not use JSON_ARRAY with sudo_json_add_value()
	[c74b75adb90f]

	* MANIFEST, lib/iolog/Makefile.in, lib/iolog/iolog_json.c,
	lib/iolog/iolog_json.h,
	lib/iolog/regress/iolog_json/check_iolog_json.c,
	lib/iolog/regress/iolog_json/test1.in,
	lib/iolog/regress/iolog_json/test2.in,
	lib/iolog/regress/iolog_json/test2.out.ok,
	lib/iolog/regress/iolog_json/test3.in, lib/util/json.c:
	Add tests for the simple json parser.
	[9ede5000f4c7]

	* lib/iolog/iolog_json.c:
	Simply the JSON parsing code a bit. We can use a single stack for
	nested objects and arrays. There is also no need to track the
	current object and array separately. This allows us to remove the
	array special case when assigning a value.
	[4a34e528d9f0]

	* NEWS:
	Update NEWS for 1.9.0b5 changes
	[bf8db62788d3]

	* logsrvd/logsrvd.c:
	sudo_logsrvd now exits with an error if it cannot open any listen
	sockets.
	[47a22f71e286]

	* configure, doc/sudo_logsrvd.conf.man.in,
	doc/sudo_logsrvd.conf.mdoc.in, doc/sudo_logsrvd.man.in,
	doc/sudo_logsrvd.mdoc.in, examples/sudo_logsrvd.conf,
	logsrvd/logsrvd.c, logsrvd/logsrvd.h, logsrvd/logsrvd_conf.c,
	m4/sudo.m4, pathnames.h.in:
	Create a pidfile for sudo_logsrvd when not run with the -n flag.
	[9f1b8edff6cc]

	* etc/sudo.pp:
	Add sudo_logsrvd as a service so it gets started at boot.
	[d2ac9eb87dbf]

	* plugins/sudoers/po/sudoers.pot:
	Update sudoers.pot with json parser warnings.
	[2b277f799d2e]

2020-03-19  Todd C. Miller  <Todd.Miller@sudo.ws>

	* scripts/mkpkg:
	Enable OpenSSL on systems that can support it.
	[976370b9d9db]

2020-03-17  Todd C. Miller  <Todd.Miller@sudo.ws>

	* config.h.in, configure, configure.ac, logsrvd/logsrvd.c:
	Add configure check for SSL_CTX_get0_certificate(). Dummy out
	verify_server_cert() if it is not present to allow building on older
	OpenSSL versions. Rewriting this to work with old OpenSSL is not
	worth the trouble.
	[61349d2533fe]

	* lib/iolog/hostcheck.c:
	Include stdlib.h for malloc(3) prototype. We shouldn't rely on it to
	be implicitly included via OpenSSL headers.
	[9f4f7d3d3662]

2020-03-16  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/policy.c:
	Only set errstr for plugin API version 1.15 and above.
	[780722091e9f]

2020-03-14  Todd C. Miller  <Todd.Miller@sudo.ws>

	* NEWS:
	Sudo 1.8.31p1
	[40629e6fd692]

	* src/limits.c:
	Ignore a failure to restore the RLIMIT_CORE resource limit. Linux
	containers don't allow RLIMIT_CORE to be set back to RLIM_INFINITY
	if we set the limit to zero, even for root. This is not a problem
	outside the container.
	[1064b906ca68]

2020-03-12  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen
	[72ca06a294b4]

	* include/sudo_event.h, lib/util/event.c:
	Add SUDO_EV_MASK to mask off invalid event values. Now used by
	sudo_ev_init() to avoid bogus events.
	[10a5d1afa1c9]

2020-03-11  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/python/regress/iohelpers.c,
	plugins/python/regress/testhelpers.c:
	Avoid using sprintf(), vsprintf(), strcat(), and strncat(). It is
	less error-prone to use functions with a return value that indicates
	when truncation ocurred.
	[21938a3b1548]

	* plugins/sudoers/match_digest.c:
	Work around two Coverity false positives; CID 208813 208815
	[389bf3749ed2]

	* logsrvd/logsrvd.c:
	Fix potential use-after-free; Coverity CID 208814
	[e575532efe35]

	* plugins/python/regress/iohelpers.h, plugins/python/regress/testdata/
	check_example_debugging_c_calls@info.log, plugins/python/regress/tes
	tdata/check_example_debugging_plugin@info.log,
	plugins/python/regress/testhelpers.c:
	Don't hard-code path to logging/__init__.py or line numbers. Allows
	python plugin tests to success on versions other than 3.7.
	[659d3d3fcb8b]

	* doc/LICENSE:
	Add copyright for the Python bindings.
	[cc64df1f85f2]

	* plugins/sudoers/match_command.c:
	Fix typo introduced on systems with O_PATH or O_EXEC
	[e8fea3eabf99]

	* NEWS:
	Update for sudo 1.9.0
	[39158cb4af26]

	* doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/cvtsudoers_json.c,
	plugins/sudoers/cvtsudoers_ldif.c, plugins/sudoers/fmtsudoers.c,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/match.c, plugins/sudoers/match_command.c,
	plugins/sudoers/regress/sudoers/test14.in,
	plugins/sudoers/regress/sudoers/test14.json.ok,
	plugins/sudoers/regress/sudoers/test14.ldif.ok,
	plugins/sudoers/regress/sudoers/test14.ldif2sudo.ok,
	plugins/sudoers/regress/sudoers/test14.out.ok,
	plugins/sudoers/regress/sudoers/test14.toke.ok,
	plugins/sudoers/sudoers_version.h:
	Allow the ALL keyword to be specified with a digest list.
	[9856ed3cde7f]

	* doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/cvtsudoers_json.c,
	plugins/sudoers/cvtsudoers_ldif.c, plugins/sudoers/fmtsudoers.c,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/ldap_util.c, plugins/sudoers/match.c,
	plugins/sudoers/match_command.c, plugins/sudoers/match_digest.c,
	plugins/sudoers/parse.h, plugins/sudoers/regress/sudoers/test14.in,
	plugins/sudoers/regress/sudoers/test14.json.ok,
	plugins/sudoers/regress/sudoers/test14.ldif.ok,
	plugins/sudoers/regress/sudoers/test14.ldif2sudo.ok,
	plugins/sudoers/regress/sudoers/test14.out.ok,
	plugins/sudoers/regress/sudoers/test14.toke.ok,
	plugins/sudoers/sudo_ldap.h:
	Allow a list of digests to be specified for a command.
	[e0e9ecee870b]

	* plugins/sudoers/ldap_util.c, plugins/sudoers/parse_ldif.c:
	A struct member of type ALL should have its name field set to NULL.
	[484b9af004af]

	* doc/sudoers.man.in, doc/sudoers.mdoc.in, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l:
	Allow Cmd_Alias in addition to Cmnd_Alias. Some people find using
	Cmd_Alias more natural.
	[55edb5057091]

2020-03-01  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudoers.man.in, doc/sudoers.mdoc.in, plugins/sudoers/auth/pam.c,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/defaults.c:
	Add pam_ruser and pam_rhost sudoers flags.
	[b1d494440004]

	* logsrvd/logsrvd.c, logsrvd/logsrvd.h, logsrvd/sendlog.c,
	logsrvd/sendlog.h:
	Store the event base in the client closure. Explicitly passing the
	event base removes the need to set a default base.
	[0e4ae8d810f8]

	* plugins/sudoers/iolog.c:
	Revert change to initialize io_operations earlier. Instead, check
	io_operations.open for NULL which is the case for "sudo -V". Also
	move the early return in sudoers_io_open() for "sudo -V" until after
	we have initialized debugging.
	[0e9e7a99725d]

2020-02-28  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/iolog.c:
	Initialize io_operations earlier.
	[ab235d88f8ae]

2020-02-27  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/iolog_client.c:
	Mark up some remaining TODOs
	[847c9328a7b5]

	* src/conversation.c:
	Sudo's -S option should override the SUDO_CONV_PREFER_TTY flag.
	[f5737b68c0bf]

	* plugins/python/pyhelpers.c, plugins/python/python_plugin_policy.c,
	plugins/python/sudo_python_module.c:
	Use C99 __func__ instead of gcc-specific __PRETTY_FUNCTION__
	[db4f5d7c200e]

2020-02-27  Robert Manner  <robert.manner@balabit.com>

	* plugins/python/example_debugging.py, plugins/python/regress/testdata
	/check_example_debugging_c_calls@diag.log, plugins/python/regress/te
	stdata/check_example_debugging_c_calls@info.log, plugins/python/regr
	ess/testdata/check_example_debugging_plugin@err.log, plugins/python/
	regress/testdata/check_example_debugging_plugin@info.log:
	plugins/python/regress: add a test and example of using the python
	logger
	[ed23b3ba375f]

	* MANIFEST, doc/sudo_plugin_python.man.in,
	doc/sudo_plugin_python.mdoc.in, plugins/python/Makefile.in,
	plugins/python/python_baseplugin.c,
	plugins/python/python_convmessage.c,
	plugins/python/python_importblocker.c,
	plugins/python/python_loghandler.c,
	plugins/python/python_plugin_common.c,
	plugins/python/sudo_python_module.c,
	plugins/python/sudo_python_module.h:
	plugins/python/sudo_module: add sudo.LogHandler

	so python log system can be used with sudo logsystem. Loggers use it
	by default (the handler is set on the root logger). If that is not
	the intent, it can be overridden explicitly.
	[45b8902ce188]

2020-02-26  Todd C. Miller  <Todd.Miller@sudo.ws>

	* INSTALL, Makefile.in, config.h.in, configure, configure.ac,
	lib/iolog/iolog_fileio.c, plugins/sudoers/Makefile.in,
	plugins/sudoers/iolog.c, plugins/sudoers/iolog_client.c,
	plugins/sudoers/iolog_plugin.h, plugins/sudoers/sudoers.c:
	Add --disable-log-server and --disable-log-client configure options.
	These can be used to optionally disable building sudo_logsrvd and
	support for remote I/O logging in the sudoers plugin respectively.
	[bc802e022f22]

2020-02-26  Robert Manner  <robert.manner@balabit.com>

	* doc/sudo_plugin_python.man.in, doc/sudo_plugin_python.mdoc.in,
	plugins/python/python_plugin_common.c,
	plugins/python/regress/check_python_examples.c, plugins/python/regre
	ss/testdata/check_loading_fails_missing_classname.stderr, plugins/py
	thon/regress/testdata/check_loading_succeeds_with_missing_classname.
	stdout:
	plugins/python: autodetect ClassName field

	If "ClassName" is not specified, load the one and only sudo.Plugin
	from the module (if so), otherwise display which plugins are
	available from which the system admin can choose.
	[b9dbbf1b6e97]

	* doc/sudo_plugin_python.man.in, doc/sudo_plugin_python.mdoc.in,
	plugins/python/Makefile.in, plugins/python/python_plugin_common.c:
	plugins/python/plugin_common: add a default search path for python
	plugins

	If the ModulePath is relative, assume it is under
	"/usr/local/libexec/sudo/python" or wherever the sudo plugins are in
	a "python" subdirectory.
	[5f75db882754]

	* plugins/python/regress/check_python_examples.c, plugins/python/regre
	ss/testdata/check_example_audit_plugin_version_display.stdout, plugi
	ns/python/regress/testdata/check_example_debugging_py_calls@info.log
	, plugins/python/regress/testdata/check_example_io_plugin_version_di
	splay_full.stdout, plugins/python/regress/testdata/check_example_pol
	icy_plugin_version_display_full.stdout, plugins/python/regress/testd
	ata/check_multiple_approval_plugin_and_arguments.stdout:
	plugins/python/regress: update tests for show_version changes

	- plugin->show_version is not marked NULL any more.
	- if verbose, it also displays which python class was loaded from
	which file
	[e30a1e43e3c2]

	* plugins/python/python_plugin_approval.c,
	plugins/python/python_plugin_audit.c,
	plugins/python/python_plugin_common.c,
	plugins/python/python_plugin_common.h,
	plugins/python/python_plugin_io.c,
	plugins/python/python_plugin_policy.c:
	plugins/python: make show_version display the plugin in verbose mode

	Before it only displayed the plugin version, now it also displays
	which python plugin is loaded to be more useful.
	[8c94175ead70]

	* plugins/python/python_plugin_approval.c,
	plugins/python/python_plugin_common.c:
	plugins/python/approval: fix show_version crash when it is not
	implemented

	For approval plugins show_version is not optional.
	[61f6b4679d6b]

2020-02-24  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/policy.c, plugins/sudoers/sudoers.c:
	Avoid calling sudoers_policy_exec_setup() on error. We only want to
	pass the execution environment back for commands that are accepted
	or rejected. Also avoid potentially freeing the wrong pointer when
	garbage collection is enabled.
	[a3a202e89951]

2020-02-22  Todd C. Miller  <Todd.Miller@sudo.ws>

	* logsrvd/eventlog.c, logsrvd/logsrvd.h, logsrvd/logsrvd_conf.c:
	Open event log at config time instead of open/close for each entry.
	If logging via syslog, do the openlog() at config time instead. We
	still lock the log file prior to writing to it but unlock
	immediately after.
	[3236bd001160]

	* lib/util/locking.c:
	Fix unlocking of an entire file with lockf(). Since lockf() uses the
	files's current offset, we need to seek to the start of the file to
	unlock the entire file.
	[e415af1de6ca]

2020-02-21  Robert Manner  <robert.manner@balabit.com>

	* doc/sudo_plugin_python.man.in, doc/sudo_plugin_python.mdoc.in:
	doc/sudo_plugin_python: add approval plugin to supported plugins
	[5034917e6902]

2020-02-20  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/util/util.exp.in:
	Add sudo_json_free_v1 to symbol exports file too.
	[0a91a2986952]

	* lib/util/Makefile.in, logsrvd/Makefile.in,
	plugins/sudoers/Makefile.in:
	Regenerate dependencies to match the recent JSON changes.
	[5da86c77629c]

	* plugins/python/python_convmessage.c:
	Add missing check for calloc(3) failure.
	[589c32ff2cf1]

2020-02-19  Robert Manner  <robert.manner@balabit.com>

	* doc/sudo_plugin_python.man.in, doc/sudo_plugin_python.mdoc.in:
	doc/sudo_plugin_python: document approval plugin and PluginReject
	[9e61203dcb8d]

	* plugins/python/sudo_python_module.c:
	plugins/python/sudo_python_module.c: remove unused declaration

	We do not use structsequence any more.
	[a5570ba5ad8b]

2020-02-18  Todd C. Miller  <Todd.Miller@sudo.ws>

	* logsrvd/logsrvd.c, logsrvd/logsrvd.h:
	Re-register listeners on SIGHUP. Previously, a config reload would
	refresh the listener address list but the changes had no effect on
	the actual addresses being listened on.
	[c1c0ada6c594]

	* logsrvd/logsrvd.c:
	Fix compilation error when not built with OpenSSL support. Adds a
	missing #ifdef HAVE_OPENSSL and reorders code to avoid the need for
	a static init_tls_server_context() prototype.
	[976c469eeb57]

2020-02-18  Robert Manner  <robert.manner@balabit.com>

	* plugins/python/python_plugin_common.c:
	plugins/python: restore the original python inittab after
	interpreter deinit
	[b78a5d995de9]

2020-02-17  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudo_logsrvd.conf.man.in, doc/sudo_logsrvd.conf.mdoc.in,
	include/sudo_json.h, lib/util/json.c, logsrvd/eventlog.c:
	Add support for JSON structured logging using syslog. Note that
	depending on the system, the default syslog buffer may not be large
	enough to store all the logging data.
	[15a6667b1198]

	* doc/sudo_logsrvd.conf.man.in, doc/sudo_logsrvd.conf.mdoc.in,
	examples/sudo_logsrvd.conf, logsrvd/eventlog.c,
	logsrvd/iolog_writer.c, logsrvd/logsrvd.c, logsrvd/logsrvd.h,
	logsrvd/logsrvd_conf.c:
	Add support for JSON logging in sudo_logsrvd.
	[8b013b899e3b]

	* include/sudo_json.h, lib/util/json.c, lib/util/util.exp.in,
	plugins/audit_json/audit_json.c, plugins/sudoers/cvtsudoers_json.c,
	plugins/sudoers/regress/sudoers/test10.json.ok,
	plugins/sudoers/regress/sudoers/test9.json.ok:
	Rework the JSON API to write to a memory buffer, not a stdio stream.
	[ec4e4053e95e]

	* logsrvd/logsrvd.c, logsrvd/logsrvd_conf.c:
	Fix support for reloading the config in sudo_logsrvd. We need to re-
	initialize the TLS server context. Also fix a memory leak of the TLS
	parameters on reload.
	[c4ca45502f3e]

2020-02-17  Robert Manner  <robert.manner@balabit.com>

	* plugins/python/pyhelpers.c, plugins/python/pyhelpers.h,
	plugins/python/python_plugin_common.c,
	plugins/python/regress/check_python_examples.c, plugins/python/regre
	ss/testdata/check_example_debugging_load@diag.log,
	plugins/python/regress/testhelpers.c:
	plugins/python: only deinit interpreters when sudo unlinks the
	plugin

	This only happens when sudo unloads the last python plugin. The
	reason doing so is because there are some python modules which does
	not support importing them again after destroying the interpreter
	which has imported them previously.

	Another solution would be to just leak the interpreters (let the
	kernel free up), but then there might be some python resources like
	open files would not get cleaned up correctly if the plugin is badly
	written.

	Tests are meant to test the scenario sudo does, so I have modified
	them to generally do not unlink but only a few times (~per plugin
	type) so it does not use 48 interpreters (one gets started on every
	plugin->open) and it is visible at least which type of plugin fails
	deinit if there is an error.
	[13cdead652aa]

	* plugins/python/python_plugin_common.c,
	plugins/python/sudo_python_debug.c:
	plugins/python/debug: adapt debug refcount solution of sudoers
	plugin
	[dc815e383c39]

2020-02-16  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/iolog_client.c:
	The environment in the accept message is runenv not submitenv. The
	I/O logging plugin is passed the environment the command will run
	with, not the user's original environment.
	[b3e1ee513001]

2020-02-15  Todd C. Miller  <Todd.Miller@sudo.ws>

	* include/sudo_compat.h, lib/iolog/iolog_fileio.c,
	plugins/audit_json/audit_json.c, src/utmp.c:
	Add compatibility define for fseeko(3). This is better than
	cluttering up the code with #ifdefs for obsolete systems.
	[a9123f768fe0]

2020-02-14  Todd C. Miller  <Todd.Miller@sudo.ws>

	* MANIFEST, plugins/sudoers/regress/testsudoers/test8.out.ok,
	plugins/sudoers/regress/testsudoers/test8.sh:
	Add test for #include directive without a trailing newline.
	[dfcfad5c7c41]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Don't require a newline at the end of include or includedir
	directives.
	[3d6aa5531609]

2020-02-14  Robert Manner  <robert.manner@balabit.com>

	* plugins/python/regress/testhelpers.c:
	plugins/python/regress/testhelpers.c: replace fromisoformat

	fromisoformat is only supported from python >=3.7
	[86bf6de82376]

2020-02-13  Robert Manner  <robert.manner@balabit.com>

	* plugins/python/python_plugin_common.h,
	plugins/python/sudo_python_module.c:
	plugins/python: add missing annotations to help cpychecker
	[fd66659bd681]

	* plugins/python/python_plugin_common.c:
	plugins/python/python_plugin_common.c: release py_args in close

	even if the arguments are not used (eg. when there is no "close"
	call in the plugin).

	It was not really a memleak, because interpreter is deinitialized
	anyway, which frees the object.
	[5de8c111d40d]

	* plugins/python/python_plugin_approval.c:
	plugins/python/python_plugin_approval: fix negative ref count

	The python_plugin_api_rc_call function already decrements the
	refcount of py_args. Python avoids the double free, but the error
	gets shown if using python debug build.
	[4370af5b9092]

2020-02-12  Robert Manner  <robert.manner@balabit.com>

	* plugins/python/regress/check_python_examples.c:
	plugins/python/regress: still some memleak fix
	[c60050b79a5e]

	* plugins/python/python_plugin_audit.c,
	plugins/python/python_plugin_common.c,
	plugins/python/python_plugin_common.h,
	plugins/python/python_plugin_io.c,
	plugins/python/python_plugin_policy.c:
	plugins/python: make storing errstr more explicit

	The error is always stored in plugin_ctx, but it is only set into
	errstr if the API version is enough. (Previously it worked the
	opposite: we only stored the error if API level was enough.)
	[5b4fa733c876]

	* plugins/python/regress/check_python_examples.c:
	plugins/python/regress: strengthen errstr verification

	Tests did not catch the issue where errstr was not set correctly,
	but its pointer contained the expected data, because the memory
	allocator reused the same space for storing the string.

	Now it is either verified to be NULL, or reset to NULL.
	[973e52ed3f68]

	* plugins/python/regress/check_python_examples.c:
	plugins/python/regress: simplify plugin option creation
	[628142f39c63]

2020-02-11  Todd C. Miller  <Todd.Miller@sudo.ws>

	* include/sudo_debug.h, lib/util/sudo_debug.c, lib/util/util.exp.in,
	plugins/audit_json/audit_json.c, plugins/python/sudo_python_debug.c,
	plugins/sample_approval/sample_approval.c,
	plugins/sudoers/sudoers_debug.c:
	Move duplicated code to parse plugin debug flags to libsudo_util.
	There's no need for four copies of sudo_debug_parse_flags().
	[cfd9d624d8b1]

2020-02-11  Robert Manner  <robert.manner@balabit.com>

	* plugins/python/python_plugin_common.c,
	plugins/python/sudo_python_module.c,
	plugins/python/sudo_python_module.h:
	plugins/python/sudo_module: let a reject also supply error message

	Same as sudo.PluginError exception, have a sudo.PluginReject
	exception as well. Added common base exception as well.
	[e2e36f4778d4]

	* plugins/python/regress/check_python_examples.c,
	plugins/python/regress/plugin_approval_test.py, plugins/python/regre
	ss/testdata/check_multiple_approval_plugin_and_arguments.stderr, plu
	gins/python/regress/testdata/check_multiple_approval_plugin_and_argu
	ments.stdout, plugins/python/regress/testhelpers.c,
	plugins/python/regress/testhelpers.h:
	plugins/python/regress: add tests for approval plugin
	[31bd830a36fa]

	* MANIFEST, plugins/python/Makefile.in,
	plugins/python/python_plugin_approval.c,
	plugins/python/python_plugin_approval_multi.inc,
	plugins/python/python_plugin_common.c,
	plugins/python/python_plugin_common.h,
	plugins/python/sudo_python_module.c:
	plugins/python: add python approval plugin wrapper
	[489ef35ac957]

	* MANIFEST, plugins/python/Makefile.in,
	plugins/python/example_approval_plugin.py:
	plugins/python: add python approval plugin example
	[4ed865e04c0a]

2020-02-10  Todd C. Miller  <Todd.Miller@sudo.ws>

	* MANIFEST, plugins/sudoers/regress/sudoers/test23.in,
	plugins/sudoers/regress/sudoers/test23.json.ok,
	plugins/sudoers/regress/sudoers/test23.ldif.ok,
	plugins/sudoers/regress/sudoers/test23.ldif2sudo.ok,
	plugins/sudoers/regress/sudoers/test23.out.ok,
	plugins/sudoers/regress/sudoers/test23.sudo.ok,
	plugins/sudoers/regress/sudoers/test23.toke.ok:
	Add regress test for parsing Defaults lists. Currently only
	env_check, env_delete, env_keep and log_servers are lists.
	[dfda2dec37d3]

	* doc/sudo_plugin.man.in, doc/sudo_plugin.mdoc.in:
	Clarify that approval close happens after auditing. Also fix a few
	typos.
	[8f9fb2f0b5a7]

	* doc/sudo_plugin.man.in, doc/sudo_plugin.mdoc.in,
	include/sudo_plugin.h, plugins/sample_approval/sample_approval.c,
	src/sudo.c:
	Add open and close functions to the approval plugin API. We need a
	close function to be able to to free memory allocated for errstr.
	Unlike the other plugins, the close function is called immediately
	after the plugin's check or show_version function. The plugin does
	not remain open until the command completes.
	[6611bafc8ace]

	* plugins/audit_json/audit_json.c:
	Use unique function names to avoid confusion with front-end
	functions. Also add a missing sudo_debug_enter() after debug
	registration.
	[b127b0997ecb]

	* scripts/log2cl.pl:
	Use Text::Wrap instead of perl's built-in format function. This
	still breaks log filename incorrectly but is a step in the right
	direction.
	[2184fe794ecb]

	* Makefile.in, scripts/log2cl.pl:
	Avoid changing directory when generating the ChangeLog file.
	Instead, pass the repo path to either hg or log2cl.pl
	[736e90c9fe6d]

2020-02-10  Robert Manner  <robert.manner@balabit.com>

	* src/sudo.c:
	src/sudo.c: call audit plugin close when result is a wait status
	[0bfe6bc588a3]

	* Makefile.in:
	Makefile.in: fix install target for out of source build

	The scriptdir contained a path relative to where the target was
	started. The scripts are called like "$scriptdir/script_name" which
	is fine with relative path as well, until the current directory is
	not changed. But things like cd $srcdir && $scriptdir/script_name
	fails (if building in separate build directory).
	[7c0958b47925]

	* doc/sudo_plugin_python.man.in, doc/sudo_plugin_python.mdoc.in:
	doc/sudo_plugin_python: document python audit plugin support
	[2a2f6227bae0]

	* doc/sudo_plugin_python.man.in, doc/sudo_plugin_python.mdoc.in:
	doc/sudo_plugin_python: document returning error string
	[cf32faa3805f]

	* doc/sudo_plugin_python.man.in, doc/sudo_plugin_python.mdoc.in:
	doc/sudo_plugin_python: update python manual for constant -> enum
	changes
	[e2cd8737978c]

2020-02-08  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/iolog/regress/iolog_path/check_iolog_path.c,
	lib/util/mksiglist.c, lib/util/mksigname.c,
	lib/util/regress/fnmatch/fnm_test.c,
	lib/util/regress/getdelim/getdelim_test.c,
	lib/util/regress/glob/globtest.c,
	lib/util/regress/parse_gids/parse_gids_test.c,
	lib/util/regress/progname/progname_test.c,
	lib/util/regress/sudo_parseln/parseln_test.c, logsrvd/logsrvd.c,
	logsrvd/sendlog.c, plugins/group_file/plugin_test.c,
	plugins/sudoers/cvtsudoers.c, plugins/sudoers/logging.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/env_match/check_env_pattern.c,
	plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/tsdump.c, plugins/sudoers/visudo.c, src/exec.c,
	src/exec_monitor.c, src/exec_nopty.c, src/exec_pty.c,
	src/parse_args.c, src/regress/noexec/check_noexec.c:
	Use EXIT_SUCCESS and EXIT_FAILURE more consistently.
	[1b78154a35f3]

	* src/parse_args.c, src/sudo.c, src/sudo.h:
	Mark main sudo usage() function __noreturn__. This splits the usage
	printing out into display_usage().
	[400d23c2a6f1]

	* include/sudo_json.h, lib/util/json.c, lib/util/util.exp.in,
	plugins/sudoers/cvtsudoers_json.c:
	Use json functions from libsudo_util in cvtsudoers.
	[c4316ce76fe6]

2020-02-07  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sample_approval/sample_approval.c:
	Check localtime() return value; coverity CID 208156
	[e2697b46f7e2]

	* plugins/audit_json/audit_json.c:
	Check fseeko() return value; coverity CID 207993
	[3abd610ae63b]

	* logsrvd/sendlog.c, logsrvd/sendlog.h:
	Make restart and elapsed members of the closure structs not
	pointers. Fixes coverity CID 207992
	[2dbace19cb6a]

	* lib/iolog/iolog_fileio.c:
	Check return value of sudo_lock_file(); coverity CID 207991
	[e2862d70dea8]

	* logsrvd/logsrvd.c:
	Only keepalive if accept() succeeded; coverity CID 207990
	[0c35e46495a2]

2020-02-06  Todd C. Miller  <Todd.Miller@sudo.ws>

	* MANIFEST, Makefile.in, doc/Makefile.in, examples/Makefile.in,
	generate_test_coverage.sh, include/Makefile.in,
	lib/iolog/Makefile.in, lib/logsrv/Makefile.in, lib/util/Makefile.in,
	lib/zlib/Makefile.in, log2cl.pl, logsrvd/Makefile.in, mkdep.pl,
	mkinstalldirs, mkpkg, plugins/audit_json/Makefile.in,
	plugins/group_file/Makefile.in, plugins/python/Makefile.in,
	plugins/sample/Makefile.in, plugins/sample_approval/Makefile.in,
	plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in, pp,
	scripts/generate_test_coverage.sh, scripts/log2cl.pl,
	scripts/mkdep.pl, scripts/mkinstalldirs, scripts/mkpkg, scripts/pp,
	src/Makefile.in:
	Move some scripts from the top level src dir to a scripts dir.
	[0be8e958cbc2]

	* MANIFEST, plugins/sample_approval/Makefile.in,
	plugins/sample_approval/sample_approval.c,
	plugins/sample_approval/sample_approval.exp:
	Add sample approval plugin that simply tests for "business hours"
	[8005b14fd0c7]

	* Makefile.in, configure, configure.ac:
	Add sample approval plugin that simply tests for "business hours"
	[9d7370fea2c3]

	* src/load_plugins.c:
	Refactor code to alloc and insert a new plugin_container. The only
	outlier is the policy plugin which is not part of a list since there
	can only be a single policy plugin.
	[610c6e01eb0b]

	* plugins/audit_json/audit_json.c:
	Tech audit_json about approval plugin accept/reject
	[b1e568bacd87]

	* doc/sudo_plugin.man.in, doc/sudo_plugin.mdoc.in,
	include/sudo_plugin.h, src/load_plugins.c, src/sudo.c,
	src/sudo_plugin_int.h:
	Add an approval plugin type that runs after the policy plugin. The
	basic idea is that the approval plugin adds an additional layer of
	policy. There can be multiple approval plugins.
	[2b57fac1ad0b]

	* doc/sudo_plugin.man.in, doc/sudo_plugin.mdoc.in:
	plugin documentation fixes: o whitespace cleanup o show_version
	doesn't have an errstr argument o document runas_user and
	runas_group in command_info[] o add missing .El at before start of
	audit section
	[73cb9ca71ef7]

2020-02-06  Robert Manner  <robert.manner@balabit.com>

	* plugins/python/sudo_python_module.c:
	plugins/python/sudo_python_module.c: fix options_as_dict if no equal
	sign

	The intented behaviour was that those get skipped, but the
	PyList_GetItem sets the interpreter into error state, so python has
	raised exception.
	[4f99dd186eb9]

	* plugins/python/regress/check_python_examples.c, plugins/python/regre
	ss/testdata/check_example_audit_plugin_receives_accept.stdout, plugi
	ns/python/regress/testdata/check_example_audit_plugin_receives_error
	.stdout, plugins/python/regress/testdata/check_example_audit_plugin_
	receives_reject.stdout, plugins/python/regress/testdata/check_exampl
	e_audit_plugin_version_display.stdout, plugins/python/regress/testda
	ta/check_example_audit_plugin_workflow_multiple.stderr, plugins/pyth
	on/regress/testdata/check_example_audit_plugin_workflow_multiple.std
	out:
	plugins/python/regress/check_python_examples: add audit_plugin tests
	[fcc483a569ff]

	* plugins/python/python_plugin_common.c,
	plugins/python/python_plugin_common.h,
	plugins/python/python_plugin_io.c,
	plugins/python/python_plugin_policy.c:
	plugins/python/python_plugin_common: close can get custom arguments

	For the audit plugin. Ensure we do not fail if
	plugin_ctx->py_instance is NULL (because plugin init has failed).
	[dd1c0be3d8e7]

	* plugins/python/example_group_plugin.py,
	plugins/python/example_io_plugin.py,
	plugins/python/example_policy_plugin.py, plugins/python/regress/test
	data/check_example_io_plugin_fails_with_python_backtrace.stdout:
	plugins/python/example_*.py: document returning error string
	[ee55ef4a3cb6]

	* plugins/python/example_conversation.py,
	plugins/python/example_debugging.py,
	plugins/python/example_group_plugin.py,
	plugins/python/example_io_plugin.py,
	plugins/python/example_policy_plugin.py, plugins/python/regress/test
	data/check_example_debugging_c_calls@info.log, plugins/python/regres
	s/testdata/check_example_debugging_plugin@info.log, plugins/python/r
	egress/testdata/check_example_io_plugin_fails_with_python_backtrace.
	stdout:
	plugins/python/example*.py: pep8 fixes (mainly line too long)
	[56b15859cc9a]

2020-02-05  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/audit_json/audit_json.exp:
	Exported symbol is audit_json
	[a39e9cc1047b]

	* doc/sudo_plugin_python.man.in, doc/sudo_plugin_python.mdoc.in:
	Silence lint warning.
	[fbba7f8dc3ef]

	* plugins/sudoers/policy.c:
	Add runas_user and runas_group (if set) to command_info for audit
	plugin. Otherwise, the audit plugin has to look up the runas name
	and group by user or group ID.
	[711731384693]

	* src/tgetpass.c:
	Only enable pwfeedback when reading password from /dev/tty. This
	effectively disables pwfeedback when the -S or -A options are used.
	[71da469aab20]

2020-02-05  Robert Manner  <robert.manner@balabit.com>

	* plugins/python/regress/check_python_examples.c:
	plugins/python/regress: load/unload module for each testcase

	so they can start from clean state. (My problem was optional
	argument tests has destroyed the callbacks.)
	[ab90adbb9328]

	* plugins/python/python_plugin_common.c,
	plugins/python/python_plugin_common.h,
	plugins/python/python_plugin_group.c,
	plugins/python/python_plugin_io.c,
	plugins/python/python_plugin_policy.c,
	plugins/python/sudo_python_module.c,
	plugins/python/sudo_python_module.h:
	plugins/python: add support for callback errstr arguments

	Plugins can raise a sudo.PluginError exception to add context
	message for the failure.

	The callback's errstr gets filled up with the specified message.
	But, as sudo expects a string constant (will not free the string),
	we store it in the plugin context at least until next callback
	invocation.
	[240bf4c627f0]

	* plugins/python/regress/check_python_examples.c,
	plugins/python/regress/plugin_errorstr.py:
	plugins/python/regress: add test for callback error msg return
	[44a71a20f94c]

	* plugins/python/python_plugin_io.c,
	plugins/python/python_plugin_policy.c:
	plugins/python_plugin_io,policy: fix version display in verbose mode

	Unfortunately the test did not catch this mistake, because it only
	searches that "Python policy plugin API version" string is present
	and does not check the version.
	[7da28d01063f]

2020-02-04  Robert Manner  <robert.manner@balabit.com>

	* plugins/python/example_conversation.py,
	plugins/python/example_debugging.py,
	plugins/python/example_group_plugin.py,
	plugins/python/example_io_plugin.py,
	plugins/python/example_policy_plugin.py, plugins/python/pyhelpers.c,
	plugins/python/pyhelpers.h, plugins/python/python_plugin_common.c, p
	lugins/python/regress/testdata/check_example_debugging_c_calls@diag.
	log, plugins/python/regress/testdata/check_example_debugging_c_calls
	@info.log, plugins/python/regress/testdata/check_example_group_plugi
	n_is_able_to_debug.log, plugins/python/sudo_python_module.c:
	plugins/python/sudo_python_module.c: use IntEnums instead of
	constants

	It is a bit more code, but it is more "pythonic" and easier to debug
	as the enum values also know their names.

	It is also an API break, eg. sudo.RC_OK becomes sudo.RC.OK as
	sudo.RC will be the "type" of the enum, but I guess that is
	acceptable before the initial release.
	[2a0845428e2b]

2020-02-03  Robert Manner  <robert.manner@balabit.com>

	* plugins/python/python_plugin_policy.c:
	plugins/python/python_plugin_policy: add missing debug return
	[2bf4cc35de9c]

2020-02-03  Laszlo Orban  <laszlo.orban@quest.com>

	* logsrvd/sendlog.c:
	fixed compiler error when sudo is configured without --enable-
	openssl
	[fb19fb96c41d]

2020-02-03  Robert Manner  <robert.manner@balabit.com>

	* MANIFEST, plugins/python/Makefile.in,
	plugins/python/python_plugin_audit.c,
	plugins/python/python_plugin_audit_multi.inc,
	plugins/python/sudo_python_module.c:
	plugins/python: add python audit plugin wrapper
	[92bf3ccbd35d]

	* MANIFEST, plugins/python/Makefile.in,
	plugins/python/example_audit_plugin.py:
	plugins/python: add example python audit plugin
	[15abd19f6fdb]

2020-02-02  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudo_logsrvd.conf.man.in, doc/sudo_plugin.man.in:
	Regenerate .man.in files from .mdoc.in
	[6d04628b3bbb]

	* doc/sudo_plugin.mdoc.in:
	Update documentation for setbase when the given base is NULL.
	[03054c46d322]

	* plugins/sudoers/iolog_client.c, src/sudo.c:
	For plugin events, set the sudo event base for setbase(NULL). This
	makes it possible for a plugin to change the event base to a local
	one and then reset it back to its original value.
	[f95ab1a5fd5a]

2020-02-01  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/iolog_client.c:
	Don't display "error in event loop" on loop break reading
	ServerHello. We should already have displayed a more useful error
	message. Otherwise, we can get two "error in event loop" warnings if
	the TLS handshake fails (in addition to other error messages).
	[c42b8158ab36]

2020-01-31  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/iolog.c, plugins/sudoers/iolog_client.c,
	plugins/sudoers/iolog_plugin.h:
	Read ServerHello message synchronously before the command is
	executed. Otherwise, the command could be run before the TLS
	handshake completes.
	[4dab1676ae41]

2020-01-31  Robert Manner  <robert.manner@balabit.com>

	* plugins/python/pyhelpers.c, plugins/python/pyhelpers.h,
	plugins/python/python_convmessage.c:
	plugins/python/pyhelpers: add helpers for attribute handling

	to simplify code a bit.
	[c3eb52c88a04]

2020-01-30  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudo_plugin.mdoc.in:
	Document audit plugin in the sudo_plugin manual.
	[e2aab376bae1]

	* include/sudo_plugin.h, plugins/audit_json/audit_json.c, src/sudo.c:
	Change audit close arguments to a type and value. That way we can
	distinguish between different error types.
	[37abbe9f39b5]

	* MANIFEST, Makefile.in, configure, configure.ac, m4/sudo.m4,
	pathnames.h.in, plugins/audit_json/Makefile.in,
	plugins/audit_json/audit_json.c, plugins/audit_json/audit_json.exp:
	Example audit plugin that writes JSON output to a log file.
	[295d9d1a1209]

	* plugins/python/python_plugin_io.c,
	plugins/python/python_plugin_io_multi.inc,
	plugins/python/python_plugin_policy.c,
	plugins/python/regress/check_python_examples.c:
	Adapt python plugin to new plugin API changes
	[974e76db3a3a]

	* plugins/sudoers/audit.c, plugins/sudoers/iolog.c,
	plugins/sudoers/logging.c, plugins/sudoers/logging.h,
	plugins/sudoers/policy.c,
	plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h:
	Pass back a failure or error string to the front end. The
	audit_failure() function now stores the failure string. This will
	allow an audit plugin to log the reason if the user's request is a
	rejected.
	[5bb4e000a7ec]

	* doc/sudo_plugin.mdoc.in, include/sudo_plugin.h, src/exec_pty.c,
	src/load_plugins.c, src/parse_args.c, src/sudo.c, src/sudo.h,
	src/sudo_plugin_int.h:
	Define a new plugin type that receives accept and reject messages.
	This can be used to implement logging-only plugins. The plugin
	functions now take an errstr argument that can be used to return an
	error string to be logged on failure or error.
	[361aab49325f]

	* MANIFEST, config.h.in, configure, configure.ac, include/sudo_rand.h,
	lib/util/arc4random.c, lib/util/arc4random_buf.c:
	Add tests for arc4random_buf() and an implementation for those
	without.
	[e89dabfd5a41]

	* MANIFEST, include/sudo_util.h, lib/util/Makefile.in,
	lib/util/util.exp.in, lib/util/uuid.c:
	Add code to generate universally unique identifiers. We create type
	4, variant 1 uuids (random).
	[22aff362662e]

	* MANIFEST, include/sudo_json.h, lib/util/Makefile.in,
	lib/util/json.c, lib/util/util.exp.in:
	Add a simple API for writing JSON records. To be used by the
	upcoming JSON audit module.
	[734b29194a82]

2020-01-29  Todd C. Miller  <Todd.Miller@sudo.ws>

	* NEWS:
	Sudo 1.8.31 changes.
	[3d12f4cb4d9f]

	* src/tgetpass.c:
	Fix a buffer overflow when pwfeedback is enabled and input is a not
	a tty. In getln() if the user enters ^U (erase line) and the
	write(2) fails, the remaining buffer size is reset but the current
	pointer is not. While here, fix an incorrect break for erase when
	write(2) fails. Also disable pwfeedback when input is not a tty as
	it cannot work. CVE-2019-18634 Credit: Joe Vennix from Apple
	Information Security.
	[4830bdf1a683]

2020-01-28  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/sudoers.c:
	Fix warning about unresolved host name with "sudo -l -h hostname".
	The resolve_host() function returns 0 on success, not bool.
	[9af5bb6e4036]

	* configure, configure.ac:
	Check for presence of fseeko() regardless of utmp type.
	[d0c254ba8311]

	* plugins/python/regress/check_python_examples.c:
	Fix typo in a test: python_policy->close not python_io->close
	[34d8631cc501]

	* lib/util/getentropy.c:
	Allow getentropy.c to compile when MAP_ANON is unavailable.
	[d707e07f1a9c]

	* MANIFEST, lib/util/Makefile.in, lib/util/arc4random.c,
	lib/util/arc4random.h:
	Remove multi-thread support from arc4random. Sudo is not multi-
	threaded so we don't need the added complexity.
	[77c1795e0aaa]

2020-01-28  Robert Manner  <robert.manner@balabit.com>

	* plugins/python/sudo_python_module.c:
	plugins/sudo_python_module: Fix double free in sudo.options_as_dict
	function

	PyArg_ParseTuple sets the py_config_tuple pointer, but it does not
	increment the reference count, so by decrementing, we end up freeing
	the argument passed in.
	[511aeb75a905]

	* plugins/python/example_io_plugin.py, plugins/python/regress/testdata
	/check_example_io_plugin_fails_with_python_backtrace.stdout:
	plugins/python/example_io_plugin: close the file at destroy

	to avoid warning of debug python build.
	[6730352ab2d8]

2020-01-28  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/util/arc4random.h, lib/util/getentropy.c:
	Backed out changeset 9dce3ebb2c37 MAP_SGI_ANYADDR cannot be used in
	place of MAP_ANON
	[b261d200435a]

2020-01-28  Robert Manner  <robert.manner@balabit.com>

	* plugins/python/Makefile.in,
	plugins/python/regress/check_python_examples.c,
	plugins/python/regress/testhelpers.c,
	plugins/python/regress/testhelpers.h:
	plugins/python: memleak fixes in test

	The main problem was that string array objects were constructed
	differently:
	- if constructed by the test, then the elements were constant
	- if constructed by the plugin, then the elements were allocated

	Modified it so that now each array contains allocated strings so
	they can be handled similarly. For freeing, I have used the
	str_array_free function from the plugin, so I have linked its object
	into the test runner.

	Happy path is now free of "definitely lost" memleaks, so the test
	can be used for valgrind.
	[657ffd948be5]

2020-01-28  Laszlo Orban  <laszlo.orban@quest.com>

	* logsrvd/sendlog.c, logsrvd/sendlog.h:
	Refactor sudo_sendlog in order to be able to send one I/O log
	multiple times in parallel (for testing purposes)
	[c9afea455ab6]

2020-01-27  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/util/arc4random.h, lib/util/getentropy.c:
	Fix compilation on IRIX; Bug #915 IRIX lacks MAP_ANON (and
	MAP_ANONYMOUS) but we can use the IRIX-specific flag MAP_SGI_ANYADDR
	instead. From Kazuo Kuroi
	[9dce3ebb2c37]

2020-01-24  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/check.c:
	Fix crash in sudo 1.8.30 when suspending sudo at the password
	prompt. The closure pointer in sudo_conv_callback was being filled
	in with a struct getpass_closure ** instead of a struct
	getpass_closure *. The bug was introduced in the fix for Bug #910;
	previously the closure variable was a struct getpass_closure, not a
	pointer. Fix from Michael Norton; Bug #914.
	[011b6a7663ef]

2020-01-24  Robert Manner  <robert.manner@balabit.com>

	* plugins/python/pyhelpers.c, plugins/python/pyhelpers.h,
	plugins/python/python_plugin_common.c,
	plugins/python/python_plugin_common.h,
	plugins/python/python_plugin_group.c,
	plugins/python/python_plugin_io.c,
	plugins/python/python_plugin_policy.c:
	plugins/python: use separate python interpreter for each plugin

	On each plugin initialization we create a separate python
	interpreter which gets stored in the plugin_ctx. The main
	interpreter is stored in py_ctx and is used for creating more
	interpreters (if more plugins get loaded) and final python
	deinitialization.

	The "traceback" module import and the ImportBlocker initialization
	was moved, because it has to happen inside the plugin specific
	interpreters.
	[eb9308e5eacb]

	* plugins/python/regress/check_python_examples.c,
	plugins/python/regress/plugin_conflict.py, plugins/python/regress/te
	stdata/check_python_plugins_do_not_affect_each_other.stdout:
	plugins/python/regress: add a failing textcase about python plugins
	affect each other

	Since python plugins are run inside the same interpreter, they
	affect each other's state, which would be better to avoid.
	[1628425d608c]

2020-01-23  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudo_logsrvd.conf.man.in, doc/sudo_logsrvd.conf.mdoc.in:
	Document new tls_verify setting.
	[3e4bc6e4d301]

	* config.h.in, configure, configure.ac:
	Use AC_CHECK_DECLS when checking for SSL_CTX_set_min_proto_version
	Also use AC_CHECK_FUNCS to check for the other OpenSSL functions
	[f3e36090a31e]

2020-01-23  Robert Manner  <robert.manner@balabit.com>

	* doc/sudo_plugin_python.man.in, doc/sudo_plugin_python.mdoc.in:
	doc/sudo_plugin_python: update doc about the multiple I/O plugin
	loading
	[08e7c479954b]

	* plugins/python/Makefile.in:
	plugins/python/Makefile.in: update autogenerated header dependencies
	[54c0c7f11046]

	* plugins/python/pyhelpers.c, plugins/python/pyhelpers.h,
	plugins/python/python_plugin_common.c,
	plugins/python/regress/check_python_examples.c, plugins/python/regre
	ss/testdata/check_example_io_plugin_command_log_multiple.stderr,
	plugins/python/sudo_python_module.c:
	plugins/python/pyhelpers: have a default sudo_printf function

	Adapted the default sudo_printf from sudoers plugin to be able to
	print errors before plugin open() gets called. (This is used by the
	multiple io plugin loading to display error for too much plugin
	load.)

	Since this makes us always have a sudo_log, I have removed the logic
	about whether it is available or not.
	[fdd4842b3ba2]

	* src/load_plugins.c:
	src/load_plugins.c: plugins can supply a clone function

	if they want to support getting loaded multiple times.
	[33ff0027f686]

2020-01-23  Laszlo Orban  <laszlo.orban@quest.com>

	* examples/sudo_logsrvd.conf, include/log_server.pb-c.h,
	lib/logsrv/log_server.pb-c.c, lib/logsrv/log_server.proto,
	logsrvd/logsrvd.c, logsrvd/logsrvd.h, logsrvd/logsrvd_conf.c,
	plugins/sudoers/iolog_client.c:
	logserver option to disable certificate verification on server side
	and server authentication on client side
	[9b171f3af727]

2020-01-22  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/load_plugins.c:
	Refactor code to allocate and fill struct plugin_container. This
	will help avoid duplicate code in the audit and approval plugins.
	[8ad9ba987131]

	* doc/sudo_logsrvd.conf.man.in, doc/sudo_logsrvd.conf.mdoc.in,
	doc/sudoers.man.in, doc/sudoers.mdoc.in, examples/sudo_logsrvd.conf:
	Document TCP keepalive options in the manual pages.
	[7afe9293b503]

	* doc/CONTRIBUTORS:
	Add proper diacritical to RĂ³bert's name.
	[9ca9ea59cdd4]

2020-01-22  Robert Manner  <robert.manner@balabit.com>

	* plugins/python/regress/check_python_examples.c, plugins/python/regre
	ss/testdata/check_example_io_plugin_command_log_multiple.stderr, plu
	gins/python/regress/testdata/check_example_io_plugin_command_log_mul
	tiple.stdout, plugins/python/regress/testdata/check_example_io_plugi
	n_command_log_multiple1.stored, plugins/python/regress/testdata/chec
	k_example_io_plugin_command_log_multiple2.stored,
	plugins/python/regress/testhelpers.c,
	plugins/python/regress/testhelpers.h:
	plugins/python/regress: add a testcase for multiple io plugin
	loading

	to verify 2 python plugins can work next to each other.
	[916dd4f44bcf]

2020-01-22  Laszlo Orban  <laszlo.orban@quest.com>

	* include/log_server.pb-c.h, lib/logsrv/log_server.pb-c.c,
	lib/logsrv/log_server.proto, logsrvd/logsrvd.c, logsrvd/sendlog.c,
	plugins/sudoers/iolog_client.c:
	Rename tls_checkpeer to tls_reqcert in ServerHello message
	[b69630f1f5b4]

2020-01-22  Robert Manner  <robert.manner@balabit.com>

	* plugins/python/python_baseplugin.c,
	plugins/python/python_convmessage.c:
	plugins/python: fix return value typo for the error case
	[a7088391d8fb]

2020-01-21  Todd C. Miller  <Todd.Miller@sudo.ws>

	* etc/sudo.pp, examples/Makefile.in, examples/sudo.conf.in:
	Install a default sudo.conf file.
	[e2b4613cced9]

	* aclocal.m4, autogen.sh, config.h.in, configure, configure.ac,
	include/sudo_compat.h, logsrvd/logsrvd.c, logsrvd/sendlog.c,
	plugins/sudoers/iolog_client.c:
	Add support for building on OpenSSL 1.0.2. This adds compatibility
	defines for some OpenSSL 1.1.x functions.
	[17e50378c8ee]

2020-01-21  Robert Manner  <robert.manner@balabit.com>

	* plugins/python/python_plugin_io.c,
	plugins/python/python_plugin_io_multi.inc:
	plugins/python/plugin_io: enable loading of multiple io plugins

	Separate sudo io plugin symbols are created which stores wrapper
	functions adding the context of which python plugin the callback is
	about.

	These sudo io plugin "slots" get generated with macros by the
	preprocessor.

	This makes sudo support loading multiple python IO plugins like
	this: (note the differences in the symbol names)

	Plugin python_io python_plugin.so ModulePath=...
	ClassName=SudoIOPlugin1 Plugin python_io1 python_plugin.so
	ModulePath=... ClassName=SudoIOPlugin2 Plugin python_io2
	python_plugin.so ModulePath=... ClassName=SudoIOPlugin3
	[cb45052d227a]

2020-01-21  Laszlo Orban  <laszlo.orban@quest.com>

	* plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/defaults.c,
	plugins/sudoers/iolog.c, plugins/sudoers/iolog_client.c,
	plugins/sudoers/iolog_plugin.h, plugins/sudoers/policy.c:
	sudoers: disable SO_KEEPALIVE socket option based on
	log_server_disable_keepalive flag in sudoers
	[ad48ee6fbcb7]

	* examples/sudo_logsrvd.conf, logsrvd/logsrvd.c, logsrvd/logsrvd.h,
	logsrvd/logsrvd_conf.c:
	logserver: enable/disable SO_KEEPALIVE socket option based on
	tcp_keepalive configuration option in sudo_logsrvd.conf
	[c0d919468e95]

2020-01-20  Todd C. Miller  <Todd.Miller@sudo.ws>

	* include/hostcheck.h:
	No need to export the validate_hostname() symbol. We don't export
	symbols in convenience libraries, only installed DSOs.
	[f26897793700]

	* lib/iolog/hostcheck.c:
	Fix a few pointer signedness warnings on Linux.
	[6a4f68430e69]

	* include/sudo_compat.h, lib/iolog/hostcheck.c, logsrvd/logsrvd.c,
	plugins/sudoers/iolog.c, plugins/sudoers/iolog_client.c,
	plugins/sudoers/iolog_plugin.h, src/net_ifs.c:
	Store the server host name and IP in client_closure_fill(). Also
	check for getpeername() and inet_ntop() failure.
	[22df6ff5fcaf]

	* logsrvd/logsrvd.c, logsrvd/logsrvd.h, logsrvd/sendlog.c,
	logsrvd/sendlog.h, plugins/sudoers/iolog_client.c,
	plugins/sudoers/iolog_plugin.h:
	Fix handling of SSL_ERROR_WANT_{READ,WRITE} during normal I/O. If we
	get SSL_ERROR_WANT_WRITE during SSL_read(), we need to resume the
	SSL_read(), not call SSL_write() as we were doing. Likewise for
	SSL_ERROR_WANT_READ received from SSL_write(). This introduces a
	flag so we call the proper callback even when the I/O direction
	doesn't match the read/write calls.
	[7162125ad7b7]

	* lib/util/Makefile.in:
	Add siglist.c and signame.c as dependencies for depend target. Fixes
	running "make depend" in lib/util dir when siglist.c or signame.c
	are not already present.
	[9d7aa4107136]

	* Makefile.in, doc/Makefile.in, examples/Makefile.in,
	include/Makefile.in, lib/iolog/Makefile.in, lib/logsrv/Makefile.in,
	lib/util/Makefile.in, lib/zlib/Makefile.in, logsrvd/Makefile.in,
	plugins/group_file/Makefile.in, plugins/python/Makefile.in,
	plugins/sample/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/system_group/Makefile.in, src/Makefile.in:
	Add abs_top_srcdir and abs_top_builddir and use them. Configure
	provides absolution versions of srcdir, builddir, top_srcdir and
	top_builddir. We can use these instead of calling pwd.
	[597ba26af997]

2020-01-20  Robert Manner  <robert.manner@balabit.com>

	* plugins/python/Makefile.in:
	plugins/python/Makefile.in: remove path prefix from examples to make
	install target work
	[ba31bde08e17]

2020-01-19  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/iolog/Makefile.in:
	Rebuild dependencies after hostcheck.c include changes.
	[3a4e808e5038]

2020-01-18  Todd C. Miller  <Todd.Miller@sudo.ws>

	* include/hostcheck.h, lib/iolog/hostcheck.c, logsrvd/logsrvd.c,
	plugins/sudoers/iolog_client.c:
	Add debugging statements to certificate checks.
	[81f813c8c1f1]

	* MANIFEST, lib/iolog/Makefile.in, lib/iolog/hostcheck.c,
	plugins/sudoers/iolog.c:
	Portability fixes and correct path to hostcheck.h in MANIFEST.
	Include sys/socket.h for getpeername(). Link with -lnsl on Solaris
	to get inet_pton().
	[060371a21669]

	* lib/iolog/Makefile.in, lib/logsrv/Makefile.in, lib/util/Makefile.in,
	lib/zlib/Makefile.in, logsrvd/Makefile.in,
	plugins/group_file/Makefile.in, plugins/python/Makefile.in,
	plugins/sample/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/system_group/Makefile.in, src/Makefile.in:
	Using "libtool --clean" to remove regular files is slow. We only
	need to use libtool's clean mode to remove files created by libtool.
	[510af2b052c6]

2020-01-17  Todd C. Miller  <Todd.Miller@sudo.ws>

	* .gitignore, .hgignore:
	Add examples/sudo.conf to ignore files.
	[9eb86d1b8661]

	* doc/sudo.conf.mdoc.in, examples/sudo.conf.in:
	Remove whitespace at the end of the line in example sudo.conf
	[88b0ae1f8a18]

	* doc/sudo_plugin_python.mdoc.in:
	Fix mdoc lint warnings by removing .Pp before and after .Ss.
	[e59218682d7f]

2020-01-17  Robert Manner  <robert.manner@balabit.com>

	* plugins/python/regress/check_python_examples.c,
	plugins/python/regress/iohelpers.c,
	plugins/python/regress/iohelpers.h,
	plugins/python/regress/testhelpers.c,
	plugins/python/regress/testhelpers.h:
	plugins/python/regress: add missing license texts
	[b0e4b41b2834]

2020-01-16  Todd C. Miller  <Todd.Miller@sudo.ws>

	* logsrvd/logsrvd.c:
	Fix TLS accept when SSL_accept() returns SSL_ERROR_WANT_WRITE. We
	need to switch from SUDO_EV_READ to SUDO_EV_WRITE for this case.
	[71ada9bfa056]

	* logsrvd/sendlog.c, plugins/sudoers/iolog_client.c,
	plugins/sudoers/iolog_plugin.h:
	Fix TLS connect when SSL_connect returns SSL_ERROR_WANT_READ. We
	need to switch from SUDO_EV_WRITE to SUDO_EV_READ for this case.
	Also make the tls connect events private to tls_timed_connect() with
	their own closure. There is no need to store them in the client
	closure.
	[afda37d1dd26]

	* logsrvd/iolog_writer.c:
	Store submit time in struct iolog_info. Fixes missing time stamp in
	remote I/O log info file.
	[dcd1dfa00646]

	* src/sudo_edit.c:
	Treat EROFS (like EACCES) as a non-fatal error in dir_is_writable().
	Fixes sudoedit on macOS 10.15 and above where the root file system
	is mounted read-only. See https://support.apple.com/en-us/HT210650.
	From Dan Villiom Podlaski Christiansen. Bug #913
	[cc636a1af1b6]

2020-01-15  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/util/event.c, plugins/sudoers/iolog_client.c:
	Really fix flushing of data in client_close(). Now that we call
	fmt_exit_message() from client_close() we do not need to try to
	determine whether the read or write events were pending in the old
	base.

	We can't tell anyway because the active flag in the event was
	cleared when the old sudo event base was destroyed. It is correct to
	enable both the read and write events after formatting the
	ExitMessage.
	[c59e77060c37]

	* plugins/sudoers/iolog.c, plugins/sudoers/iolog_client.c,
	plugins/sudoers/iolog_path_escapes.c:
	Use SUDOERS_DEBUG_* not SUDO_DEBUG_* in debug_decl() for the sudoers
	plugin.
	[2d0c049e689e]

	* src/sudo.c, src/sudo_plugin_int.h:
	Wrap calls to plugin event callbacks to use the plugin's debug
	instance. Otherwise, the debug output in a plugin's event callback
	will go to the sudo debug file, not sudoers.
	[02e227cfc715]

	* lib/util/regress/strsig/strsig_test.c:
	FreeBSD is missing SIGLWP (aka SIGTHR) in sys_signame[]. Don't test
	SIGLWP on FreeBSD where it is reserved for the thread library and is
	not listed in sys_signame[].
	[95cbafc79b4d]

	* configure, configure.ac:
	We want to use DT_RUNPATH in preference to DT_RPATH in ELF binaries.
	Otherwise, LD_LIBRARY_PATH does not work when running the tests. The
	GNU linker's --enable-new-dtags can be used to do this. We don't do
	this on NetBSD where RPATH already supports LD_LIBRARY_PATH.
	[2c6c9a348d81]

2020-01-15  Laszlo Orban  <laszlo.orban@quest.com>

	* plugins/sudoers/Makefile.in, plugins/sudoers/iolog_client.c:
	do server identity validation in iolog plugin
	[b1bec55bbed6]

	* logsrvd/Makefile.in, logsrvd/logsrvd.c, logsrvd/logsrvd.h:
	do client identity validation in logserver
	[e415409dfe0b]

	* MANIFEST, include/hostcheck.h, lib/iolog/Makefile.in,
	lib/iolog/hostcheck.c:
	implement host validation for the audit server SSL certificates
	[7f48e57bece2]

2020-01-14  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/sudoers_debug.c:
	Fix reference counting when both sudoers policy and I/O log are
	loaded. If both sudoers policy and I/O log plugins are loaded,
	debug_files will be empty when the I/O plugin is initialized. This
	changes the logic to always increase the reference count if the
	instance is valid.
	[18adfeb3727b]

	* src/load_plugins.c:
	Fix handling of duplicate policy and I/O plugins. The warning
	message said the later I/O plugin was ignored but it actually
	overwrote the existing one instead. The first registered plugin of
	the same name now is used, as was intended. Specifying more than one
	policy plugin is no longer a fatal error; this allows the admin to
	fix the situation.
	[dde476072346]

2020-01-14  Robert Manner  <robert.manner@balabit.com>

	* aclocal.m4, configure, configure.ac,
	plugins/python/regress/check_python_examples.c,
	plugins/python/regress/testhelpers.c,
	plugins/python/regress/testhelpers.h,
	plugins/python/sudo_python_debug.h:
	plugins/python: various portability improvements
	[d6aa5e2585ef]

	* plugins/python/example_conversation.py,
	plugins/python/example_io_plugin.py, plugins/python/regress/testdata
	/check_example_conversation_plugin_reason_log_with_suspend.stdout, p
	lugins/python/regress/testdata/check_example_io_plugin_command_log.s
	tored, plugins/python/regress/testdata/check_example_io_plugin_fails
	_with_python_backtrace.stdout:
	plugins/python/example_{io,conversation}: avoid printing signal
	number

	They are platform dependant, so their test would fail on some
	platforms. While we could create separate plugin for the tests, I
	like the idea that the examples are ensured to be working.

	I believe this is a good compromise for being able to auto update
	the test cases.
	[7b46d305e7d9]

	* plugins/python/Makefile.in,
	plugins/python/regress/check_python_examples.c:
	plugins/python/regress: load the python plugin dynamically

	instead of linking with it.
	[084c61e7d565]

2020-01-11  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/sudo_edit.c:
	For sudoedit_checkdir consider a user-owner directory to be
	writable. The non-faccessat() code already did this so this just
	brings the faccessat() path into alignment. Bug #912
	[91a1a9c0ba40]

2020-01-10  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/CONTRIBUTORS:
	Add newline before list of artwork authors.
	[1be0fe5f7d7a]

	* doc/LICENSE:
	Update copyright year.
	[f4ef4c1990af]

2020-01-10  Robert Manner  <robert.manner@balabit.com>

	* plugins/python/example_policy_plugin.py:
	plugins/python/example_policy_plugin.py: extend user env changing
	example

	Make the demonstration extend the environment with a new variable.
	Easier to read, and makes the testing able to check for that it is
	working.
	[77c09cc38298]

	* generate_test_coverage.sh:
	generate_test_coverage.sh: example script to ease test coverage
	generation

	Uses lcov and genhtml to generate test coverage. It is meant to be
	run in a clean directory. Extra configure options can be added as
	script arguments.

	Example execution:

	mkdir build cd build ../generate_test_coverage.sh --enable-python
	[a52c480639aa]

2020-01-09  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/logging.c:
	Remove MAXSYSLOGTRIES, it is no longer used.
	[dbd274fd8330]

2020-01-09  Robert Manner  <robert.manner@balabit.com>

	* plugins/python/python_plugin_common.c,
	plugins/python/python_plugin_policy.c:
	plugins/python/python_plugin_policy: fix validate() call

	When calling validate() python function, TypeError exception was
	thrown ("argument list must be a tuple"), because the call does not
	have arguments, and python does not accept empty tuple for
	execution. NULL must be used instead, which was handled as argument
	construction failure previously.
	[5ac3c2acee9b]

	* plugins/python/example_policy_plugin.py:
	plugins/python/example_policy_plugin.py: make allowed_commands
	ordered

	Storing them as "tuple" instead of "set", so they have a fix order.
	This makes the output of the list() example stable. ("set" is
	printed out in random order)
	[470ccf46a088]

	* plugins/python/example_io_plugin.py,
	plugins/python/example_policy_plugin.py,
	plugins/python/python_plugin_common.c,
	plugins/python/python_plugin_io.c,
	plugins/python/python_plugin_policy.c:
	plugins/python: fix confusing version display

	IO/Group/Policy Python API version is displayed instead of sudo
	version, because that is not very meaningful in this context.

	They are only displayed in verbose mode.

	Example plugins express it more concrete that they are displaying
	their version, not the API version.
	[af9d969231a9]

2020-01-08  Robert Manner  <robert.manner@balabit.com>

	* plugins/python/example_conversation.py:
	plugins/python/example_conversation.py: make log path configurable

	Similarly to IO plugin example. (It is easier to test it this way.)
	[6526a842ee21]

2020-01-07  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/sudo.c:
	Iterate over io_plugins list in the iolog_* wrappers. Moving the
	iteration into the wrapper functions simplifies the calling code.
	[1e803fb8fd1f]

	* src/sudo.c:
	policy_plugin is global, no need to pass it to policy_* functions.
	[676c85f87b3c]

	* configure, configure.ac:
	If --enable-openssl or --enable-gcrypt is given a path, append to
	LDFLAGS. Previously we appended the path to SUDOERS_LDFLAGS but now
	that we use OpenSSL in the log server, LDFLAGS is the correct one to
	use.
	[8b30cffe500f]

	* doc/CONTRIBUTORS:
	Add Robert Manner
	[fe8bb27dcff3]

2020-01-07  Robert Manner  <robert.manner@balabit.com>

	* plugins/python/example_io_plugin.py:
	plugins/python/example_io_plugin.py: fix backtrace during destructor

	If the plugin fails to open the file for writing, constructor will
	raise an exception and exit before creating the "_log" member
	variable. So the destructor will also raise a backtrace. (Which
	python ignores, but dumps out to stderr.)
	[09cfa2edb38c]

	* plugins/python/python_plugin_common.c:
	plugins/python/python_plugin_common: raise debug level for module
	import
	[b261d22e3c2e]

	* plugins/python/regress/testdata/check_example_conversation_plugin_re
	ason_log_with_suspend.conversation, plugins/python/regress/testdata/
	check_example_conversation_plugin_reason_log_with_suspend.stderr, pl
	ugins/python/regress/testdata/check_example_conversation_plugin_reas
	on_log_with_suspend.stdout, plugins/python/regress/testdata/check_ex
	ample_conversation_plugin_reason_log_with_suspend.stored, plugins/py
	thon/regress/testdata/check_example_conversation_plugin_reason_log_w
	ithout_suspend.conversation, plugins/python/regress/testdata/check_e
	xample_conversation_plugin_reason_log_without_suspend.stderr, plugin
	s/python/regress/testdata/check_example_conversation_plugin_reason_l
	og_without_suspend.stdout, plugins/python/regress/testdata/check_exa
	mple_conversation_plugin_reason_log_without_suspend.stored, plugins/
	python/regress/testdata/check_example_conversation_plugin_user_inter
	rupts.conv, plugins/python/regress/testdata/check_example_conversati
	on_plugin_user_interrupts.conversation, plugins/python/regress/testd
	ata/check_example_conversation_plugin_user_interrupts.stderr, plugin
	s/python/regress/testdata/check_example_conversation_plugin_user_int
	errupts.stdout, plugins/python/regress/testdata/check_example_debugg
	ing_c_calls@diag.log, plugins/python/regress/testdata/check_example_
	debugging_c_calls@info.log, plugins/python/regress/testdata/check_ex
	ample_debugging_load@diag.log, plugins/python/regress/testdata/check
	_example_debugging_plugin@err.log, plugins/python/regress/testdata/c
	heck_example_debugging_plugin@info.log, plugins/python/regress/testd
	ata/check_example_debugging_py_calls@diag.log, plugins/python/regres
	s/testdata/check_example_debugging_py_calls@info.log, plugins/python
	/regress/testdata/check_example_debugging_sudo_cb@info.log, plugins/
	python/regress/testdata/check_example_group_plugin_is_able_to_debug.
	log, plugins/python/regress/testdata/check_example_io_plugin_command
	_log.stderr, plugins/python/regress/testdata/check_example_io_plugin
	_command_log.stdout, plugins/python/regress/testdata/check_example_i
	o_plugin_command_log.stored, plugins/python/regress/testdata/check_e
	xample_io_plugin_failed_to_start_command.stderr, plugins/python/regr
	ess/testdata/check_example_io_plugin_failed_to_start_command.stdout,
	plugins/python/regress/testdata/check_example_io_plugin_failed_to_st
	art_command.stored, plugins/python/regress/testdata/check_example_io
	_plugin_fails_with_python_backtrace.stderr, plugins/python/regress/t
	estdata/check_example_io_plugin_fails_with_python_backtrace.stdout,
	p
	lugins/python/regress/testdata/check_example_io_plugin_version_displ
	ay.stderr, plugins/python/regress/testdata/check_example_io_plugin_v
	ersion_display.stdout, plugins/python/regress/testdata/check_example
	_io_plugin_version_display.stored, plugins/python/regress/testdata/c
	heck_example_policy_plugin_accepted_execution.stderr, plugins/python
	/regress/testdata/check_example_policy_plugin_accepted_execution.std
	out, plugins/python/regress/testdata/check_example_policy_plugin_den
	ied_execution.stderr, plugins/python/regress/testdata/check_example_
	policy_plugin_denied_execution.stdout, plugins/python/regress/testda
	ta/check_example_policy_plugin_failed_execution.stderr, plugins/pyth
	on/regress/testdata/check_example_policy_plugin_failed_execution.std
	out, plugins/python/regress/testdata/check_example_policy_plugin_lis
	t.stderr, plugins/python/regress/testdata/check_example_policy_plugi
	n_list.stdout, plugins/python/regress/testdata/check_example_policy_
	plugin_validate_invalidate.log, plugins/python/regress/testdata/chec
	k_example_policy_plugin_version_display.stderr, plugins/python/regre
	ss/testdata/check_example_policy_plugin_version_display.stdout, plug
	ins/python/regress/testdata/check_loading_fails_missing_classname.st
	derr, plugins/python/regress/testdata/check_loading_fails_missing_cl
	assname.stdout, plugins/python/regress/testdata/check_loading_fails_
	missing_path.stderr, plugins/python/regress/testdata/check_loading_f
	ails_missing_path.stdout, plugins/python/regress/testdata/check_load
	ing_fails_not_owned_by_root.stderr, plugins/python/regress/testdata/
	check_loading_fails_not_owned_by_root.stdout, plugins/python/regress
	/testdata/check_loading_fails_wrong_classname.stderr, plugins/python
	/regress/testdata/check_loading_fails_wrong_classname.stdout, plugin
	s/python/regress/testdata/check_loading_fails_wrong_path.stderr, plu
	gins/python/regress/testdata/check_loading_fails_wrong_path.stdout:
	plugins/python/regress/testdata: generated data for the pyplugin
	tests
	[cec6c9036644]

	* plugins/python/example_debugging.py:
	plugins/python/example_debugging: fix typo in comment
	[38de8ea0b0e9]

2020-01-06  Laszlo Orban  <laszlo.orban@quest.com>

	* plugins/sudoers/iolog.c, plugins/sudoers/iolog_client.c,
	plugins/sudoers/iolog_plugin.h:
	save a pointer to the currently connected audit server in the
	closure object
	[f1c14c43ab40]

2020-01-05  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/timestamp.c:
	Sanity check size when converting the first record to TS_LOCKEXCL
	Coverity CID 206591
	[5b94873c4051]

	* include/sudo_iolog.h, lib/iolog/iolog_fileio.c:
	Fix coverity CID 206586. Potential use after free calling
	gzstrerror() after gzclose().
	[4bcba58004c8]

	* plugins/sudoers/cvtsudoers.c:
	Use canonical pattern when freeing a tail queue. Avoids some
	coverity false positives when using TAILQ_FOREACH_SAFE to free the
	tail queue.
	[9019d7ad9958]

2020-01-03  Robert Manner  <robert.manner@balabit.com>

	* MANIFEST, plugins/python/Makefile.in,
	plugins/python/regress/check_python_examples.c,
	plugins/python/regress/iohelpers.c,
	plugins/python/regress/iohelpers.h,
	plugins/python/regress/testdata/sudo.conf.developer_mode,
	plugins/python/regress/testdata/sudo.conf.normal_mode,
	plugins/python/regress/testhelpers.c,
	plugins/python/regress/testhelpers.h:
	plugins/python/regress: adds tests for python plugin feature and
	examples
	[7ab4daed9558]

2020-01-03  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/iolog_client.c:
	Avoid potential NULL deref in tls_timed_connect() error path.
	Coverity CID 206396
	[730687307b24]

	* logsrvd/sendlog.c:
	Check for sudo_ev_add() failure; Coverity CID 206395 206397
	[7008560eac95]

2020-01-02  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in, examples/sudo.conf.in:
	Update sample sudo.conf with all supported settings. The deprecated
	"max_groups" setting is not documented.
	[e17f7bf95578]

	* doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in, examples/sudo.conf.in,
	lib/util/regress/sudo_conf/test1.in,
	lib/util/regress/sudo_parseln/test1.in:
	Remove POD-style C<> markup (typewriter font) from sudo.conf
	[b69d4743c860]

	* MANIFEST, configure, configure.ac, examples/Makefile.in,
	examples/sudo.conf, examples/sudo.conf.in:
	Substitute plugin dir into examples/sudo.conf
	[8c481a21c098]

2020-01-02  Robert Manner  <robert.manner@balabit.com>

	* plugins/sudoers/sudoers_debug.c:
	plugins/sudoers/sudoers_debug.c: fix harmless debug deregistration
	warning

	If the debug sudoers subsystem is not registered, because it does
	not get any file names to deal with (TAILQ_EMPTY(debug_files)),
	deregistration of the subsystem outputs a warning:

	 sudo: sudo_debug_deregister_v1: invalid instance ID -1, max -1

	This patch prevents that by only increasing the refcount if the
	debug_instance was registered successfully.
	[939042599498]

	* plugins/python/Makefile.in:
	plugins/python/Makefile.in: fix the install path of examples

	Examples are installed by default to "docdir", which refers to
	PACKAGE_TARNAME variable which was empty for the python plugin
	Makefile.in

	So the examples were installed to '.../share/doc/examples' instead
	of '.../share/doc/sudo/examples'. This also made them be skipped
	from the package.

	Also the install target now depends on install-doc so the examples
	gets installed also (similarly as other examples).
	[e4c07404a3fc]

	* doc/sudo_plugin_python.man.in, doc/sudo_plugin_python.mdoc.in:
	doc/sudo_plugin_python: indent code examples for easier readability
	[c91ee22bfc83]

	* doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in:
	doc/sudo.conf: document developer_mode option
	[127215dca183]

2019-12-31  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/UPGRADE:
	fix typo in previous
	[3031418fba2b]

	* Makefile.in:
	In update-pot match *.c not *c.
	[77a1139fef99]

	* NEWS, doc/UPGRADE:
	Changes in sudo 1.8.30
	[dfaac62074f4]

2019-12-26  Todd C. Miller  <Todd.Miller@sudo.ws>

	* Makefile.in:
	Add check for up to date def_data.[ch] in check-dist target.
	[ffaf150e76a5]

2019-12-25  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/limits.c:
	Use 64-bit resource limits on AIX.
	[b8b76c47c8a7]

	* src/limits.c:
	When restoring old resource limits, try to recover if we receive
	EINVAL. On NetBSD, setrlimit(2) can return EINVAL if the new soft
	limit is lower than the current resource usage. This can be a
	problem when restoring the old stack limit if sudo has raised it.
	[50bdbdbea1b7]

	* src/limits.c:
	Sudo doesn't require such a large stack.
	[f93eb9e0c105]

	* plugins/sudoers/Makefile.in:
	Restore check for readable /etc/sudoers in pre-install target. If
	there is no installed sudoers there is nothing to check...
	[99e65bc54052]

	* config.h.in, configure, configure.ac:
	Enable OpenBSD extensions on NetBSD to get reallocarray(3)
	prototype.
	[e303dca0c1cb]

	* include/sudo_event.h:
	Add forward declaration of struct timeval for deprecated APIs.
	[e41bdbbbc067]

	* lib/util/sig2str.c, lib/util/str2sig.c:
	Fix compilation on systems with SIGRTMIN/SIGRTMAX but not
	_SC_RTSIG_MAX.
	[8e40c62e00f8]

	* include/sudo_compat.h:
	Older systems may not support WCONTINUED.
	[730bede52ff0]

	* plugins/sudoers/logging.c:
	Support systems that have nl_langinfo(3) but not the CODESET define.
	Fixes compilation on old NetBSD versions.
	[03e7cff93172]

	* plugins/sudoers/starttime.c:
	Fix a typo; HAVE_KINFO_PROC2_NETBSD not HAVE_KINFO_PROC2_NETBSD2
	[0c46a062f888]

2019-12-23  Todd C. Miller  <Todd.Miller@sudo.ws>

	* MANIFEST, Makefile.in, configure, configure.ac,
	etc/init.d/aix.sh.in, etc/init.d/hpux.sh.in,
	etc/init.d/sudo.conf.in, etc/sudo.pp, init.d/aix.sh.in,
	init.d/hpux.sh.in, init.d/sudo.conf.in, src/Makefile.in, sudo.pp:
	Move init.d and sudo.pp to the etc dir.
	[81c9cbbc8ea9]

	* MANIFEST, config.h.in, configure, configure.ac,
	include/sudo_compat.h, lib/util/cfmakeraw.c:
	Add cfmakeraw() for systems without it.
	[48f48eaf2a68]

	* MANIFEST:
	Remove indent.pro from MANIFEST
	[2b6a24282b8c]

	* .gitignore, .hgignore:
	Add uncrustify.files to ignore file.
	[056b0df738a9]

	* doc/sudo_plugin_python.man.in, doc/sudo_plugin_python.mdoc.in:
	Substitute @prefix@ in for the example paths. We can't use
	@exampledir@ here since it contains Makefile variables.
	[1744e2bcc813]

2019-12-22  Todd C. Miller  <Todd.Miller@sudo.ws>

	* include/sudo_debug.h, lib/iolog/iolog_fileio.c,
	lib/iolog/iolog_path.c, lib/iolog/iolog_util.c, lib/util/aix.c,
	lib/util/digest.c, lib/util/digest_gcrypt.c,
	lib/util/digest_openssl.c, lib/util/event.c, lib/util/event_poll.c,
	lib/util/event_select.c, lib/util/gettime.c,
	lib/util/getusershell.c, lib/util/gidlist.c, lib/util/host_port.c,
	lib/util/key_val.c, lib/util/lbuf.c, lib/util/locking.c,
	lib/util/logfac.c, lib/util/logpri.c, lib/util/mkdir_parents.c,
	lib/util/parseln.c, lib/util/secure_path.c, lib/util/setgroups.c,
	lib/util/strsplit.c, lib/util/strtobool.c, lib/util/strtoid.c,
	lib/util/strtomode.c, lib/util/sudo_conf.c, lib/util/term.c,
	lib/util/ttyname_dev.c, lib/util/ttysize.c, logsrvd/eventlog.c,
	logsrvd/iolog_writer.c, logsrvd/logsrv_util.c, logsrvd/logsrvd.c,
	logsrvd/logsrvd_conf.c, logsrvd/sendlog.c,
	plugins/python/python_plugin_common.c,
	plugins/python/sudo_python_debug.c, plugins/sudoers/alias.c,
	plugins/sudoers/audit.c, plugins/sudoers/auth/afs.c,
	plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/bsdauth.c,
	plugins/sudoers/auth/dce.c, plugins/sudoers/auth/fwtk.c,
	plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/rfc1938.c,
	plugins/sudoers/auth/secureware.c, plugins/sudoers/auth/securid5.c,
	plugins/sudoers/auth/sia.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/base64.c, plugins/sudoers/boottime.c,
	plugins/sudoers/bsm_audit.c, plugins/sudoers/check.c,
	plugins/sudoers/cvtsudoers.c, plugins/sudoers/cvtsudoers_json.c,
	plugins/sudoers/cvtsudoers_ldif.c,
	plugins/sudoers/cvtsudoers_pwutil.c, plugins/sudoers/defaults.c,
	plugins/sudoers/digestname.c, plugins/sudoers/editor.c,
	plugins/sudoers/env.c, plugins/sudoers/env_pattern.c,
	plugins/sudoers/file.c, plugins/sudoers/filedigest.c,
	plugins/sudoers/find_path.c, plugins/sudoers/fmtsudoers.c,
	plugins/sudoers/gc.c, plugins/sudoers/gentime.c,
	plugins/sudoers/getspwuid.c, plugins/sudoers/goodpath.c,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/group_plugin.c, plugins/sudoers/hexchar.c,
	plugins/sudoers/interfaces.c, plugins/sudoers/iolog.c,
	plugins/sudoers/iolog_client.c,
	plugins/sudoers/iolog_path_escapes.c, plugins/sudoers/ldap.c,
	plugins/sudoers/ldap_conf.c, plugins/sudoers/ldap_util.c,
	plugins/sudoers/linux_audit.c, plugins/sudoers/locale.c,
	plugins/sudoers/logging.c, plugins/sudoers/logwrap.c,
	plugins/sudoers/match.c, plugins/sudoers/match_addr.c,
	plugins/sudoers/match_command.c, plugins/sudoers/match_digest.c,
	plugins/sudoers/parse.c, plugins/sudoers/parse_ldif.c,
	plugins/sudoers/policy.c, plugins/sudoers/prompt.c,
	plugins/sudoers/pwutil.c, plugins/sudoers/pwutil_impl.c,
	plugins/sudoers/rcstr.c, plugins/sudoers/redblack.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sssd.c,
	plugins/sudoers/starttime.c, plugins/sudoers/strlist.c,
	plugins/sudoers/stubs.c, plugins/sudoers/sudo_nss.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers_debug.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/timeout.c, plugins/sudoers/timestamp.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/toke_util.c, plugins/sudoers/tsdump.c,
	plugins/sudoers/visudo.c, src/exec.c, src/exec_common.c,
	src/exec_nopty.c, src/exec_pty.c, src/get_pty.c, src/hooks.c,
	src/limits.c, src/load_plugins.c, src/net_ifs.c, src/parse_args.c,
	src/preserve_fds.c, src/selinux.c, src/sesh.c, src/signal.c,
	src/solaris.c, src/sudo.c, src/sudo_edit.c, src/tgetpass.c,
	src/ttyname.c, src/utmp.c:
	debug_decl and debug_decl_vars now require a semicolon at the end.
	[c05890653007]

2019-12-21  Todd C. Miller  <Todd.Miller@sudo.ws>

	* MANIFEST, doc/Makefile.in, doc/sudo_plugin_python.man.in,
	doc/sudo_plugin_python.mdoc.in:
	Add sudo_plugin_python manual page. Based on markdown docs from
	Robert Manner.
	[65f2af21832d]

2019-12-18  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/sudoers.c, src/limits.c:
	Output the name of the limit when warning about setrlimit or
	getrlimit. From Kimmo Suominen.
	[92ed66b5cc1f]

2019-12-14  Todd C. Miller  <Todd.Miller@sudo.ws>

	* aclocal.m4, config.h.in, configure:
	regen
	[81961af46679]

	* MANIFEST:
	Add python module files to MANIFEST
	[f223a19117bb]

	* doc/sudo_plugin.man.in, doc/sudo_plugin.mdoc.in:
	Update SUDO_CONV_REPL_MAX in docs.
	[120970879b36]

	* Makefile.in:
	Remove uncrustify.files in clean target
	[ba843b8f2e80]

2019-12-13  Todd C. Miller  <Todd.Miller@sudo.ws>

	* Makefile.in, etc/uncrustify-small.cfg, etc/uncrustify.cfg,
	indent.pro:
	Add uncrustify config file for new sudo code style.
	[7c3b3f733134]

	* include/sudo_plugin.h:
	Bump SUDO_CONV_REPL_MAX from 255 to 1023
	[9127fb27eb55]

	* lib/util/digest_gcrypt.c, plugins/sudoers/auth/passwd.c,
	plugins/sudoers/auth/secureware.c:
	Minor style cleanups. Remove extraneous break after return
	statement. Convert two old K&R function declarations.
	[19f8b7a3d2d1]

2019-12-11  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/selinux.c:
	Save/restore the raw form of the file context in case mctrans is not
	available.
	[786a04ba33ab]

2019-12-10  Robert Manner  <robert.manner@balabit.com>

	* plugins/python/python_plugin_common.c:
	plugins/python: make group plugin able to debug

	It does not get the debug settings, so it looks them up through
	sudo_conf.
	[fe4dbf8345b6]

	* include/sudo_conf.h, lib/util/regress/sudo_conf/conf_test.c,
	lib/util/regress/sudo_conf/test1.in,
	lib/util/regress/sudo_conf/test1.out.ok,
	lib/util/regress/sudo_conf/test2.out.ok,
	lib/util/regress/sudo_conf/test3.out.ok,
	lib/util/regress/sudo_conf/test4.out.ok,
	lib/util/regress/sudo_conf/test5.out.ok,
	lib/util/regress/sudo_conf/test6.out.ok,
	lib/util/regress/sudo_conf/test7.out.ok,
	lib/util/regress/sudo_conf/test8.err.ok,
	lib/util/regress/sudo_conf/test8.in,
	lib/util/regress/sudo_conf/test8.out.ok, lib/util/sudo_conf.c,
	lib/util/util.exp.in, plugins/sudoers/group_plugin.c,
	src/load_plugins.c:
	src/load_plugins, plugins/sudoers: added developer_mode sudo.conf
	option

	It can be used to disable the enforcement that a plugin (shared
	object or an imported python module) must be owned by root and not
	modifiable by others. This can make plugin development easier.
	[a9f86943d30c]

2019-12-09  Todd C. Miller  <Todd.Miller@sudo.ws>

	* MANIFEST, config.h.in, configure, configure.ac, doc/sudoers.man.in,
	doc/sudoers.mdoc.in, include/sudo_compat.h, lib/util/Makefile.in,
	lib/util/getusershell.c, mkdep.pl, plugins/sudoers/check.c,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	Add runas_check_shell flag to require a runas user to have a valid
	shell. Not enabled by default.
	[9e7936e0ccfe]

	* doc/sudoers.man.in, doc/sudoers.mdoc.in, plugins/sudoers/def_data.c,
	plugins/sudoers/def_data.h, plugins/sudoers/def_data.in,
	plugins/sudoers/defaults.c, plugins/sudoers/sudoers.c:
	Add a new flag "allow_unknown_runas_id" to control matching of
	unknown IDs. Previous, sudo would always allow unknown user or group
	IDs if the sudoers entry permitted it. This included the "ALL"
	alias. With this change, the admin must explicitly enable support
	for unknown IDs.
	[ebdbb5c7f60b]

2019-12-07  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/util/term.c:
	Use cfmakeraw() in sudo_term_raw() instead of doing it manually.
	[b8ff5f81399f]

	* plugins/sudoers/iolog.c, plugins/sudoers/iolog_client.c,
	plugins/sudoers/iolog_plugin.h:
	Fix event loop called via I/O log close function. We need to set
	events that were pending in the old base in the new one. Fixes
	sending the final I/O log data and the ExitMessage to the server.
	[dcba4ce2196c]

	* doc/sudo_plugin.man.in, doc/sudo_plugin.mdoc.in,
	include/sudo_plugin.h, src/sudo.c:
	Replace timeleft with pending in sudo plugin event API.
	[5f49af23af38]

	* plugins/sudoers/sudoreplay.c:
	Use sudo_ev_pending() instead of the deprecated sudo_ev_timeleft().
	[c6cce5275f1e]

	* include/sudo_event.h, lib/util/event.c, lib/util/util.exp.in:
	Add sudo_ev_pending(), used to check whether an event is pending.
	[edcea66bda32]

	* plugins/sudoers/Makefile.in:
	Add TLS libs when linking check_iolog_plugin
	[d84a5f5c6bc1]

2019-12-06  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/iolog_client.c:
	Remove extraneous newlines in some sudo_warnx() calls.
	[d3dbf0f93372]

	* doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document log_server_cabundle, log_server_peer_cert and
	log_server_peer_key
	[edea4d048221]

	* Merge pull request #16 from laczau/master

	Proper handling of certificate chain file
	[44939e511321]

2019-12-06  Laszlo Orban  <laszlo.orban@quest.com>

	* logsrvd/logsrvd.c:
	cert files can contain the full chain of trust, so load all certs in
	every case for verification
	[ca26bb970ef5]

2019-12-05  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudo_plugin.man.in, doc/sudo_plugin.mdoc.in:
	Sync init_session() prototype with sudo_plugin.h and fix a typo.
	[1501cdfa8e76]

2019-12-05  Robert Manner  <robert.manner@balabit.com>

	* plugins/python/example_conversation.py,
	plugins/python/example_debugging.py:
	plugins/python: example plugin demonstrating conversation and debug
	API
	[e487d2240607]

	* include/sudo_debug.h, lib/util/sudo_debug.c, lib/util/util.exp.in:
	lib/util/sudo_debug.c: add a function for querying if debugging is
	needed

	for a level. Rationale: this way we can avoid computing details for
	the log which will not happen at all if the computation is slow.
	[d636c26d192d]

2019-12-04  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/check.c:
	Only update the time stamp entry after the approval function has
	succeeded. Bug #910
	[9b2022e6f11d]

2019-12-04  Robert Manner  <robert.manner@balabit.com>

	* plugins/python/sudo_python_debug.c,
	plugins/python/sudo_python_debug.h:
	plugins/python: add sudo debug helpers
	[1d48021e86ad]

2019-12-04  Todd C. Miller  <Todd.Miller@sudo.ws>

	* Merge pull request #14 from sudo-project/tls-config-default-values

	Audit Server - add default values for cert paths
	[f30a48f8b5d5]

2019-12-04  Laszlo Orban  <laszlo.orban@quest.com>

	* logsrvd/logsrvd.c, logsrvd/logsrvd_conf.c:
	add default values for cert paths
	[a76ca8a3ca9f]

2019-12-03  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/util/sudo_debug.c:
	Add reference counting to debug register/deregister. Fixes a
	potential problem when an instance is re-registered.
	[270e739fd0b3]

	* plugins/sudoers/sudoers_debug.c:
	Only deregister the sudoers debug instance on last close. Reference
	count calls to sudoers_debug_register and only deregister
	sudoers_debug_instance when refcnt reaches 0. Fixes a problem where
	the debug system was deregistered when the sudoers policy is closed
	even though the iolog plugin is active.
	[2b73f3e9fc32]

2019-12-02  Robert Manner  <robert.manner@balabit.com>

	* plugins/python/python_importblocker.c:
	plugins/python: add ImportBlocker which forbids loading unsafe
	python modules

	If non root can alter any imported python modules, he is able to run
	anything he would like to as root user. This class is a helper to
	avoid such situation.

	This feature can be disabled with 'DeveloperMode=1' plugin option.
	[26be6228724f]

2019-11-28  Laszlo Orban  <laszlo.orban@quest.com>

	* plugins/sudoers/iolog_client.c, plugins/sudoers/iolog_plugin.h:
	implement tls layer in iolog plugin
	[c25837909952]

	* plugins/sudoers/iolog.c, plugins/sudoers/policy.c:
	process tls config options
	[510fdfd39d71]

	* plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in:
	add audit server tls related configuration options to sudoers
	[f4135025ff1d]

	* plugins/sudoers/Makefile.in:
	optionally link sudoers with openssl libs
	[750f87200eab]

2019-11-27  Laszlo Orban  <43516882+laczau@users.noreply.github.com>

	* logsrvd/logsrvd.c:
	Merge pull request #11 from sudo-project/audit-server-tls-async

	Sudo audit Server - TLS protocol update
	[923f6d914ec5]

2019-11-26  Laszlo Orban  <laszlo.orban@quest.com>

	* logsrvd/logsrvd.c:
	disable timeout for the reader after ServerHello message
	[e579450aafa1]

2019-11-25  Todd C. Miller  <Todd.Miller@sudo.ws>

	* logsrvd/logsrvd.c:
	Exit if the first call to logsrvd_conf_read() fails. It is not fatal
	if subsequent calls fail (due to SIGHUP) since we keep a copy of the
	old config before installing the new one.
	[c20866ea9d03]

	* Makefile.in, plugins/sudoers/Makefile.in:
	Add some missing files to "make clean" and "make distclean"
	[d1b559e9e1ab]

	* .gitignore, .hgignore:
	Update .hgignore and convert to .gitignore
	[c8b92b55e74a]

2019-11-22  Laszlo Orban  <laszlo.orban@quest.com>

	* logsrvd/logsrvd.c, logsrvd/logsrvd.h, logsrvd/logsrvd_conf.c:
	use event timeout instead of socket timeout
	[5c72d1d18aec]

	* logsrvd/sendlog.c, logsrvd/sendlog.h:
	adapt sudo sendlog (async communication, unencrypted ServerHello
	message)
	[0269d852f6c6]

	* logsrvd/logsrvd.c, logsrvd/logsrvd.h:
	ServerHello message is now unencrypted, TLS communication has been
	refactored to full async
	[d138cbe2253e]

	* include/log_server.pb-c.h, lib/logsrv/log_server.pb-c.c,
	lib/logsrv/log_server.proto, logsrvd/logsrvd.c:
	extend ServerHello message with two fields (tls, tls_checkpeer)
	[6d7965d29cd4]

2019-11-21  Robert Manner  <robert.manner@balabit.com>

	* Makefile.in:
	Makefile.in: fix calling log2cl when doing out of source build

	If doing build out of source and not calling configure by absolute
	path, $(top_srcdir) variable will contain a path relative to the
	directory we stand in. So, after changing the current directory "cd
	$(srcdir)", this path will point to somewhere else making the
	install step fail.
	[58a22fce613f]

	* plugins/python/python_baseplugin.c,
	plugins/python/python_convmessage.c,
	plugins/python/sudo_python_module.c,
	plugins/python/sudo_python_module.h:
	plugins/python: add a sudo python module
	[c512c48170ae]

2019-11-20  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudo_plugin.man.in, doc/sudo_plugin.mdoc.in,
	plugins/sudoers/policy.c, src/sudo.c:
	For plugin API 1.15 and up, always call the plugin close function.
	Previously, it was only called when a command was run (including
	sudoedit). Now, plugin operations list, validate, invalidate, and
	show_version are also closed.
	[6cdcb5624908]

2019-11-19  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/iolog_client.c:
	Avoid NULL deref on an error path if calloc() fails. Coverity CID
	205873
	[bad732813149]

	* src/conversation.c:
	Fix potential fd leak when converting trailing newline to cr + nl.
	Coverity CID 205872
	[4597abb8ee1f]

	* doc/sudo_logsrvd.conf.man.in, doc/sudo_logsrvd.conf.mdoc.in,
	doc/sudo_logsrvd.man.in, doc/sudo_logsrvd.mdoc.in,
	examples/sudo_logsrvd.conf:
	Document the process of creating self-signed certificates for
	sudo_logsrvd. Based on a document from Laszlo Orban.
	[0be730e58f17]

	* plugins/group_file/plugin_test.c:
	Sync with argument handling in group_plugin.c
	[937475aa2c3f]

	* plugins/sudoers/group_plugin.c:
	If a group plugin has optional arguments, NULL terminate the vector.
	Otherwise, the plugin cannot determine the end of arguments. The
	behavior now matches the plugin documentation.
	[51e02f75a447]

2019-11-19  Robert Manner  <robert.manner@balabit.com>

	* plugins/python/example_group_plugin.py:
	plugins/python: add example python group plugin
	[9f9d7cc2d5db]

	* plugins/python/example_policy_plugin.py:
	plugins/python: add example python policy plugin
	[6cc0d47edae0]

	* plugins/python/example_io_plugin.py:
	plugins/python: add example io python plugin
	[d22532c34748]

2019-11-18  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudo_plugin.man.in, doc/sudo_plugin.mdoc.in, src/sudo.c:
	If there is no session or terminal group ID, pass the plugin a value
	of 0. This behavior already matches what is documented in the
	sudo_plugin manual for "sid" but the "tcpgid" entry needed to be
	updated.
	[2d720153c4cf]

	* plugins/sudoers/sudoers.c:
	Don't touch the local iolog sequence file if we are logging remotely
	[3c5dc60a9d11]

	* plugins/sudoers/iolog_client.c:
	Plug a memory leak found by leak sanitizer
	[13aac57d0506]

	* plugins/sudoers/iolog.c, plugins/sudoers/iolog_client.c,
	plugins/sudoers/iolog_plugin.h:
	Make a shallow copy of user_env in I/O plugin in case it is
	reallocated. The policy plugin's session init function may
	reallocate the user environment pointer. Fixes a use after free when
	PAM is used.
	[3eb35dac2743]

	* doc/sudoers.man.in, doc/sudoers.mdoc.in, plugins/sudoers/def_data.c,
	plugins/sudoers/def_data.h, plugins/sudoers/def_data.in,
	plugins/sudoers/policy.c:
	Rename "log_server" in sudoers to "log_servers" to match I/O plugin.
	[1dbe79c18760]

2019-11-17  Todd C. Miller  <Todd.Miller@sudo.ws>

	* logsrvd/logsrvd.c:
	Check closure->ssl for non-NULL instead of
	logsrvd_conf_get_tls_opt(). It's a little more obvious this way and
	ssl is only non-NULL when the tls option is enabled anyway.
	[3436430c064b]

	* logsrvd/logsrvd.c:
	Init iolog_dir_fd and sock in connection_closure before adding to
	list. Otherwise we could close the wrong fds in the error path.
	[1643211f8b46]

	* doc/CONTRIBUTORS:
	Add Laszlo Orban
	[2836214cd4b8]

2019-11-16  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudo_logsrvd.conf.man.in:
	regen
	[4a44bfc42b4b]

	* doc/sudo_logsrvd.conf.mdoc.in, examples/sudo_logsrvd.conf:
	Change TLS example file locations to be under /etc/ssl/sudo.
	[f4c302a3bcb9]

	* doc/sudo_logsrvd.conf.mdoc.in, examples/sudo_logsrvd.conf:
	Document sudo_logsrvd TLS configuration.
	[97260e6acfaf]

2019-11-15  Todd C. Miller  <Todd.Miller@sudo.ws>

	* include/sudo_event.h:
	Include time.h for struct timespec.
	[8bd80773d0fa]

	* lib/util/util.exp.in:
	Add sudo_ev_set_v1 to the exports file.
	[fd6b66378e5d]

	* doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document the log_server and log_server_timeout options
	[7d7429b73d25]

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/def_data.c,
	plugins/sudoers/def_data.h, plugins/sudoers/def_data.in,
	plugins/sudoers/defaults.c, plugins/sudoers/iolog.c,
	plugins/sudoers/iolog_client.c, plugins/sudoers/iolog_plugin.h,
	plugins/sudoers/policy.c, src/exec_nopty.c, src/exec_pty.c,
	src/sudo.c:
	Add support for logging to the log server
	[158a8e80faab]

	* doc/sudo_plugin.man.in, doc/sudo_plugin.mdoc.in,
	include/sudo_event.h, include/sudo_plugin.h, lib/util/event.c,
	plugins/sudoers/iolog.c, plugins/sudoers/policy.c, src/Makefile.in,
	src/exec.c, src/exec_monitor.c, src/exec_nopty.c, src/exec_pty.c,
	src/load_plugins.c, src/preload.c, src/sudo.c, src/sudo.h,
	src/sudo_plugin_int.h:
	Add a plugin interface to sudo main event loop.
	[123662f454da]

	* MANIFEST, Makefile.in, configure, configure.ac,
	include/log_server.pb-c.h, include/protobuf-c/protobuf-c.h,
	lib/logsrv/Makefile.in, lib/logsrv/log_server.pb-c.c,
	lib/logsrv/log_server.proto, lib/logsrv/protobuf-c.c,
	logsrvd/Makefile.in, logsrvd/log_server.pb-c.c,
	logsrvd/log_server.pb-c.h, logsrvd/log_server.proto,
	logsrvd/protobuf-c/protobuf-c.c, logsrvd/protobuf-c/protobuf-c.h:
	Move protobuf-c.c, log_server.proto, log_server.pb-c.[ch] to
	lib/logsrv
	[6772a775471f]

	* lib/util/event.c:
	When freeing an event base, reset ev->base to NULL for associated
	events.
	[7199d3967059]

	* logsrvd/logsrvd_conf.c:
	Move cb_timeout() out from under the HAVE_OPENSSL ifdef.
	[c7fc294ce21a]

	* INSTALL, config.h.in, configure, configure.ac, logsrvd/Makefile.in,
	logsrvd/logsrvd.c:
	LibreSSL and older OpenSSL don't support SSL_CTX_set_ciphersuites().
	Add a configure test and skip TLS 1.3 setup if it is missing. We
	still accept the tls_ciphers13 config setting but it will be
	ignored.
	[06d478442971]

	* logsrvd/logsrvd.c, logsrvd/sendlog.c:
	Minor style nits that I missed during review.
	[7209ccc5a3cf]

	* logsrvd/sendlog.c:
	Avoid calling SSL_CTX_free() on an uninitialized pointer in an error
	path.
	[2df423e30773]

	* Merge pull request #9 from sudo-project/audit-server-tls-support

	Audit server tls support
	[0aded6c1deec]

2019-11-13  Laszlo Orban  <laszlo.orban@quest.com>

	* logsrvd/Makefile.in, logsrvd/sendlog.c:
	update sudo_sendlog to support openssl tls
	[ab4be8367862]

2019-11-12  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/limits.c:
	Simplify resource limit fallback logic a bit.
	[cdab60b50079]

2019-11-11  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/CONTRIBUTORS:
	Add sudo logo designers
	[94c841c8bc28]

	* src/limits.c:
	Don't set the RLIMIT_STACK soft/hard limits to unlimited. Use 8Mb
	for soft and 64Mb for hard. Works around issues on macOS and docker.
	See also Bug #908
	[1d7f52c32360]

	* src/tgetpass.c:
	Restore resource limits before executing the askpass program. Linux
	with docker seems to have issues executing a program when the stack
	size is unlimited. Bug #908
	[28cb58a5ac94]

	* src/conversation.c:
	Check for replies pointer being NULL just in case.
	[7c0c4c6b001e]

2019-11-11  Laszlo Orban  <laszlo.orban@quest.com>

	* examples/sudo_logsrvd.conf, logsrvd/logsrvd.c, logsrvd/logsrvd.h,
	logsrvd/logsrvd_conf.c:
	set timeout value for the socket
	[e884292ab6c9]

2019-11-09  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/conversation.c:
	Convert trailing newline to carriage return + newline for tty. Does
	not currently handle embedded newlines.
	[ad195e045150]

2019-11-08  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/util/fatal.c:
	Only write a carriage return if output is to a tty.
	[f605335649ea]

	* lib/util/fatal.c:
	Include a carriage return when printing warning messages. Otherwise,
	if the command is running in a pty the output is stair-stepped.
	[f23d4f0ed902]

2019-11-08  Laszlo Orban  <laszlo.orban@quest.com>

	* configure, logsrvd/Makefile.in, logsrvd/logsrvd.c,
	logsrvd/logsrvd.h, logsrvd/logsrvd_conf.c:
	make audit server openssl dependency optional; tls layer is compiled
	only if sudo is built with --enable-openssl feature switch
	[c360a34c89c0]

2019-11-07  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/util/util.exp.in:
	Add sudo_parse_host_port_v1 and sudo_pow2_roundup_v1 to exports
	file.
	[e8b529115871]

2019-11-07  Laszlo Orban  <laszlo.orban@quest.com>

	* logsrvd/logsrvd.c:
	fixed segfault when connection_closure_free() tries to remove a non-
	existent connection object from the list
	[4d6dd38d59f6]

2019-11-06  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/util/closefrom.c:
	Fix typo in closefrom emulation.
	[b23a6c512d4a]

	* plugins/sudoers/env.c:
	Do not warn about a missing /etc/environment file on Linux without
	PAM. Bug #907
	[f85ff5ee2caf]

2019-11-05  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/cvtsudoers.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/parse.h,
	plugins/sudoers/regress/parser/check_fill.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/testsudoers.c, plugins/sudoers/toke_util.c,
	plugins/sudoers/visudo.c:
	Transparently handle the "sudo sudoedit" problem. Some admin are
	confused about how to give users sudoedit permission and many users
	try to run sudoedit via sudo instead of directly. If the user runs
	"sudo sudoedit" sudo will now treat it as plain "sudoedit" after
	issuing a warning. If the admin has specified a fully-qualified path
	for sudoedit in sudoers, sudo will treat it as just "sudoedit" and
	match accordingly. In visudo (but not sudo), a fully-qualified path
	for sudoedit is now treated as an error.
	[5cdcfd9a6c33]

	* logsrvd/iolog_writer.c, logsrvd/sendlog.c:
	Rename cwd -> submitcwd to match man page.
	[bc9ea396055a]

2019-11-05  Laszlo Orban  <laszlo.orban@quest.com>

	* logsrvd/logsrvd.c:
	verify server/client certs with CA certificate chain file
	[a177af7d7bbf]

2019-11-05  Todd C. Miller  <Todd.Miller@sudo.ws>

	* MANIFEST, lib/util/Makefile.in, lib/util/host_port.c,
	lib/util/regress/host_port/host_port_test.c:
	Add unit test for parse_host_port and make an empty port an error.
	[b6b895cdc010]

2019-11-04  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/util/host_port.c:
	Fill in host and port pointers on success.
	[794368ebd367]

2019-11-04  Laszlo Orban  <laszlo.orban@quest.com>

	* logsrvd/logsrvd.c:
	fix copy-paste mistake
	[2fe897c77485]

2019-11-02  Todd C. Miller  <Todd.Miller@sudo.ws>

	* MANIFEST, include/sudo_util.h, lib/util/Makefile.in,
	lib/util/host_port.c, logsrvd/logsrvd_conf.c:
	Split out code to parse host:port into a utility function.
	[d8331e72394d]

	* MANIFEST, include/sudo_util.h, lib/util/Makefile.in,
	lib/util/roundup.c, logsrvd/logsrv_util.c, logsrvd/logsrv_util.h,
	logsrvd/logsrvd.c, logsrvd/sendlog.c:
	Move bufsize_roundup() -> sudo_pow2_roundup() in libsudo_util.
	[791f5c353ef1]

	* lib/iolog/Makefile.in, logsrvd/Makefile.in:
	Add missing depend target
	[75107bcfff3d]

	* lib/iolog/Makefile.in, lib/util/Makefile.in, logsrvd/Makefile.in,
	plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in,
	src/Makefile.in:
	We haven't needed -I$(top_srcdir) for a long time.
	[6974ea4a6c8c]

	* lib/util/closefrom.c:
	In closefrom_fallback() use the interval [OPEN_MAX, INT_MAX]. We
	want to try closing at least OPEN_MAX fds but no more than INT_MAX.
	On 64-bit systems it is possible for sysconf(_SC_OPEN_MAX) to return
	a value larger than INT_MAX when the number of open files is
	unlimited.
	[08d6fea1c894]

	* plugins/sudoers/logging.c, src/exec_monitor.c, src/selinux.c,
	src/tgetpass.c:
	Use dup3() instead of dup2(). This is less error prone since dup3()
	returns an error if old == new. Sudo guarantees that fds 0-2 are
	already open.
	[a9ffaa8a8a55]

	* MANIFEST, config.h.in, configure, configure.ac,
	include/sudo_compat.h, lib/util/Makefile.in, lib/util/dup3.c,
	mkdep.pl:
	Add dup3() emulation.
	[7bd8864dee7e]

	* plugins/sudoers/logging.c, src/exec_monitor.c, src/exec_pty.c,
	src/tgetpass.c:
	Open all pipes using pipe2() with O_CLOEXEC. We no longer depend on
	calling closefrom() before exec.
	[176ae5cf1d94]

	* src/exec.c, src/tgetpass.c:
	Call closefrom() before we change to a non-root UID. This prevents
	another process from changing the NOFILE resource limit of the child
	process and defeating the closefrom() call. Reported by Joe Vennix
	from Apple Information Security.
	[f93d52b24976]

	* MANIFEST, logsrvd/Makefile.in:
	Regenerate Makefile and sort MANIFEST
	[24664d6c9d47]

2019-11-01  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudo.man.in, doc/sudo.mdoc.in:
	Reference timestamp_type and timestamp_timeout in sudoers. This
	should help users find details on how time stamp files work.
	[d5aa7c0b404c]

2019-10-31  Laszlo Orban  <laszlo.orban@quest.com>

	* logsrvd/logsrvd.c:
	process tls config params in the audit server and establish TLS
	connection accordingly
	[33ce32c140af]

2019-10-29  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/limits.c:
	macOS does not allow rlim_cur to be set to RLIM_INFINITY for
	RLIMIT_NOFILE. We need to use OPEN_MAX instead as per the macOS
	setrlimit manual. Bug #904
	[2a00e62eaeb0]

2019-10-28  Todd C. Miller  <Todd.Miller@sudo.ws>

	* Makefile.in:
	Fix ChangeLog generation on a branch.
	[69409e5b1179]

2019-10-27  Todd C. Miller  <Todd.Miller@sudo.ws>

	* logsrvd/sendlog.c:
	Remove unused copy of iolog_seekto().
	[1d730d414cd9]

2019-10-25  Laszlo Orban  <laszlo.orban@quest.com>

	* examples/sudo_logsrvd.conf, logsrvd/logsrvd.h,
	logsrvd/logsrvd_conf.c:
	add configuration options for TLS
	[291a9986d6e9]

2019-10-24  Todd C. Miller  <Todd.Miller@sudo.ws>

	* MANIFEST, doc/Makefile.in, doc/sudo_logsrv.proto.man.in,
	doc/sudo_logsrv.proto.mdoc.in, doc/sudo_logsrvd.conf.man.in,
	doc/sudo_logsrvd.conf.mdoc.in, examples/sudo_logsrvd.conf,
	logsrvd/iolog_writer.c:
	Document the sudo log server protocol
	[46de0934987c]

	* include/sudo_iolog.h, lib/iolog/iolog_fileio.c,
	logsrvd/logsrvd_conf.c, plugins/sudoers/iolog.c:
	Read logsrvd.conf in two steps: first read, then apply if OK. This
	fixes a problem where when logsrvd.conf was reloaded while running
	(due to SIGHUP) and there was an error we could end up with a
	partial config.
	[d3244c318c5b]

	* include/sudo_iolog.h, lib/iolog/iolog_util.c,
	lib/iolog/regress/iolog_util/check_iolog_util.c,
	logsrvd/iolog_writer.c, logsrvd/logsrv_util.c, logsrvd/sendlog.c,
	plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c,
	plugins/sudoers/sudoreplay.c:
	Add iolog_ prefix to exported functions in iolog_util.c
	[62027c8e1abd]

	* include/sudo_iolog.h, lib/iolog/iolog_fileio.c,
	logsrvd/logsrvd_conf.c, plugins/sudoers/iolog.c,
	plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c:
	Simplify iolog_set_user and iolog_set_group
	[e82c5078b02c]

	* MANIFEST, config.h.in, configure, configure.ac,
	include/sudo_compat.h, lib/util/Makefile.in, lib/util/fchmodat.c,
	lib/util/fstatat.c, mkdep.pl:
	Add fchmodat() and fstatat() emulation. Note that fchmodat()
	emulation does not support AT_SYMLINK_NOFOLLOW
	[8232c22e71c7]

	* doc/sudo_logsrvd.man.in, doc/sudo_logsrvd.mdoc.in,
	logsrvd/iolog_writer.c, logsrvd/logsrvd.c, logsrvd/logsrvd.h,
	logsrvd/logsrvd_conf.c:
	Clear the write bit on the timing file for completed logs. This
	allows us to tell whether or not a log can be restarted.
	[b2180b6ef53b]

	* logsrvd/logsrvd.c:
	Redirect std{in,out,err} to /dev/null even when given the -n option.
	[376186a8d9cc]

	* include/sudo_iolog.h, lib/iolog/iolog_fileio.c,
	lib/iolog/iolog_path.c,
	lib/iolog/regress/iolog_path/check_iolog_path.c,
	lib/iolog/regress/iolog_path/data, logsrvd/iolog_writer.c,
	plugins/sudoers/iolog.c, plugins/sudoers/iolog_path_escapes.c,
	plugins/sudoers/sudoers.c:
	Simplify expand_iolog_path()
	[4f0f85f659d1]

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen
	[e268d56da49c]

	* examples/sudo_logsrvd.conf, include/sudo_iolog.h,
	lib/iolog/iolog_fileio.c, logsrvd/Makefile.in, logsrvd/logsrvd.c,
	logsrvd/logsrvd.h, logsrvd/logsrvd_conf.c:
	Make the logsrvd port and list address configurable.
	[69d73358888d]

	* Makefile.in, logsrvd/Makefile.in, logsrvd/iolog_writer.c,
	logsrvd/logsrvd.c, logsrvd/logsrvd_conf.c, logsrvd/sendlog.c:
	Mark logsrvd and sendlog strings for translation in the sudoers
	domain
	[24b1fd6250fb]

	* logsrvd/Makefile.in, logsrvd/logsrvd.c, logsrvd/sendlog.c:
	Add long option support to logsrvd and sendlog.
	[ecb2fae83abb]

	* logsrvd/iolog_writer.c, logsrvd/logsrvd.c, logsrvd/logsrvd.h:
	Return an error to the client on error instead of dropping the
	connection.
	[2e40ca902100]

	* examples/sudo_logsrvd.conf, logsrvd/logsrvd_conf.c:
	Convert sudo_logsrvd.conf to ini file format
	[91dff03d0795]

	* MANIFEST, examples/sudo_logsrvd.conf, include/sudo_util.h,
	lib/util/Makefile.in, lib/util/logfac.c, lib/util/logpri.c,
	lib/util/util.exp.in, logsrvd/Makefile.in, logsrvd/eventlog.c,
	logsrvd/iolog_writer.c, logsrvd/logsrvd.c, logsrvd/logsrvd.h,
	logsrvd/logsrvd_conf.c, plugins/sudoers/defaults.c:
	Add basic support for event logging using a sudo-style log format.
	[eb6aa3672e6f]

	* logsrvd/logsrvd.c, logsrvd/sendlog.c:
	Add OpenBSD malloc options.
	[a0d79af0c430]

	* MANIFEST, logsrvd/Makefile.in, logsrvd/buffer.c, logsrvd/buffer.h,
	logsrvd/iolog_writer.c, logsrvd/logsrvd.c, logsrvd/logsrvd.h,
	logsrvd/sendlog.c, logsrvd/sendlog.h:
	Allow messages up to 2Mb in size.
	[af79754aaf53]

	* MANIFEST, configure, configure.ac, doc/Makefile.in,
	doc/sudo_logsrvd.conf.man.in, doc/sudo_logsrvd.conf.mdoc.in,
	doc/sudo_logsrvd.man.in, doc/sudo_logsrvd.mdoc.in,
	doc/sudo_sendlog.man.in, doc/sudo_sendlog.mdoc.in,
	examples/sudo_logsrvd.conf, m4/sudo.m4:
	Add manual pages for logsrvd and sendlog.
	[f437259d81ae]

	* include/sudo_iolog.h, lib/iolog/iolog_fileio.c,
	logsrvd/iolog_writer.c, logsrvd/logsrvd.c:
	Add restart support for compresses I/O logs.
	[1191fac5ff52]

	* logsrvd/sendlog.c, logsrvd/sendlog.h:
	Fix client side of restart. Seek to the target point there too so we
	start sending from the right place.
	[403bf22a6dad]

	* include/sudo_iolog.h, lib/iolog/iolog_util.c,
	logsrvd/iolog_writer.c, logsrvd/sendlog.c,
	plugins/sudoers/sudoreplay.c:
	Move read_timing_record() into libsudo_iolog
	[65a984f7fa7a]

	* MANIFEST, lib/iolog/iolog_fileio.c, logsrvd/Makefile.in,
	logsrvd/buffer.c, logsrvd/buffer.h, logsrvd/iolog_writer.c,
	logsrvd/logsrv_util.c, logsrvd/logsrv_util.h, logsrvd/logsrvd.h,
	logsrvd/sendlog.c, logsrvd/sendlog.h:
	Rename buffer.c -> logsrv_util.c and add iolog_seekto()
	[0ff1a6fdaecd]

	* logsrvd/logsrvd.c, logsrvd/sendlog.c:
	Fix some warnings from the clang static analyzer.
	[95de486cfb65]

	* logsrvd/sendlog.c:
	Fix Coverity CID 204353, fd leak on error path.
	[3519d910c777]

	* logsrvd/logsrvd_conf.c:
	Fix Coverity CID 204355, resource leak on error path.
	[c5c50c6bae16]

	* lib/iolog/iolog_fileio.c:
	Avoid TOCTOU in iolog_mkdirs; Coverity CID 204356
	[0c8679a731f5]

	* lib/util/mkdir_parents.c:
	Avoid TOCTOU in sudo_mkdir_parents; Coverity CID 204357
	[e9eeae60dff2]

	* logsrvd/log_server.pb-c.c, logsrvd/log_server.pb-c.h,
	logsrvd/log_server.proto:
	Add NumberList to InfoMessage. Also make comments fit in 80 columns
	when formatted as a man page.
	[fd7af0bb2477]

	* configure, configure.ac, include/sudo_rand.h, logsrvd/Makefile.in,
	logsrvd/logsrvd.c:
	Command line option processing for logsrvd
	[0f2248532960]

	* MANIFEST, examples/sudo_logsrvd.conf, logsrvd/Makefile.in,
	logsrvd/iolog_writer.c, logsrvd/logsrvd.c, logsrvd/logsrvd.h,
	logsrvd/logsrvd_conf.c, pathnames.h.in:
	Add config file support for logsrvd
	[4e643a95c88b]

	* MANIFEST, include/sudo_util.h, lib/util/Makefile.in,
	lib/util/mkdir_parents.c, lib/util/util.exp.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/mkdir_parents.c,
	plugins/sudoers/sudoers.h:
	Move mkdir_parents to libsudo_util.
	[3f540eb94282]

	* MANIFEST, Makefile.in, configure, configure.ac,
	include/sudo_iolog.h, include/sudo_util.h, lib/iolog/Makefile.in,
	lib/iolog/iolog_fileio.c, lib/iolog/iolog_path.c,
	lib/iolog/iolog_util.c,
	lib/iolog/regress/iolog_path/check_iolog_path.c,
	lib/iolog/regress/iolog_path/data,
	lib/iolog/regress/iolog_util/check_iolog_util.c,
	lib/util/sudo_conf.c, logsrvd/Makefile.in, logsrvd/iolog_writer.c,
	logsrvd/logsrvd.c, logsrvd/logsrvd.h, logsrvd/logsrvd_conf.c,
	logsrvd/sendlog.c, logsrvd/sendlog.h,
	plugins/sample/sample_plugin.c, plugins/sudoers/Makefile.in,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/iolog.c,
	plugins/sudoers/iolog.h, plugins/sudoers/iolog_files.h,
	plugins/sudoers/iolog_path.c, plugins/sudoers/iolog_path_escapes.c,
	plugins/sudoers/iolog_util.c, plugins/sudoers/iolog_util.h,
	plugins/sudoers/policy.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/iolog_path/data,
	plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c,
	plugins/sudoers/regress/iolog_util/check_iolog_util.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoreplay.c, src/sudo.h:
	Refactor code in sudoers that creates I/O log files to share with
	logsrvd.
	[3aa1fa95650d]

	* Makefile.in, include/sudo_iolog.h, lib/iolog/iolog_path.c,
	lib/iolog/regress/iolog_path/check_iolog_path.c,
	logsrvd/iolog_writer.c, logsrvd/logsrvd.h, logsrvd/logsrvd_conf.c,
	plugins/sudoers/iolog_path_escapes.c, plugins/sudoers/sudoers.c:
	Enable sudo_logsrvd.conf settings.
	[8e7b37d1d2a9]

	* include/sudo_iolog.h, lib/iolog/iolog_fileio.c,
	lib/iolog/iolog_util.c, logsrvd/iolog_writer.c, logsrvd/logsrvd.h,
	logsrvd/sendlog.c, plugins/sudoers/iolog.c,
	plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c,
	plugins/sudoers/sudoreplay.c:
	Use openat(2) when opening files in the I/O log directory.
	[1ab2e278e1d9]

	* logsrvd/Makefile.in, sudo.pp:
	Add sudo_ prefix to logsrvd and sendlog.
	[acbaed157ae5]

	* logsrvd/iolog_writer.c, logsrvd/log_server.pb-c.c,
	logsrvd/log_server.pb-c.h, logsrvd/log_server.proto,
	logsrvd/logsrvd.c, logsrvd/logsrvd.h, logsrvd/sendlog.c,
	logsrvd/sendlog.h:
	Rename ExecMessage -> AcceptMessage and add RejectMessage
	[a080c4eb7c4b]

	* MANIFEST, config.h.in, configure, configure.ac,
	include/sudo_compat.h, lib/util/openat.c, lib/util/unlinkat.c,
	src/sudo_edit.c:
	Move openat() emulation to lib/util and at unlinkat() emulation.
	[756ace7fdf38]

	* logsrvd/iolog_writer.c, logsrvd/logsrvd.c, logsrvd/sendlog.c:
	Add debugging for logsrvd and sendlog
	[4c86dbceb611]

	* MANIFEST, doc/LICENSE, logsrvd/Makefile.in,
	logsrvd/protobuf-c/protobuf-c.c, logsrvd/protobuf-c/protobuf-c.h:
	Import protobuf-c source since to avoid an external dependency. The
	files generated with protoc-c are not standalone. We need to include
	protobuf-c.c and protobuf-c.h from the protobuf-c distribution too.
	Building protoc-c requires a relative recent version of gcc which
	limits its portability.
	[0ea50a59cab7]

	* logsrvd/Makefile.in, logsrvd/iolog_writer.c, logsrvd/logsrvd.c,
	logsrvd/logsrvd.h, logsrvd/sendlog.c, logsrvd/sendlog.h:
	Add support for restarting I/O log transfers.
	[748e8f4f7fec]

	* MANIFEST, Makefile.in, configure, configure.ac, logsrvd/Makefile.in,
	logsrvd/iolog.h, logsrvd/iolog_reader.c, logsrvd/iolog_writer.c,
	logsrvd/log_server.pb-c.c, logsrvd/log_server.pb-c.h,
	logsrvd/log_server.proto, logsrvd/logsrvd.c, logsrvd/logsrvd.h,
	logsrvd/sendlog.c, logsrvd/sendlog.h, sudo.pp:
	Import proof of concept sudo log server.
	[a0687ba66feb]

	* MANIFEST, logsrvd/Makefile.in, logsrvd/iolog.h,
	logsrvd/iolog_reader.c, logsrvd/iolog_writer.c, logsrvd/logsrvd.h,
	logsrvd/sendlog.c, logsrvd/sendlog.h, mkdep.pl,
	plugins/sudoers/Makefile.in, plugins/sudoers/iolog.h,
	plugins/sudoers/iolog_util.c, plugins/sudoers/iolog_util.h,
	plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c,
	plugins/sudoers/regress/iolog_util/check_iolog_util.c,
	plugins/sudoers/sudoreplay.c:
	Refactor I/O log code so it can be shared between sudoers and
	logsrvd
	[b6608769ba8a]

	* lib/util/strtonum.c:
	Avoid invalid read when minval > maxval
	[7f1a6f992e4f]

2019-10-23  Todd C. Miller  <Todd.Miller@sudo.ws>

	* NEWS, plugins/sudoers/policy.c, src/sudo.c:
	Don't pass an invalid session or process group ID to the plugin.
	Fixes a regression in 1.8.28 when there is no terminal session
	leader.
	[d9c626167b3c]

2019-10-22  Robert Manner  <robert.manner@balabit.com>

	* plugins/python/pyhelpers.c, plugins/python/pyhelpers.h,
	plugins/python/pyhelpers_cpychecker.h,
	plugins/python/python_plugin_common.c,
	plugins/python/python_plugin_common.h,
	plugins/python/python_plugin_group.c,
	plugins/python/python_plugin_io.c,
	plugins/python/python_plugin_policy.c:
	plugins/python: a plugin which can load policy/io plugin written in
	python
	[2c7620c8052f]

	* Makefile.in, configure.ac, plugins/python/Makefile.in:
	Makefile.in, configure.ac: add python plugin build
	[09b305e2cd54]

2019-10-21  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen
	[70f4543f177c]

	* src/limits.c:
	Not all systems support RLIMIT_NPROC and RLIMIT_RSS
	[26b8e2afe755]

	* doc/Makefile.in, examples/Makefile.in, include/Makefile.in,
	lib/util/Makefile.in, lib/zlib/Makefile.in,
	plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in,
	src/Makefile.in:
	Add depend target to all Makefile.in files.
	[0a22d80ef716]

	* NEWS, configure, configure.ac, doc/UPGRADE:
	Sudo 1.8.29
	[736c9a5c3720]

	* MANIFEST, lib/util/Makefile.in, src/Makefile.in, src/exec.c,
	src/limits.c, src/sudo.c, src/sudo.h:
	Set resource limits in the sudo process to unlimited. We don't want
	sudo to be limited by the caller's resource limits. The original
	resource limits are restore before session setup.
	[6c3bf214caf0]

2019-10-20  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/starttime.c, src/ttyname.c:
	Older FreeBSD needs sys/param.h included before sys/user.h. From
	Darren Tucker
	[88c060df0439]

	* include/sudo_util.h, lib/util/getgrouplist.c, lib/util/gidlist.c,
	lib/util/regress/strtofoo/strtoid_test.c, lib/util/strtoid.c,
	lib/util/util.exp.in, plugins/group_file/getgrent.c,
	plugins/sudoers/cvtsudoers.c, plugins/sudoers/cvtsudoers_json.c,
	plugins/sudoers/cvtsudoers_pwutil.c, plugins/sudoers/iolog.c,
	plugins/sudoers/match.c, plugins/sudoers/policy.c,
	plugins/sudoers/pwutil.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/tsgetgrpw.c, plugins/sudoers/visudo.c,
	plugins/system_group/system_group.c, src/sudo.c:
	Rename sudo_strtoid() to sudo_strtoidx() and add simplified
	sudo_strtoid()
	[94a418cdbae6]

2019-10-19  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/UPGRADE, doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in,
	doc/sudo.man.in, doc/sudo.mdoc.in, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	doc/sudoers_timestamp.man.in, doc/sudoers_timestamp.mdoc.in,
	doc/visudo.man.in, doc/visudo.mdoc.in,
	plugins/sudoers/cvtsudoers_json.c, plugins/sudoers/iolog.c,
	plugins/sudoers/ldap.c, plugins/sudoers/policy.c,
	plugins/sudoers/pwutil.c, plugins/sudoers/sssd.c,
	plugins/sudoers/testsudoers.c, src/exec.c:
	Refer to user-ID and group-ID instead of "user ID" and "group ID"
	[36d7bd4ab52d]

2019-10-18  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudoers.man.in, doc/sudoers.mdoc.in:
	sudoedit doesn't create a new PAM session so PAM umask does not
	apply.
	[8ae167d0ae7c]

	* doc/sudo_plugin.man.in, doc/sudo_plugin.mdoc.in, doc/sudoers.man.in,
	doc/sudoers.mdoc.in, include/sudo_plugin.h,
	plugins/sudoers/policy.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, src/exec.c, src/sudo.c, src/sudo.h:
	Change how the umask is handled with PAM and login.conf. If the
	umask is explicitly set in sudoers, use that value regardless of
	what is in PAM or login.conf. If using the default umask from
	sudoers, allow PAM or login.conf to override it. Bug #900
	[7c0a835ac512]

2019-10-17  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudoers.man.in, doc/sudoers.mdoc.in, plugins/sudoers/audit.c,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/defaults.c,
	plugins/sudoers/logging.c:
	Add log_allowed and log_denied sudoers flags, defaulting to true.
	[fb1e188a3d05]

	* lib/util/Makefile.in, plugins/sudoers/Makefile.in, src/Makefile.in:
	Enable security auditing malloc options for "make check".
	[333632dd3134]

2019-10-16  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Be more consistent with how we talk about sudoers Defaults settings.
	Use "flag" not "option" when referring to boolean flags. Use
	"setting" in place of "Defaults setting" in most places. Use "the
	foo option" instead of "sudo's foo option" for command line options.
	[8058378c4b35]

	* plugins/sudoers/Makefile.in:
	No need to check existing sudoers file when installing to DESTDIR
	This check can cause problems on systems where /etc/sudoers.d is not
	readable.
	[2ec01e9fe408]

	* lib/util/str2sig.c:
	Inclue sudo_util.h to get sudo_strtonum() prototype.
	[8b0b4ee28d5f]

	* lib/util/str2sig.c:
	strtonum -> sudo_strtonum
	[4d2363678583]

	* MANIFEST:
	Add split out strtofoo tests.
	[0cc598502faf]

	* lib/util/strtonum.c:
	Make sure we don't go past the end of the string when out of range.
	[2b89961c524a]

	* lib/util/regress/strtofoo/strtonum_test.c, lib/util/strtonum.c:
	Fix stronum() regress test and the errno value for out of range
	numbers.
	[3547d022bead]

	* lib/util/Makefile.in, lib/util/regress/atofoo/atofoo_test.c,
	lib/util/regress/strtofoo/strtobool_test.c,
	lib/util/regress/strtofoo/strtoid_test.c,
	lib/util/regress/strtofoo/strtomode_test.c,
	lib/util/regress/strtofoo/strtonum_test.c:
	Split atofoo.c regress into multiple tests.
	[75b7547e33bd]

	* NEWS, configure, configure.ac:
	Sudo 1.8.28p1
	[09ceaddc94f9]

2019-10-15  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/parse.c:
	The fix for bug #869 broke "sudo -v" when verifypw=all (the default)
	[aac35bcd8584]

2019-10-14  Todd C. Miller  <Todd.Miller@sudo.ws>

	* include/sudo_compat.h, include/sudo_util.h, lib/util/Makefile.in,
	lib/util/closefrom.c, lib/util/getaddrinfo.c, lib/util/strtonum.c,
	lib/util/sudo_conf.c, lib/util/ttysize.c,
	plugins/sudoers/boottime.c, plugins/sudoers/cvtsudoers.c,
	plugins/sudoers/defaults.c, plugins/sudoers/iolog.c,
	plugins/sudoers/iolog_util.c, plugins/sudoers/ldap_conf.c,
	plugins/sudoers/match_addr.c, plugins/sudoers/policy.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/regress/starttime/check_starttime.c,
	src/parse_args.c, src/sesh.c, src/sudo.c, src/ttyname.c:
	Use sudo_strtonum() explicitly instead of via a macro.
	[f75f786eddd5]

	* config.h.in, configure, configure.ac, include/sudo_compat.h,
	lib/util/Makefile.in, lib/util/strtoid.c, lib/util/strtonum.c,
	lib/util/util.exp.in, mkdep.pl:
	Always use our own strtonum and implement sudo_strtoid in terms of
	it.
	[94b1114ef79d]

	* plugins/sudoers/pwutil.c:
	Use errno in warning when sudo_make_*_item() fails. Previously we
	always said "out of memory" if not ENOENT.
	[68e5a208c242]

	* plugins/sudoers/Makefile.in, plugins/sudoers/parse_ldif.c,
	plugins/sudoers/regress/cvtsudoers/test26.err.ok,
	plugins/sudoers/regress/cvtsudoers/test26.sh:
	Reject non-LDIF input when converting from LDIF to sudoers or JSON.
	[2d08d4aa0e01]

2019-10-10  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/po/ca.mo, plugins/sudoers/po/da.mo,
	plugins/sudoers/po/el.mo, plugins/sudoers/po/eu.mo,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fur.mo,
	plugins/sudoers/po/hr.mo, plugins/sudoers/po/hu.mo,
	plugins/sudoers/po/ko.mo, plugins/sudoers/po/lt.mo,
	plugins/sudoers/po/nl.mo, plugins/sudoers/po/ru.mo,
	plugins/sudoers/po/sk.mo, plugins/sudoers/po/sl.mo,
	plugins/sudoers/po/sr.mo, plugins/sudoers/po/tr.mo,
	plugins/sudoers/po/zh_CN.mo, po/ast.mo, po/ca.mo, po/es.mo,
	po/eu.mo, po/fi.mo, po/fur.mo, po/gl.mo, po/hr.mo, po/hu.mo,
	po/ko.mo, po/nl.mo, po/nn.mo, po/ru.mo, po/sk.mo, po/sl.mo,
	po/sr.mo, po/sudo.pot, po/vi.mo, po/zh_CN.mo:
	regen
	[362645d256b7]

	* NEWS, lib/util/strtoid.c:
	Treat an ID of -1 as invalid since that means "no change". Fixes
	CVE-2019-14287. Found by Joe Vennix from Apple Information Security.
	[83db8dba09e7]

	* lib/util/regress/atofoo/atofoo_test.c,
	plugins/sudoers/regress/testsudoers/test5.out.ok,
	plugins/sudoers/regress/testsudoers/test5.sh:
	Add sudo_strtoid() tests for -1 and range errors. Also adjust
	testsudoers/test5 which relied upon gid -1 parsing.
	[db06a8336c09]

2019-10-06  Todd C. Miller  <Todd.Miller@sudo.ws>

	* INSTALL, configure, configure.ac:
	Back out compiler override for now.
	[f03f7fd7ff8b]

	* configure, configure.ac:
	Only prefer clang over gcc on BSD systems.
	[2309baa23a00]

2019-10-05  Todd C. Miller  <Todd.Miller@sudo.ws>

	* Makefile.in:
	Fix "make pvs-studio" run in a build dir
	[a49635de3777]

2019-09-27  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen
	[430d45f3b461]

	* NEWS:
	Bug #898
	[3d07895888e8]

	* src/exec.c, src/exec_monitor.c, src/exec_nopty.c, src/exec_pty.c,
	src/selinux.c, src/sudo.c, src/sudo.h:
	Fix restoring the file context of the user's tty with SELinux. Also
	fix broken tty labeling when running a command in a pty. Includes a
	fix for a typo introduced in the last change set.
	[eb3f547b08f8]

	* lib/util/arc4random.c:
	_rs_random_buf is currently unused
	[e384fc3625e8]

	* src/selinux.c:
	Add some debugging around context setting and tty labeling Also be
	more extact with error return values
	[ed66480282c7]

2019-09-21  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/util/sudo_debug.c:
	Better error message when debug log file cannot be opened.
	[09e0cdff0c49]

2019-09-20  Todd C. Miller  <Todd.Miller@sudo.ws>

	* .hgignore:
	Ignore in-tree build directory.
	[66577c63f097]

	* configure, configure.ac:
	Set CC before AC_USE_SYSTEM_EXTENSIONS to get our preferred
	compiler.
	[6a318eeffb30]

2019-09-19  Todd C. Miller  <Todd.Miller@sudo.ws>

	* pp:
	Update Polypkg to the latest version from git.
	[68bbecc25007]

	* configure, configure.ac:
	If no mandoc or nroff is present, install mdoc format manuals. If
	there is no installed nroff/mandoc they will need to install groff
	or heirloom doctools to format the manual pages.
	[6dd386c1a378]

2019-09-18  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudoers.man.in, doc/sudoers.mdoc.in, include/sudo_plugin.h:
	Refer to number of terminal lines, not rows, for consistency.
	[566e3e38058f]

2019-09-17  Todd C. Miller  <Todd.Miller@sudo.ws>

	* INSTALL, configure, configure.ac:
	Prefer clang over gcc. We want to use clang on systems where clang
	is the system compiler. It is less common to have clang installed on
	systems where gcc is the system compiler.
	[d29d764a4938]

	* INSTALL:
	No longer need bypass_last_login on HP-UX, warnings work with clang.
	Also add deb package names for pam and ldap devel on Linux.
	[6aff480b1f4b]

	* src/parse_args.c:
	Silence a warning from clang about string concatenation.
	[cadba1a4d86d]

2019-09-14  Todd C. Miller  <Todd.Miller@sudo.ws>

	* NEWS, doc/UPGRADE:
	sudoedit umask fix
	[4bfc0e393e2a]

2019-09-13  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/util/event.c:
	Fix sorting of the time-based event queue.
	[f12e5a877c8a]

	* lib/util/event.c:
	Support default base in got_exit, got_break, loopexit, loopbreak,
	loopcontinue
	[da02194b5ba9]

2019-09-11  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/sudo_edit.c:
	Create new files with the umask specified in sudoers.
	[4d0b6152834b]

2019-09-05  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/parse_ldif.c:
	More case-insensitive compare for LDAP attributes and string lists.
	Only the ALL keyword should be compared case-sensitive.
	[87cd688b2648]

2019-08-30  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/sudo.h:
	Enable asserts for Coverity too.
	[b830f200a8bd]

	* src/parse_args.c, src/sudo.h:
	Add asserts() to avoid static analyzer false positives.
	[860aca50028d]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y:
	Plug memory leak on malloc failure.
	[1b35743703d4]

	* plugins/sudoers/ldap_util.c:
	Plug memory leak on malloc failure.
	[c2257637d659]

2019-08-29  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/auth/pam.c:
	Add sudo_pam_strerror(), like pam_strerror() but never returns NULL.
	It also uses strerror(errno) for PAM_SYSTEM_ERR.
	[b070d1702112]

	* plugins/sudoers/auth/pam.c:
	If pam_start() fails, display the PAM error using pam_strerror(). It
	is legal to pass pam_strerror() a NULL handle.
	[6403fa1479d8]

2019-08-27  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in,
	plugins/sudoers/sudoreplay.c:
	If the sudoreplay ID option is a fully-qualified path, use it
	directly. Previously, one had to use the -d option to override the
	I/O log directory.
	[9fddb3ffc760]

	* plugins/sudoers/Makefile.in:
	regen
	[f70579d2972b]

	* MANIFEST, doc/sudo.conf.man.in.sed:
	Add conditional for sesh path in sudo.conf manual.
	[93b5c6fcf8f4]

2019-08-26  Todd C. Miller  <Todd.Miller@sudo.ws>

	* NEWS:
	Bug #895
	[d69984bccd0e]

	* plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/dce.c,
	plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/securid5.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/check.c, plugins/sudoers/sudo_printf.c,
	src/conversation.c:
	Use the SUDO_CONV_PREFER_TTY flag during authentication. This
	prevents the password and PAM prompts from being redirected. Bug
	#895
	[546082c674b7]

2019-08-23  Todd C. Miller  <Todd.Miller@sudo.ws>

	* mkpkg:
	Fix typo that prevented a missing linux audit lib from being
	detected.
	[b9412151615d]

2019-08-20  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/sudoreplay.c:
	Use fputs(), not printf() for plain strings.
	[b102ae1cb6da]

	* NEWS:
	Recent fixes.
	[8249e98a05c8]

	* plugins/sudoers/ldap.c:
	Add user ID to the search filter when matching sudoUser. We already
	support group IDs but the user ID was missing. From
	sudo-1.8.23-ldapsearchuidfix.patch in RHEL 7.
	[3da7b9f990be]

	* plugins/sudoers/regress/sudoers/test2.json.ok,
	plugins/sudoers/regress/sudoers/test2.toke.ok,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Fix parsing of double-quoted Defaults bindings that start with % or
	+. From sudo-1.8.23-fix-double-quote-parsing-for-Defaults-
	values.patch in RHEL 7.
	[df613e67ef45]

	* src/exec.c:
	Restore core dump resource limit before the PAM session module is
	run. Otherwise, we may override the limits set by PAM. Bug #894
	[f35441098234]

2019-08-19  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/util/sig2str.c, lib/util/str2sig.c:
	sys_signame on macOS contains lower-cases names
	[d7af71311b3d]

	* MANIFEST, configure, configure.ac, lib/util/Makefile.in,
	lib/util/regress/strsig/strsig_test.c:
	Add regress tests for str2sig() and sig2str().
	[fb73303699fb]

	* lib/util/str2sig.c:
	SIGIOT and SIGABRT are aliases on BSD systems.
	[d35f75aba04a]

	* lib/util/sig2str.c, lib/util/str2sig.c:
	Fix handling of real-time signals.
	[39066a5eabcb]

2019-08-16  Todd C. Miller  <Todd.Miller@sudo.ws>

	* NEWS:
	ipa_hostname fix
	[54245ed09830]

2019-08-15  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/file.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/ldap.c,
	plugins/sudoers/match.c, plugins/sudoers/parse.h,
	plugins/sudoers/sssd.c:
	Fix special handling of ipa_hostname that was lost in sudo 1.8.24.
	We now include the long and short hostname in sudo parser container.
	[b4f31dbe3109]

2019-08-14  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/iolog_event.h:
	Remove unused include file.
	[0731078e72b1]

2019-08-05  Todd C. Miller  <Todd.Miller@sudo.ws>

	* NEWS, doc/UPGRADE:
	Mention I/O log signal change in NEWS and UPGRADE files.
	[ac7969640146]

	* MANIFEST, NEWS, plugins/sudoers/po/ast.mo,
	plugins/sudoers/po/ast.po:
	Asturian translation for sudoers from translationproject.org.
	[4f011f10129e]

	* mkdep.pl:
	Check source dir if source file is not listed in MANIFEST.
	Previously, we just used the file name without $(srcdir).
	[cd17ca929217]

	* MANIFEST, config.h.in, configure, configure.ac, doc/sudoers.man.in,
	doc/sudoers.mdoc.in, include/sudo_compat.h, lib/util/Makefile.in,
	lib/util/str2sig.c, plugins/sudoers/iolog.c,
	plugins/sudoers/iolog_util.c:
	Store signal name, not number in I/O log timing file. The "SIG"
	prefix is not used so, e.g. SIGTERM -> "TERM". This makes the I/O
	log files portable from one system to another. Older I/O log files
	with signal numbers can still be replayed.
	[5652f831b715]

2019-07-30  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/utmp.c:
	Disable stringop-truncation false positive warnings on gcc 8.
	Strings in struct utmp/utmpx are not guaranteed to be NUL-
	terminated.
	[644b97bba318]

	* plugins/group_file/plugin_test.c, src/net_ifs.c:
	Replace non-essential strncpy() calls.
	[2377cad6e155]

2019-07-26  Todd C. Miller  <Todd.Miller@sudo.ws>

	* configure, configure.ac:
	Revert version back to 1.8.28
	[4e2deb0b4925]

	* lib/util/Makefile.in:
	Link util functions being tested directly with the test harness.
	Otherwise we may get the version from the installed libsudo_util.so.
	[46c833080d13]

2019-07-23  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/fr.mo, plugins/sudoers/po/fr.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
	plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt.mo, plugins/sudoers/po/pt.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/sv.mo, plugins/sudoers/po/sv.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/zh_TW.mo,
	plugins/sudoers/po/zh_TW.po, po/cs.mo, po/cs.po, po/da.mo, po/da.po,
	po/de.mo, po/de.po, po/eo.mo, po/eo.po, po/fr.mo, po/fr.po,
	po/it.mo, po/it.po, po/ja.mo, po/ja.po, po/nb.mo, po/nb.po,
	po/pl.mo, po/pl.po, po/pt.mo, po/pt.po, po/pt_BR.mo, po/pt_BR.po,
	po/sv.mo, po/sv.po, po/tr.mo, po/tr.po, po/uk.mo, po/uk.po,
	po/zh_TW.mo, po/zh_TW.po:
	Updated translations from translationproject.org
	[a5aa41ab05cb]

2019-07-19  Todd C. Miller  <Todd.Miller@sudo.ws>

	* configure, configure.ac, plugins/sudoers/fmtsudoers.c,
	plugins/sudoers/parse.c:
	Use strftime(3) instead of formatting struct tm by hand. Fixes a
	warning on newer versions of gcc.
	[4a2fdb51bbe5]

	* doc/sudo.man.in, doc/sudo.mdoc.in:
	Update error message when the password cannot be read from the
	terminal.
	[9b329f92e8a0]

	* NEWS:
	Fix for Bug #888
	[d64fc43adfdd]

	* plugins/sudoers/match_command.c, plugins/sudoers/match_digest.c:
	If the command in sudoers does not exist on the file system, match
	by name. We still want to match the command even if it doesn't exist
	so that the NOPASSWD flag on sudoers entries with non-existant paths
	works as expected. Bug #888.
	[0879054870be]

	* NEWS, doc/TROUBLESHOOTING, po/sudo.pot, src/tgetpass.c:
	More verbose error message when a password is required and no
	terminal is present. Bug #828.
	[f15ffeffff32]

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen
	[8e0fdf8e4cd5]

	* doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document that PAM session modules are now run with the silent flag.
	[b67b769a0532]

2019-07-14  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/sudoers.c:
	Simpler change to retry sudo_secure_file() as root as needed.
	[feb0c2309366]

	* plugins/sudoers/sudoers.c:
	If we are unable to stat() sudoers as non-root, try again as root.
	By default, sudo relies soley on group permissions to read sudoers
	to make it possible to store sudoers on NFS. However, if
	/etc/sudoers is not accessible to non-root uids for some reason,
	sudo will fail. Bug #880.
	[6a50adb25f2e]

2019-07-12  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Clarify that ttyin contains raw terminal input.
	[eea9d33f85bd]

2019-07-11  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Expand the description of the I/O log files.
	[f15cefc9bbd8]

	* doc/sudo.conf.mdoc.in:
	Remove trailing whitespace.
	[421e9f481c1d]

2019-07-03  Todd C. Miller  <Todd.Miller@sudo.ws>

	* configure, configure.ac, doc/sudo.conf.man.in,
	doc/sudo.conf.mdoc.in, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in:
	Rename PLUGINDIR -> plugindir
	[75cc43534ee1]

	* configure, configure.ac:
	Use $libexecdir in default settings used by the documentation. The
	web and pdf pages will substitute /usr/local/libexec for
	$noexec_file. Also do substitution of variables using exec_prefix
	even if we don't use them in the Makefile since the documentation
	may reference them.
	[b7a37b03b6db]

	* doc/Makefile.in, doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in:
	Add conditional for sesh path in sudo.conf manual.
	[ec1f8f559bad]

	* configure, configure.ac:
	Update plugindir even when --disable-shared is specified. Otherwise,
	the default value is substituted into the Makefiles and
	documentation which may not match --prefix. Bug #886
	[0f6c9a4af739]

2019-06-25  Todd C. Miller  <Todd.Miller@sudo.ws>

	* include/sudo_util.h, lib/util/fatal.c, lib/util/inet_ntop.c,
	lib/util/regress/vsyslog/vsyslog_test.c, lib/util/sudo_debug.c,
	plugins/sudoers/find_path.c, plugins/sudoers/group_plugin.c,
	plugins/sudoers/iolog.c, plugins/sudoers/ldap.c,
	plugins/sudoers/ldap_conf.c, plugins/sudoers/logging.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/timestamp.c, src/load_plugins.c, src/net_ifs.c,
	src/sudo.c:
	Add ssizeof macro that returns ssize_t. We can use this instead of
	casting the result of size_t to int. Also change checks for
	snprintf() returning <=0 to <0.
	[da4a95a5d8ec]

2019-06-21  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/TROUBLESHOOTING, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	sudoedit should be used for editing files instead of "sudo editor"
	That way the user's editor config files are used by the editor.
	[24bb1e6326ee]

	* doc/TROUBLESHOOTING:
	Move the section on HOME to be after the environment section. Also
	strongly discourage the disabling of env_reset.
	[7a41bddf5fde]

2019-06-20  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/TROUBLESHOOTING:
	Remove the Solaris last login question, add one about HOME. The PAM
	session is opened with PAM_SILENT so last login info is not printed.
	It is dangerous to preserve HOME from the user's environment.
	[99be2cd98556]

	* doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Use the term pseudo-terminal more consistently.
	[129a0d2e5a33]

	* doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document why HOME should not be preserved from the user's
	environment. Text was adapted from what is already present in the
	UPGRADE file. Also mark set_home and always_set_home as obsolete.
	[3cddca2f78de]

	* doc/sudo_plugin.man.in, doc/sudo_plugin.mdoc.in:
	Refer to command line options, not flags.
	[5caa383e1f9b]

	* NEWS:
	sync
	[fd7e952e3e43]

	* doc/TROUBLESHOOTING:
	sudo will now prompt for a password as long as /dev/tty is
	available.
	[a4241d432e63]

	* MANIFEST, configure, configure.ac, doc/Makefile.in,
	doc/cvtsudoers.cat, doc/sudo.cat, doc/sudo.conf.cat,
	doc/sudo_plugin.cat, doc/sudoers.cat, doc/sudoers.ldap.cat,
	doc/sudoers_timestamp.cat, doc/sudoreplay.cat, doc/visudo.cat:
	Remove .cat pages, there is no need for them in the modern world.
	Sudo only shipped .cat pages for Irix, which lacked nroff. Irix is
	long dead and there are multiple open source nroff options.
	[b7a48dc22bdb]

	* INSTALL, configure.ac, doc/sudoers.cat, doc/visudo.cat:
	Make env_editor the default. It is already the default in the
	package script.
	[a4f0c46ef5d6]

	* INSTALL, doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in:
	Don't describe env_editor as a security hole. Users that are able to
	edit sudoers can grant themselves permissions so the fact that
	visudo runs the editor as root is not a security issue.
	[627f0a96ccc9]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in:
	Fix details of how EDITOR, VISUAL and SUDO_EDITOR are (or are not)
	preserved. The description in the editor option was incorrect and
	didn't mention env_keep. Reported by Sander Bos
	[1b498d610672]

	* doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in:
	Modern visudo locks the actual sudoers file, not the sudoers.tmp
	file. Refer to sudoers.tmp as a temporary file, not a lock file.
	Reported by Sander Bos
	[3a449f316304]

2019-06-19  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/sudoers.c:
	In tty_present(), check for /dev/tty if sudo was unable to get the
	tty name. For requiretty it is enough to check that /dev/tty is
	available. If sudo can't get the tty from the kernel (missing
	/proc?) that is OK.
	[2102ffa0fa7e]

	* src/tgetpass.c:
	Don't refuse to use the tty unless /dev/tty is unavailable. We don't
	care whether sudo was able to get the tty name from the kernel. All
	that really matters is whether we are able to disable echo as
	needed.
	[a3376277883f]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Use of "they" was ambiguous.
	[a39f42aa21ca]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Better description of secure_path. The secure_path option affects
	the resolution of unqualified commands as well as the environment
	that commands run with.
	[e0534efa8271]

	* doc/CONTRIBUTORS:
	Add Sander Bos
	[75f6f90c2f24]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Fix a few typos and awkward wording. Use the singular "they" instead
	of he/she. Add back missing text in description of variables
	starting with (). Based on changes from Sander Bos.
	[d6b5068ae2ca]

2019-06-15  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Clarify which environment variables are set based on the target
	user.
	[1e6ac7e5ef32]

2019-06-10  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/util/Makefile.in:
	libsudo_util depends on LT_DEP_LIBS even when building a static lib
	[232370d6af88]

	* aclocal.m4, config.h.in, configure, configure.ac,
	lib/util/arc4random.c:
	Solaris getentropy() requires that sys/random.h be included.
	[f1ec0a7290a6]

2019-05-29  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/parse.c:
	Use the runhost for "User foo is not allowed to run sudo on bar."
	Otherwise, if the -h option is specified sudo will print the local
	host name instead of the host specified via -h.
	[8e6836ff952c]

2019-05-28  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/TROUBLESHOOTING:
	Document that "no tty present and no askpass program specified" may
	happen when /proc is not accessible.
	[b551c47e55aa]

2019-05-27  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/CONTRIBUTORS:
	Add Sangamesh Mallayya and Michael Spradling
	[73b3acddc973]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in, src/parse_args.c,
	src/sudo.h, src/tgetpass.c:
	Add -B option to ring the bell before the password prompt.
	[b2181b069809]

	* plugins/sudoers/auth/aix_auth.c:
	Allow the user to change their password if expired on AIX. Bug #883
	[b1def2572198]

2019-05-26  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/auth/aix_auth.c:
	When using AIX auth, don't display the AIX password incorrect
	message. Avoids a "3004-300 You entered an invalid login name or
	password" message in addition to sudo's own "Sorry, try again"
	message.
	[ee606cfc3c8c]

2019-05-24  Todd C. Miller  <Todd.Miller@sudo.ws>

	* mkpkg:
	AIX packages were not being build with optimization enabled.
	[41563464b897]

2019-05-22  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/parse.c, plugins/sudoers/parse.h:
	Fix a typo.
	[6cd3fdc40b13]

	* mkpkg:
	Support using macOS SDKs from
	/Library/Developer/CommandLineTools/SDKs
	[98399af73e06]

2019-05-16  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/util/term.c:
	It is safe to assume _POSIX_VDISABLE is defined. The old compat
	defines were to support pre-termios systems.
	[82153896cede]

2019-05-06  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/auth/pam.c:
	Remove second catopen() which is never called.
	[8a3db9d71297]

2019-05-01  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/TROUBLESHOOTING:
	Sudo's conversation functions now filters out the last login
	information.
	[ac21b18ba6bf]

2019-04-29  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/auth/pam.c, plugins/sudoers/def_data.c,
	plugins/sudoers/def_data.h, plugins/sudoers/def_data.in,
	plugins/sudoers/defaults.c:
	Add pam_acct_mgmt setting to enable/disable PAM account validation.
	[ec657af6eeb8]

	* doc/cvtsudoers.cat, doc/sudo.cat, doc/sudo.conf.cat,
	doc/sudo_plugin.cat, doc/sudoers.cat, doc/sudoers.ldap.cat,
	doc/sudoers_timestamp.cat, doc/sudoreplay.cat, doc/visudo.cat:
	regen
	[d39b0636806f]

	* NEWS, configure, configure.ac:
	Sudo 1.8.28
	[dd02af1b71e1]

	* Makefile.in, configure.ac, doc/Makefile.in, doc/cvtsudoers.man.in,
	doc/cvtsudoers.mdoc.in, doc/fixman.sh, doc/sudo.conf.man.in,
	doc/sudo.conf.mdoc.in, doc/sudo.man.in, doc/sudo.mdoc.in,
	doc/sudo_plugin.man.in, doc/sudo_plugin.mdoc.in,
	doc/sudoers.ldap.man.in, doc/sudoers.ldap.mdoc.in,
	doc/sudoers.man.in, doc/sudoers.mdoc.in,
	doc/sudoers_timestamp.man.in, doc/sudoers_timestamp.mdoc.in,
	doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in, doc/visudo.man.in,
	doc/visudo.mdoc.in, examples/Makefile.in, include/Makefile.in,
	include/compat/charclass.h, include/compat/endian.h,
	include/compat/fnmatch.h, include/compat/getopt.h,
	include/compat/glob.h, include/compat/nss_dbdefs.h,
	include/compat/sha2.h, include/sudo_compat.h, include/sudo_conf.h,
	include/sudo_debug.h, include/sudo_digest.h, include/sudo_dso.h,
	include/sudo_event.h, include/sudo_fatal.h, include/sudo_gettext.h,
	include/sudo_lbuf.h, include/sudo_plugin.h, include/sudo_queue.h,
	include/sudo_rand.h, include/sudo_util.h, lib/util/Makefile.in,
	lib/util/aix.c, lib/util/arc4random.c, lib/util/arc4random.h,
	lib/util/arc4random_uniform.c, lib/util/closefrom.c,
	lib/util/digest.c, lib/util/digest_gcrypt.c,
	lib/util/digest_openssl.c, lib/util/event.c, lib/util/event_poll.c,
	lib/util/event_select.c, lib/util/fatal.c, lib/util/fnmatch.c,
	lib/util/getcwd.c, lib/util/getdelim.c, lib/util/getentropy.c,
	lib/util/getgrouplist.c, lib/util/gethostname.c,
	lib/util/getopt_long.c, lib/util/gettime.c, lib/util/gidlist.c,
	lib/util/glob.c, lib/util/inet_ntop.c, lib/util/inet_pton.c,
	lib/util/isblank.c, lib/util/key_val.c, lib/util/lbuf.c,
	lib/util/locking.c, lib/util/memrchr.c, lib/util/memset_s.c,
	lib/util/mksiglist.c, lib/util/mksigname.c, lib/util/mktemp.c,
	lib/util/nanosleep.c, lib/util/parseln.c, lib/util/pipe2.c,
	lib/util/progname.c, lib/util/pw_dup.c, lib/util/reallocarray.c,
	lib/util/regress/atofoo/atofoo_test.c,
	lib/util/regress/getdelim/getdelim_test.c,
	lib/util/regress/getgrouplist/getgrouplist_test.c,
	lib/util/regress/parse_gids/parse_gids_test.c,
	lib/util/regress/progname/progname_test.c,
	lib/util/regress/strsplit/strsplit_test.c,
	lib/util/regress/sudo_conf/conf_test.c,
	lib/util/regress/sudo_parseln/parseln_test.c,
	lib/util/regress/tailq/hltq_test.c,
	lib/util/regress/vsyslog/vsyslog_test.c, lib/util/secure_path.c,
	lib/util/setgroups.c, lib/util/sha2.c, lib/util/sig2str.c,
	lib/util/snprintf.c, lib/util/strlcat.c, lib/util/strlcpy.c,
	lib/util/strndup.c, lib/util/strnlen.c, lib/util/strsignal.c,
	lib/util/strsplit.c, lib/util/strtobool.c, lib/util/strtoid.c,
	lib/util/strtomode.c, lib/util/strtonum.c, lib/util/sudo_conf.c,
	lib/util/sudo_debug.c, lib/util/sudo_dso.c, lib/util/term.c,
	lib/util/ttyname_dev.c, lib/util/ttysize.c, lib/util/utimens.c,
	lib/util/vsyslog.c, lib/zlib/Makefile.in, log2cl.pl, m4/sudo.m4,
	mkdep.pl, mkpkg, pathnames.h.in, plugins/group_file/Makefile.in,
	plugins/group_file/getgrent.c, plugins/group_file/group_file.c,
	plugins/group_file/plugin_test.c, plugins/sample/Makefile.in,
	plugins/sample/sample_plugin.c, plugins/sudoers/Makefile.in,
	plugins/sudoers/alias.c, plugins/sudoers/audit.c,
	plugins/sudoers/auth/afs.c, plugins/sudoers/auth/aix_auth.c,
	plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/dce.c,
	plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/kerb5.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/passwd.c,
	plugins/sudoers/auth/rfc1938.c, plugins/sudoers/auth/secureware.c,
	plugins/sudoers/auth/securid5.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/auth/sudo_auth.h,
	plugins/sudoers/base64.c, plugins/sudoers/boottime.c,
	plugins/sudoers/bsm_audit.c, plugins/sudoers/bsm_audit.h,
	plugins/sudoers/check.c, plugins/sudoers/check.h,
	plugins/sudoers/cvtsudoers.c, plugins/sudoers/cvtsudoers.h,
	plugins/sudoers/cvtsudoers_json.c,
	plugins/sudoers/cvtsudoers_ldif.c,
	plugins/sudoers/cvtsudoers_pwutil.c, plugins/sudoers/defaults.c,
	plugins/sudoers/defaults.h, plugins/sudoers/digestname.c,
	plugins/sudoers/editor.c, plugins/sudoers/env.c,
	plugins/sudoers/env_pattern.c, plugins/sudoers/file.c,
	plugins/sudoers/filedigest.c, plugins/sudoers/find_path.c,
	plugins/sudoers/fmtsudoers.c, plugins/sudoers/gc.c,
	plugins/sudoers/gentime.c, plugins/sudoers/getspwuid.c,
	plugins/sudoers/gmtoff.c, plugins/sudoers/goodpath.c,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/group_plugin.c, plugins/sudoers/hexchar.c,
	plugins/sudoers/ins_2001.h, plugins/sudoers/ins_classic.h,
	plugins/sudoers/ins_csops.h, plugins/sudoers/ins_goons.h,
	plugins/sudoers/ins_python.h, plugins/sudoers/insults.h,
	plugins/sudoers/interfaces.c, plugins/sudoers/interfaces.h,
	plugins/sudoers/iolog.c, plugins/sudoers/iolog.h,
	plugins/sudoers/iolog_event.h, plugins/sudoers/iolog_files.h,
	plugins/sudoers/iolog_path.c, plugins/sudoers/iolog_util.c,
	plugins/sudoers/ldap.c, plugins/sudoers/ldap_conf.c,
	plugins/sudoers/ldap_util.c, plugins/sudoers/linux_audit.c,
	plugins/sudoers/linux_audit.h, plugins/sudoers/locale.c,
	plugins/sudoers/logging.c, plugins/sudoers/logging.h,
	plugins/sudoers/logwrap.c, plugins/sudoers/match.c,
	plugins/sudoers/match_addr.c, plugins/sudoers/match_command.c,
	plugins/sudoers/match_digest.c, plugins/sudoers/mkdir_parents.c,
	plugins/sudoers/parse.c, plugins/sudoers/parse.h,
	plugins/sudoers/parse_ldif.c, plugins/sudoers/policy.c,
	plugins/sudoers/prompt.c, plugins/sudoers/pwutil.c,
	plugins/sudoers/pwutil.h, plugins/sudoers/pwutil_impl.c,
	plugins/sudoers/rcstr.c, plugins/sudoers/redblack.c,
	plugins/sudoers/redblack.h,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/env_match/check_env_pattern.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c,
	plugins/sudoers/regress/iolog_util/check_iolog_util.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/regress/parser/check_base64.c,
	plugins/sudoers/regress/parser/check_digest.c,
	plugins/sudoers/regress/parser/check_fill.c,
	plugins/sudoers/regress/parser/check_gentime.c,
	plugins/sudoers/regress/parser/check_hexchar.c,
	plugins/sudoers/regress/starttime/check_starttime.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/solaris_audit.c,
	plugins/sudoers/solaris_audit.h, plugins/sudoers/sssd.c,
	plugins/sudoers/starttime.c, plugins/sudoers/strlist.c,
	plugins/sudoers/strlist.h, plugins/sudoers/stubs.c,
	plugins/sudoers/sudo_ldap.h, plugins/sudoers/sudo_ldap_conf.h,
	plugins/sudoers/sudo_nss.c, plugins/sudoers/sudo_nss.h,
	plugins/sudoers/sudo_printf.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoers_debug.c,
	plugins/sudoers/sudoers_debug.h, plugins/sudoers/sudoers_version.h,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/timeout.c, plugins/sudoers/timestamp.c,
	plugins/sudoers/timestr.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.h, plugins/sudoers/toke.l,
	plugins/sudoers/toke_util.c, plugins/sudoers/tsdump.c,
	plugins/sudoers/tsgetgrpw.c, plugins/sudoers/tsgetgrpw.h,
	plugins/sudoers/visudo.c, plugins/system_group/Makefile.in,
	plugins/system_group/system_group.c, src/Makefile.in,
	src/conversation.c, src/env_hooks.c, src/exec.c, src/exec_common.c,
	src/exec_monitor.c, src/exec_nopty.c, src/exec_pty.c, src/get_pty.c,
	src/hooks.c, src/load_plugins.c, src/net_ifs.c, src/openbsd.c,
	src/parse_args.c, src/preload.c, src/preserve_fds.c,
	src/regress/noexec/check_noexec.c,
	src/regress/ttyname/check_ttyname.c, src/selinux.c, src/sesh.c,
	src/signal.c, src/solaris.c, src/sudo.c, src/sudo.h,
	src/sudo_edit.c, src/sudo_exec.h, src/sudo_noexec.c,
	src/sudo_plugin_int.h, src/sudo_usage.h.in, src/tcsetpgrp_nobg.c,
	src/tgetpass.c, src/ttyname.c, src/utmp.c:
	Add SPDX-License-Identifier to files.
	[db66decfad24]

2019-04-28  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/auth/pam.c:
	Filter out last login messages on HP-UX unless running a shell. HP-
	UX in trusted mode will display last login messages as part of the
	PAM account management module by libpam_comsec. There is no way to
	suppress these messages from the PAM configuration in trusted mode
	so we need to filter them in the conversation function. In regular
	mode, similar (but different) messages may be produced by
	libpam_hpsec.
	[5bbb02c69b46]

2019-04-26  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/util/closefrom.c:
	FreeBSD's /dev/fd only contains fds 0-2 unless fdescfs is mounted.
	In practice this doesn't matter since FreeBSD >= 8 has a native
	closefrom
	[bbeeb52550f1]

2019-04-20  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/logging.c:
	Keep debug fds open in send_mail() to aid in debugging. Adds
	closefrom_nodebug() which acts like closefrom(3) but doesn't close
	debug fds for use by send_mail(). Also moves the code to exec the
	mailer to its own function.
	[b1892425667a]

2019-04-19  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/defaults.c:
	Set def_mailerflags even if sendmail was not found at configure
	time. Fixes a NULL dereference when mailerpath is set but
	mailerflags is not. Bug #878
	[6c57f5ddca54]

2019-04-08  Todd C. Miller  <Todd.Miller@sudo.ws>

	* MANIFEST, config.h.in, configure, configure.ac,
	include/sudo_compat.h, lib/util/Makefile.in, lib/util/getdelim.c,
	lib/util/getline.c, lib/util/parseln.c,
	lib/util/regress/getdelim/getdelim_test.c, mkdep.pl,
	plugins/sudoers/auth/aix_auth.c, plugins/sudoers/boottime.c,
	plugins/sudoers/iolog_util.c, plugins/sudoers/ldap_conf.c,
	plugins/sudoers/parse_ldif.c, plugins/sudoers/sssd.c:
	Add a proper getdelim(3) replacement and use it instead of
	getline(3).
	[2e06e45ffbd6]

	* plugins/sudoers/auth/pam.c:
	Restrict the PAM_TTY kludge to Solaris and Linux-PAM. Setting
	PAM_TTY to the empty string causes problems with some modules on HP-
	UX so restrict it to systems where it is fixes known issues.
	[d61f4e20dc67]

2019-03-18  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/util/getgrouplist.c:
	Fix the counting of supplementary groups on AIX. We should not
	assume that basegid will be present in the list of gids returned by
	getgrset().
	[6b5fa2805840]

2019-03-14  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/pwutil.c:
	Plug a memory leak on user/group lookup failure found by ASAN.
	[aff673f310d0]

2019-03-08  Todd C. Miller  <Todd.Miller@sudo.ws>

	* MANIFEST, plugins/sudoers/regress/testsudoers/test3.d/root,
	plugins/sudoers/regress/testsudoers/test3.sh:
	Fix test failure when run by a user other than the file owner.
	[c41ea7cfedf8]

	* MANIFEST, plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/ko.mo, plugins/sudoers/po/ko.po,
	plugins/sudoers/po/zh_TW.mo, plugins/sudoers/po/zh_TW.po, po/da.mo,
	po/da.po, po/eo.mo, po/eo.po, po/es.mo, po/es.po, po/zh_TW.mo,
	po/zh_TW.po:
	Updated translations from translationproject.org
	[484d7b28bdd6]

	* MANIFEST, plugins/sudoers/regress/cvtsudoers/test1.sh,
	plugins/sudoers/regress/cvtsudoers/test10.sh,
	plugins/sudoers/regress/cvtsudoers/test11.sh,
	plugins/sudoers/regress/cvtsudoers/test12.sh,
	plugins/sudoers/regress/cvtsudoers/test13.sh,
	plugins/sudoers/regress/cvtsudoers/test14.sh,
	plugins/sudoers/regress/cvtsudoers/test15.sh,
	plugins/sudoers/regress/cvtsudoers/test16.sh,
	plugins/sudoers/regress/cvtsudoers/test17.sh,
	plugins/sudoers/regress/cvtsudoers/test18.sh,
	plugins/sudoers/regress/cvtsudoers/test19.sh,
	plugins/sudoers/regress/cvtsudoers/test2.sh,
	plugins/sudoers/regress/cvtsudoers/test20.sh,
	plugins/sudoers/regress/cvtsudoers/test21.sh,
	plugins/sudoers/regress/cvtsudoers/test22.sh,
	plugins/sudoers/regress/cvtsudoers/test23.sh,
	plugins/sudoers/regress/cvtsudoers/test24.sh,
	plugins/sudoers/regress/cvtsudoers/test25.sh,
	plugins/sudoers/regress/cvtsudoers/test26.err.ok,
	plugins/sudoers/regress/cvtsudoers/test26.out.ok,
	plugins/sudoers/regress/cvtsudoers/test26.sh,
	plugins/sudoers/regress/cvtsudoers/test27.sh,
	plugins/sudoers/regress/cvtsudoers/test28.sh,
	plugins/sudoers/regress/cvtsudoers/test29.sh,
	plugins/sudoers/regress/cvtsudoers/test3.sh,
	plugins/sudoers/regress/cvtsudoers/test30.sh,
	plugins/sudoers/regress/cvtsudoers/test31.sh,
	plugins/sudoers/regress/cvtsudoers/test32.err.ok,
	plugins/sudoers/regress/cvtsudoers/test32.out.ok,
	plugins/sudoers/regress/cvtsudoers/test32.sh,
	plugins/sudoers/regress/cvtsudoers/test33.sh,
	plugins/sudoers/regress/cvtsudoers/test4.sh,
	plugins/sudoers/regress/cvtsudoers/test5.sh,
	plugins/sudoers/regress/cvtsudoers/test6.sh,
	plugins/sudoers/regress/cvtsudoers/test7.sh,
	plugins/sudoers/regress/cvtsudoers/test8.sh,
	plugins/sudoers/regress/cvtsudoers/test9.sh:
	Test cvtsudoers stdout and stderr separately. Fixes a test failure
	on systems with musl libc. Bug #873
	[e82a381f4f3d]

2019-03-06  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/starttime.c, src/ttyname.c:
	Better comment about EOVERFLOW and pstat_getproc(). Also remove some
	useless casts.
	[09a915110812]

	* lib/util/closefrom.c:
	Ignore EOVERFLOW from pstat_getproc(), it is not a fatal error. It
	just means that one of the fields in pstat lacks the precision to
	store a value. That's not an issue for pst_highestfd.
	[bb7ed18e360b]

	* sudo.pp:
	update copyright year
	[cff8184aeb11]

2019-03-05  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/load_plugins.c:
	Fix error message when a fully-qualified plugin path does not exist.
	[318f7511c9bc]

2019-03-04  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Fix unescaped '\' and remove an extra '[' in the definition of
	digest.
	[9ea1a400ebc9]

2019-03-03  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Ignore carriage return before a linefeed. This allows sudo to parse
	files with DOS-style line endings.
	[65882b63a84d]

2019-02-26  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	For sssd, the nsswitch.conf setting should be "sss" not "sssd". From
	Johnathan Smith.
	[5c07130d1bbc]

2019-02-20  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/env.c, plugins/sudoers/sudoers.h:
	Add simple API for to allow reading environment data from different
	sources. Currently, this is used to read a file like
	/etc/environment.
	[ce9161899719]

2019-02-19  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/sudoers.c:
	Fix pasto; the unrestricted env file was read when we want the
	restricted one.
	[23b0b3c473db]

	* plugins/sudoers/cvtsudoers.c, plugins/sudoers/defaults.h,
	plugins/sudoers/parse.h, plugins/sudoers/strlist.c, src/sudo.h:
	Be sure to include sudo_queue.h where needed instead of relying on
	other headers.
	[fe9418a9b378]

2019-02-18  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/util/util.exp.in:
	Only export sudo_arc4random_uniform() if arc4random_uniform() is
	missing.
	[e32a7243976d]

	* lib/util/regress/vsyslog/vsyslog_test.c:
	Quiet a warning on gcc 8
	[fe8cad6564e2]

	* include/sudo_compat.h:
	AIX 7.1 defines O_CLOEXEC but it can't be used outside the kernel.
	Redefine O_CLOEXEC if it doesn't fit in an int and pipe2() is
	missing.
	[3ef0220351ca]

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/match.c,
	plugins/sudoers/match_command.c, plugins/sudoers/match_digest.c,
	plugins/sudoers/parse.h:
	Split command match code out into match_command.c. Also remove
	unused SUDOERS_NAME_MATCH code.
	[2a7adb93a65e]

2019-02-17  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/match_digest.c:
	Split out digest matching into its own file.
	[93863918f934]

	* plugins/sudoers/Makefile.in, plugins/sudoers/match.c,
	plugins/sudoers/parse.h:
	Split out digest matching into its own file.
	[aafdc9b976ed]

2019-02-12  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/gram.c, plugins/sudoers/gram.h,
	plugins/sudoers/gram.y, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l:
	Rename FOLLOW and NOFOLLOW tokens FOLLOWLNK and NOFOLLOWLNK. Fixes a
	namespace collision on Solaris when bison is used.
	[707b94b7c1e9]

2019-02-06  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/match.c:
	Add stub definition of digest_matches() for SUDOERS_NAME_MATCH
	[a322e57c85e0]

	* plugins/sudoers/sudo_nss.c:
	No longer need to include sudo_lbuf.h
	[db110422b24c]

	* mkpkg:
	On RedHat/CentOS get the OS major version from /etc/redhat-release.
	We cannot determine this from the output of "pp --probe" since it
	doesn't contain a period to separate the major and minor numbers.
	[78a27d62de0c]

2019-02-05  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/policy.c:
	Use SET macro instead of bitwise OR.
	[b523937e8da8]

	* plugins/sudoers/pwutil_impl.c:
	In sudo_make_grlist_item() the calculation of total did not include
	space for pointers to the group names.
	[7c438dd62f45]

	* plugins/sudoers/cvtsudoers_pwutil.c:
	Use correct debug_decl() names.
	[d0f02db8be20]

	* plugins/sudoers/sudoers.h:
	Add fallback values for sudoers uid, gid and mode if not set in
	Makefile.
	[21e41ed7a06c]

2019-02-04  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/util/memset_s.c:
	include stddef.h to make sure we get NULL
	[d42b4c325c0c]

2019-02-02  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/net_ifs.c:
	Fix memory leak when there are no network interfaces or an error
	occurs.
	[7ba525ee9233]

2019-01-25  Todd C. Miller  <Todd.Miller@sudo.ws>

	* configure, configure.ac:
	Use $ac_cv_search_FUNCTION instead of $ac_lib and $ac_res. Fixes a
	problem where libcrypt is not used with autoconf caching. Adapted
	from a diff from Adam Labbe.
	[5cfcade6ce3e]

2019-01-24  Todd C. Miller  <Todd.Miller@sudo.ws>

	* po/de.mo, po/de.po, po/ko.mo, po/ko.po:
	Updated translations from translationproject.org
	[4995f6542a2c]

2019-01-22  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/parse.c:
	Fix listpw=never and verifypw=never. Bug #869
	[ecb89088a884]

2019-01-20  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/util/regress/vsyslog/vsyslog_test.c, lib/util/sig2str.c,
	plugins/sudoers/alias.c, plugins/sudoers/cvtsudoers_pwutil.c,
	plugins/sudoers/env.c, plugins/sudoers/find_path.c,
	plugins/sudoers/fmtsudoers.c, plugins/sudoers/group_plugin.c,
	plugins/sudoers/iolog.c, plugins/sudoers/ldap.c,
	plugins/sudoers/ldap_conf.c, plugins/sudoers/ldap_util.c,
	plugins/sudoers/logging.c, plugins/sudoers/match.c,
	plugins/sudoers/parse.c, plugins/sudoers/set_perms.c,
	plugins/sudoers/starttime.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/timestamp.c,
	plugins/sudoers/tsdump.c, src/exec_monitor.c, src/exec_nopty.c,
	src/exec_pty.c, src/sudo.c, src/ttyname.c:
	Minor snprintf() usage tweaks: 1) don't assume snprintf() returns -1
	on error, check for <0 2) when comparing return value of
	sizeof(foo), cast the sizeof, not the len 3) cast return value to
	void in cases where snprintf cannot fail
	[2af6dfb31a49]

2019-01-07  Todd C. Miller  <Todd.Miller@sudo.ws>

	* NEWS:
	The AIX nofiles hard limit fix and bug #867 will make 1.8.27.
	[a8b4710ff907]

	* plugins/sudoers/auth/pam.c:
	Use PAM_SILENT to prevent pam_lastlog from printing last login
	information on RedHat except when explicitly running a shell.
	Adapted from a patch from Nir Soffer. Bug #867
	[b8b5d3445a3c]

	* lib/util/aix.c:
	Fix the default nofiles and stack hard limits. The table of default
	hard limits in /etc/security/limits was out of date with respect to
	the current documentation. The default hard limit for nofiles should
	be unlimited, not 8196. The default hard limit for stack should be
	4194304 blocks (which fits in an unsigned long on 32-bit platforms).
	[68c8c05a0b9b]

2019-01-03  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/po/sudoers.pot:
	regen
	[3000c62ed0ba]

	* NEWS:
	Final updates for sudo 1.8.27.
	[40d6ecb1f739]

	* src/exec_pty.c:
	Update copyright year
	[adc9f4046585]

	* doc/LICENSE:
	Update for 2019
	[ccbbad25d7c7]

2019-01-02  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/exec_pty.c:
	Fix setting of utmp entry when running command in a pty. Regression
	introduced in sudo 1.8.22.
	[cf81f3fa1f3a]

2018-12-24  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/sudoers.c:
	Use debug_return_int not debug_return_bool in resolve_host
	[490241e14e68]

	* NEWS, configure, configure.ac:
	sudo 1.8.27
	[f59a4a391a44]

	* doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in,
	plugins/sudoers/visudo.c:
	Allow the sudoers file to be specified without the -f option. Bug
	#864
	[eb3d4c4461ba]

2018-12-20  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	The iolog_dir section is below the maxseq section, not above.
	[35534e4f23d9]

2018-12-12  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po, po/ja.mo,
	po/ja.po:
	Updated translations from translationproject.org
	[270660da2de4]

2018-12-11  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/sudoreplay.c:
	Add -n and -R options to help; reported by Radovan Sroka
	[683df32eb950]

	* doc/cvtsudoers.cat, doc/cvtsudoers.man.in, doc/cvtsudoers.mdoc.in:
	Add missing description of padding option and missing argument to
	-c.
	[c762020f1694]

	* plugins/sudoers/cvtsudoers.c:
	The -c option was missing from the help info; from Radovan Sroka
	[aa36d5c05b0b]

	* doc/cvtsudoers.cat, doc/cvtsudoers.man.in, doc/cvtsudoers.mdoc.in:
	Fix some typos; reported by Radovan Sroka
	[d6137224dd47]

2018-12-08  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/auth/pam.c:
	In sudo_pam_approval(), for the exempt case, only overwrite pam
	status when the passwd is expired or needs to be updated.
	[2c2d1ed1bb7e]

2018-12-07  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/auth/pam.c:
	The fix for bug #843 was incomplete and caused pam_end() to be
	called early. sudo_pam_approval() must not set the global pam status
	to an error value if it returns AUTH_SUCCESS. Otherwise,
	sudo_pam_cleanup() will call pam_end() before
	sudo_pam_begin_session(). This resulted in a NULL PAM handle being
	used in sudo_pam_begin_session().
	[656aa910fbaf]

2018-12-05  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/exec.c:
	Don't run the command in a pty if no I/O plugins are logging
	anything. That way an I/O plugin that doesn't actually log anything
	won't cause the command to be run in a pty.
	[ef83f35c9cb0]

2018-11-29  Todd C. Miller  <Todd.Miller@sudo.ws>

	* .hgignore:
	Update ignore patterns to match doc changes.
	[7438cdacc0e1]

	* doc/fixmdoc.sed:
	fix mode fixmdoc.sed
	[d74c0b7c5932]

2018-11-27  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/Makefile.in, doc/sudo.conf.man.in, doc/sudo.man.in,
	doc/sudoers.ldap.man.in, doc/sudoers.man.in,
	doc/sudoers_timestamp.man.in, doc/sudoreplay.man.in,
	doc/visudo.man.in:
	Fix section in the .TH line of *.man.in file. The substitution for
	@mansectsu@ and @mansectform@ was broken. No longer need to strip
	out OpenBSD from the header line.
	[cb02c8496b21]

	* doc/sudoers.man.in.sed:
	Add sudoers.man.in.sed, missed from previous commit.
	[a2113a52e6a7]

	* doc/CONTRIBUTORS:
	Add Guillem Jover
	[db7a39f9726a]

	* NEWS:
	recent changes
	[0c07a0cdf2ff]

	* MANIFEST, doc/Makefile.in, doc/fixman.sh, doc/fixmdoc.sed,
	doc/fixmdoc.sh, doc/sudo.cat, doc/sudo.man.in, doc/sudo.man.in.sed,
	doc/sudo.mdoc.in, doc/sudoers.cat, doc/sudoers.man.in,
	doc/sudoers.mdoc.in:
	Use roff conditionals in the manuals instead of post-processing. We
	still need to process the resulting .man.in files to add back the
	conditionals but this should be easier to debug as the changes are
	visible in the .in file. Some minor postprocessing is still used to
	make the manuals HP-UX friendly and to change "0 seconds" ->
	unlimited after substitution.
	[44316d271ab8]

2018-11-24  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in:
	Sudo plugin manual updates and clarification from Guillem Jover:
	- Add missing return information for show_version().
	- Fix prototypes for several function pointers.
	- Update SUDO_API_VERSION_MINOR.
	- Add missing references to log_suspend() and change_winsize().
	- Add missing "array.".
	- Clarify that argc can be zero on sudo -V.
	- Clarify size requirements for conversation array arguments.
	- Clarify timeout zero value for struct sudo_conv_message.
	- Clarify initial and final state of reply in struct sudo_conv_reply.
	[1241cff4dd51]

	* doc/fixmdoc.sh, doc/sudo.man.in, doc/sudo.mdoc.in,
	doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Revert changes to give arguments to the .Bx macro. This is intended
	for things like .Bx 4.3 to generate "4.3BSD" so the argument ends up
	before the BSD, not after. Just go back to using "BSD
	authentication" and "BSD login classes" so fixmdoc.sh can operate
	correctly. Bug #861
	[c58965343318]

2018-11-23  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/fixmdoc.sh, doc/sudo.mdoc.in, doc/sudoers.mdoc.in:
	Update fixmdoc.sh to match the BSD -> .Bx changes in the manuals.
	Bug #861
	[7ddfb74781a1]

2018-11-18  Todd C. Miller  <Todd.Miller@sudo.ws>

	* config.h.in, configure, configure.ac, m4/sudo.m4, src/utmp.c:
	Add support for utmps as found in HP-UX.
	[f55312948139]

2018-11-14  Todd C. Miller  <Todd.Miller@sudo.ws>

	* config.h.in, configure, configure.ac, include/sudo_util.h,
	lib/util/utimens.c:
	Support st_nmtime in struct stat as found in HP-UX.
	[0854b34cd2ea]

	* lib/util/closefrom.c:
	If fcntl fails, fall back to the /proc implementation.
	[59a03e0d3148]

2018-11-12  Todd C. Miller  <Todd.Miller@sudo.ws>

	* NEWS:
	Mention schema.olcSudo
	[320adcd29a61]

2018-11-09  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	Mention schema.olcSudo here too.
	[a19dff54603b]

	* MANIFEST, README.LDAP, doc/CONTRIBUTORS, doc/schema.OpenLDAP,
	doc/schema.olcSudo:
	OpenLDAP schema file for Sudo in on-line configuration (OLC) format.
	From Frederic Pasteleurs.
	[1fcfa9f307a2]

	* po/ast.mo, po/ast.po:
	Updated translations from translationproject.org
	[70f0ec8c721c]

2018-11-08  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/util/closefrom.c:
	Only use closefrom_fallback() if no better method exists. The
	previous logic was too fragile.
	[2510928e291f]

2018-11-07  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/hr.mo, plugins/sudoers/po/hr.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/sv.mo, plugins/sudoers/po/sv.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po, po/cs.mo,
	po/cs.po, po/fr.mo, po/fr.po, po/hr.mo, po/hr.po, po/it.mo,
	po/it.po, po/nb.mo, po/nb.po, po/pl.mo, po/pl.po, po/pt_BR.mo,
	po/pt_BR.po, po/sv.mo, po/sv.po, po/tr.mo, po/tr.po, po/uk.mo,
	po/uk.po, po/vi.mo, po/vi.po, po/zh_CN.mo, po/zh_CN.po:
	Updated translations from translationproject.org
	[898154804015]

	* MANIFEST, NEWS, doc/CONTRIBUTORS, plugins/sudoers/po/pt.mo,
	plugins/sudoers/po/pt.po, po/pt.mo, po/pt.po:
	Portuguese translation for sudo and sudoers from
	translationproject.org.
	[4c49e5cf8936]

2018-11-05  Todd C. Miller  <Todd.Miller@sudo.ws>

	* NEWS, configure, configure.ac, include/sudo_fatal.h,
	lib/util/Makefile.in, lib/util/fatal.c, lib/util/util.exp.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/logging.c,
	plugins/sudoers/logging.h, plugins/sudoers/sudoers.c:
	Add sudo_gai_fatal, sudo_gai_vfatal, sudo_gai_vwarn, sudo_gai_warn
	and gai_log_warning that use gai_strerror() instead of strerror().
	[9c37c5db3293]

2018-10-31  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/match.c:
	Fix memory leak in runaslist_matches().
	[f1366ad50eb3]

2018-10-29  Todd C. Miller  <Todd.Miller@sudo.ws>

	* NEWS:
	typo
	[fc8aa243672a]

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen
	[f333405eb06c]

	* NEWS:
	More updates for 1.8.26
	[1941961b232f]

2018-10-28  Todd C. Miller  <Todd.Miller@sudo.ws>

	* MANIFEST, doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in, plugins/sudoers/ldap_util.c,
	plugins/sudoers/regress/cvtsudoers/test33.out.ok,
	plugins/sudoers/regress/cvtsudoers/test33.sh:
	Add support for negated sudoRunAsUser and sudoRunAsGroup entries.
	[d0368336d92b]

2018-10-27  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in, doc/sudoers.cat,
	doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document that the target user's groups may be specified via the -g
	option.
	[67b7643e3bcb]

	* plugins/sudoers/tsgetgrpw.c:
	Include getpwent() version of sudo_getgrouplist2_v1() from
	getgrouplist.c
	[60aa493504d1]

	* MANIFEST, plugins/sudoers/regress/testsudoers/group,
	plugins/sudoers/regress/testsudoers/test1.sh:
	Use a testsudoers group file with known contents instead of the
	system one.
	[7a4499c92acd]

	* plugins/sudoers/match.c, plugins/sudoers/parse.h,
	plugins/sudoers/set_perms.c:
	Allow the group set by "sudo -g" to be any of the target user's
	groups. Previously, this was only allowed if the group matched the
	target user's primary group ID (from the passwd database entry). The
	sudoers policy will now allow the group if it is one of the target
	user's supplemental groups as well.
	[c43fedc19a01]

2018-10-26  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/util/regress/getgrouplist/getgrouplist_test.c:
	Skip sudo_getgrouplist2() check on systems with getgrouplist_2().
	sudo_getgrouplist2() is just a wrapper on such systems and this
	avoids a test failure on macOS where a user is automatically a
	member of certain groups.
	[26ba0c363b80]

	* lib/util/util.exp.in:
	Add missing exported symbol sudo_term_eof
	[2d8e0438eba4]

	* plugins/sudoers/ldap_conf.c:
	Add missing #ifdef LDAP_OPT_X_TLS_REQUIRE_CERT Fixes problems
	building on older LDAP sdks.
	[1effb0f19867]

	* MANIFEST:
	add getgrouplist_test.c
	[ca5bae341846]

	* lib/util/regress/getgrouplist/getgrouplist_test.c:
	Check the user's primary gid from the passwd file too.
	[60ba98074d75]

	* .hgignore:
	ignore prologue
	[589222ec2717]

	* lib/util/aix.c, lib/util/arc4random.c,
	lib/util/arc4random_uniform.c, lib/util/closefrom.c,
	lib/util/digest.c, lib/util/digest_gcrypt.c,
	lib/util/digest_openssl.c, lib/util/event.c, lib/util/event_poll.c,
	lib/util/event_select.c, lib/util/fatal.c, lib/util/fnmatch.c,
	lib/util/getentropy.c, lib/util/getgrouplist.c,
	lib/util/gethostname.c, lib/util/getline.c, lib/util/getopt_long.c,
	lib/util/gettime.c, lib/util/gidlist.c, lib/util/isblank.c,
	lib/util/key_val.c, lib/util/lbuf.c, lib/util/locking.c,
	lib/util/memrchr.c, lib/util/memset_s.c, lib/util/mksiglist.c,
	lib/util/mksigname.c, lib/util/mktemp.c, lib/util/nanosleep.c,
	lib/util/parseln.c, lib/util/pipe2.c, lib/util/progname.c,
	lib/util/pw_dup.c, lib/util/reallocarray.c,
	lib/util/regress/atofoo/atofoo_test.c,
	lib/util/regress/getgrouplist/getgrouplist_test.c,
	lib/util/regress/parse_gids/parse_gids_test.c,
	lib/util/regress/progname/progname_test.c,
	lib/util/regress/strsplit/strsplit_test.c,
	lib/util/regress/sudo_conf/conf_test.c,
	lib/util/regress/sudo_parseln/parseln_test.c,
	lib/util/regress/tailq/hltq_test.c,
	lib/util/regress/vsyslog/vsyslog_test.c, lib/util/secure_path.c,
	lib/util/setgroups.c, lib/util/sha2.c, lib/util/sig2str.c,
	lib/util/strlcat.c, lib/util/strlcpy.c, lib/util/strndup.c,
	lib/util/strnlen.c, lib/util/strsignal.c, lib/util/strsplit.c,
	lib/util/strtobool.c, lib/util/strtoid.c, lib/util/strtomode.c,
	lib/util/strtonum.c, lib/util/sudo_conf.c, lib/util/sudo_debug.c,
	lib/util/sudo_dso.c, lib/util/term.c, lib/util/ttyname_dev.c,
	lib/util/ttysize.c, lib/util/utimens.c, lib/util/vsyslog.c,
	plugins/group_file/getgrent.c, plugins/group_file/group_file.c,
	plugins/group_file/plugin_test.c, plugins/sample/sample_plugin.c,
	plugins/sudoers/Makefile.in, plugins/sudoers/alias.c,
	plugins/sudoers/audit.c, plugins/sudoers/auth/afs.c,
	plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/bsdauth.c,
	plugins/sudoers/auth/dce.c, plugins/sudoers/auth/fwtk.c,
	plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/rfc1938.c,
	plugins/sudoers/auth/secureware.c, plugins/sudoers/auth/securid5.c,
	plugins/sudoers/auth/sia.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/base64.c, plugins/sudoers/boottime.c,
	plugins/sudoers/bsm_audit.c, plugins/sudoers/check.c,
	plugins/sudoers/cvtsudoers.c, plugins/sudoers/cvtsudoers_json.c,
	plugins/sudoers/cvtsudoers_ldif.c,
	plugins/sudoers/cvtsudoers_pwutil.c, plugins/sudoers/defaults.c,
	plugins/sudoers/digestname.c, plugins/sudoers/editor.c,
	plugins/sudoers/env.c, plugins/sudoers/env_pattern.c,
	plugins/sudoers/file.c, plugins/sudoers/filedigest.c,
	plugins/sudoers/find_path.c, plugins/sudoers/fmtsudoers.c,
	plugins/sudoers/gc.c, plugins/sudoers/gentime.c,
	plugins/sudoers/getdate.c, plugins/sudoers/getspwuid.c,
	plugins/sudoers/gmtoff.c, plugins/sudoers/goodpath.c,
	plugins/sudoers/gram.c, plugins/sudoers/group_plugin.c,
	plugins/sudoers/hexchar.c, plugins/sudoers/interfaces.c,
	plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c,
	plugins/sudoers/iolog_util.c, plugins/sudoers/ldap.c,
	plugins/sudoers/ldap_conf.c, plugins/sudoers/ldap_util.c,
	plugins/sudoers/linux_audit.c, plugins/sudoers/locale.c,
	plugins/sudoers/logging.c, plugins/sudoers/logwrap.c,
	plugins/sudoers/match.c, plugins/sudoers/match_addr.c,
	plugins/sudoers/mkdir_parents.c, plugins/sudoers/parse.c,
	plugins/sudoers/parse_ldif.c, plugins/sudoers/policy.c,
	plugins/sudoers/prompt.c, plugins/sudoers/pwutil.c,
	plugins/sudoers/pwutil_impl.c, plugins/sudoers/rcstr.c,
	plugins/sudoers/redblack.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/env_match/check_env_pattern.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c,
	plugins/sudoers/regress/iolog_util/check_iolog_util.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/regress/parser/check_base64.c,
	plugins/sudoers/regress/parser/check_digest.c,
	plugins/sudoers/regress/parser/check_fill.c,
	plugins/sudoers/regress/parser/check_gentime.c,
	plugins/sudoers/regress/parser/check_hexchar.c,
	plugins/sudoers/regress/starttime/check_starttime.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/solaris_audit.c,
	plugins/sudoers/sssd.c, plugins/sudoers/starttime.c,
	plugins/sudoers/strlist.c, plugins/sudoers/stubs.c,
	plugins/sudoers/sudo_nss.c, plugins/sudoers/sudo_printf.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers_debug.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/timeout.c, plugins/sudoers/timestamp.c,
	plugins/sudoers/timestr.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke_util.c, plugins/sudoers/tsdump.c,
	plugins/sudoers/tsgetgrpw.c, plugins/sudoers/visudo.c,
	plugins/system_group/system_group.c, src/conversation.c,
	src/env_hooks.c, src/exec.c, src/exec_common.c, src/exec_monitor.c,
	src/exec_nopty.c, src/exec_pty.c, src/get_pty.c, src/hooks.c,
	src/load_plugins.c, src/net_ifs.c, src/openbsd.c, src/parse_args.c,
	src/preload.c, src/preserve_fds.c,
	src/regress/noexec/check_noexec.c,
	src/regress/ttyname/check_ttyname.c, src/selinux.c, src/sesh.c,
	src/signal.c, src/solaris.c, src/sudo.c, src/sudo_edit.c,
	src/sudo_noexec.c, src/tcsetpgrp_nobg.c, src/tgetpass.c,
	src/ttyname.c, src/utmp.c:
	Convert PVS-Studio comment to ANSI C.
	[31f2aefe6d9b]

	* Makefile.in, doc/Makefile.in, doc/cvtsudoers.man.in,
	doc/cvtsudoers.mdoc.in, doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in,
	doc/sudo.man.in, doc/sudo.mdoc.in, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	doc/sudoers_timestamp.man.in, doc/sudoers_timestamp.mdoc.in,
	doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in, doc/visudo.man.in,
	doc/visudo.mdoc.in, examples/Makefile.in, include/Makefile.in,
	include/sudo_lbuf.h, lib/util/Makefile.in, lib/util/digest.c,
	lib/util/digest_gcrypt.c, lib/util/digest_openssl.c,
	lib/util/lbuf.c, lib/util/setgroups.c, lib/util/ttysize.c,
	lib/zlib/Makefile.in, plugins/group_file/Makefile.in,
	plugins/sample/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/sudoers/alias.c, plugins/sudoers/auth/dce.c,
	plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/securid5.c,
	plugins/sudoers/auth/sia.c, plugins/sudoers/base64.c,
	plugins/sudoers/file.c, plugins/sudoers/filedigest.c,
	plugins/sudoers/gentime.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/match.c,
	plugins/sudoers/match_addr.c, plugins/sudoers/parse.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/timeout.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/toke_util.c, plugins/sudoers/tsdump.c,
	plugins/system_group/Makefile.in, src/Makefile.in, src/sesh.c,
	src/sudo_usage.h.in:
	Fix some mangled text in the license block.
	[86b88fbda4b4]

	* lib/util/Makefile.in,
	lib/util/regress/getgrouplist/getgrouplist_test.c,
	lib/util/regress/parse_gids/parse_gids_test.c:
	Add regress test for sudo_getgrouplist2(). This test assumes all the
	groups in root's group list can be resolved by group ID.
	[48564f85b7ed]

2018-10-25  Todd C. Miller  <Todd.Miller@sudo.ws>

	* NEWS:
	More changes in 1.8.26
	[fe81e3e4b653]

	* MANIFEST, doc/cvtsudoers.cat, doc/cvtsudoers.man.in,
	doc/cvtsudoers.mdoc.in, plugins/sudoers/cvtsudoers.c,
	plugins/sudoers/cvtsudoers.h, plugins/sudoers/cvtsudoers_ldif.c,
	plugins/sudoers/regress/cvtsudoers/test31.conf,
	plugins/sudoers/regress/cvtsudoers/test31.out.ok,
	plugins/sudoers/regress/cvtsudoers/test31.sh,
	plugins/sudoers/regress/cvtsudoers/test32.out.ok,
	plugins/sudoers/regress/cvtsudoers/test32.sh:
	Add padding option to cvtsudoers. Bug #856
	[6e31b0e37ba1]

	* lib/util/getgrouplist.c:
	Remove an errant grset++ in the AIX version of sudo_getgrouplist2().
	Bug #857
	[03b19227cab2]

2018-10-22  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/util/Makefile.in, plugins/group_file/Makefile.in,
	plugins/sample/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/system_group/Makefile.in, src/Makefile.in:
	Pass --sourcetree-root to pvs-studio and don't check sudo_noexec.c.
	Since we don't auto-generate dependencies for sudo_noexec.c we can't
	easily check it from outside the source tree. This is not a problem
	as it just contains stub functions.
	[3cf842d30e45]

	* MANIFEST, doc/CONTRIBUTORS, po/ast.mo, po/ast.po:
	Asturian translation for sudo from translationproject.org
	[dc0b31fa013c]

2018-10-21  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/util/gettime.c:
	Add support for CLOCK_MONOTONIC_RAW and CLOCK_UPTIME_RAW, present on
	macOS.
	[5f34c8de0707]

	* INSTALL, configure, configure.ac:
	Add --enable-pvs-studio configure option to create PVS-Studio.cfg.
	[772e86227c11]

	* lib/util/aix.c, lib/util/arc4random.c,
	lib/util/arc4random_uniform.c, lib/util/closefrom.c,
	lib/util/digest.c, lib/util/digest_gcrypt.c,
	lib/util/digest_openssl.c, lib/util/event.c, lib/util/event_poll.c,
	lib/util/event_select.c, lib/util/fatal.c, lib/util/fnmatch.c,
	lib/util/getentropy.c, lib/util/getgrouplist.c,
	lib/util/gethostname.c, lib/util/getline.c, lib/util/getopt_long.c,
	lib/util/gettime.c, lib/util/gidlist.c, lib/util/isblank.c,
	lib/util/key_val.c, lib/util/lbuf.c, lib/util/locking.c,
	lib/util/memrchr.c, lib/util/memset_s.c, lib/util/mksiglist.c,
	lib/util/mksigname.c, lib/util/mktemp.c, lib/util/nanosleep.c,
	lib/util/parseln.c, lib/util/pipe2.c, lib/util/progname.c,
	lib/util/pw_dup.c, lib/util/reallocarray.c,
	lib/util/regress/atofoo/atofoo_test.c,
	lib/util/regress/parse_gids/parse_gids_test.c,
	lib/util/regress/progname/progname_test.c,
	lib/util/regress/strsplit/strsplit_test.c,
	lib/util/regress/sudo_conf/conf_test.c,
	lib/util/regress/sudo_parseln/parseln_test.c,
	lib/util/regress/tailq/hltq_test.c,
	lib/util/regress/vsyslog/vsyslog_test.c, lib/util/secure_path.c,
	lib/util/setgroups.c, lib/util/sha2.c, lib/util/sig2str.c,
	lib/util/strlcat.c, lib/util/strlcpy.c, lib/util/strndup.c,
	lib/util/strnlen.c, lib/util/strsignal.c, lib/util/strsplit.c,
	lib/util/strtobool.c, lib/util/strtoid.c, lib/util/strtomode.c,
	lib/util/strtonum.c, lib/util/sudo_conf.c, lib/util/sudo_debug.c,
	lib/util/sudo_dso.c, lib/util/term.c, lib/util/ttyname_dev.c,
	lib/util/ttysize.c, lib/util/utimens.c, lib/util/vsyslog.c,
	plugins/group_file/getgrent.c, plugins/group_file/group_file.c,
	plugins/group_file/plugin_test.c, plugins/sample/sample_plugin.c,
	plugins/sudoers/alias.c, plugins/sudoers/audit.c,
	plugins/sudoers/auth/afs.c, plugins/sudoers/auth/aix_auth.c,
	plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/dce.c,
	plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/kerb5.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/passwd.c,
	plugins/sudoers/auth/rfc1938.c, plugins/sudoers/auth/secureware.c,
	plugins/sudoers/auth/securid5.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/base64.c,
	plugins/sudoers/boottime.c, plugins/sudoers/bsm_audit.c,
	plugins/sudoers/check.c, plugins/sudoers/cvtsudoers.c,
	plugins/sudoers/cvtsudoers_json.c,
	plugins/sudoers/cvtsudoers_ldif.c,
	plugins/sudoers/cvtsudoers_pwutil.c, plugins/sudoers/defaults.c,
	plugins/sudoers/digestname.c, plugins/sudoers/editor.c,
	plugins/sudoers/env.c, plugins/sudoers/env_pattern.c,
	plugins/sudoers/file.c, plugins/sudoers/filedigest.c,
	plugins/sudoers/find_path.c, plugins/sudoers/fmtsudoers.c,
	plugins/sudoers/gc.c, plugins/sudoers/gentime.c,
	plugins/sudoers/getdate.c, plugins/sudoers/getspwuid.c,
	plugins/sudoers/gmtoff.c, plugins/sudoers/goodpath.c,
	plugins/sudoers/gram.c, plugins/sudoers/group_plugin.c,
	plugins/sudoers/hexchar.c, plugins/sudoers/interfaces.c,
	plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c,
	plugins/sudoers/iolog_util.c, plugins/sudoers/ldap.c,
	plugins/sudoers/ldap_conf.c, plugins/sudoers/ldap_util.c,
	plugins/sudoers/linux_audit.c, plugins/sudoers/locale.c,
	plugins/sudoers/logging.c, plugins/sudoers/logwrap.c,
	plugins/sudoers/match.c, plugins/sudoers/match_addr.c,
	plugins/sudoers/mkdir_parents.c, plugins/sudoers/parse.c,
	plugins/sudoers/parse_ldif.c, plugins/sudoers/policy.c,
	plugins/sudoers/prompt.c, plugins/sudoers/pwutil.c,
	plugins/sudoers/pwutil_impl.c, plugins/sudoers/rcstr.c,
	plugins/sudoers/redblack.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/env_match/check_env_pattern.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c,
	plugins/sudoers/regress/iolog_util/check_iolog_util.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/regress/parser/check_base64.c,
	plugins/sudoers/regress/parser/check_digest.c,
	plugins/sudoers/regress/parser/check_fill.c,
	plugins/sudoers/regress/parser/check_gentime.c,
	plugins/sudoers/regress/parser/check_hexchar.c,
	plugins/sudoers/regress/starttime/check_starttime.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/solaris_audit.c,
	plugins/sudoers/sssd.c, plugins/sudoers/starttime.c,
	plugins/sudoers/strlist.c, plugins/sudoers/stubs.c,
	plugins/sudoers/sudo_nss.c, plugins/sudoers/sudo_printf.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers_debug.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/timeout.c, plugins/sudoers/timestamp.c,
	plugins/sudoers/timestr.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke_util.c, plugins/sudoers/tsdump.c,
	plugins/sudoers/tsgetgrpw.c, plugins/sudoers/visudo.c,
	plugins/system_group/system_group.c, src/conversation.c,
	src/env_hooks.c, src/exec.c, src/exec_common.c, src/exec_monitor.c,
	src/exec_nopty.c, src/exec_pty.c, src/get_pty.c, src/hooks.c,
	src/load_plugins.c, src/net_ifs.c, src/openbsd.c, src/parse_args.c,
	src/preload.c, src/preserve_fds.c,
	src/regress/noexec/check_noexec.c,
	src/regress/ttyname/check_ttyname.c, src/selinux.c, src/sesh.c,
	src/signal.c, src/solaris.c, src/sudo.c, src/sudo_edit.c,
	src/sudo_noexec.c, src/tcsetpgrp_nobg.c, src/tgetpass.c,
	src/ttyname.c, src/utmp.c:
	Add comments in .c files so PVS-Studio will check them.
	[b42b6dcb48a6]

	* .hgignore, Makefile.in, doc/Makefile.in, examples/Makefile.in,
	include/Makefile.in, lib/util/Makefile.in, lib/zlib/Makefile.in,
	mkdep.pl, plugins/group_file/Makefile.in,
	plugins/sample/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/system_group/Makefile.in, src/Makefile.in:
	Add pvs-studio target and associated production rules.
	[3dbcef5ac205]

2018-10-20  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/iolog_util.c:
	Simplify range checks. No need to check for ERANGE in the cases
	where we also check that the value is <= INT_MAX. Found by PVS-
	Studio.
	[45810a8437b6]

2018-10-19  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/util/key_val.c, plugins/sudoers/iolog_path.c,
	plugins/sudoers/linux_audit.c, plugins/sudoers/toke_util.c,
	src/preserve_fds.c:
	Avoid some PVS-Studio false positives.
	[e4d8ce94fda7]

	* src/sudo.c:
	Remove some calls to sudo_fatalx(); just propagate the error return.
	[bc9eefbf0cdf]

	* src/sesh.c:
	No need to check if fd_dst is -1 in sudoedit mode. Failure to open
	the destination sudoedit file is fatal so there's no need to check
	that fd_dst != -1 later on. Found by PVS-Studio.
	[5530586ace16]

	* plugins/sudoers/timestamp.c:
	In timestamp_open() no need to free cookie on error, it is NULL.
	Found by PVS-Studio.
	[becfe97c72f8]

2018-10-18  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/ldap_util.c:
	Fix a memory leak on malloc() error in sudo_ldap_role_to_priv().
	Coverity CID 188804
	[1bea56670410]

	* plugins/sudoers/parse_ldif.c:
	Move the allocation of role to be immediately before in_role is set.
	This makes it clear that when in_role == true, role is non-NULL.
	Also remove two dead stores.
	[790d90c578c8]

	* plugins/sudoers/parse_ldif.c:
	Fix trimming of non-escaped trailing space in
	ldif_parse_attribute(). Found by PVS-Studio.
	[37fded3c77a4]

	* plugins/sudoers/match.c:
	Simplify the logic surrounding sudoers_args in command_args_match().
	We only need to check that sudoers_args is non-NULL once. Found by
	PVS-Studio.
	[93c967145e82]

	* plugins/sudoers/ldap.c:
	If sudo_ldap_get_values_len() fails goto cleanup instead of oom.
	This is not strictly necessary as there's not anything to cleanup in
	this case but it is more consistent with the code that follows.
	[d0d8b8b8dca8]

	* plugins/sudoers/policy.c:
	Fix handling of timeout values in sudoers. When passing the timeout
	back to the front end, ignore the user-specified timeout if it is
	not set (initialized to 0). Otherwise, sudo would choose a zero
	user-specified timeout over the sudoers-specified timeout (non-
	zero).
	[6b08b3b918b7]

2018-10-17  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/cvtsudoers_pwutil.c:
	Fix cut & pastos in cvtsudoers_make_gritem()
	[bd901c0394ba]

	* plugins/sudoers/regress/sudoers/test17.ldif2sudo.ok:
	Fix expected test output now that command_timeout is parsed
	correctly in LDIF.
	[ba6cfd26330e]

	* lib/util/event.c, lib/util/event_poll.c, lib/util/event_select.c:
	tv_nsec can never be negative after timespecsub. Found by PVS Studio
	[ecfb93c9463c]

2018-10-16  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/sudoers.c:
	Avoid potentially undefined behavior. Found by PVS Studio.
	[ae76c69e0d6f]

	* plugins/sudoers/ldap_util.c:
	sudo_ldap_parse_option() never returns '=' as the operator. When
	parsing command_timeout, role, type, privs and limitprivs, check
	that val is non-NULL instead. Found by PVS Studio.
	[10f8cff7cce7]

	* plugins/sudoers/Makefile.in, plugins/sudoers/toke.c:
	Fix up #line entries that reference lex.sudoers.c.
	[c724cef37b66]

2018-10-13  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/iolog.h, plugins/sudoers/iolog_util.c:
	Fix workaround for broken sudo 1.8.7 timing files.
	[78ef3625c650]

	* plugins/sudoers/parse_ldif.c:
	Fix memory leak when reusing the runas list. We need to free the
	member list itself as well as its contents.
	[62fb86a5c83f]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Some DIAGNOSTICS updates: Update error message for when the user's
	uid does not exist in passwd. Remove "This error indicates" and some
	other cosmetic cleanups.
	[c73841e03014]

	* src/sudo.c:
	If the user's passwd entry cannot be resolved via the uid, use the
	same error message as visudo.
	[ce596b32dfbb]

2018-10-12  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Add a DIAGNOSTICS section with an explanation of the more non-
	trivial error messages.
	[775419794f7d]

	* plugins/sudoers/sudoreplay.c, src/exec_monitor.c, src/exec_nopty.c,
	src/exec_pty.c:
	Replace sudo_fatal(NULL) with an "unable to allocate memory" message
	that includes the function name.
	[26e19bcc0ce8]

2018-10-09  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in, src/tgetpass.c:
	Make EOF handling while reading the password prompt more like
	getpass(3). We now return the password as long as at least one
	character has been read. Previously, EOF at the password prompt was
	treated as if nothing was entered.
	[fc2ed4a87e6f]

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in:
	regen
	[2aee8680abc3]

	* src/tgetpass.c:
	Print a warning for password read issues. Issues include: timeout at
	the password prompt, read error while reading the password, and EOF
	reading the password.
	[df1dcebe9ffa]

2018-10-08  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/util/term.c, src/tgetpass.c:
	Handle EOF on password input when pwfedback is enabled.
	[4958978fc967]

2018-10-07  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudoers.ldap.mdoc.in:
	Fix remaining instances of "e.g." without a trailing ','.
	[8cbf11c04b3c]

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo.conf.man.in,
	doc/sudo.conf.mdoc.in, doc/sudo.man.in, doc/sudo.mdoc.in,
	doc/sudo_plugin.man.in, doc/sudo_plugin.mdoc.in, doc/sudoers.cat,
	doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	doc/sudoers_timestamp.cat, doc/sudoers_timestamp.man.in,
	doc/sudoers_timestamp.mdoc.in:
	Use mdoc macros for BSD systems. All manuals now pass "make lint"
	[7f23209a5e1c]

	* doc/Makefile.in:
	Use -Wstyle with -Tlint since sudo is not part of the base system.
	This avoids "referenced manual not found" and "operating system
	explicitly specified" warnings.
	[e417e972a88a]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in:
	Document log_suspend() and fix the description of the
	change_winsize() return value.
	[be02b0fb26a9]

2018-10-06  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in,
	doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, doc/sudoers.cat, doc/sudoers.man.in,
	doc/sudoers.mdoc.in, doc/sudoers_timestamp.cat,
	doc/sudoers_timestamp.man.in, doc/sudoers_timestamp.mdoc.in,
	doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in,
	doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in:
	Fix problems found by igor. Bug #854
	[4ddcb625f3b7]

	* doc/Makefile.in:
	Sort DOCS and DEVDOCS and remove extra sudoers entry (it was listed
	twice).
	[abb2baac9373]

	* doc/Makefile.in:
	Add igor target to run igor(1) on the manuals.
	[64be7fb868b3]

2018-10-05  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in,
	plugins/sudoers/sudoreplay.c:
	Add new -S option to sleep while the command was suspended. The
	default behavior is now to not consider the time the command was
	suspended as part of the normal inter-event delay.
	[bb30f7b28126]

	* MANIFEST, include/sudo_plugin.h, plugins/sudoers/Makefile.in,
	plugins/sudoers/iolog.c, plugins/sudoers/iolog.h,
	plugins/sudoers/iolog_event.h, plugins/sudoers/iolog_files.h,
	plugins/sudoers/iolog_util.c, plugins/sudoers/iolog_util.h,
	plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c,
	plugins/sudoers/regress/iolog_util/check_iolog_util.c,
	plugins/sudoers/sudoreplay.c, src/exec_pty.c:
	Add a suspend event type to the I/O log to log suspend/resume of the
	command so we can skip that delay during replay.
	[8091d1835a31]

	* src/exec_pty.c, src/sudo.c, src/sudo.h:
	Initialize the pty rows/cols based on the values we stored in
	user_details. This fixes a minor issue where we would send an extra
	window size change event the first time the command was suspended.
	[b2ae9be4d1d6]

2018-09-27  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in, plugins/sudoers/ldap_conf.c,
	plugins/sudoers/sudo_ldap_conf.h:
	Add support for OpenLDAP's TLS_REQCERT setting in ldap.conf.
	[f07a14ae05cb]

2018-09-24  Todd C. Miller  <Todd.Miller@sudo.ws>

	* include/sudo_util.h, plugins/sudoers/defaults.c,
	plugins/sudoers/iolog_util.c,
	plugins/sudoers/regress/starttime/check_starttime.c:
	Move definition of TIME_T_MAX to sudo_util.h
	[469c36d44950]

	* NEWS, doc/UPGRADE:
	Changes in 1.8.26 (so far).
	[5c73b0d8c676]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/env.c:
	Treat LOGIN, LOGNAME and USER specially. If one is preserved or
	deleted we want to preserve or delete all of them.
	[ea1782686195]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in, doc/sudoers.cat,
	doc/sudoers.man.in, doc/sudoers.mdoc.in, plugins/sudoers/env.c,
	plugins/sudoers/logging.c, plugins/sudoers/regress/visudo/test6.sh:
	Remove special handling of the USERNAME environment variable. It
	used to be set on old versions of Fedora but that hasn't been the
	case for some time. It's worth noting that ssh doesn't set USERNAME
	either.
	[5141bebd99c4]

	* configure, configure.ac:
	sudo 1.8.26
	[cfe8d540328e]

2018-09-22  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/sudo.c:
	Remove unused system_maxgroups argument from fill_group_list().
	[debc4ca9d35f]

	* lib/util/getgrouplist.c:
	Pass getgrouplist() NGROUPS_MAX+1, not NGROUPS_MAX so we have room
	for the primary gid.
	[fccf07f2e8cf]

2018-09-20  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/cvtsudoers_json.c:
	In print_member_json_int() eliminate the need_newline variable and
	just move the non-alias expansion printing bits into the else
	clause, including the newline and comma printing.
	[b40224fc6090]

	* MANIFEST, plugins/sudoers/regress/cvtsudoers/test30.out.ok,
	plugins/sudoers/regress/cvtsudoers/test30.sh:
	Add regress test for bug #853
	[31544afc6013]

	* plugins/sudoers/cvtsudoers_json.c:
	When expanding an alias in print_member_json_int() avoid printing an
	extra comma at the end of the entry. Bug #853.
	[e73e09f8569a]

2018-09-12  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/CONTRIBUTORS:
	Add Kan Sasaki
	[ff277fb5b0c9]

	* NEWS, configure, configure.ac:
	sudo 1.8.25p1
	[c4f0a69e6356]

	* lib/util/event_poll.c:
	Fix a crash in the event system's poll() backend introduced with
	support for nanosecond timers. Only affects systems without ppoll().
	Bug #851
	[54e561b11a0f]

2018-09-02  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/po/sudoers.pot:
	regen
	[04afa00445ef]

2018-08-31  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c:
	Allow for some clock drift due to ntpd, etc.
	[2d72989fe7b1]

	* plugins/sudoers/visudo.c:
	If sudo_lock_file() fails for a reason other than the file already
	being locked, give the user a chance to edit anyway.
	[e5a963ecc083]

2018-08-30  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/regress/cvtsudoers/test28.sh:
	Quick sort is not a stable sort; use distinct sudoOrder values so
	the output is predictable.
	[46ebc1169c0c]

	* lib/util/regress/atofoo/atofoo_test.c,
	lib/util/regress/parse_gids/parse_gids_test.c,
	plugins/sudoers/ldap.c,
	plugins/sudoers/regress/parser/check_base64.c:
	Fix warnings on OpenIndiana (Illumos)
	[1b45d303b338]

	* plugins/sudoers/ldap.c:
	Correct ldap_to_sudoers() return value.
	[16b0d144b196]

	* NEWS:
	Bug #849
	[3e05bad00a44]

	* plugins/sudoers/sssd.c:
	The sssd backend used to take the first match, assuming that entries
	were sorted in descending order by sudoOrder. That allowed it to
	avoid iterating over the entire list of rules. Now that we convert
	to a sudoers parse tree, we need to convert rules in ascending
	order, not descending. The simplest way to accomplish this is to
	simply iterate over the rules from last to first, reversing the sort
	order. Bug #849
	[63627909bb10]

	* MANIFEST, plugins/sudoers/regress/cvtsudoers/test28.out.ok,
	plugins/sudoers/regress/cvtsudoers/test28.sh,
	plugins/sudoers/regress/cvtsudoers/test29.out.ok,
	plugins/sudoers/regress/cvtsudoers/test29.sh:
	Add some more ldif -> sudoers tests to verify sudoOrder.
	[f41358fbd066]

	* plugins/sudoers/ldap.c:
	For conversion to a sudoers parse tree, ldap_entry_compare() now
	needs to sort in ascending order, not descending. Bug #849
	[9f23126cded8]

2018-08-29  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/cvtsudoers.c:
	No need to set input_file for stdin in parse_ldif(); noted by clang
	analyzer.
	[c852e1c92dd2]

	* plugins/sudoers/iolog_util.c:
	Use TIME_T_MAX when parsing the I/O log file timestamp and disallow
	negative times.
	[bfb17118e584]

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/iolog_util.c,
	plugins/sudoers/iolog_util.h,
	plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c,
	plugins/sudoers/regress/iolog_util/check_iolog_util.c,
	plugins/sudoers/sudoreplay.c:
	When parsing an I/O log timing line, store the result in a timespec,
	not a double. The speed factor (for scaling the delay) in sudoreplay
	is still a double but we only need to adjust the delay if the factor
	is something other than 1.0.
	[39077129d1f9]

	* plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c:
	Fix memory leak in test.
	[94fb9f39dfee]

	* doc/cvtsudoers.cat, doc/sudo.cat, doc/sudo.conf.cat,
	doc/sudo_plugin.cat, doc/sudoers.cat, doc/sudoers.ldap.cat,
	doc/sudoers_timestamp.cat, doc/sudoreplay.cat, doc/visudo.cat:
	regen
	[f2850c2f733a]

2018-08-28  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/env.c:
	Update conversion of DID_* to KEPT_* to match the new values of
	DID_* and KEPT_*.
	[6ce1bc30a4d1]

	* NEWS, plugins/sudoers/env.c:
	Set the LOGIN environment variable on AIX like we do LOGNAME.
	[e6afb82d918c]

2018-08-27  Todd C. Miller  <Todd.Miller@sudo.ws>

	* config.h.in, configure, configure.ac, m4/sudo.m4,
	plugins/sudoers/bsm_audit.c:
	Add a test for the 4-argument au_close() function found in Solaris
	11 instead of assuming it is present if __sun is defined. Fixes a
	compilation error on OpenIndiana and older Solaris versions.
	[4a4f91e28bbc]

	* doc/CONTRIBUTORS:
	Add Miguel Sanders and Scott Cheloha
	[14aca7309a0a]

	* NEWS:
	testsudoers changes
	[f008d473c933]

	* plugins/sudoers/Makefile.in, plugins/sudoers/testsudoers.c:
	Add ldif support to testsudoers
	[321f11b7badd]

2018-08-26  Todd C. Miller  <Todd.Miller@sudo.ws>

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/cvtsudoers.c,
	plugins/sudoers/cvtsudoers.h, plugins/sudoers/cvtsudoers_ldif.c,
	plugins/sudoers/parse.h, plugins/sudoers/parse_ldif.c:
	Move ldif -> sudoers conversion code into parse_ldif.c
	[497d55799d5b]

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/cvtsudoers.c,
	plugins/sudoers/cvtsudoers.h, plugins/sudoers/cvtsudoers_ldif.c,
	plugins/sudoers/cvtsudoers_pwutil.c, plugins/sudoers/strlist.c,
	plugins/sudoers/strlist.h:
	Move string list functions to their own file.
	[a15902cde4eb]

	* lib/util/Makefile.in:
	sync
	[9b1f98d4335f]

2018-08-25  Todd C. Miller  <Todd.Miller@sudo.ws>

	* include/sudo_event.h, lib/util/event.c, lib/util/util.exp.in:
	Backward ABI compatibility for even functions that use a timeval.
	[01d9e617a923]

	* lib/util/event.c, lib/util/event_poll.c, lib/util/event_select.c:
	Use a monotonic timer for the event subsystem.
	[acf30905a275]

	* config.h.in, configure, configure.ac, include/sudo_event.h,
	lib/util/event.c, lib/util/event_poll.c, lib/util/event_select.c,
	plugins/sudoers/iolog_util.h, plugins/sudoers/sudoers.h,
	plugins/sudoers/sudoreplay.c:
	Use struct timespec, not struct timeval in the event subsystem. Use
	ppoll() or pselect() if avaialble which use timespec.
	[b1bfccec8b13]

2018-08-24  Todd C. Miller  <Todd.Miller@sudo.ws>

	* .hgignore:
	sync
	[193fd33e9864]

	* plugins/sudoers/cvtsudoers.c, plugins/sudoers/cvtsudoers.h,
	plugins/sudoers/cvtsudoers_json.c,
	plugins/sudoers/cvtsudoers_ldif.c:
	Eliminate most use of parsed_sudoers in cvtsudoers
	[0d0504f61e3e]

	* plugins/sudoers/alias.c, plugins/sudoers/cvtsudoers.c,
	plugins/sudoers/cvtsudoers_json.c, plugins/sudoers/parse.h,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c:
	Make alias_apply() take 3 arguments, the first being a pointer to
	the struct sudoers_parse_tree.
	[7802295c07fa]

2018-08-23  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c:
	Handle systems where root's gid is not 0.
	[1fc92bad715a]

	* plugins/sudoers/iolog_util.c, plugins/sudoers/iolog_util.h:
	Add missing files from last commit.
	[a155e07bb191]

	* .hgignore, MANIFEST, plugins/sudoers/Makefile.in,
	plugins/sudoers/po/sudoers.pot,
	plugins/sudoers/regress/iolog_plugin/check_iolog_plugin.c,
	plugins/sudoers/sudoreplay.c:
	Add regress test for I/O log plugin endpoints
	[bf9fbe5ff2a6]

	* plugins/sudoers/iolog.c:
	We cannot reuse last_time for the I/O log info file now that it is a
	monotonic timer. Just call time(3) in write_info_log() directly.
	[f2e1de732a91]

	* src/exec_pty.c:
	Move the loop to free the monitor_messages list into
	free_exec_closure_pty()
	[d6edc1a94e7e]

	* po/sudo.pot:
	regen
	[6467f05a2fd0]

2018-08-22  Todd C. Miller  <Todd.Miller@sudo.ws>

	* lib/util/getentropy.c:
	Fix typo in last commit.
	[38f3450b57fb]

	* config.h.in, configure, configure.ac, lib/util/getentropy.c:
	Do not assume all Linux has linux/random.h. Add missing
	sys/syscall.h include
	[8460f258e1af]

	* plugins/sudoers/policy.c, plugins/sudoers/timestamp.c,
	plugins/sudoers/visudo.c, src/sudo_edit.c:
	Cast uid/gid to unsigned int before printing.
	[37fcab8b4f97]

	* include/sudo_compat.h:
	Only include stdarg.h if we need it.
	[c266d34454ba]

	* plugins/sudoers/bsm_audit.c, plugins/sudoers/timestamp.c:
	fix compiler warnings on Solaris 11
	[6c92c438a38e]

	* lib/util/getentropy.c:
	Fix setting of errno when gotdata() fails.
	[4fab71fa575f]

	* plugins/sudoers/cvtsudoers_pwutil.c, plugins/sudoers/ldap.c,
	plugins/sudoers/pwutil.c, plugins/sudoers/pwutil_impl.c,
	plugins/sudoers/rcstr.c, plugins/sudoers/timestamp.c,
	src/sudo_noexec.c:
	Include stddef.h for offsetof() definition.
	[15d13ae1ba46]

	* NEWS:
	Bugs 846 and 847
	[a0ba7ad24812]

	* include/sudo_compat.h:
	We still need to include string.h for AIX (and possibly others) when
	we are not using the system memset_r() function and rsize_t is
	defined by the system headers.
	[e1f8f7537209]

	* configure, configure.ac, include/sudo_compat.h, mkpkg:
	Add --enable-package-build to give configure a hint that we are
	building a package. This can be used to avoid relying on libc
	functions that may not be present in all libc versions for a
	particular system. For instance, AIX 7.1 may or may not have
	memset_s() and getline() present.
	[7e843bed8435]

	* include/sudo_compat.h:
	AIX defines rsize_t in string.h, not stddef.h for use by the
	memset_s() prototype. We use our own memset_s() on AIX since it is
	not available on all BOS levels which makes package building
	problematic.
	[3724b47eadd8]

2018-08-21  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/defaults.c:
	Fix printing of T_TIMESPEC values.
	[8775c17229a4]

	* plugins/sudoers/iolog.c:
	Remove unused struct script_buf
	[fd27f67123b3]

2018-08-20  Todd C. Miller  <Todd.Miller@sudo.ws>

	* NEWS:
	Document when the I/O log timing file entry bug was introduced.
	[09a75d80487e]

	* NEWS:
	sync
	[95fd54c61719]

	* config.h.in, configure, configure.ac, lib/util/gettime.c:
	HP-UX doesn't suport CLOCK_MONOTONIC but we can use gethrtime()
	instead.
	[3ec7d99444c0]

	* src/exec_monitor.c, src/exec_pty.c:
	Close the pty slave in the parent so that when the command and
	monitor exit, the pty gets recycled without our having to close it
	directly.
	[fec53753cf52]

	* lib/util/term.c, src/exec_monitor.c, src/exec_pty.c, src/sudo.h:
	Move updating of the window size to the monitor process. This will
	allow us to close the slave in the main sudo process in the future
	so only the command and monitor have it open.
	[07108a1c2edc]

	* configure, configure.ac:
	sudo 1.8.25
	[4938ba570787]

	* plugins/sudoers/regress/sudoers/test19.ldif2sudo.ok:
	Fix test output for bug #845
	[ee6f2d615bd8]

	* plugins/sudoers/ldap_util.c:
	Fix pasto when converting sudoNotAfter; from Miguel Sanders Bug #845
	[69638cd6da60]

2018-08-19  Todd C. Miller  <Todd.Miller@sudo.ws>

	* aclocal.m4, config.h.in, configure, configure.ac,
	include/sudo_util.h, lib/util/gettime.c, lib/util/util.exp.in:
	Add sudo_gettime_uptime() to measure time while not sleeping.
	[a128e7d51740]

	* plugins/sudoers/iolog.c:
	Use a monotonic timer that only runs while not suspended for the
	iolog timing values and write nsec-precision entries.
	[7f37f0b24ce7]

2018-08-18  Todd C. Miller  <Todd.Miller@sudo.ws>

	* mkpkg:
	Detect number of CPUs on AIX.
	[2b7c62b42da2]

	* plugins/sudoers/iolog.c:
	Fix I/O log timing file on systems without a C99-compatible
	snprintf(). On those systems we use our own snprintf() that doesn't
	support floating point. We don't actually need floating point in
	this case since the we can print seconds and microseconds without
	using it.
	[4ea419ac5bee]

	* NEWS:
	Fix for Bug #844
	[51cfeb79669c]

	* src/sudo_edit.c:
	Handle the case where O_PATH or O_SEARCH is defined but O_DIRECTORY
	is not. In theory, O_DIRECTORY is redundant when O_SEARCH is
	specified but it is legal for O_EXEC and O_SEARCH to have the same
	value. Bug #844
	[fb75d75c7249]

2018-08-17  Todd C. Miller  <Todd.Miller@sudo.ws>

	* NEWS:
	sync
	[2be1b619a06a]

	* plugins/sudoers/starttime.c:
	Fix get_starttime() on HP-UX.
	[329a4ad9f4ef]

	* mkpkg:
	Detect number of CPUs on HP-UX. Use MAKE environment variable if
	set.
	[c95ab5d6d392]

	* src/net_ifs.c:
	Avoid a compilation problem on HP-UX 11.31 with gcc and
	machine/sys/getppdp.h
	[b861e894271b]

2018-08-16  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/Makefile.in:
	Add CHECK_SYMBOLS_LDFLAGS to check_symbols target. Non-ELF HP-UX
	executables don't support SHLIB_PATH or LD_LIBRARY_PATH unless ld is
	passed the +s flag. This lets the check_symbols test pass on systems
	where the ldap libraries aren't installed in the standard location.
	[c2d6d3248fa4]

2018-08-15  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/Makefile.in:
	For the lint target, don't stop after the first manual that fails
	lint.
	[8a80d8e7b540]

	* plugins/sudoers/timestamp.c:
	Add debugging info so we can tell why a timestamp record doesn't
	match.
	[99ede76f9835]

2018-08-13  Todd C. Miller  <Todd.Miller@sudo.ws>

	* NEWS:
	typo
	[8a5a11b921ea]

	* plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po, po/da.mo,
	po/da.po:
	sync with translationproject.org
	[19f7eba39013]

2018-08-11  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/iolog.c:
	Fix the return value of sudoers_io_change_winsize() on success.
	Otherwise, we only log a single window size change.
	[d6cdab99f6f9]

	* plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po:
	sync with translationproject.org
	[4109b52f393f]

2018-08-08  Todd C. Miller  <Todd.Miller@sudo.ws>

	* NEWS:
	sync
	[1448675b44aa]

2018-08-07  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Fix ambiguity when talking about Aliases. We can't use User_Alias in
	the grammar as both the definition of the Alias as well as its name.
	This adds {User,Runas,Host,Cmnd}_Alias_Spec to help differentiate
	between the name of the alias and its definition. Bug #834
	[06678d12306f]

	* doc/cvtsudoers.cat, doc/sudoreplay.cat:
	regen
	[d7237381675a]

	* Makefile.in:
	Warn if unable to run xgettext or msgfmt.
	[d0cbba35cd49]

2018-08-06  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/hr.mo,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/ja.mo,
	plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pt_BR.mo,
	plugins/sudoers/po/sv.mo, plugins/sudoers/po/uk.mo,
	plugins/sudoers/po/vi.mo:
	sync with translationproject.org
	[d1deb5cb5eb3]

2018-08-05  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/fmtsudoers.c, plugins/sudoers/ldap.c,
	plugins/sudoers/ldap_util.c, plugins/sudoers/parse.c,
	plugins/sudoers/parse.h, plugins/sudoers/policy.c,
	plugins/sudoers/sssd.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	Refactor code to convert defaults to tags and do conversion on
	output for "sudo -l".

	Remove the short_list (was long_list) global in favor of a verbose
	argument.
	[eae1e1e814e0]

2018-08-04  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/policy.c:
	Assign short_list true, not 1 now that it is a boolean.
	[10354cd29439]

	* plugins/sudoers/fmtsudoers.c:
	fix typo
	[ad7e93f375ba]

2018-08-03  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/rcstr.c:
	Fix a warning on FreeBSD which has a fancier __containerof
	implementation.
	[b5106a524232]

	* plugins/sudoers/po/de.po, plugins/sudoers/po/hr.po,
	plugins/sudoers/po/it.po, plugins/sudoers/po/ja.po,
	plugins/sudoers/po/pl.po, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/sv.po, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.po:
	sync with translationproject.org
	[ae5353cbeac4]

2018-08-02  Todd C. Miller  <Todd.Miller@sudo.ws>

	* aclocal.m4, autogen.sh, config.h.in, configure:
	Regen with aclocal 1.15.1.
	[22c02e451333]

	* plugins/sudoers/ldap.c, plugins/sudoers/parse.c,
	plugins/sudoers/policy.c, plugins/sudoers/sssd.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h:
	For ldap/sssd, include defaults in the generate privilege unless we
	are listing in short mode (in which case we convert them to tags if
	possible). Fixes a problem where sudoOptions were not being applied
	to the command.
	[b21267488971]

	* plugins/sudoers/defaults.c, plugins/sudoers/defaults.h,
	plugins/sudoers/parse.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c:
	update_defaults() needs to be able to take a defaults_list for the
	ldap/sssd backends which support per-role defaults.
	[ddbb07881a46]

2018-07-31  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/po/sudoers.pot:
	regen
	[29c5a09aaeaf]

2018-07-30  Todd C. Miller  <Todd.Miller@sudo.ws>

	* NEWS:
	Update
	[045b535f84b9]

2018-07-26  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/alias.c, plugins/sudoers/cvtsudoers.c,
	plugins/sudoers/cvtsudoers_json.c,
	plugins/sudoers/cvtsudoers_ldif.c, plugins/sudoers/defaults.c,
	plugins/sudoers/defaults.h, plugins/sudoers/file.c,
	plugins/sudoers/fmtsudoers.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/ldap.c,
	plugins/sudoers/match.c, plugins/sudoers/parse.c,
	plugins/sudoers/parse.h, plugins/sudoers/sssd.c,
	plugins/sudoers/sudo_nss.h, plugins/sudoers/sudoers.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c:
	o Move userspecs, defaults and aliases into a new struct
	sudoers_parse_tree. o The parse tree is now passed to the alias,
	match and defaults functions. o The nss API has been changed so that
	the nss parse() function returns a pointer to a struct
	sudoers_parse_tree which will be filled in by the getdefs() and
	query() functions.
	[bddb4676ad0e]

	* lib/util/getgrouplist.c:
	Don't need to preallocate 4 x NGROUP_MAX on AIX or BSD/Linux. For
	BSD/Linux, getgrouplist(3) will tell us the number of groups if we
	don't have enough. For AIX, we can count the entries in the group
	set before allocating the group vector.
	[c278fd947af4]

	* plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/auth/sudo_auth.h,
	plugins/sudoers/check.c, plugins/sudoers/sudoers.h:
	Ignore PAM_NEW_AUTHTOK_REQD and PAM_AUTHTOK_EXPIRED errors from
	pam_acct_mgmt() if authentication is disabled for the user. Bug #843
	[1dc39794cf0d]

2018-07-23  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/exec_pty.c:
	Work around a bug on AIX where closing the pty slave causes the main
	sudo process to lose its controlling tty (which was *not* the pty
	slave).
	[649a25b7f864]

	* src/sudo.c:
	Add missing aix_restoreauthdb() call to match the aix_setauthdb()
	added in b8a011be9af7. Fixes issues on AIX where local users/groups
	may not be resolved when some NIS/AD/LDAP is used for users.
	[16e196a7a337]

	* lib/util/getgrouplist.c:
	Linux getgrouplist(3) returns the number of groups on success
	instead of 0 like BSD.
	[599a89afa4f5]

2018-07-20  Todd C. Miller  <Todd.Miller@sudo.ws>

	* mkdep.pl, plugins/sudoers/Makefile.in:
	When both a .o and .lo file was used in a Makefile, we used to make
	the .o depend on the .lo. Unfortunately, this creates a race
	condition for parallel make since libtool is not atomic (it creates
	a .o and then renames it when building PIC objects for shared libs).

	We always link with libtool so the only reason to prefer the .o over
	the .lo file is to avoid mixing .o and .lo in the dependencies.
	That's not a good enough reason so change mkdep.pl to warn when both
	a .o and .lo are referenced in a Makefile and do nothing else.

	Bug #842
	[a8d94e6aed9f]

2018-07-15  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/ldap.c:
	Avoid duplicate free when netgroup_base is invalid.
	[5ce39dff77ba]

2018-07-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/arc4random.h:
	Use madvise(2) with MADV_WIPEONFORK if available.
	[a11461409569]

2018-07-01  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po, po/eo.mo,
	po/eo.po:
	sync with translationproject.org
	[01bcfe7b30e5]

	* NEWS:
	Update.
	[f5e0b1f909bb]

2018-06-25  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	sync with schema.OpenLDAP
	[d83420d8228d]

	* doc/schema.OpenLDAP:
	RFC 2849 specifies whitespace as the space character only so replace
	tabs with spaces. Bug #840
	[e9d5de6365ba]

	* doc/schema.OpenLDAP:
	Fix typo; bug #839
	[dee2dad738de]

2018-06-16  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudo.conf.cat, doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in:
	Should no longer need to set max_groups.
	[459119b11265]

2018-06-15  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/cvtsudoers_pwutil.c, plugins/sudoers/pwutil_impl.c,
	src/sudo.c:
	Use new sudo_getgrouplist2() function instead of getgrouplist().
	[8e88b6d3ea6f]

	* configure, configure.ac, include/sudo_compat.h, include/sudo_util.h,
	lib/util/Makefile.in, lib/util/getgrouplist.c, lib/util/util.exp.in:
	Add sudo_getgrouplist2() to dynamically allocate the group vector.
	This allows us to avoid repeatedly calling getgrouplist() with a
	statically sized vector on macOS, Solaris, HP-UX, and AIX.
	[55480e2ec7c2]

	* src/conversation.c:
	Fix fd leak introduced by SUDO_CONV_PREFER_TTY commit. Coverity CID
	186605.
	[fb6eb518bc4c]

2018-06-13  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo.conf.man.in,
	doc/sudo.conf.mdoc.in, doc/sudo.man.in, doc/sudo.mdoc.in,
	doc/sudo_plugin.man.in, doc/sudo_plugin.mdoc.in, doc/sudoers.cat,
	doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	doc/sudoers_timestamp.cat, doc/sudoers_timestamp.man.in,
	doc/sudoers_timestamp.mdoc.in, doc/visudo.cat, doc/visudo.man.in,
	doc/visudo.mdoc.in:
	Fix some issues pointed out by mandoc -Tlint
	[7ace981c7334]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, include/sudo_plugin.h, src/conversation.c:
	Add SUDO_CONV_PREFER_TTY flag for conversation function to tell sudo
	to try writing to /dev/tty first. Can be used in conjunction with
	SUDO_CONV_INFO_MSG and SUDO_CONV_ERROR_MSG.
	[a1e9420a7c5e]

2018-06-08  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/LICENSE:
	Update for arc4random.c, arc4random_uniform.c and getentropy.c
	[168db3c8d590]

2018-06-05  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/regress/noexec/check_noexec.c:
	FreeBSD wordexp() returns WRDE_SYNTAX if it can't write to the shell
	process. Since we've prevented execve() from succeeding this is the
	error we get back from wordexp() on FreeBSD.
	[2a7a73de30cf]

2018-06-04  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/starttime.c:
	Fix conversion of usec to nsec; from Scott Cheloha
	[26fa756ea623]

2018-06-01  Todd C. Miller  <Todd.Miller@sudo.ws>

	* include/sudo_plugin.h:
	Fix typo.
	[504256dc4ccc]

2018-05-29  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	The getdefs() function now get called multiple times so use the
	cached data if present.
	[042be7ccab3c]

	* plugins/sudoers/sssd.c, plugins/sudoers/sudoers.c:
	Return an empty defaults list, not NULL if there is no global
	sudoers defaults entry in sss.
	[8e16de465ee2]

	* plugins/sudoers/file.c:
	Fix memory leak of handle pointer on close.
	[e4eb30e611d4]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Remove a needless copy when parsing options.
	[60fe50b736a9]

	* plugins/sudoers/file.c, plugins/sudoers/ldap.c,
	plugins/sudoers/parse.c, plugins/sudoers/sssd.c,
	plugins/sudoers/sudo_nss.c, plugins/sudoers/sudo_nss.h,
	plugins/sudoers/sudoers.c:
	Move cached userspecs and defaults into the handle object.
	[37e4df73907d]

2018-05-28  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Quiet a clang analyzer warning. It should not be possible for
	pop_include() to be called when YY_CURRENT_BUFFER is NULL.
	[148d79e5a44e]

	* plugins/sudoers/file.c, plugins/sudoers/ldap.c,
	plugins/sudoers/sssd.c:
	Reorder things to avoid the need to declare static functions.
	[8f27e69fa9cb]

2018-05-24  Todd C. Miller  <Todd.Miller@sudo.ws>

	* MANIFEST, config.h.in, configure, configure.ac, include/sudo_rand.h,
	lib/util/Makefile.in, lib/util/arc4random.c, lib/util/arc4random.h,
	lib/util/arc4random_uniform.c, lib/util/chacha_private.h,
	lib/util/getentropy.c, lib/util/util.exp.in, mkdep.pl:
	Import arc4random() from libressl. This takes an all-in-one approach
	instead of the one-file-per-OS approach that libressl takes. The
	fallback code does not have as many OS-specific bits as libressl.
	[310d65e466bd]

	* lib/util/Makefile.in, lib/util/mktemp.c,
	plugins/sudoers/Makefile.in, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/insults.h:
	Use arc4random for mkstemp() and insults.
	[b8c7447756f2]

	* MANIFEST, configure, configure.ac, include/sudo_digest.h,
	lib/util/Makefile.in, lib/util/digest.c, lib/util/digest_gcrypt.c,
	lib/util/digest_openssl.c, lib/util/util.exp.in, mkdep.pl,
	plugins/sudoers/Makefile.in, plugins/sudoers/digestname.c,
	plugins/sudoers/filedigest.c, plugins/sudoers/filedigest_gcrypt.c,
	plugins/sudoers/filedigest_openssl.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.h, plugins/sudoers/gram.y,
	plugins/sudoers/ldap_util.c, plugins/sudoers/match.c,
	plugins/sudoers/parse.h,
	plugins/sudoers/regress/parser/check_digest.c,
	plugins/sudoers/sudo_ldap.h, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l:
	Move digest code into libutil
	[c53cf5c508eb]

2018-05-20  Todd C. Miller  <Todd.Miller@sudo.ws>

	* MANIFEST, plugins/sudoers/cvtsudoers_ldif.c,
	plugins/sudoers/regress/cvtsudoers/test25.sh,
	plugins/sudoers/regress/cvtsudoers/test26.out.ok,
	plugins/sudoers/regress/cvtsudoers/test26.sh,
	plugins/sudoers/regress/cvtsudoers/test27.out.ok,
	plugins/sudoers/regress/cvtsudoers/test27.sh:
	Check for invalid bas64 attributes.
	[4218d11c8205]

	* plugins/sudoers/cvtsudoers_ldif.c,
	plugins/sudoers/regress/parser/check_base64.c:
	Fix pointer sign warnings.
	[5ee724e3956e]

	* plugins/sudoers/cvtsudoers_ldif.c:
	Add missing variable declaration for SELinux and Solaris.
	[c8084f0508e5]

	* plugins/sudoers/cvtsudoers_ldif.c:
	Handle empty string and treat it as safe.
	[8029b97d8f4a]

	* MANIFEST, plugins/sudoers/cvtsudoers_ldif.c,
	plugins/sudoers/regress/cvtsudoers/test26.out.ok,
	plugins/sudoers/regress/cvtsudoers/test26.sh:
	Add support for base64-encoding non-safe strings in LDIF output.
	[b9fd1795f4ee]

2018-05-19  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/base64.c, plugins/sudoers/parse.h,
	plugins/sudoers/regress/parser/check_base64.c:
	Add base64_encode() by Jon Mayo.
	[a893ec3dc667]

2018-05-18  Todd C. Miller  <Todd.Miller@sudo.ws>

	* MANIFEST, plugins/sudoers/cvtsudoers_ldif.c,
	plugins/sudoers/regress/cvtsudoers/test25.out.ok,
	plugins/sudoers/regress/cvtsudoers/test25.sh:
	Add support for parsing base64-encoded attributes
	[262dd9a526de]

2018-05-17  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/cvtsudoers_ldif.c,
	plugins/sudoers/regress/sudoers/test2.ldif.ok:
	rfc2253 says we need to escape " and leading and trailing space.
	[1c0105a5eb1b]

	* configure, configure.ac:
	Define ZLIB_CONST so we get the const version of the API.
	[71a629d0eb4b]

2018-05-16  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/parse.c:
	Fix logic inversion when handing the authenticate Defaults option
	for "sudo -l" and "sudo -v" in long list mode.
	[f8157d4c4f03]

	* plugins/sudoers/sssd.c:
	Set handle->pw before sss_to_sudoers() since sss_check_user() uses
	it. Coverity CID 185651
	[fa646e569352]

	* plugins/sudoers/ldap_util.c:
	Fix memory leak on error, CID 185602
	[31c1ab085985]

	* plugins/sudoers/ldap.c:
	Some ldap_get_values_len -> sudo_ldap_get_values_len that were
	missed before.
	[d7f1877531be]

	* plugins/sudoers/ldap_util.c:
	When building up the cmndspec, add the actual command member last.
	This simplifies the logic regarding the SETENV tag and alsomakes
	"out of memory" cleanup simpler.
	[d704f3b09ac1]

	* plugins/sudoers/cvtsudoers_ldif.c:
	Fix format string mismatch, sudo_order is unsigned.
	[ecc398e45b0a]

	* plugins/sudoers/pwutil.c:
	Add cppcheck annotation to suppress memory leak false positive.
	[d4a0ae57c372]

	* plugins/sudoers/ldap_util.c:
	Sudo "ALL" implies the SETENV tag.
	[7abc653b4d39]

	* src/parse_args.c:
	Only set MODE_PRESERVE_ENV when preserving the entire environment.
	Fixes a problem introduced in 1.8.23 where "sudo -i" could not be
	used in conjunction with --preserve-env=VARIABLE. Bug #835
	[8ea75ca8fbd2]

2018-05-15  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/file.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/ldap.c,
	plugins/sudoers/parse.h, plugins/sudoers/sssd.c:
	Add free_userspecs() and free_default() and use them instead of
	looping over the lists and calling free_userspec() and
	free_default().
	[797221539242]

	* configure, configure.ac:
	Depending on the bos level, AIX 6.1 may or may not include
	getline/getdelim and AIX 7.1 may or may not include memset_s. Since
	we need to build packages that will work on all AIX 6.1 and 7.1
	machines, use our getline() and memset_s emulation.
	[f5c427076b2c]

2018-05-14  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/ldap_util.c:
	Do not leak struct sudo_command when the command is ALL. Coverity
	CID 185602.
	[d71ca4bc06bc]

	* NEWS, configure, configure.ac:
	Sudo 1.8.24
	[7df3df9a3907]

	* plugins/sudoers/sssd.c:
	Improve comments about why we need to do a user check and how it
	related to netgroups.
	[605234ed0935]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Add checks for ldap/sss functions failing due to memory allocation
	errors.
	[0dfeb0d8ecf5]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Let the main sudoers lookup code check the host name. We still check
	the user name so it is possible to use a single userspec but this
	may change in the future.
	[a74699b90213]

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/defaults.c,
	plugins/sudoers/defaults.h, plugins/sudoers/file.c,
	plugins/sudoers/ldap.c, plugins/sudoers/ldap_util.c,
	plugins/sudoers/parse.c, plugins/sudoers/parse.h,
	plugins/sudoers/sssd.c, plugins/sudoers/sudo_ldap.h,
	plugins/sudoers/sudo_nss.c, plugins/sudoers/sudo_nss.h,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c:
	Simplify the nss interface such that each sudoers provider fills in
	a per-nss list of userspecs and defaults instead of using separate
	lookup and list functions. This makes it possible to have a single
	implementation of the code for sudoers lookup and listing.
	[50de9302de01]

	* plugins/sudoers/alias.c, plugins/sudoers/cvtsudoers.c,
	plugins/sudoers/cvtsudoers_json.c,
	plugins/sudoers/cvtsudoers_ldif.c, plugins/sudoers/defaults.c,
	plugins/sudoers/filedigest.c, plugins/sudoers/filedigest_gcrypt.c,
	plugins/sudoers/filedigest_openssl.c, plugins/sudoers/fmtsudoers.c,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/ldap.c, plugins/sudoers/ldap_conf.c,
	plugins/sudoers/ldap_util.c, plugins/sudoers/match.c,
	plugins/sudoers/parse.c, plugins/sudoers/policy.c,
	plugins/sudoers/regress/parser/check_addr.c, plugins/sudoers/sssd.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/testsudoers.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/toke_util.c, plugins/sudoers/visudo.c:
	Include parse.h in sudoers.h since it will soon be required.
	[196abb590d96]

	* plugins/sudoers/ldap_util.c:
	Parse "ALL" as a command correctly.
	[d969e7dfdbbc]

2018-05-11  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/match.c:
	Add debug warning if lseek() fails (should not be possible).
	[d568dc923c7d]

	* plugins/sudoers/match.c:
	Fix swapped args of lseek() when rewinding. This didn't cause a
	problem because the value of SEEK_SET is 0.
	[142591a3f333]

2018-05-10  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/regress/parser/check_hexchar.c:
	Fix a format-truncation warning in newer gcc by avoiding using %0x
	and %0X in the test. We are formatting a single byte so just do it
	one nybble at a time.
	[7c594a63598f]

	* configure:
	Regen with autoconf git commit
	e17a30e987d7ee695fb4294a82d987ec3dc9b974 AC_HEADER_MAJOR: port to
	glibc 2.25
	[9fe77765c768]

2018-05-03  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/cvtsudoers_ldif.c:
	No need to explicitly free role on EOF, it will be freed after the
	loop is done.
	[8d08c06b7622]

	* plugins/sudoers/policy.c:
	Garbage collect the command argv, envp and info vectors since they
	are not available at policy close time.
	[de22290a8ec5]

	* plugins/sudoers/cvtsudoers_ldif.c:
	Plug memory leaks on parse error or when an LDIF entry doesn't match
	the dn filter.
	[4f48e740eed1]

	* plugins/sudoers/cvtsudoers.c:
	Rename variables now that the string list functions are not ldap-
	specific.
	[640497f70551]

2018-04-30  Todd C. Miller  <Todd.Miller@sudo.ws>

	* NEWS:
	Fix typo
	[6466295ba962]

2018-04-29  Todd C. Miller  <Todd.Miller@sudo.ws>

	* configure, configure.ac:
	fix version
	[bfed601130b5]

	* NEWS:
	sync
	[1c382f2aff27]

	* configure, configure.ac, plugins/sudoers/po/zh_CN.mo,
	plugins/sudoers/po/zh_CN.po, po/zh_CN.mo, po/zh_CN.po:
	sync with translationproject.org
	[ec28ff5acbd6]

2018-04-25  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/match.c:
	O_EXEC for fexecve() not O_SEARCH.
	[a156d8b38f31]

	* doc/TROUBLESHOOTING:
	Document how to suppress the last login message on Solaris.
	[2926b670aca4]

2018-04-24  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/cvtsudoers_json.c:
	Fix compilation error with older Sun Studio compilers.
	[0f735611642d]

	* NEWS:
	Update Bug #831 decription.
	[d5e6a2a807b8]

	* MANIFEST, doc/CONTRIBUTORS, po/zh_TW.mo, po/zh_TW.po:
	Add Chinese(Taiwan) translation for sudo.
	[5a4ba6769cca]

	* plugins/sudoers/match.c:
	Move the check for /dev/fd/N until *after* the digest has been
	checked. We still need to be able to check the digest even if there
	is no /dev/fd/N or fexecve().
	[e0e086b4e764]

2018-04-23  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/match.c:
	Rewind the fd after calling sudo_filedigest(). Otherwise, when
	running a script via fexecve(), the interpreter may get EOF when
	reading /dev/fd/N. This only appears to affect BSD systems with
	fdescfs. Bug #831.
	[d79f5125cc73]

	* plugins/sudoers/match.c:
	In open_cmnd(), return true, not false, if we the /dev/fd/N pathname
	is not present. We don't want to fail a match because of this.
	[72c4b499c019]

	* NEWS:
	Bug #831.
	[700646725f45]

	* plugins/sudoers/match.c:
	We can only use fexecve() on a script if /dev/fd/N exists. Some
	systems, such as FreeBSD, don't have /dev/fd mounted by default. Bug
	#831
	[30f7c5d64104]

2018-04-22  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/po/ca.mo, plugins/sudoers/po/ca.po,
	plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/el.mo, plugins/sudoers/po/el.po,
	plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/eu.mo, plugins/sudoers/po/eu.po,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/fr.mo, plugins/sudoers/po/fr.po,
	plugins/sudoers/po/fur.mo, plugins/sudoers/po/fur.po,
	plugins/sudoers/po/hu.mo, plugins/sudoers/po/hu.po,
	plugins/sudoers/po/ko.mo, plugins/sudoers/po/ko.po,
	plugins/sudoers/po/lt.mo, plugins/sudoers/po/lt.po,
	plugins/sudoers/po/nl.mo, plugins/sudoers/po/nl.po,
	plugins/sudoers/po/ru.mo, plugins/sudoers/po/ru.po,
	plugins/sudoers/po/sk.mo, plugins/sudoers/po/sk.po,
	plugins/sudoers/po/sl.mo, plugins/sudoers/po/sl.po,
	plugins/sudoers/po/sr.mo, plugins/sudoers/po/sr.po,
	plugins/sudoers/po/tr.mo, plugins/sudoers/po/tr.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po, po/ca.mo,
	po/ca.po, po/da.mo, po/da.po, po/de.mo, po/de.po, po/eo.mo,
	po/eo.po, po/es.mo, po/es.po, po/eu.mo, po/eu.po, po/fi.mo,
	po/fi.po, po/fur.mo, po/fur.po, po/gl.mo, po/gl.po, po/hu.mo,
	po/hu.po, po/ko.mo, po/ko.po, po/nl.mo, po/nl.po, po/nn.mo,
	po/nn.po, po/ru.mo, po/ru.po, po/sk.mo, po/sk.po, po/sl.mo,
	po/sl.po, po/sr.mo, po/sr.po, po/vi.mo, po/vi.po, po/zh_CN.mo,
	po/zh_CN.po:
	sync with translationproject.org
	[a786a841f30a]

2018-04-21  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/po/ca.mo, plugins/sudoers/po/ca.po,
	plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/el.mo, plugins/sudoers/po/el.po,
	plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/eu.mo, plugins/sudoers/po/eu.po,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/fr.mo, plugins/sudoers/po/fr.po,
	plugins/sudoers/po/fur.mo, plugins/sudoers/po/fur.po,
	plugins/sudoers/po/hu.mo, plugins/sudoers/po/hu.po,
	plugins/sudoers/po/ko.mo, plugins/sudoers/po/ko.po,
	plugins/sudoers/po/lt.mo, plugins/sudoers/po/lt.po,
	plugins/sudoers/po/nl.mo, plugins/sudoers/po/nl.po,
	plugins/sudoers/po/ru.mo, plugins/sudoers/po/ru.po,
	plugins/sudoers/po/sk.mo, plugins/sudoers/po/sk.po,
	plugins/sudoers/po/sl.mo, plugins/sudoers/po/sl.po,
	plugins/sudoers/po/sr.mo, plugins/sudoers/po/sr.po,
	plugins/sudoers/po/tr.mo, plugins/sudoers/po/tr.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po, po/ca.mo,
	po/ca.po, po/da.mo, po/da.po, po/de.mo, po/de.po, po/eo.mo,
	po/eo.po, po/es.mo, po/es.po, po/eu.mo, po/eu.po, po/fi.mo,
	po/fi.po, po/fur.mo, po/fur.po, po/gl.mo, po/gl.po, po/hu.mo,
	po/hu.po, po/ko.mo, po/ko.po, po/nl.mo, po/nl.po, po/nn.mo,
	po/nn.po, po/ru.mo, po/ru.po, po/sk.mo, po/sk.po, po/sl.mo,
	po/sl.po, po/sr.mo, po/sr.po, po/vi.mo, po/vi.po, po/zh_CN.mo,
	po/zh_CN.po:
	sync with translationproject.org
	[268a65ce44cb]

	* MANIFEST, plugins/sudoers/regress/cvtsudoers/test23.out.ok,
	plugins/sudoers/regress/cvtsudoers/test23.sh,
	plugins/sudoers/regress/cvtsudoers/test24.out.ok,
	plugins/sudoers/regress/cvtsudoers/test24.sh:
	Add tests for round-tripping cvtsudoers, sudoers -> LDIF -> sudoers
	and LDIF -> sudoers -> LDIF.
	[370d4ba4dbb8]

2018-04-19  Todd C. Miller  <Todd.Miller@sudo.ws>

	* MANIFEST, plugins/sudoers/regress/cvtsudoers/test22.out.ok,
	plugins/sudoers/regress/cvtsudoers/test22.sh:
	Test the -b option when converting from LDIF.
	[4d65c7c2ed01]

	* plugins/sudoers/cvtsudoers_ldif.c:
	Fix the -b option when converting from LDIF.
	[f3c1e4dbd61e]

2018-04-18  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po, po/it.mo,
	po/it.po:
	sync with translationproject.org
	[1953956c60fe]

	* doc/cvtsudoers.cat, doc/cvtsudoers.man.in, doc/cvtsudoers.mdoc.in,
	doc/sudo.conf.cat, doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in,
	doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, doc/sudoers.ldap.cat,
	doc/sudoers.ldap.man.in, doc/sudoers.ldap.mdoc.in,
	doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in:
	Fix some more typos.
	[87fde92a1fa4]

	* doc/Makefile.in:
	mandoc now preserves the copyright notice, no need to do it
	ourselves
	[2c3f6841941a]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Describe the special handling of LOGNAME, USER and USERNAME. Fix
	typos reported by aspell.
	[e89bd28f4530]

	* src/load_plugins.c:
	Fix a memory leak on the error path.
	[db5a4678e0e4]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document that the editor setting is also used by sudoedit.
	[2ae14439efd7]

2018-04-17  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/load_plugins.c, src/sudo.c, src/sudo_plugin_int.h:
	Plug memory leak when an I/O plugin is specified in sudo.conf but
	the I/O plugin is not configured.
	[5b5086d7152a]

	* INSTALL, MANIFEST, NEWS, config.h.in, configure, configure.ac,
	plugins/sudoers/Makefile.in, plugins/sudoers/ins_python.h,
	plugins/sudoers/insults.h:
	Monty Python insults from Philip Hudson
	[8330cfc5ea19]

2018-04-15  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/cvtsudoers.cat, doc/cvtsudoers.man.in, doc/cvtsudoers.mdoc.in:
	add examples
	[830ff26a0dbc]

	* doc/sudo.conf.man.in, doc/sudo.man.in, doc/sudo.mdoc.in,
	doc/sudo_plugin.man.in, doc/sudo_plugin.mdoc.in,
	doc/sudoers.ldap.man.in, doc/sudoers.man.in,
	doc/sudoers_timestamp.man.in, doc/sudoreplay.man.in,
	doc/visudo.man.in:
	Update copyright year and regen man pages.
	[6385891ebaa3]

	* plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/hr.mo, plugins/sudoers/po/hr.po,
	plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
	plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/sv.mo, plugins/sudoers/po/sv.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po, po/cs.mo,
	po/cs.po, po/fr.mo, po/fr.po, po/hr.mo, po/hr.po, po/ja.mo,
	po/ja.po, po/nb.mo, po/nb.po, po/pl.mo, po/pl.po, po/pt_BR.mo,
	po/pt_BR.po, po/sv.mo, po/sv.po, po/tr.mo, po/tr.po, po/uk.mo,
	po/uk.po:
	sync with translationproject.org
	[3495b17becb0]

	* plugins/sudoers/cvtsudoers.c, plugins/sudoers/match.c:
	Prune alias contents when pruning and expanding aliases. This abuses
	the userlist_matches_filter() and hostlist_matches_filter()
	functions. A better approach would be to call the correct function
	from user_matches() and host_matches().
	[0ae5f351b09f]

	* MANIFEST, examples/sudoers, plugins/sudoers/Makefile.in,
	plugins/sudoers/regress/cvtsudoers/sudoers,
	plugins/sudoers/regress/cvtsudoers/sudoers.defs,
	plugins/sudoers/regress/cvtsudoers/test1.out.ok,
	plugins/sudoers/regress/cvtsudoers/test1.sh,
	plugins/sudoers/regress/cvtsudoers/test10.out.ok,
	plugins/sudoers/regress/cvtsudoers/test10.sh,
	plugins/sudoers/regress/cvtsudoers/test11.out.ok,
	plugins/sudoers/regress/cvtsudoers/test11.sh,
	plugins/sudoers/regress/cvtsudoers/test12.out.ok,
	plugins/sudoers/regress/cvtsudoers/test12.sh,
	plugins/sudoers/regress/cvtsudoers/test13.out.ok,
	plugins/sudoers/regress/cvtsudoers/test13.sh,
	plugins/sudoers/regress/cvtsudoers/test14.out.ok,
	plugins/sudoers/regress/cvtsudoers/test14.sh,
	plugins/sudoers/regress/cvtsudoers/test15.out.ok,
	plugins/sudoers/regress/cvtsudoers/test15.sh,
	plugins/sudoers/regress/cvtsudoers/test16.out.ok,
	plugins/sudoers/regress/cvtsudoers/test16.sh,
	plugins/sudoers/regress/cvtsudoers/test17.out.ok,
	plugins/sudoers/regress/cvtsudoers/test17.sh,
	plugins/sudoers/regress/cvtsudoers/test18.out.ok,
	plugins/sudoers/regress/cvtsudoers/test18.sh,
	plugins/sudoers/regress/cvtsudoers/test19.out.ok,
	plugins/sudoers/regress/cvtsudoers/test19.sh,
	plugins/sudoers/regress/cvtsudoers/test2.out.ok,
	plugins/sudoers/regress/cvtsudoers/test2.sh,
	plugins/sudoers/regress/cvtsudoers/test20.conf,
	plugins/sudoers/regress/cvtsudoers/test20.out.ok,
	plugins/sudoers/regress/cvtsudoers/test20.sh,
	plugins/sudoers/regress/cvtsudoers/test21.conf,
	plugins/sudoers/regress/cvtsudoers/test21.out.ok,
	plugins/sudoers/regress/cvtsudoers/test21.sh,
	plugins/sudoers/regress/cvtsudoers/test3.out.ok,
	plugins/sudoers/regress/cvtsudoers/test3.sh,
	plugins/sudoers/regress/cvtsudoers/test4.out.ok,
	plugins/sudoers/regress/cvtsudoers/test4.sh,
	plugins/sudoers/regress/cvtsudoers/test5.out.ok,
	plugins/sudoers/regress/cvtsudoers/test5.sh,
	plugins/sudoers/regress/cvtsudoers/test6.out.ok,
	plugins/sudoers/regress/cvtsudoers/test6.sh,
	plugins/sudoers/regress/cvtsudoers/test7.out.ok,
	plugins/sudoers/regress/cvtsudoers/test7.sh,
	plugins/sudoers/regress/cvtsudoers/test8.out.ok,
	plugins/sudoers/regress/cvtsudoers/test8.sh,
	plugins/sudoers/regress/cvtsudoers/test9.out.ok,
	plugins/sudoers/regress/cvtsudoers/test9.sh:
	cvtsudoers regress tests
	[72fd218b5036]

2018-04-14  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/cvtsudoers.cat, doc/cvtsudoers.man.in, doc/cvtsudoers.mdoc.in:
	Fix typo
	[e572c36919b7]

	* plugins/sudoers/cvtsudoers.c:
	Fix cut & pasto that prevented "-d command" from working.
	[6e4ff7f23d0a]

2018-04-13  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/cvtsudoers.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y:
	Fix a user after free crash as well as a memory leak when filtering
	Defaults.
	[9bdd404ae6a4]

2018-04-12  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/cvtsudoers.cat, doc/cvtsudoers.man.in, doc/cvtsudoers.mdoc.in:
	Document that a User_Alias or Host_Alias may be used in the match
	filter.
	[49b9306a6a6d]

	* plugins/sudoers/fmtsudoers.c:
	Don't always expand aliases when formatting a host-based Defaults
	line. This was missed when expand_aliases support was added.
	[ef12a033306c]

	* plugins/sudoers/cvtsudoers.c:
	Allow host and user aliases to be specified in match filters.
	[6bc8c0da4578]

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	Update copyright year.
	[e9c2eb23def1]

2018-04-10  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/hr.mo, plugins/sudoers/po/hr.po,
	plugins/sudoers/po/hu.mo, plugins/sudoers/po/hu.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/sv.mo, plugins/sudoers/po/sv.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po, po/da.mo,
	po/da.po, po/hr.mo, po/hr.po, po/hu.mo, po/hu.po, po/pt_BR.mo,
	po/pt_BR.po, po/tr.mo, po/tr.po:
	sync with translationproject.org
	[4a0811073374]

2018-04-09  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/alias.c, plugins/sudoers/cvtsudoers.c,
	plugins/sudoers/parse.h:
	When the -d option is used, remove aliases used by the non-converted
	Defaults settings if the aliases are not also referenced by
	userspecs.
	[d07c4254b3dd]

2018-04-05  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen
	[9a4d88b2a965]

	* NEWS:
	update
	[6ef9dde8fc9a]

	* doc/cvtsudoers.cat, doc/cvtsudoers.man.in, doc/cvtsudoers.mdoc.in:
	Mention -p and -M options in the description of -m.
	[b20abfd14164]

2018-04-04  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/sudo_edit.c:
	Check sudoedit temporary directory for writability before using it.
	[1e29ade3f4b2]

	* plugins/sudoers/regress/starttime/check_starttime.c:
	Use btime in /proc/stat to determine system start time instead of
	/proc/uptime. Fixes the process start time test when run from a
	container where /proc/uptime is the uptime of the container but the
	process start time is relative to the host system boot time. Bug
	#829
	[65ba61e55011]

	* doc/cvtsudoers.cat, doc/cvtsudoers.man.in, doc/cvtsudoers.mdoc.in,
	plugins/sudoers/cvtsudoers.c, plugins/sudoers/cvtsudoers.h,
	plugins/sudoers/match.c, plugins/sudoers/parse.h:
	Add option to prune non-matching entries from cvtsudoers output with
	-m option is used.
	[9a69ba35389d]

2018-04-02  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/cvtsudoers.cat, doc/cvtsudoers.man.in, doc/cvtsudoers.mdoc.in,
	plugins/sudoers/cvtsudoers.c, plugins/sudoers/cvtsudoers.h:
	Allow defaults types and suppression list to be specified in the
	config file.
	[62dd7a96ac9b]

	* plugins/sudoers/alias.c, plugins/sudoers/cvtsudoers.c,
	plugins/sudoers/parse.h, plugins/sudoers/visudo.c:
	Refactor common alias code out of cvtsudoers and visudo and into
	alias.c.
	[b3ba3e6f24d2]

2018-03-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/cvtsudoers.c:
	Avoid NULL deref in an error path. CID 183467
	[38ea56670f18]

	* plugins/sudoers/cvtsudoers.c:
	No need to initialize the last pointer passed to strtok_r(). This
	was originally added to appease newer gcc but no longer seems to be
	required. CID 183466, CID 183468, CID 183469
	[b0a9b90603e1]

	* plugins/sudoers/cvtsudoers_json.c:
	Avoid false positive NULL dereference by uses value.u.string instead
	of name as the former is guaranteed not to be NULL. Fixes CID
	183465.
	[c896d10f5626]

2018-03-29  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/po/sudoers.pot:
	regen
	[8a88e162fd0b]

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	Add a section on convertion from file-based sudoers.
	[033c797b229d]

2018-03-28  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/cvtsudoers.cat, doc/cvtsudoers.man.in, doc/cvtsudoers.mdoc.in,
	plugins/sudoers/cvtsudoers.c:
	Add support for "cvtsudoers -d all"
	[62e748b70105]

	* doc/cvtsudoers.cat, doc/cvtsudoers.man.in, doc/cvtsudoers.mdoc.in,
	plugins/sudoers/cvtsudoers.c, plugins/sudoers/cvtsudoers.h:
	Add -d option to control what type of Defaults entries are
	converted.
	[b723f0dae5c7]

2018-03-27  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/exec_pty.c:
	In pty_close() we still need to check whether the pty master and
	slave fds are open before closing them. When no tty is present but
	we are I/O logging pty_close() will be called when there is no
	actual pty in use.
	[59201fb78427]

	* doc/cvtsudoers.cat, doc/cvtsudoers.man.in, doc/sudo.conf.cat,
	doc/sudoers_timestamp.cat, doc/visudo.cat:
	regen
	[186f3b58daf5]

2018-03-26  Todd C. Miller  <Todd.Miller@sudo.ws>

	* .hgignore:
	ignore *.ldif2sudo regress output
	[8d57e8a0013f]

	* src/exec_pty.c:
	In pty_close() there is no need to remove events associated with the
	pty slave as there are none. We also don't need to check for the pty
	fds being -1 since they are not closed elsewhere and pty_close() is
	only called if pty_setup() succeeds.
	[585a47fb5a8b]

2018-03-25  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/Makefile.in, doc/cvtsudoers.mdoc.in:
	Move cvtsudoers to section 1.
	[69adcb2d24ff]

	* src/exec_pty.c:
	In pty_close() close the slave and remove any events associated with
	it. Fixes a potential hang when performing the final flush on non-
	BSD systems.
	[40159d852c2d]

2018-03-23  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/ldap_util.c:
	Fix typo in strcmp(), we are comparing var not val.
	[07ccd7bae4f6]

	* MANIFEST:
	sync
	[7960511e39dd]

	* NEWS:
	sync
	[c655e7111ce9]

2018-03-22  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/po/sudoers.pot:
	regen
	[ff7b545844fb]

	* doc/cvtsudoers.cat, doc/cvtsudoers.man.in, doc/cvtsudoers.mdoc.in,
	plugins/sudoers/cvtsudoers.c, plugins/sudoers/cvtsudoers.h,
	plugins/sudoers/cvtsudoers_pwutil.c, plugins/sudoers/pwutil.c,
	plugins/sudoers/sudoers.h:
	Add -M option to cvtsudoers to force the use of the local passwd and
	group databases when matching.
	[ea58e2765a40]

	* doc/cvtsudoers.cat, doc/cvtsudoers.man.in, doc/cvtsudoers.mdoc.in,
	plugins/sudoers/cvtsudoers.c, plugins/sudoers/cvtsudoers.h,
	plugins/sudoers/cvtsudoers_json.c,
	plugins/sudoers/cvtsudoers_ldif.c:
	Add cvtsudoers command line option to suppress certain parts of the
	security policy. Can be used to suppress displaying of Defaults
	entries, aliases or privileges.
	[b243efa695e6]

2018-03-21  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/regress/parser/check_gentime.c:
	Silence a false positive from the clang static analyzer.
	[bfde0594783e]

	* plugins/sudoers/cvtsudoers.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/parse.h:
	Silence a false positive from the clang static analyzer.
	[5257e321158d]

	* plugins/sudoers/cvtsudoers.c:
	Fix memory leak on error path.
	[1a13732abfd5]

	* plugins/sudoers/po/sudoers.pot:
	regen
	[c139b8bed3c1]

	* plugins/sudoers/cvtsudoers.c, plugins/sudoers/cvtsudoers.h,
	plugins/sudoers/cvtsudoers_ldif.c:
	Move cvtsudoers string functions into cvtsudoers.c
	[4b5b799e7abc]

	* plugins/sudoers/Makefile.in:
	regen
	[6ecb37e35c9f]

	* doc/cvtsudoers.cat, doc/cvtsudoers.man.in, doc/cvtsudoers.mdoc.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/alias.c,
	plugins/sudoers/cvtsudoers.c, plugins/sudoers/cvtsudoers.h,
	plugins/sudoers/cvtsudoers_ldif.c,
	plugins/sudoers/cvtsudoers_pwutil.c, plugins/sudoers/parse.h:
	Initial support filtering by user, group and host in cvtsudoers.
	Currently forces alias expansion when a filter is applied and the
	entire matching user or host list is printed, even the non-matching
	entries. This effectively allows you to grep sudoers by user, group
	and host.
	[0adbf8d38eb4]

	* plugins/sudoers/defaults.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/parse.h:
	Add free_default() to free a struct defaults pointer so we have a
	single place where we free the defaults. A pointer to the previous
	Default's binding may be passed in to avoid freeing an already free
	binding.
	[9d9ef007ee88]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in,
	doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, doc/sudoers.cat, doc/sudoers.ldap.cat,
	doc/sudoers.ldap.man.in, doc/sudoers.ldap.mdoc.in,
	doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Decrease bullet width to 1n.
	[e6f3776fd72e]

2018-03-17  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/sudo.c:
	Add aix_setauthdb() before the initial getpwuid() call.
	[b8a011be9af7]

2018-03-10  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/cvtsudoers_ldif.c, plugins/sudoers/fmtsudoers.c,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/parse.h:
	fix compilation on Solaris
	[e31019b5f545]

2018-03-08  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in,
	plugins/sudoers/sudoreplay.c:
	Make "sudoreplay -m 0" skip the pauses entirely.
	[d9a7fc9f5720]

	* doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in:
	Document that a negative value for -m will elmininate the pauses.
	[a025e96abb47]

2018-03-06  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/testsudoers.c:
	Update copyright date, remove unneeded include and add a few
	comments.
	[ac1bccd631e5]

	* plugins/sudoers/Makefile.in,
	plugins/sudoers/regress/sudoers/test1.out.ok,
	plugins/sudoers/regress/sudoers/test10.out.ok,
	plugins/sudoers/regress/sudoers/test11.out.ok,
	plugins/sudoers/regress/sudoers/test12.out.ok,
	plugins/sudoers/regress/sudoers/test13.out.ok,
	plugins/sudoers/regress/sudoers/test14.out.ok,
	plugins/sudoers/regress/sudoers/test15.out.ok,
	plugins/sudoers/regress/sudoers/test16.out.ok,
	plugins/sudoers/regress/sudoers/test17.out.ok,
	plugins/sudoers/regress/sudoers/test18.out.ok,
	plugins/sudoers/regress/sudoers/test19.out.ok,
	plugins/sudoers/regress/sudoers/test2.out.ok,
	plugins/sudoers/regress/sudoers/test20.out.ok,
	plugins/sudoers/regress/sudoers/test21.out.ok,
	plugins/sudoers/regress/sudoers/test22.out.ok,
	plugins/sudoers/regress/sudoers/test3.out.ok,
	plugins/sudoers/regress/sudoers/test4.out.ok,
	plugins/sudoers/regress/sudoers/test5.out.ok,
	plugins/sudoers/regress/sudoers/test6.out.ok,
	plugins/sudoers/regress/sudoers/test7.out.ok,
	plugins/sudoers/regress/sudoers/test8.out.ok,
	plugins/sudoers/regress/sudoers/test9.out.ok,
	plugins/sudoers/testsudoers.c:
	Use fmtsudoers functions in testsudoers.
	[be27df4a5291]

	* MANIFEST, plugins/sudoers/regress/sudoers/test22.in,
	plugins/sudoers/regress/sudoers/test22.json.ok,
	plugins/sudoers/regress/sudoers/test22.ldif.ok,
	plugins/sudoers/regress/sudoers/test22.ldif2sudo.ok,
	plugins/sudoers/regress/sudoers/test22.out.ok,
	plugins/sudoers/regress/sudoers/test22.sudo.ok,
	plugins/sudoers/regress/sudoers/test22.toke.ok:
	Add test for empty runas user list.
	[5598cf4c3329]

	* plugins/sudoers/testsudoers.c:
	Don't print an empty user list as ALL.
	[806ee09f854d]

	* plugins/sudoers/fmtsudoers.c, plugins/sudoers/parse.h:
	In sudoers_format_userspecs make the separator optional and silence
	a printf format warning.
	[62c576cbec4b]

	* plugins/sudoers/starttime.c:
	Use correct defines when checking for sysctl kinfo_proc support.
	[6017e45d14b9]

	* plugins/sudoers/cvtsudoers_json.c:
	Fix crash when converting sudoers entry with a runas list that is
	present but empty.
	[ff6b9ef53c6b]

2018-03-05  Todd C. Miller  <Todd.Miller@sudo.ws>

	* config.h.in, configure, configure.ac, plugins/sudoers/starttime.c,
	plugins/sudoers/sudoers.c, src/regress/ttyname/check_ttyname.c,
	src/tgetpass.c, src/ttyname.c:
	Less confusing sysctl checks for kinfo_proc.
	[553f6b3f9c3b]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/defaults.c,
	plugins/sudoers/ldap.c, plugins/sudoers/match.c,
	plugins/sudoers/pwutil.c, plugins/sudoers/sssd.c:
	Add case_insensitive_group and case_insensitive_user sudoers
	options, which are enabled by default.
	[bd74d8b7fe83]

2018-03-04  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/fmtsudoers.c:
	Kill dead store found by clang-analyzer.
	[af2021d3d396]

	* plugins/sudoers/Makefile.in, plugins/sudoers/cvtsudoers.c,
	plugins/sudoers/cvtsudoers_ldif.c, plugins/sudoers/fmtsudoers.c,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/ldap.c, plugins/sudoers/ldap_util.c,
	plugins/sudoers/parse.h,
	plugins/sudoers/regress/sudoers/test2.ldif.ok,
	plugins/sudoers/regress/sudoers/test3.ldif.ok,
	plugins/sudoers/regress/sudoers/test6.ldif.ok,
	plugins/sudoers/sssd.c:
	Initial support for adding comments that will be emitted when
	sudoers is formatted. Currently adds a comment for the source
	sudoRole when converting from ldif -> sudoers.
	[bf2e7f48f452]

	* lib/util/lbuf.c, plugins/sudoers/cvtsudoers.c,
	plugins/sudoers/fmtsudoers.c, plugins/sudoers/parse.h:
	Special case comment lines in lbufs.
	[10d6d229ffae]

	* plugins/sudoers/cvtsudoers_ldif.c:
	Handle escaped commas when skipping over the cn.
	[61aed7ff5e1c]

2018-03-03  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/cvtsudoers.c, plugins/sudoers/fmtsudoers.c,
	plugins/sudoers/parse.h:
	When formatting as sudoers, flush the lbuf after each userspec.
	[060266dd440c]

2018-03-02  Todd C. Miller  <Todd.Miller@sudo.ws>

	* MANIFEST, plugins/sudoers/Makefile.in,
	plugins/sudoers/regress/sudoers/test1.ldif2sudo.ok,
	plugins/sudoers/regress/sudoers/test14.ldif2sudo.ok,
	plugins/sudoers/regress/sudoers/test15.ldif2sudo.ok,
	plugins/sudoers/regress/sudoers/test16.ldif2sudo.ok,
	plugins/sudoers/regress/sudoers/test17.ldif2sudo.ok,
	plugins/sudoers/regress/sudoers/test19.ldif2sudo.ok,
	plugins/sudoers/regress/sudoers/test2.ldif2sudo.ok,
	plugins/sudoers/regress/sudoers/test20.ldif2sudo.ok,
	plugins/sudoers/regress/sudoers/test21.ldif2sudo.ok,
	plugins/sudoers/regress/sudoers/test3.ldif2sudo.ok,
	plugins/sudoers/regress/sudoers/test6.ldif2sudo.ok:
	Add tests for round-tripping sudoers -> ldif -> sudoers
	[72e3e73fb612]

	* plugins/sudoers/cvtsudoers_ldif.c:
	Add missing sudoOrder support to parse_ldif().
	[8c5e9f22f0da]

	* plugins/sudoers/ldap_util.c:
	Add missing support for converting LOG_INPUT/LOG_OUTPUT tags and
	expand support for NOMAIL tags.
	[2820c8333381]

	* plugins/sudoers/cvtsudoers_ldif.c,
	plugins/sudoers/regress/sudoers/test2.ldif.ok,
	plugins/sudoers/regress/sudoers/test3.ldif.ok,
	plugins/sudoers/regress/sudoers/test6.ldif.ok:
	Don't emit an empty sudoRole for global defaults if there are none.
	[2a69dccb7071]

	* plugins/sudoers/ldap_util.c:
	Avoid changing the order of non-negated hosts and commands. We still
	put negated hosts/commands at the end of the list.
	[e1aea92dd6dc]

	* plugins/sudoers/cvtsudoers_ldif.c:
	Handle parsing boolean options that have no explicit value.
	[b5d597faa23d]

	* plugins/sudoers/cvtsudoers_ldif.c:
	Refactor the code that actually converts the role to sudoers format
	into role_to_sudoers() now that it is more involved than just
	calling sudo_ldap_role_to_priv().
	[b876171ff96e]

	* plugins/sudoers/cvtsudoers_ldif.c:
	When merging two privileges, use the runas lists of the previous
	privilege when possible. Otherwise, the generated sudoers line will
	include a runas list for commands that is not necessary.
	[337b49451947]

2018-03-01  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/match.c:
	Use a case-insensitive comparison when matching user and group names
	in sudoers with the passwd or group database. This can be necessary
	when users and groups are stored in AD or LDAP.
	[bfccb8acc3e9]

	* plugins/sudoers/Makefile.in:
	Fix clean target for *.sudo regress files
	[6f52a4aef93a]

	* .hgignore:
	ignore more binaries
	[9adf244d0e9e]

	* plugins/sudoers/cvtsudoers.c:
	Fix use of uninitialized variable (conf) if sudoers_debug_register()
	happens to fail.
	[0ef1765f14f4]

2018-02-28  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/cvtsudoers_ldif.c:
	Split conversion code out of parse_ldif() and into
	ldif_to_sudoers().
	[27c8b7001735]

	* plugins/sudoers/cvtsudoers_ldif.c:
	Quiet a clang analyzer warning.
	[21102c27dcce]

	* MANIFEST, configure, configure.ac, mkdep.pl,
	plugins/sudoers/Makefile.in, plugins/sudoers/ldap_common.c,
	plugins/sudoers/ldap_util.c:
	rename ldap_common.c -> ldap_util.c
	[3093bdbb8a9b]

	* plugins/sudoers/cvtsudoers_ldif.c:
	When converting from ldif to sudoers, sudoRole objects with the same
	user if possible. If both user and host are the same, merge into a
	single privilege. This makes it possible to convert a sudoers entry
	like:

	 aaron shanty = NOEXEC: /usr/bin/vi, /usr/bin/more, EXEC: /bin/sh

	to ldif and then back to sudoers as a single line. Currently, the
	ldif entries to be merged must have the same or adjacent sudoOrder
	attributes.
	[74e5cef2e849]

	* plugins/sudoers/cvtsudoers_ldif.c:
	plug memory leaks
	[a5268668c397]

	* src/parse_args.c:
	Restore line to set MODE_PRESERVE_ENV in flags when the -E command
	line option is used. The caller doesn't check MODE_PRESERVE_ENV
	these days but parse_args uses it to detect usage errors when -E is
	used along with a mutually excusive option. Problem found by Yuriy
	Vostrikov.
	[b511e35d9be4]

2018-02-26  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Add missing close parenthesis in "Including other files from within
	sudoers" section. Bug #824
	[3335cb2ce29f]

2018-02-25  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/ldap_common.c:
	When converting from LDAP to sudoers, put negated hosts and commands
	at the end of the list. Since LDAP doesn't guarantee attribute order
	we need to make sure negated entries always override non- negated
	ones.
	[0ebff259c521]

2018-02-24  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/cvtsudoers.c:
	We may need the hostname to resolve %h escapes in include files.
	[3e57710762d3]

	* doc/cvtsudoers.cat, doc/cvtsudoers.man.in, doc/cvtsudoers.mdoc.in,
	plugins/sudoers/cvtsudoers.c, plugins/sudoers/cvtsudoers_ldif.c:
	Setting a sudoOrder start point of 0 will disable creation of
	sudoOrder attributes in the resulting LDIF output.
	[4107f61b431b]

	* plugins/sudoers/cvtsudoers.c:
	Don't need to fill in struct sudo_user since we don't do matching.
	[cdc876d298b5]

	* MANIFEST, doc/cvtsudoers.cat, doc/cvtsudoers.man.in,
	doc/cvtsudoers.mdoc.in, pathnames.h.in, plugins/sudoers/Makefile.in,
	plugins/sudoers/cvtsudoers.c, plugins/sudoers/cvtsudoers.h,
	plugins/sudoers/cvtsudoers_json.c,
	plugins/sudoers/cvtsudoers_ldif.c:
	Add support for setting default options in a config file. In
	addition to expand_aliases, input_format and output_format, both the
	initial sudoOrder and the increment when updating sudoOrder for
	subsequent sudoRole objects can be specified. Command line options
	have also been added for the start order and increment.
	[d3121c039ddf]

2018-02-22  Todd C. Miller  <Todd.Miller@sudo.ws>

	* NEWS:
	cvtsudoers can now read LDIF
	[99b7ed30c754]

	* doc/UPGRADE:
	Fix a typo.
	[87f635970a5d]

	* plugins/sudoers/fmtsudoers.c:
	Deal with user_name not being set in cvtsudoers.
	[421bb1dbff57]

	* doc/cvtsudoers.cat, doc/cvtsudoers.man.in, doc/cvtsudoers.mdoc.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/cvtsudoers.c,
	plugins/sudoers/cvtsudoers_json.c,
	plugins/sudoers/cvtsudoers_ldif.c, plugins/sudoers/ldap.c,
	plugins/sudoers/ldap_common.c, plugins/sudoers/sssd.c,
	plugins/sudoers/sudo_ldap.h:
	Initial support for parsing sudoers LDIF files in cvtsudoers. This
	makes it possible to convert from LDAP sudoers to a traditional
	sudoers file. Semantic differences between file sudoers and LDAP
	sudoers mean that LDIF -> sudoers is not completely equivalent.
	[ddf513e2778f]

2018-02-21  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/cvtsudoers_ldif.c,
	plugins/sudoers/regress/sudoers/test14.ldif.ok:
	Fix LDIF conversion of commands with an associated digest.
	[590ab0cb58e4]

	* plugins/sudoers/ldap_common.c:
	In array_to_member_list() use the correct type for netgroups and
	user groups.
	[359947d19131]

	* plugins/sudoers/fmtsudoers.c:
	Prepend digest to command if present. Fix printing of group IDs and
	non-unix groups.
	[5f9834b4bcbc]

	* plugins/sudoers/cvtsudoers_json.c:
	Fix gcc false positive for uninitialized variable
	[d250b862c1ed]

2018-02-20  Todd C. Miller  <Todd.Miller@sudo.ws>

	* pp:
	Update Polypkg to the latest version from git.
	[204ebffb502f]

	* config.h.in, configure, configure.ac, src/sudo.c:
	Use setpassent() and setgroupent() on systems that support it to
	keep the passwd and group database open. Sudo does a lot of passwd
	and group lookups so it can be beneficial to just leave the file
	open.
	[3d2d5bca9670]

2018-02-19  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/cvtsudoers.cat, doc/cvtsudoers.man.in, doc/cvtsudoers.mdoc.in,
	plugins/sudoers/cvtsudoers.c, plugins/sudoers/cvtsudoers_json.c,
	plugins/sudoers/cvtsudoers_ldif.c, plugins/sudoers/fmtsudoers.c:
	Add option to cvtsudoers to expand aliases in the output.
	[1af56459fd7d]

	* plugins/sudoers/cvtsudoers_json.c,
	plugins/sudoers/regress/sudoers/test1.json.ok,
	plugins/sudoers/regress/sudoers/test14.json.ok,
	plugins/sudoers/regress/sudoers/test15.json.ok,
	plugins/sudoers/regress/sudoers/test16.json.ok,
	plugins/sudoers/regress/sudoers/test17.json.ok,
	plugins/sudoers/regress/sudoers/test19.json.ok,
	plugins/sudoers/regress/sudoers/test2.json.ok,
	plugins/sudoers/regress/sudoers/test6.json.ok:
	Fix conversion of "ALL" in the JSON output format, which was being
	printed as an alias.
	[3f7869688820]

	* INSTALL, configure, configure.ac:
	Clarify that --with-rundir and --with-vardir take sudo-specific
	directory, e.g. /var/run/sudo and not just /var/run. Bug #823
	[e1913085e544]

	* src/exec_pty.c:
	In pty_cleanup() we need to call sudo_term_restore() even if no I/O
	plugins are present as long as /dev/tty exists. Fixes the use_pty
	case with no I/O plugins.
	[82fecef72998]

	* include/sudo_event.h, lib/util/event.c, lib/util/util.exp.in,
	plugins/sudoers/sudoreplay.c, src/exec_monitor.c, src/exec_nopty.c,
	src/exec_pty.c:
	Add sudo_ev_dispatch(), a wrapper for ev_loop() with no flags.
	Similar the dispatch function in libevent.
	[61e588fd50d0]

	* INSTALL, configure, configure.ac, doc/sudoers.cat,
	doc/sudoers.man.in, doc/sudoers.mdoc.in, m4/sudo.m4:
	Use /run in preference to /var/run if it exists. Bug #822
	[ec2febe6f8a3]

2018-02-14  Todd C. Miller  <Todd.Miller@sudo.ws>

	* NEWS:
	mention common sudoers formatting changes
	[b32825ca3e2f]

2018-02-11  Todd C. Miller  <Todd.Miller@sudo.ws>

	* MANIFEST, configure, configure.ac, mkdep.pl,
	plugins/sudoers/Makefile.in, plugins/sudoers/ldap.c,
	plugins/sudoers/ldap_conf.c, plugins/sudoers/sudo_ldap.h,
	plugins/sudoers/sudo_ldap_conf.h:
	Move LDAP configuration bits into ldap_conf.c
	[1673e3c7855a]

2018-02-10  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/ldap.c, plugins/sudoers/ldap_common.c:
	No longer need to include stddef.h
	[a10a13dc73c7]

	* plugins/sudoers/iolog.c:
	Remove dead store, found by cppcheck.
	[744e99ffc82e]

	* plugins/sudoers/ldap.c, plugins/sudoers/ldap_common.c,
	plugins/sudoers/sssd.c, plugins/sudoers/sudo_ldap.h:
	simplify iterator
	[944fd546ec98]

	* plugins/sudoers/mkdir_parents.c:
	Silence a false positive from cppcheck.
	[f94421968d8e]

	* plugins/sudoers/tsdump.c:
	Cast version to int when printing. Avoids a cppcheck warning.
	[3312bec4f1e3]

2018-02-09  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/ldap.c, plugins/sudoers/ldap_common.c,
	plugins/sudoers/sssd.c, plugins/sudoers/sudo_ldap.h:
	Use an iterator instead of fragile pointer arithmetic to iterate
	over value arrays in sudo_ldap_role_to_priv().
	[61752c5f3427]

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/cvtsudoers.c,
	plugins/sudoers/fmtsudoers.c, plugins/sudoers/ldap.c,
	plugins/sudoers/parse.c, plugins/sudoers/parse.h,
	plugins/sudoers/sssd.c:
	Move sudoers formatting code into fmtsudoers.
	[ff25291c99f4]

	* plugins/sudoers/cvtsudoers.c, plugins/sudoers/parse.c:
	Clean up some XXX in parse.c
	[19854e7d8ac7]

	* plugins/sudoers/ldap.c, plugins/sudoers/parse.c,
	plugins/sudoers/parse.h, plugins/sudoers/sssd.c:
	Rename sudo_file_append_default() -> sudo_lbuf_append_default() and
	use it for ldap and sssd too.
	[dae22810f2dd]

	* MANIFEST, configure, configure.ac, mkdep.pl,
	plugins/sudoers/Makefile.in, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/ldap.c,
	plugins/sudoers/ldap_common.c, plugins/sudoers/parse.h,
	plugins/sudoers/sssd.c, plugins/sudoers/sudo_ldap.h:
	Move common bits of ldap to sudoers conversion into ldap_common.c
	and use it in sssd.c.
	[5cca03f64b77]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/ldap.c, plugins/sudoers/parse.c,
	plugins/sudoers/parse.h:
	Convert ldap results into a sudoers userspec so we can use the "sudo
	-l" output functions in parse.c.
	[1422e10dc274]

2018-02-08  Todd C. Miller  <Todd.Miller@sudo.ws>

	* sudo.pp:
	Don't mark sudoers.dist volatile, it only gets used on systems that
	don't have the concept of volatile files.
	[c47fd17e62e3]

2018-02-05  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/parse.h:
	Refactor member freeing code into free_member(). Refactor userspec
	freeing code into free_userspec().
	[ccc95e8b9f69]

	* plugins/sudoers/cvtsudoers.c:
	Fix compilation with glibc where stdout is not constant.
	[97a0302c29c8]

2018-02-04  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/ldap.c:
	For "sudo -l", if a word includes spaces, print it in double quotes.
	Also escape spaces in the command path. This matches the sudoers
	quoting rules.
	[04ace6decf3a]

2018-02-03  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/ldap.c:
	Display sudoNotBefore and sudoNotAfter in "sudo -l"
	[ef7de4c8aa9e]

	* plugins/sudoers/parse.c:
	For "sudo -l", if a word includes spaces, print it in double quotes.
	Also escape spaces in the command path. This matches the sudoers
	quoting rules.
	[fa12a254657c]

	* plugins/sudoers/cvtsudoers.c:
	Add back printing of negation operator ('!') when printing a word
	with spaces in it.
	[c69706a91817]

	* plugins/sudoers/Makefile.in:
	Use visudo to validate "cvtsudoers -f sudoers" output.
	[06bae7204926]

	* plugins/sudoers/regress/sudoers/test21.in,
	plugins/sudoers/regress/sudoers/test21.json.ok,
	plugins/sudoers/regress/sudoers/test21.ldif.ok,
	plugins/sudoers/regress/sudoers/test21.out.ok,
	plugins/sudoers/regress/sudoers/test21.toke.ok:
	Remove syslog_goodpri and syslog_badpri without a value that causes
	visudo to report an error.
	[c1f696e49f49]

	* plugins/sudoers/cvtsudoers.c:
	When outputting sudoers, if a word includes spaces, print it in
	double quotes. Also escape spaces in the command path.
	[d040c1a21277]

2018-02-02  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/cvtsudoers.cat, doc/cvtsudoers.man.in, doc/cvtsudoers.mdoc.in,
	plugins/sudoers/alias.c, plugins/sudoers/cvtsudoers.c,
	plugins/sudoers/parse.h, plugins/sudoers/visudo.c:
	Add sudoers output format to cvtsudoers. In the future this may be
	used with filters to emit a partial sudoers file instead of a full
	one.
	[533d2c389213]

	* plugins/sudoers/parse.c:
	When printing a member name, quote sudoers special characters unless
	it is a UID/GID, in which case we print the '#' unquoted.
	[e4e8154c4fe9]

	* plugins/sudoers/parse.c, plugins/sudoers/parse.h:
	Move SUDOERS_QUOTED define to parse.h
	[a813ec4acb5f]

2018-01-30  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/timestamp.c:
	Remove extraneous break statement and fix some whitespace.
	[39df566c33e3]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	The max timeout for kernel time stamps is 60 minutes, not 3600
	minutes.
	[95be88c4f106]

2018-01-29  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/testsudoers.c:
	Check the return value of sudoers_debug_register(). Coverity CID
	182574
	[fb5449acdafd]

	* plugins/sudoers/cvtsudoers_ldif.c:
	Fix memory leak, su->count is now 0 when it is unused, not 1.
	Covertity CID 182573
	[77019ded8f84]

	* plugins/sudoers/cvtsudoers_ldif.c:
	Quiet a clang analyzer false positive.
	[ef04f7069df4]

	* plugins/sudoers/cvtsudoers_ldif.c,
	plugins/sudoers/regress/sudoers/test2.ldif.ok,
	plugins/sudoers/regress/sudoers/test6.ldif.ok:
	Quote special characters when creating the cn as per RFC2253
	[e49ff28c1fd7]

	* NEWS, configure, configure.ac, doc/UPGRADE:
	Sudo 1.8.23
	[e364ed057d1d]

	* doc/LICENSE:
	Remove the C-style comment charactes from the getopt_long.c and
	inet_pton.c license text as it was inconsistent with the rest of the
	file and messed up the html formatting.
	[a26679d2d0a7]

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/sudoers2ldif,
	sudo.pp:
	Remove sudoers2ldif, it has been replaced by cvtsudoers.
	[7563cc3768c2]

2018-01-28  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/cvtsudoers.cat, doc/cvtsudoers.man.in, doc/cvtsudoers.mdoc.in,
	plugins/sudoers/cvtsudoers.c, plugins/sudoers/cvtsudoers_ldif.c:
	Add -b option to specify the base dn.
	[7cd4c46c33bf]

	* doc/cvtsudoers.cat, doc/cvtsudoers.man.in, doc/cvtsudoers.mdoc.in:
	Document limitations of LDIF conversion.
	[e8c84362f084]

	* doc/cvtsudoers.cat, doc/cvtsudoers.man.in, doc/cvtsudoers.mdoc.in,
	plugins/sudoers/cvtsudoers.c:
	Switch the default output format to LDIF
	[a677c7b72a90]

	* plugins/sudoers/visudo.c:
	Execute cvtsudoers if the user runs "visudo -x" but also emit a
	warning.
	[53ec45a847d2]

	* doc/cvtsudoers.cat, doc/cvtsudoers.man.in, doc/cvtsudoers.mdoc.in,
	plugins/sudoers/cvtsudoers.c, plugins/sudoers/stubs.c,
	plugins/sudoers/visudo.c:
	Revert 04ec05108b2b, change the default input source back to stdin.
	[df8d94f1bab4]

	* MANIFEST, plugins/sudoers/Makefile.in,
	plugins/sudoers/regress/sudoers/test1.ldif.ok,
	plugins/sudoers/regress/sudoers/test10.ldif.ok,
	plugins/sudoers/regress/sudoers/test11.ldif.ok,
	plugins/sudoers/regress/sudoers/test12.ldif.ok,
	plugins/sudoers/regress/sudoers/test13.ldif.ok,
	plugins/sudoers/regress/sudoers/test14.ldif.ok,
	plugins/sudoers/regress/sudoers/test15.ldif.ok,
	plugins/sudoers/regress/sudoers/test16.ldif.ok,
	plugins/sudoers/regress/sudoers/test17.ldif.ok,
	plugins/sudoers/regress/sudoers/test18.ldif.ok,
	plugins/sudoers/regress/sudoers/test19.ldif.ok,
	plugins/sudoers/regress/sudoers/test2.ldif.ok,
	plugins/sudoers/regress/sudoers/test20.ldif.ok,
	plugins/sudoers/regress/sudoers/test21.ldif.ok,
	plugins/sudoers/regress/sudoers/test3.ldif.ok,
	plugins/sudoers/regress/sudoers/test4.ldif.ok,
	plugins/sudoers/regress/sudoers/test5.ldif.ok,
	plugins/sudoers/regress/sudoers/test6.ldif.ok,
	plugins/sudoers/regress/sudoers/test7.ldif.ok,
	plugins/sudoers/regress/sudoers/test8.ldif.ok,
	plugins/sudoers/regress/sudoers/test9.ldif.ok:
	Add LDIF conversion to sudoers tests
	[997b79da8874]

	* plugins/sudoers/cvtsudoers_json.c,
	plugins/sudoers/cvtsudoers_ldif.c,
	plugins/sudoers/regress/sudoers/test19.json.ok:
	Add notbefore and notafter support to the backends.
	[be50db300eda]

2018-01-27  Todd C. Miller  <Todd.Miller@sudo.ws>

	* README.LDAP:
	cvtsudoers instead of sudoers2ldif
	[3909ea2c29c1]

	* MANIFEST, doc/cvtsudoers.cat, doc/cvtsudoers.man.in,
	doc/cvtsudoers.mdoc.in, plugins/sudoers/Makefile.in,
	plugins/sudoers/cvtsudoers.c, plugins/sudoers/cvtsudoers_ldif.c:
	Add ldif backend to cvtsudoers, to replace sudoers2ldif
	[f0e039c63488]

	* plugins/sudoers/Makefile.in:
	fix make check
	[2cbedce72e3a]

2018-01-26  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/cvtsudoers.c, plugins/sudoers/cvtsudoers_json.c:
	Parse sudoers in the front end, not the back end.
	[30d4e40ed69a]

	* doc/Makefile.in:
	install the cvtsudoers manual
	[243d319fed1c]

	* doc/cvtsudoers.cat, doc/cvtsudoers.man.in, doc/cvtsudoers.mdoc.in,
	plugins/sudoers/cvtsudoers.c, plugins/sudoers/stubs.c,
	plugins/sudoers/visudo.c:
	Use the built-in sudoers file location as the default sudoers file
	for cvtsudoers and move parse_sudoers_options() to stubs.c since it
	is shared between visudo.c and cvtsudoers.c.
	[04ec05108b2b]

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/cvtsudoers.c,
	plugins/sudoers/stubs.c, plugins/sudoers/visudo.c:
	Move common stub functions required by the parser out of visudo.c
	and cvtsudoers.c and into stubs.c.
	[a324cbde55a3]

	* plugins/sudoers/cvtsudoers.c, plugins/sudoers/cvtsudoers_json.c:
	Rename export_sudoers() to convert_sudoers_json() and move the check
	for the same input and output file to the front-end.
	[7c83c21ea479]

	* sudo.pp:
	add cvtsudoers
	[e8ba851cafb4]

	* MANIFEST, doc/Makefile.in, doc/cvtsudoers.cat,
	doc/cvtsudoers.man.in, doc/cvtsudoers.mdoc.in, doc/visudo.cat,
	doc/visudo.man.in, doc/visudo.mdoc.in, plugins/sudoers/Makefile.in,
	plugins/sudoers/cvtsudoers.c, plugins/sudoers/cvtsudoers_json.c,
	plugins/sudoers/visudo.c, plugins/sudoers/visudo_json.c:
	Move sudoers JSON conversion to cvtsudoers which will eventually
	output to other formats too.
	[e64a50657a88]

	* plugins/sudoers/defaults.c:
	Convert from time in minutes to timespec directly instead of
	converting to double via strtod(). This makes it easier to catch
	overflow.
	[0d6ab7c21a15]

2018-01-24  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	document that kernel tty timestamps don't support negative timeouts
	[4ff726cf2010]

2018-01-23  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/timestamp.c:
	Fall back to ppid time stamps if timestamp_type == kernel and no tty
	is present. This is consistent with timestamp_type == tty.
	[26c527166a0c]

	* plugins/sudoers/timestamp.c:
	Do not call the TIOCSETVERAUTH ioctl with a negative number of
	seconds. Also cap the max number of seconds at 3600 to avoid getting
	EINVAL from TIOCSETVERAUTH.
	[371744874743]

2018-01-22  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/defaults.c:
	Better conversion from double to nanoseconds.
	[2f54790801c8]

	* plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/bsdauth.c,
	plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/securid5.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/auth/sudo_auth.h,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/defaults.c,
	plugins/sudoers/defaults.h, plugins/sudoers/mkdefaults,
	plugins/sudoers/timestamp.c:
	Store passwd_timeout and timestamp_timeout as a struct timespec
	instead of as a float. Remove timeout argument to auth_getpass() as
	it was never used.
	[c4a3c60d0284]

2018-01-21  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/mkdefaults:
	Don't rely on perl being installed in /usr/local/bin
	[e3274f56df43]

2018-01-17  Todd C. Miller  <Todd.Miller@sudo.ws>

	* config.h.in, configure, configure.ac, lib/util/gettime.c,
	lib/util/mktemp.c, lib/util/nanosleep.c, lib/util/utimens.c,
	plugins/sudoers/boottime.c, plugins/sudoers/check.c,
	plugins/sudoers/getdate.c, plugins/sudoers/getdate.y,
	plugins/sudoers/group_plugin.c, plugins/sudoers/iolog.c,
	plugins/sudoers/ldap.c, plugins/sudoers/sssd.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/timestamp.c,
	plugins/sudoers/visudo.c, src/net_ifs.c, src/sesh.c, src/sudo.c,
	src/sudo_edit.c, src/utmp.c:
	Remove use of AC_HEADER_TIME, only obsolete platforms actually need
	this. Also stop removing sys/time.h unless the source file uses
	struct timeval.
	[a744b8a07685]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y:
	Remove duplicate options %type
	[3ea3c3d477bf]

2018-01-16  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/auth/API, plugins/sudoers/auth/bsdauth.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/auth/sudo_auth.h, plugins/sudoers/check.c,
	plugins/sudoers/sudoers.h:
	Add an approval function to the sudo auth API which is run after the
	user's password has been verified. The approval function is run even
	if no password is required. This is currently only used for PAM (use
	pam_acct_mgmt) and BSD auth (auth_approval).
	[cab448ac8633]

2018-01-15  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/tsdump.c:
	treat uid as unsigned in error message
	[2672d4ca3479]

	* MANIFEST, plugins/sudoers/po/fur.mo:
	Add missing plugins/sudoers/po/fur.mo file to repo.
	[cfa503d7fcd4]

	* NEWS:
	Mention new sudoers_timestamp manual.
	[f96ad00c4ba4]

2018-01-12  Todd C. Miller  <Todd.Miller@sudo.ws>

	* .hgignore:
	ignore tsdump
	[39306d37c846]

	* plugins/sudoers/tsdump.c:
	Convert from mono time to real time before displaying time stamps.
	[12f9e1f5e8e5]

2018-01-11  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/solaris_audit.c:
	Use PATH_MAX, not MAXPATHLEN.
	[d3c7466aad1d]

	* MANIFEST, config.h.in, configure, configure.ac, include/sudo_util.h,
	lib/util/Makefile.in, lib/util/ttyname_dev.c, lib/util/util.exp.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/check.h,
	plugins/sudoers/tsdump.c, src/ttyname.c:
	Add tsdump, a simple utility to dump a timestamp file. To build, run
	"make tsdump" in the plugins/sudoers directory (it is not built by
	default). In order to map the tty device number to a name,
	sudo_ttyname_dev() has been moved into libsudo_util.
	[b79ae30fe6a4]

2018-01-04  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po, po/uk.mo,
	po/uk.po:
	sync with translationproject.org
	[71140a551c60]

	* doc/LICENSE:
	Welcome to 2018
	[3ddea360d414]

2017-12-28  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/fur.po, plugins/sudoers/po/nb.mo,
	plugins/sudoers/po/nb.po, plugins/sudoers/po/zh_CN.mo,
	plugins/sudoers/po/zh_CN.po:
	sync with translationproject.org
	[fbd54c7f59f1]

2017-12-22  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/logging.c:
	Silence a clang analyzer false positive.
	[bfcdfe2c1376]

	* doc/Makefile.in:
	Remove extra $(srcdir)/sudoreplay.man.in target added by mistake.
	[7e83806cc17e]

	* plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po,
	plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/hr.mo, plugins/sudoers/po/hr.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
	plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po,
	plugins/sudoers/po/nl.mo, plugins/sudoers/po/nl.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/sv.mo, plugins/sudoers/po/sv.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po, po/ja.mo,
	po/ja.po:
	sync with translationproject.org
	[27cf5abeeb1a]

	* plugins/sudoers/timestamp.c:
	Use a tty lock even for kernel time stamps so we can avoid
	simultaneous password prompts.
	[90a55098176b]

	* NEWS:
	visudo changes
	[06c99aab6f7a]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in,
	plugins/sudoers/editor.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/visudo.c:
	Also honor SUDO_EDITOR in visudo. Previously is was only used by
	sudoedit.
	[9bccc7171a53]

2017-12-21  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/sudoers.c:
	Stop looking for an editor as soon as we find one. A similar fix was
	made to visudo some time ago.
	[c6c5d968612a]

	* doc/sudoers_timestamp.cat, doc/sudoers_timestamp.man.in,
	doc/sudoers_timestamp.mdoc.in:
	The session ID was added in 1.8.6p7 to prevent a user in another
	session from re-using the time stamp file. Other minor cleanups.
	[f733f7ea97a7]

	* plugins/sudoers/check.h:
	"time stamp" not "timestamp"
	[af0f2d8b6d52]

2017-12-20  Todd C. Miller  <Todd.Miller@sudo.ws>

	* NEWS, doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/timestamp.c:
	Add "kernel" as a possible value of timestamp_type. Currently only
	supported on OpenBSD.
	[ca1a2a03e37d]

	* MANIFEST, doc/Makefile.in, doc/sudoers.cat, doc/sudoers.man.in,
	doc/sudoers.mdoc.in, doc/sudoers_timestamp.cat,
	doc/sudoers_timestamp.man.in, doc/sudoers_timestamp.mdoc.in,
	plugins/sudoers/check.h:
	Document the sudoers time stamp file format.
	[d3470da8fde9]

2017-12-19  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/regress/starttime/check_starttime.c:
	Verify start time of the current process, allowing for some clock
	drift. For Linux, process start time is relative to boot time, not
	wallclock time.
	[4928645eaa1c]

2017-12-18  Todd C. Miller  <Todd.Miller@sudo.ws>

	* NEWS:
	sync
	[aeffb7f82e10]

	* plugins/sudoers/po/sudoers.pot:
	regen
	[8be51858eec1]

	* MANIFEST, plugins/sudoers/Makefile.in,
	plugins/sudoers/regress/starttime/check_starttime.c:
	Trivial test for process start time. We don't try to check the
	resulting timespec as it differs by platform. On most it is
	wallclock time, on others it is relative to boot time (Linux).
	[e74cf3bd4c87]

	* lib/util/Makefile.in:
	regen
	[6de26735d666]

2017-12-17  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/starttime.c:
	Support start time on macOS and 4.4BSD
	[81f2eebc7edb]

2017-12-16  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/regress/env_match/check_env_pattern.c:
	Include sys/types.h for mode_t used in sudoers.h.
	[bdff1606f111]

	* plugins/sudoers/starttime.c:
	Fix compilation error on FreeBSD
	[2c4962a7812c]

	* plugins/sudoers/starttime.c:
	Fix debug_decl(), it should be SUDOERS_DEBUG_UTIL Add debugging for
	the successful case For Linux, don't NUL out *ep before parsing with
	strtoull().
	* * * Add missing debug info for the System V /proc version.
	[2394c6d9375d]

	* MANIFEST, doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/check.h,
	plugins/sudoers/starttime.c, plugins/sudoers/timestamp.c:
	In the timestamp record, include the start time of the terminal
	session leader for tty-based timestamps or the start time of the
	parent process for ppid-based timestamps. Idea from Duncan
	Overbruck.
	[f0964b4cf4ac]

2017-12-15  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/timestamp.c:
	If the lock record doesn't match the expected record size we need to
	seek to the end of the record as we otherwise may have gone too far
	(or not far enough). Fixes interop problems when the time stamp
	record changes size.
	[e8e4c3815db5]

2017-12-12  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/exec_pty.c:
	No need for a loop around the recv() now that we don't have to worry
	about EINTR. CID 180697
	[7cb966d69bc6]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Try to be clearer about sudo's exit value when the -l option is
	used.
	[efbddaa576a7]

	* NEWS:
	sync
	[99fc4b347250]

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in, plugins/sudoers/ldap.c,
	plugins/sudoers/sssd.c:
	An empty RunAsUser means run as the invoking user, similar to how
	the sudoers files works.
	[576172386594]

	* doc/sudoers.cat, doc/sudoers.man.in:
	regen
	[9b6d0064f410]

2017-12-11  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/logging.c:
	Add authfail_message sudoers option to allow the user to override
	the default message of %d incorrect password attempt(s).
	[f11e9d64a6da]

	* plugins/sudoers/policy.c, src/parse_args.c:
	Allow the plugin to determine whether or not an empty timeout is
	allowed. For sudoers, an error will be returned for an empty
	timeout.
	[26511c049fb1]

	* plugins/sudoers/timeout.c:
	Return an error for an empty timeout string. Just use strtol() for
	syntax checking instead of scanning with strspn().
	[1fa1b712fbcc]

	* src/parse_args.c, src/sudo_edit.c:
	Change some _() into U_() since they are used for warn/fatal. We
	always want to issue warnings in the user's locale.
	[684331aee66e]

	* Makefile.in:
	update my email address
	[b4ec26be6203]

2017-12-10  Todd C. Miller  <Todd.Miller@sudo.ws>

	* log2cl.pl:
	Don't print mercurial branch info for merges.
	[489881774e52]

	* log2cl.pl:
	Use log size instead of using a separator between the log entry and
	the file names.
	[620c231f789b]

	* src/parse_args.c:
	Print usage and return an error when an empty argument is given for
	all command line arguments other than -p and -E. Bug #817
	[143be1bc8316]

	* plugins/sudoers/policy.c:
	Better input validation of settings passed by the sudo front-end.
	Instead of ignoring an empty setting, throw an error.
	[93cc4f4761f3]

	* log2cl.pl:
	Treat a blank line in a commit message as a line break. There
	doesn't appear to be a way to make perl's format use a blank field
	but at least the line break happens now.
	[fbc3ff819341]

2017-12-09  Todd C. Miller  <Todd.Miller@sudo.ws>

	* MANIFEST, Makefile.in, log2cl.pl:
	Add script to generate ChangeLog from git log output.
	[e8bfbd1ae6ef]

2017-12-08  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/defaults.c, plugins/sudoers/logging.c,
	plugins/sudoers/logging.h:
	Don't include syslog.h from logging.h, just include it in the two .c
	files it is actually needed.
	[9ffc5ca9eb49]

2017-12-06  Todd C. Miller  <Todd.Miller@sudo.ws>

	* doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in:
	Document that in check mode, visudo does not check the owner/mode on
	files specified with the -f flag.
	[f5d86019e4c7]

2017-12-03  Todd C. Miller  <Todd.Miller@sudo.ws>

	* Makefile.in, configure.ac, doc/HISTORY, doc/LICENSE,
	doc/Makefile.in, doc/fixman.sh, doc/fixmdoc.sh,
	doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in, doc/sudo.man.in,
	doc/sudo.mdoc.in, doc/sudo_plugin.man.in, doc/sudo_plugin.mdoc.in,
	doc/sudoers.ldap.man.in, doc/sudoers.ldap.mdoc.in,
	doc/sudoers.man.in, doc/sudoers.mdoc.in, doc/sudoreplay.man.in,
	doc/sudoreplay.mdoc.in, doc/visudo.man.in, doc/visudo.mdoc.in,
	examples/Makefile.in, include/Makefile.in,
	include/compat/charclass.h, include/compat/endian.h,
	include/compat/fnmatch.h, include/compat/nss_dbdefs.h,
	include/compat/sha2.h, include/sudo_compat.h, include/sudo_conf.h,
	include/sudo_debug.h, include/sudo_dso.h, include/sudo_event.h,
	include/sudo_fatal.h, include/sudo_gettext.h, include/sudo_lbuf.h,
	include/sudo_plugin.h, include/sudo_util.h, lib/util/Makefile.in,
	lib/util/aix.c, lib/util/closefrom.c, lib/util/event.c,
	lib/util/event_poll.c, lib/util/event_select.c, lib/util/fatal.c,
	lib/util/getgrouplist.c, lib/util/gethostname.c, lib/util/getline.c,
	lib/util/getopt_long.c, lib/util/gettime.c, lib/util/gidlist.c,
	lib/util/glob.c, lib/util/isblank.c, lib/util/key_val.c,
	lib/util/lbuf.c, lib/util/locking.c, lib/util/memrchr.c,
	lib/util/memset_s.c, lib/util/mksiglist.c, lib/util/mksigname.c,
	lib/util/mktemp.c, lib/util/nanosleep.c, lib/util/parseln.c,
	lib/util/pipe2.c, lib/util/progname.c, lib/util/pw_dup.c,
	lib/util/regress/atofoo/atofoo_test.c,
	lib/util/regress/fnmatch/fnm_test.c,
	lib/util/regress/glob/globtest.c,
	lib/util/regress/parse_gids/parse_gids_test.c,
	lib/util/regress/progname/progname_test.c,
	lib/util/regress/strsplit/strsplit_test.c,
	lib/util/regress/sudo_conf/conf_test.c,
	lib/util/regress/sudo_parseln/parseln_test.c,
	lib/util/regress/tailq/hltq_test.c,
	lib/util/regress/vsyslog/vsyslog_test.c, lib/util/secure_path.c,
	lib/util/setgroups.c, lib/util/sha2.c, lib/util/sig2str.c,
	lib/util/snprintf.c, lib/util/strlcat.c, lib/util/strlcpy.c,
	lib/util/strndup.c, lib/util/strnlen.c, lib/util/strsignal.c,
	lib/util/strsplit.c, lib/util/strtobool.c, lib/util/strtoid.c,
	lib/util/strtomode.c, lib/util/strtonum.c, lib/util/sudo_conf.c,
	lib/util/sudo_debug.c, lib/util/sudo_dso.c, lib/util/term.c,
	lib/util/ttysize.c, lib/util/utimens.c, lib/util/vsyslog.c,
	lib/zlib/Makefile.in, m4/sudo.m4, mkdep.pl, mkpkg, pathnames.h.in,
	plugins/group_file/Makefile.in, plugins/group_file/getgrent.c,
	plugins/group_file/group_file.c, plugins/group_file/plugin_test.c,
	plugins/sample/Makefile.in, plugins/sample/sample_plugin.c,
	plugins/sudoers/Makefile.in, plugins/sudoers/alias.c,
	plugins/sudoers/audit.c, plugins/sudoers/auth/afs.c,
	plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/bsdauth.c,
	plugins/sudoers/auth/dce.c, plugins/sudoers/auth/fwtk.c,
	plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/rfc1938.c,
	plugins/sudoers/auth/secureware.c, plugins/sudoers/auth/securid5.c,
	plugins/sudoers/auth/sia.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/auth/sudo_auth.h, plugins/sudoers/base64.c,
	plugins/sudoers/boottime.c, plugins/sudoers/bsm_audit.c,
	plugins/sudoers/bsm_audit.h, plugins/sudoers/check.c,
	plugins/sudoers/check.h, plugins/sudoers/defaults.c,
	plugins/sudoers/defaults.h, plugins/sudoers/digestname.c,
	plugins/sudoers/editor.c, plugins/sudoers/env.c,
	plugins/sudoers/env_pattern.c, plugins/sudoers/filedigest.c,
	plugins/sudoers/filedigest_gcrypt.c,
	plugins/sudoers/filedigest_openssl.c, plugins/sudoers/find_path.c,
	plugins/sudoers/gc.c, plugins/sudoers/gentime.c,
	plugins/sudoers/getspwuid.c, plugins/sudoers/gmtoff.c,
	plugins/sudoers/goodpath.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/group_plugin.c,
	plugins/sudoers/hexchar.c, plugins/sudoers/ins_2001.h,
	plugins/sudoers/ins_classic.h, plugins/sudoers/ins_csops.h,
	plugins/sudoers/ins_goons.h, plugins/sudoers/insults.h,
	plugins/sudoers/interfaces.c, plugins/sudoers/interfaces.h,
	plugins/sudoers/iolog.c, plugins/sudoers/iolog.h,
	plugins/sudoers/iolog_path.c, plugins/sudoers/ldap.c,
	plugins/sudoers/linux_audit.c, plugins/sudoers/linux_audit.h,
	plugins/sudoers/locale.c, plugins/sudoers/logging.c,
	plugins/sudoers/logging.h, plugins/sudoers/logwrap.c,
	plugins/sudoers/match.c, plugins/sudoers/match_addr.c,
	plugins/sudoers/mkdir_parents.c, plugins/sudoers/parse.c,
	plugins/sudoers/parse.h, plugins/sudoers/po/sudoers.pot,
	plugins/sudoers/policy.c, plugins/sudoers/prompt.c,
	plugins/sudoers/pwutil.c, plugins/sudoers/pwutil.h,
	plugins/sudoers/pwutil_impl.c, plugins/sudoers/rcstr.c,
	plugins/sudoers/redblack.c, plugins/sudoers/redblack.h,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/env_match/check_env_pattern.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/regress/parser/check_base64.c,
	plugins/sudoers/regress/parser/check_digest.c,
	plugins/sudoers/regress/parser/check_fill.c,
	plugins/sudoers/regress/parser/check_gentime.c,
	plugins/sudoers/regress/parser/check_hexchar.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sssd.c,
	plugins/sudoers/sudo_nss.c, plugins/sudoers/sudo_nss.h,
	plugins/sudoers/sudo_printf.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoers2ldif,
	plugins/sudoers/sudoers_debug.c, plugins/sudoers/sudoers_debug.h,
	plugins/sudoers/sudoers_version.h, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/timeout.c,
	plugins/sudoers/timestamp.c, plugins/sudoers/timestr.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.h,
	plugins/sudoers/toke.l, plugins/sudoers/toke_util.c,
	plugins/sudoers/tsgetgrpw.c, plugins/sudoers/tsgetgrpw.h,
	plugins/sudoers/visudo.c, plugins/sudoers/visudo_json.c,
	plugins/system_group/Makefile.in,
	plugins/system_group/system_group.c, po/sudo.pot, src/Makefile.in,
	src/conversation.c, src/env_hooks.c, src/exec.c, src/exec_common.c,
	src/exec_monitor.c, src/exec_nopty.c, src/exec_pty.c, src/get_pty.c,
	src/hooks.c, src/load_plugins.c, src/net_ifs.c, src/openbsd.c,
	src/parse_args.c, src/preload.c, src/preserve_fds.c,
	src/regress/noexec/check_noexec.c,
	src/regress/ttyname/check_ttyname.c, src/selinux.c, src/sesh.c,
	src/signal.c, src/solaris.c, src/sudo.c, src/sudo.h,
	src/sudo_edit.c, src/sudo_exec.h, src/sudo_noexec.c,
	src/sudo_plugin_int.h, src/sudo_usage.h.in, src/tcsetpgrp_nobg.c,
	src/tgetpass.c, src/ttyname.c, src/utmp.c, sudo.pp:
	update my email to Todd.Miller@sudo.ws
	[96110003e904]

2017-12-02  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/sudoreplay.c:
	Add missing carriage return before prompt when replay is done.
	[cf4b8bfcb3dd]

	* src/exec_pty.c:
	Track window size changes that happen while sudo is suspended
	[cae06f75bde9]

2017-12-01  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen
	[26ae754b8416]

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo_plugin.cat,
	doc/sudoers.cat, doc/sudoers.ldap.cat, doc/sudoreplay.cat,
	doc/visudo.cat:
	regen for sudo 1.8.22
	[596d82da0158]

	* NEWS, configure, configure.ac:
	Sudo 1.8.22
	[6b32c2f5d020]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Background processes started by the command will no longer receive
	SIGHUP.
	[47bcc3ae4362]

	* src/exec_monitor.c:
	When the command completes, make the monitor the foreground process
	group before informing the main sudo process of the command's exit
	status. This will prevent processes started by the command (which
	runs in a different process group) from receiving SIGHUP since the
	kernel sends SIGHUP to the foreground process group associated with
	the terminal session. The monitor has a SIGHUP handler installed so
	the signal is effectively ignored.
	[9e163efe4afb]

	* src/sudo.c:
	Add debug printfs around group list retrieval.
	[5f307b00153b]

2017-11-30  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/exec_pty.c:
	Move call to sudo_ev_loopcontinue() into schedule_signal() itself.
	We always want to prioritize signal forwarding.
	[4b25dc24038b]

	* src/exec_monitor.c, src/exec_nopty.c, src/exec_pty.c:
	Don't loop over read/write, recv/send or tcgetpgrp/tcsetpgrp trying
	to handle EINTR. We now use SA_RESTART with signals so this is not
	needed and is potentially dangerous if it is possible to receive
	SIGTTIN or SIGTTOU (which it currently is not).
	[ba6885b57891]

2017-11-29  Todd C. Miller  <Todd.Miller@sudo.ws>

	* src/exec_monitor.c, src/signal.c:
	Sprinkle some extra debugging printfs
	[bf33574bc603]

	* src/exec_pty.c:
	We don't need to be the foreground process to be able to write to
	the terminal in most cases. If the background process tries to
	modify the terminal flags it will receive SIGTTOU which is relayed
	to the sudo front-end. This currently mishandles terminals with the
	TOSTOP local flag set.
	[3fc25570d482]

	* src/exec_pty.c:
	Handle receipt of SIGTTIN/SIGTTOU when reading/writing from/to the
	tty. We can't use a signal event for these since that would restart
	the system call after the signal was handled and the callback would
	not get a chance to run. Fixes running a command in the background
	that write to the tty when the TOSTOP terminal flag is set.
	[5ac68f05249a]

2017-11-28  Todd C. Miller  <Todd.Miller@sudo.ws>

	* plugins/sudoers/sssd.c:
	Avoid a double free when ipa_hostname is set in sssd.conf and it is
	an unqualified host name. From Daniel Kopecek.

	Also move the "unable to allocate memory" warning into
	get_ipa_hostname() itself to make it easier to see where the
	allocation failed in the debug log.
	[14dacdea3319]

	* plugins/sudoers/ldap.c, plugins/sudoers/policy.c,
	plugins/sudoers/pwutil.c, plugins/sudoers/pwutil.h,
	plugins/sudoers/pwutil_impl.c, plugins/sudoers/set_perms.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h:
	When running a command as the invoking user we cannot use the gid
	list from the front-end since it may not correspond to the user's
	aux group vector as defined by the group database.
	[b456101fe509]

	* lib/util/regress/fnmatch/fnm_test.c,
	lib/util/regress/glob/globtest.c,
	plugins/sudoers/regress/env_match/check_env_pattern.c,
	plugins/sudoers/regress/parser/check_base64.c,
	plugins/sudoers/regress/parser/check_digest.c,
	plugins/sudoers/regress/parser/check_gentime.c,
	plugins/sudoers/regress/parser/check_hexchar.c:
	Add missing initprogname() calls.
	[ad4f8d236d89]

2017-11-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Better describe things when a command is run in a pty.
	[0f34fc342ab5]

2017-11-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	Plug some memory leaks on error, some found by the clang static
	analyzer.
	[62844cc145b6]

2017-11-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/parse.c:
	Avoid calling cmnd_matches() in list/verify mode if we already have
	a match.
	[5bddfc911065]

	* plugins/sudoers/ldap.c, plugins/sudoers/parse.c,
	plugins/sudoers/sssd.c:
	In list (-l) or verify (-v) mode, if we have a match but
	authentication is required, clear FLAG_NOPASSWD so that when
	listpw/verifypw is set to "all" and there are multiple sudoers
	sources a password will be required unless none of the entries in
	all sources require authentication. From Radovan Sroka of RedHat
	[edac7222600a]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	When checking the results for "sudo -l" and "sudo -v", keep checking
	even after we get a match since the value of doauth may depend on
	evaluating all the results. From Radovan Sroka of RedHat.
	[ae0704445bd4]

2017-11-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	If passwd_tries is less than 1, check_user() will always return
	false (since the user didn't authenticate). The normal reason for
	this is an authentication error but in this case no authentication
	was tries so no warning message has been displayed to the user. If
	the user wasn't given a chance to authenticate, set inform_user to
	true when calling log_denial() from sudoers_policy_main().

	An alternate approach would be for check_user() to return true in
	this case but seems more confusing.
	[c8be95b46e9d]

2017-10-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/TROUBLESHOOTING:
	Document bash shell alias issue with "sudo -i".
	[8affa5376277]

2017-10-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/policy.c:
	Return an error if the sudo front end doesn't set the user name,
	user ID, group ID or host name. Bug #807
	[03e281d93fff]

	* lib/util/gethostname.c:
	Treat an empty hostname as a failure and return NULL.
	[fafb3a3083cb]

2017-10-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers2ldif:
	Add support for #include and #includedir from Natale Vinto.
	[926deea0d506]

2017-10-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS:
	Minor corrections from Tae Wong
	[dbc5ee98ffa6]

2017-10-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Add a warning that for "sudo -i command" and "sudo -s command" the
	shell is not run in interactive mode which may change its behavior.
	[76c19db05a1e]

2017-09-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/sudo_compat.h, src/exec_pty.c:
	Fix stair-stepped output when the output of a sudo command is piped
	to another command and use_pty is set.
	[e91e3f12d2d4]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	env_keep and env_check are also taken into account with "sudo -i".
	Bug #806
	[5f5568c6fdd9]

2017-09-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL, config.h.in, configure, configure.ac,
	plugins/sudoers/ins_classic.h:
	Make PC insults the default and add new configure option, enable-
	offensive-insults, to enable the offensive insults.
	[eb264d342601]

2017-09-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS:
	Add missing translators from recent updates and one name change.
	[20828c25ad92]

2017-09-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/po/fur.po, plugins/sudoers/po/hr.mo,
	plugins/sudoers/po/hr.po, plugins/sudoers/po/sv.mo,
	plugins/sudoers/po/sv.po, po/hr.mo, po/hr.po, po/sv.mo, po/sv.po:
	sync with translationproject.org
	* * * sync with translationproject.org
	[24bb066fa19f]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	More accurately describe the use_pty option now that its behavior
	has changed with respect to interposition with a pipe. Also describe
	some caveats with log_input.
	[a87056499931]

	* doc/UPGRADE:
	Document changes in use_pty behavior when no terminal is present.
	[a4b978693178]

	* src/exec_pty.c:
	Set ec->cmnd_pid to the correct value when receiving the command's
	process ID from the monitor.
	[a624309ba848]

	* src/exec.c, src/exec_nopty.c, src/exec_pty.c, src/sudo_exec.h:
	If /dev/tty is not available and no I/O logging plugins are
	configured, fall back on exec_nopty() even if the policy plugin
	requested a pty. We never allocate a pty when sudo is not run from a
	terminal anyway.
	[c9b9c6c4e0ad]

	* src/exec_pty.c:
	Do not set utmp_user if we did not actually allocate a pty.
	[aa8e0fdea32b]

2017-09-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, configure, configure.ac:
	sudo 1.8.21p2
	[94d18888e7c4]

	* src/exec.c:
	sudo_terminated() should not return true when SIGCHLD is pending.
	Bug #801
	[57f636b6489f]

	* src/tgetpass.c:
	Set SIGCHLD handler to SIG_DFL before forking the askpass command
	and restore after. Otherwise, SIGCHLD will end up in the list of
	pending signals and sudo_execute() will not execute the command.
	[c171eeabdc72]

	* lib/util/event.c:
	The read and write sides of signal_pipe[] were swapped, resulting in
	EBADF reading from and writing to the signal pipe on Linux and
	probably others. On systems with bidirectional pipes this was not an
	issue.
	[7668f93e6544]

2017-09-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/pam.c:
	Fix a logic error in 96651906de42 which prevented sudo from using
	the PAM-supplied prompt. Bug #799
	[6ee5cc13af69]

2017-09-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, configure, configure.ac:
	Sudo 1.8.21p1
	[7e6bf56cb06c]

	* mkpkg:
	The Fedora sudo package uses /etc/ldap.conf not /etc/sudo-ldap.conf.
	[7b4e6f50e138]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	The fix for matching when no sudoRunAsUser is present in a sudoRole
	was incomplete. If no -g option was specified on the command line
	but sudoRunAsGroup is present in a sudoRole, we need to treat the
	group match as failed instead of missing.
	[3aaeeebd924c]

	* plugins/sudoers/check.c, plugins/sudoers/defaults.c:
	Sprinkle a few more debugging printfs.
	[f7a40f9985cf]

	* plugins/sudoers/sudoreplay.c:
	Fix replaying sessions that contain input logs. When the inter-
	record timeout expires we need to read the next record if there is
	nothing to output.
	[443b329ddc60]

	* doc/visudo.cat:
	regen
	[7ace4ac32116]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Fix typo (Auguest vs. August). From David Pocock.
	[98a792ff1c90]

2017-08-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudo_nss.c:
	Go back to returning true from display_privs() on non-error. This
	results in "sudo -U otheruser -l" exiting with a status of 0 even
	when otheruser is not allowed to run commands. This is appropriate
	since the "sudo -l" command was successful. This does not change the
	exit value when otheruser runs "sudo -l" themselves, the exit status
	will be 1 since that user is not allowed to run commands. Requested
	by Radovan Sroka.
	[055b78015fcb]

	* plugins/sudoers/ldap.c:
	Fix the pass2 ldap query string when no search filter is defined.
	Due to the addition of "(sudoUser=*)" to the query we always need
	the AND operator, even if no search filter is present.
	[631243487d27]

2017-08-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_nopty.c:
	Don't forward SIGINFO to the child when it is send by the kernel
	(not another user process). This is consistent with the handling of
	other keyboard-generated signals such as SIGINT, SIGQUIT and
	SIGTSTP. Bug #796
	[29603b0a4315]

2017-08-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Fix path to LICENSE and NEWS files that get used in the installer.
	Previously, the installed versions were used instead of the ones in
	the destdir.
	[689a5806f2de]

2017-08-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po, po/fi.mo,
	po/fi.po:
	sync with translationproject.org
	[32a0f3bbba31]

2017-08-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* po/es.mo, po/es.po:
	sync with translationproject.org
	[bfa5659d66f2]

2017-08-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po, po/it.mo,
	po/it.po:
	sync with translationproject.org
	[05cd6ff68a4b]

2017-08-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Preserving environment variables on the command line was bug #279
	[46f2c7931a84]

2017-08-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, NEWS, doc/CONTRIBUTORS, po/fur.mo, po/fur.po:
	Add Friulian translation for sudo from Fabio Tomat via
	translationproject.org
	[77fdb76e83c8]

2017-08-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/ko.mo, plugins/sudoers/po/ko.po,
	plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/sr.mo, plugins/sudoers/po/sr.po,
	plugins/sudoers/po/sv.mo, plugins/sudoers/po/sv.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po, po/cs.mo,
	po/cs.po, po/fr.mo, po/fr.po, po/ko.mo, po/ko.po, po/nb.mo,
	po/nb.po, po/pl.mo, po/pl.po, po/pt_BR.mo, po/pt_BR.po, po/sr.mo,
	po/sr.po, po/sv.mo, po/sv.po, po/vi.mo, po/vi.po, po/zh_CN.mo,
	po/zh_CN.po:
	sync with translationproject.org
	[0f18e2f30ff5]

2017-08-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	In the Runas example that uses "boulder" make it clear that
	"boulder" is a host name.
	[6bca59aa5579]

2017-08-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen
	[9bb78048656f]

	* NEWS, doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in,
	src/parse_args.c:
	Allow the user to specify a list of environment variables to
	preserve. This adds an option paramter to the --preserve-env option,
	a comma-separated list of variable names.
	[a6bc511a2e81]

2017-08-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL, NEWS, config.h.in, configure, configure.ac,
	doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/defaults.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/timestamp.c:
	Replace tty_tickets option with timestamp_type which can be global,
	ppid or tty. Defaults to tty (no change in behavior). Some users
	want the ppid behavior.
	[426161a2e06f]

	* lib/util/Makefile.in, plugins/sudoers/Makefile.in:
	regen
	[b396e70a4a8b]

	* plugins/sudoers/sudoers.c:
	Don't send email about an unresolvable host name if fqdn is enabled
	and the user specified the run host via the -h flag.
	[59d7a8743943]

2017-07-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoreplay.c:
	fix playback of stdout/stderr without embedded carriage returns
	[f1a5b47be2db]

2017-07-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	Avoid unused variable warning when sasl is not used.
	[3010fd3c5a7f]

	* INSTALL, configure, configure.ac:
	Add support for --enable-sasl and --disable-sasl to make it possible
	to enable/disable support for LDAP with SASL authentication. Sudo
	compiles in support for SASL authentiation by default if the
	ldap_sasl_interactive_bind_s() function is detected. Bug #788
	[cf94d407d576]

	* NEWS:
	List the correct pattern ("*=()*") in the env_delete description.
	Use pseudo-tty instead of pseudo terminal for consistency.
	[f2df0baea2f0]

2017-07-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/closefrom.c:
	Include pathnames.h for /dev/fd on FreeBSD and Mac OS X.
	[b190dc607277]

	* NEWS:
	update for 1.8.21
	[a3a38f6cba66]

	* src/exec_pty.c:
	No need to call sudo_ev_del() before sudo_ev_free(); sudo_ev_free()
	will delete the event from its base before freeing it.
	[ebf3dedcba5c]

	* src/exec_pty.c:
	Terminate the command if an I/O log function returns 0 or -1. This
	was mistakenly removed by 25b7fd056614 in Sudo 1.8.18 with the
	removal of the ignore_iolog_errors variable.
	[e1dd18d95815]

	* plugins/sudoers/sudoreplay.c:
	Quiet a coverity false positive.
	[b7a9c9e35fd0]

	* plugins/sudoers/sudoreplay.c:
	Change to a single event loop in sudoreplay and use signal events.
	[7320de46cf48]

2017-07-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.conf.cat, doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in:
	start new sentences on a new line
	[ae35ab253de5]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in, doc/sudoers.cat,
	doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Clarify how the variable prompt options interact with each other and
	PAM.
	[342b936c4aaa]

	* plugins/sudoers/sudoers.c:
	Don't set passprompt_override when SUDO_PROMPT is present. This
	effectively reverts ed77d255f383.

	We treat the SUDO_PROMPT environment variable similar to passprompt
	in sudoers: it will only override a PAM prompt if the PAM prompt is
	either "Password:" or "username's Password:".
	[6dad2bd126d1]

2017-07-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/logging.c:
	Add syslog_pid sudoers option to log sudo's process ID when logging
	via syslog. This is disabled by default to match historic behavior.
	[f4dc29b0052c]

	* plugins/sudoers/auth/pam.c:
	When deciding which prompt to use (PAM's or sudo's) treat the PAM
	prompt "username's Password:" as equivalent to "Password:". Some PAM
	modules (on AIX at least) use this prompt.
	[96651906de42]

	* plugins/sudoers/def_data.c, plugins/sudoers/def_data.in:
	Add missing argument to a few of the defaults strings in the "sudo
	-V" output.
	[44546c4b87c3]

	* plugins/sudoers/policy.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/visudo.c:
	When examining environment variables or variables passed in from the
	front-end, ignore variables with no value specified.
	[8537a7fc6190]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Document that "-p prompt" overrides SUDO_PROMPT.
	[d2e6b518d00d]

	* plugins/sudoers/sudoers.c:
	Enable passprompt_override by default if SUDO_PROMPT is present in
	the environment. This is consistent with how "sudo -p prompt" is
	handled.
	[ed77d255f383]

2017-07-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoreplay.c:
	When reading a single character via a switch() use "default: instead
	of "case 1:" to quiet a coverity warning.
	[ddcfc40159e4]

	* plugins/sudoers/sudoreplay.c:
	Initialize ch in getsize_cb() in case we are called with the wrong
	initial state.
	[a31431c59e14]

	* plugins/sudoers/sudoreplay.c:
	remove unused variable
	[488054411049]

	* plugins/sudoers/visudo.c:
	Call install_sudoers() even when doedit is false. If a file in a
	#includedir has a syntax error it will still have been edited and we
	need to install the edited temp file.
	[ab833e2d1791]

	* plugins/sudoers/visudo.c:
	Reparse sudoers if a new #include file was added. Otherwise the new
	file will not get its syntax checked. Bug #791
	[e584dc8bf306]

2017-07-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoreplay.c:
	don't restore the cursor when setting terminal size, we don't want
	the cursor to move
	[9cbcb3372bcd]

	* plugins/sudoers/sudoreplay.c:
	Read the xterm terminal size using an event so we can easily time
	out if needed.
	[634524476741]

	* lib/util/event.c, src/exec_nopty.c, src/exec_pty.c:
	If we free the default base in sudo_ev_base_free(), reset the
	default base to NULL.
	[2a8f7938618b]

2017-07-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/sudo_event.h, lib/util/event.c, lib/util/util.exp.in,
	src/exec_monitor.c, src/exec_nopty.c, src/exec_pty.c:
	Add the ability to set a default event base, to be used by plugins
	which don't have access to the event base.
	[dc159ea98b25]

	* doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in,
	plugins/sudoers/sudoreplay.c:
	Allow sudoreplay to adjust the window size on xterm-like terminals.
	[3358b1a9f01c]

2017-07-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/term.c:
	Clear input, output, control and local flags before copying them
	from the source terminal. Otherwise, flags that are disabled in the
	source terminal may still be enabled in the destination.
	[ead41242b820]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, include/sudo_plugin.h, src/exec_pty.c:
	Pass window size change events to the plugin.
	[529b5c9d16a4]

	* plugins/sudoers/iolog.c, plugins/sudoers/sudoreplay.c:
	Log window size change events in the sudoers I/O plugin. Let
	sudoreplay parse a timing file with window change events (currently
	ignored).
	[a67f4627dfa7]

	* Makefile.in, doc/Makefile.in, examples/Makefile.in,
	include/Makefile.in, lib/util/Makefile.in, lib/zlib/Makefile.in,
	plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in,
	src/Makefile.in:
	Remove pointless subshells in targets that simply change the
	directory and execute a command. The command is already run in a
	shell so there is no need to execute a subshell in this case.
	[e57639cb2f97]

2017-07-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo.c:
	Store the debug instance ID for I/O plugins too. Now iolog_open() is
	consistent with policy_open().
	[519abb3c09d0]

2017-06-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.ac, lib/util/mktemp.c:
	Use getentropy() in mkstemp/mkdtemp replacement.
	[8d8e45266858]

	* configure, configure.ac, lib/util/closefrom.c, lib/util/mktemp.c,
	pathnames.h.in, src/exec_pty.c, src/get_pty.c, src/ttyname.c:
	Use _PATH_DEV consistently
	[ca10a91539e0]

2017-06-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/term.c:
	When copying terminal settings from one tty to another only copy a
	subset of the flags. Sudo now copies the same set of flags that
	OpenSSH uses, which should be safe.
	[2f12bc7a87d1]

	* src/exec_monitor.c, src/exec_nopty.c:
	Add debug warning when we have wait status but don't overwrite the
	existing cstat.
	[5ae8f8e75104]

	* src/exec_monitor.c:
	Better handling of SIGCONT from in command in the monitor. It is
	useful to know when the command continued but we don't want to
	inform the parent or store the wait status in this case. Fixes a
	hang after multiple suspends on Linux.
	[9cdbbb7ff3dd]

2017-06-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/parse.h:
	avoid padding in struct cmndspec
	[2529551a9c2d]

2017-06-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo.conf.man.in,
	doc/sudo.conf.mdoc.in, doc/sudo.man.in, doc/sudo.mdoc.in,
	doc/sudoers.cat, doc/sudoers.ldap.cat, doc/sudoers.man.in,
	doc/sudoers.mdoc.in:
	Fix the man section of sudo_plugin in cross-references.
	[f964de570403]

2017-06-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo_edit.c:
	Don't treat an unchanged file as an error. From Xin Li.
	[503e04f7856e]

	* src/sudo_edit.c:
	sudo_edit() must return a wait status but if there is an error, or
	even if no changes were made to the file, it was returning 1 instead
	which would be interpreted as the command having received SIGHUP.
	Use the W_EXITCODE() to construct a proper wait status in the error
	case too.
	[62515bd6c64c]

2017-06-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/ttyname.c:
	Avoid sign extension when assigning the value of tty_nr in
	/proc/self/stat on Linux. It is an unsigned int value that is
	printed as a signed int but dev_t is unsigned long long. We need to
	cast to unsigned int before assigning to a dev_t.
	[c198d1317560]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/env.c:
	Instead of hard-coding a check for bash functions in
	env_should_delete(), use a "*=()* " pattern in
	initial_badenv_table[] to match them instead. This allows the user
	to remove the check via env_delete.
	[90c4dfd1d3a3]

2017-06-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL.configure, configure.ac, doc/sudo_plugin.cat,
	doc/sudo_plugin.man.in, doc/sudo_plugin.mdoc.in, doc/sudoers.cat,
	doc/sudoers.man.in, doc/sudoers.mdoc.in, mkpkg, sudo.pp:
	Mac OS X -> macOS
	[08f793d1f496]

	* doc/sudo.conf.cat, doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in:
	devsearch is ignored on BSD, macOS and Solaris
	[b041a1d64eda]

2017-06-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/event.c:
	Move the bits to fill in the new event base to sudo_ev_base_init(),
	which is not currently exported.
	[9be46693bed1]

2017-05-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/ttyname.c:
	A command name may also contain newline characters so read
	/proc/self/stat until EOF. It is not legal for /proc/self/stat to
	contain embedded NUL bytes so treat the file as corrupt if we see
	any. With help from Qualys.

	This is not exploitable due to the /dev traversal changes in sudo
	1.8.20p1 (thanks Solar!).
	[9ad60fe663e5]

	* NEWS:
	Sudo 1.8.20p2
	[39f199a38383]

2017-05-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/selinux.c:
	After opening a tty device, fstat() and error out if it is not a
	character device.
	[e03cfa98f2b6]

	* INSTALL, configure, configure.ac, doc/sudo.conf.cat,
	doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in, include/sudo_conf.h,
	lib/util/sudo_conf.c, lib/util/util.exp.in, pathnames.h.in,
	src/ttyname.c:
	Add a new "devsearch" Path setting to sudo.conf for configuring the
	/dev paths to traverse instead of hard-coding a list in ttyname.c
	The default value can be set at configure time.
	[7ab1be502dc3]

	* src/ttyname.c:
	Use /proc/self consistently on Linux. As far as I know, only AIX
	doesn't support /proc/self.
	[ef737b5d4ed8]

2017-05-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, configure:
	Sudo 1.8.20p1
	[c34da84ae8e4]

	* src/ttyname.c:
	Fix for CVE-2017-1000367, parsing of /proc/pid/stat on Linux when
	the process name contains spaces. Since the user has control over
	the command name this could be used by a user with sudo access to
	overwrite an arbitrary file. Thanks to Qualys for investigating and
	reporting this bug.

	Also stop performing a breadth-first traversal of /dev when looking
	for the device. Only the directories specified in search_devs[] are
	checked.
	[b5460cbbb11b]

2017-05-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/event_select.c:
	Fix potential memory leak on reallocarray() error. Coverity CID
	169639
	[c303e6eecc78]

	* plugins/sudoers/bsm_audit.c:
	Only fall back to deprecated getaudit() on FreeBSD. Fixes compiler
	warnings on macOS.
	[18f4699e417c]

	* mkpkg:
	Use clang on macOS if present
	[a963454d1b9e]

	* sudo.pp:
	fix paths to LICENSE and NEWS files for macOS packages
	[47103614311b]

2017-05-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_monitor.c, src/exec_nopty.c, src/exec_pty.c:
	To avoid overwriting existing command status, check for CMD_INVALID
	instead of CMD_ERRNO or CMD_WSTATUS.
	[5fec1fa81482]

	* plugins/sudoers/regress/env_match/data:
	Add some patterns that could result in exponential run time for
	poorly written '*' matching.
	[98f4d085c919]

2017-05-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/ttysize.c, src/exec_pty.c:
	On HP-UX 11.0, sys/ioctl.h is not sufficient to make struct winsize
	visisble, we need termios.h too.
	[211510123ad6]

	* lib/util/ttysize.c:
	Always used TIOCGWINSZ.
	[82e679b8cd00]

	* src/exec.c, src/sudo.c, src/sudo.h:
	Move exec_setup(), unlimit_nproc() and restore_nproc() from sudo.c
	to exec.c.
	[9127e50cf4ec]

	* src/sudo_edit.c:
	No need to include selinux.h here.
	[8bb07a8f4203]

	* plugins/sudoers/regress/env_match/check_env_pattern.c:
	Fix compilation error on macOS
	[bc5e5c3d44f2]

2017-05-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.ac, include/sudo_compat.h,
	lib/util/term.c, plugins/sudoers/auth/bsdauth.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/visudo.c, src/exec_monitor.c, src/exec_nopty.c,
	src/exec_pty.c, src/signal.c, src/sudo.c, src/tcsetpgrp_nobg.c,
	src/tgetpass.c:
	Remove use of non-standard sigaction_t
	[81a57af4c7a9]

	* plugins/sudoers/iolog.c, plugins/sudoers/mkdir_parents.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/timestamp.c,
	plugins/sudoers/visudo.c:
	Use debug logging instead of ignore_result() where possible.
	[9c9fde5b52cc]

	* Makefile.in:
	Add cov-build and cov-submit targets for checking with coverity.
	[bf88b4439c7b]

	* plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/ldap.c:
	Avoid a clang analyzer false positive.
	[9f4f915a2e28]

	* plugins/sudoers/sudoreplay.c:
	Restore the error message for sudo_ev_add() failure.
	[267305606577]

	* include/sudo_event.h, lib/util/event.c:
	Add support for signal events in sudo's event subsystem
	[0d48fab2dec8]

	* include/sudo_event.h, lib/util/event.c:
	Handle the possibility of the siginfo parameter in sa_sigaction
	handler being NULL.
	[0835ca553426]

	* src/exec.c, src/exec_monitor.c, src/exec_nopty.c, src/exec_pty.c,
	src/signal.c, src/sudo.h, src/sudo_exec.h:
	Use SUDO_EV_SIGNAL and SUDO_EV_SIGINFO instead of managing the
	signal_pipe explicitly.
	[841e2ca6a4a6]

	* lib/util/event.c:
	Activate the sigevents inside the signal pipe callback itself and
	call signal_pipe_cb() directly if the backend returns EINTR and the
	signal_caught flag is set. This has the side effect of processing
	signal events in the current pass of the event loop instead of the
	next one.
	[d94e202b8e57]

	* src/signal.c:
	Add SIGCHLD to the list of signals we install sudo_handler() for.
	Otherwise, it is possible for the command to exit before the SIGCHLD
	handler is installed. POSIX says that signals that are ignored by
	default are still ignored even if the signal mask would block them.
	We need to have a handler installed for SIGCHLD before the fork().
	[a26f04459c37]

	* MANIFEST, doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/env.c,
	plugins/sudoers/env_pattern.c,
	plugins/sudoers/regress/env_match/check_env_pattern.c,
	plugins/sudoers/regress/env_match/data, plugins/sudoers/sudoers.h:
	Add support for multiple '*' in env_keep, env_check and env_delete
	entries.
	[b55270a8ecc4]

	* configure, configure.ac:
	sudo 1.8.21
	[76aa5455903e]

	* include/sudo_compat.h, plugins/sudoers/timestamp.c,
	src/tcsetpgrp_nobg.c, src/tgetpass.c:
	Remove use of the non-standard SA_INTERRUPT
	[3ec05ffb0dcb]

	* include/sudo_queue.h:
	Add workaround for clang static analyzer being confused by
	LIST_REMOVE and TAILQ_REMOVE.
	[ff8d278e8526]

2017-05-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in:
	Fix "make check" when openssl or gcrypt is used. Bug #787
	[7968686742e2]

2017-05-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoreplay.c:
	Only display string version of errno if sudo_ev_add() fails for now
	[24244a02c93f]

2017-05-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	update
	[8e3359235e24]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Be clear that #includedir diverts control to the files in the
	specified directory and, when parsing of those files is complete,
	returns control to the original file. Bug #775
	[f68769f15356]

2017-05-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sr.mo, plugins/sudoers/po/sr.po, po/sr.mo,
	po/sr.po:
	sync with translationproject.org
	[4552eaf8fabf]

2017-05-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	update
	[53d1c9424816]

	* src/exec_monitor.c:
	Fix a hang introduced in the last commit. Don't close the pty slave
	until after we have the controlling tty.
	[c9c19beb60ed]

	* src/exec_monitor.c, src/exec_pty.c:
	If any of std{in,out,err} are not hooked up to a tty only interpose
	ourselves with a pipe if the plugin will actually log the data. This
	avoids a problem with non-interactive commands where no tty is
	present where sudo will consume stdin even when log_input is not
	enabled in sudoers.
	[a79edafdd307]

	* NEWS:
	update
	[144ff056cd01]

	* doc/TROUBLESHOOTING:
	Update based on information from Michael Felt.
	[7ea34380ba1d]

2017-05-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoreplay.c:
	In check_input() when switch()ing on the return value of read(), use
	the default label instead of 1 for the success case. It is only
	reading a single byte so the two are equivalent but it reads better
	using default.
	[860682b86af5]

	* plugins/sudoers/sudoreplay.c:
	Check sudo_ev_add() return value. Coverity CID 168362
	[b69779d3801f]

	* plugins/sudoers/iolog.c:
	Add io_open() wrapper for open(2) that retries with PERM_IOLOG if
	open(2) fails with EACCES. Use io_open() instead of duplicate copies
	of the same fallback code.
	[09f7992f681b]

	* plugins/sudoers/iolog.c:
	Don't retry the open() if set_perms() fails.
	[0808a9157037]

	* plugins/sudoers/iolog.c:
	Fix typo (fd2 vs. fd) caught by coverity, CID 168359.
	[f68df770e06f]

	* po/hu.mo, po/hu.po:
	sync with translationproject.org
	[ebef76dc27be]

2017-05-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL:
	Warn people not to use --enable-asan in production.
	[ecb5c1143ef4]

	* configure, configure.ac, src/Makefile.in:
	Move the invocation of check_noexec into the main "check" target but
	only run it if not cross compiling and whe CHECK_NOEXEC is not
	empty.
	[cba8fd3337c2]

	* src/Makefile.in:
	Move @CHECK_NOEXEC@ to TEST_PROGS so it gets cleaned up properly.
	[efaa9c44e749]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Move syslog_maxlen to the "Integers" section. Move syslog_goodpri
	and syslog_badpri to the "Strings at can be used in a boolean
	context" section.
	[342dfe9dd37c]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Fix a pasto that resulted in an extra (empty) syslog_goodpri list
	entry.
	[eb0563c5b8dc]

	* MANIFEST, plugins/sudoers/regress/sudoers/test20.in,
	plugins/sudoers/regress/sudoers/test20.json.ok,
	plugins/sudoers/regress/sudoers/test20.out.ok,
	plugins/sudoers/regress/sudoers/test20.toke.ok,
	plugins/sudoers/regress/sudoers/test21.in,
	plugins/sudoers/regress/sudoers/test21.json.ok,
	plugins/sudoers/regress/sudoers/test21.out.ok,
	plugins/sudoers/regress/sudoers/test21.toke.ok:
	Add tests for parsing tuples and syslog options.
	[86f3da23b4df]

	* plugins/sudoers/defaults.c:
	Allow the syslog Defaults option to be used in a "true" boolean
	context and use the compiled in default log facility in this case.
	[4fab25217602]

	* plugins/sudoers/defaults.c:
	Allow a tuple to be set to boolean true. Regression introduced by
	refactor of set_default_entry() in sudo 1.8.18.
	[9b38728deb27]

2017-05-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/TROUBLESHOOTING:
	Replace the list of "dangerous" environment variables and explain
	how sudo handles the environment instead.
	[966cf87d1bed]

2017-04-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/glob.c:
	Fix exponential behavior in glob() with respect to multiple '*'. See
	https://research.swtch.com/glob Adapted from https://perl5.git.perl.
	org/perl.git/commit/33252c318625f3c6c89b816ee88481940e3e6f95
	[3d187b0fb764]

	* src/exec_pty.c:
	We no longer need to write to the tty if the command was killed by a
	signal. Sudo will terminate itself with the same signal the command
	died from. Unfortunately, we lose the "core dumped" bit since sudo
	itself will not dump core, but there doesn't appear to be a way
	around that.
	[1be331e0c4d4]

2017-04-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo.c:
	On Linux, if the command we ran dumped core, set PR_SET_DUMPABLE to
	0. This will prevent sudo itself from dumping core in this case.
	[cf5a5793ebf4]

	* INSTALL:
	Update path to sudo_noexec.so
	[14e995667c8b]

	* src/sudo.c:
	If the command terminated due to a signal, sudo will send that same
	signal to itself so the parent shell knows the command died from a
	signal. However, we don't want sudo itself to dump core.
	[8d823e6ec41e]

2017-04-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	sync
	[1704e6005b07]

	* src/sudo.c:
	The fix for Bug #722 contained a typo/thinko that resulted in the
	exit status being 0 when a command was killed by a signal other than
	SIGINT. This fixes the signal handler setup so sudo will terminate
	with the same signal as the command. Bug #784.
	[50b988d0c97f]

	* sudo.pp:
	Better check for /etc/rc.d/rc2.d/S90sudo on AIX
	[93de5e34a6a3]

	* src/Makefile.in:
	Don't install the rc.d link when installing to a DESTDIR. DESTDIR is
	generally only set when installing to a temporary directory for
	packaging in which case the link should be made in a post-install
	script.
	[4200ef757b56]

	* plugins/sudoers/Makefile.in, sudo.pp:
	In "make install", install sample sudoers file as /etc/sudoers.dist
	and copy it to /etc/sudoers if there is no existing /etc/sudoers.
	Packages either contain /etc/sudoers (RPM and Debian) or
	/etc/sudoers.dist (everything else).
	[40f8e5806d71]

	* Makefile.in, mkdep.pl:
	Allow "make dist" and "make depend" to work for out of tree builds.
	[7b7ba3f38abb]

2017-04-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/zlib/Makefile.in:
	Add missing $(srcdir) prefix to shlib_exp definition.
	[c63e8e73507e]

2017-04-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/sudo_compat.h:
	Fix typo in killpg macro.
	[f7392d21c915]

	* include/sudo_compat.h:
	Fix the killpg macro for systems without killpg() in libc.
	[ba0c5162bc4a]

2017-04-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	Use the standard idiom for popping all entries from a tail queue.
	The llvm checker gets confused by TAILQ_REMOVE and generate use-
	after-free false positives.
	[a88cacd23f09]

	* src/exec_monitor.c, src/exec_nopty.c:
	rewrite errpipe callbacks
	[5c75729cea19]

	* src/exec_monitor.c, src/exec_nopty.c:
	use pipe2() with O_CLOEXEC instead of pipe() + fcntl() and
	FD_CLOEXEC
	[c8c9cc31c43a]

	* src/exec_pty.c:
	init io_pipe[][] to -1, not 0
	[71012940a8f1]

2017-04-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sssd.c:
	In sudo_sss_check_user() it is not possible for handle to be NULL.
	[de41ba76a4ce]

	* plugins/sudoers/sssd.c:
	Fix a use after free when the fqdn sudoOption is set and no hostname
	value is present in sssd.conf.
	[716a7c502cc0]

	* src/sudo.c:
	Avoid unused variable when getgrouplist_2() is available. It would
	be nicer to just provide getgrouplist_2() (or the equivalent) and
	avoid the ugly #ifdefs.
	[2c7ac21feb5f]

	* plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po, po/nb.mo,
	po/nb.po:
	sync with translationproject.org
	[e91a983f9de6]

2017-04-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in:
	regen
	[790d9a05f585]

2017-04-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/ttyname.c:
	In sudo_ttyname_scan() if dir is the empty string, set errno to
	ENOENT before returning.
	[f531ea6e489e]

2017-04-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Try to make it clear that when match_group_by_gid is enabled, groups
	in sudoers are looked up by group name instead of group ID. This
	doesn't usually cause problems, but if there are conflicting group
	entries (for example, from a local /etc/group file and an LDAP or AD
	group database), whether the group is resolved by name or ID can be
	used to work around conflicts.
	[fe3bfca4fcce]

2017-04-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po, po/ja.mo,
	po/ja.po:
	sync with translationproject.org
	[94d36c45e345]

	* plugins/sudoers/regress/parser/check_digest.c:
	plug memory leak in check_digest
	[40aab9e6e365]

	* src/exec.c:
	Check return value of dispatch_pending_signals() in case we received
	SIGINT or SIGQUIT before executing the command.
	[218758d1560d]

2017-03-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	back out unintentional change to the version number
	[799b396c1c69]

2017-03-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po,
	plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/hr.mo, plugins/sudoers/po/hr.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po, po/cs.mo,
	po/cs.po, po/da.mo, po/da.po, po/de.mo, po/de.po, po/fr.mo,
	po/fr.po, po/hr.mo, po/hr.po, po/it.mo, po/it.po, po/pl.mo,
	po/pl.po, po/pt_BR.mo, po/pt_BR.po, po/tr.mo, po/tr.po, po/uk.mo,
	po/uk.po, po/vi.mo, po/vi.po, po/zh_CN.mo, po/zh_CN.po:
	sync with translationproject.org
	[04c4a3ec233d]

2017-03-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac, plugins/sudoers/Makefile.in,
	plugins/sudoers/regress/parser/check_digest.c,
	plugins/sudoers/regress/parser/check_digest.out.ok:
	Make check_digest test sudo_filedigest() itself instead of the
	underlying SHA2 functions. That way we can test it regardless of
	whether we use sudo's SHA2 functions or a library version.
	[9834b37f1fb0]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document that commands matched by "sudo ALL" are not affected by
	fdexec.
	[7cc3b770a2ff]

2017-03-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Update for 1.8.20
	[14a09000c1dc]

	* plugins/sudoers/po/sudoers.pot:
	regen for restricted_env_file
	[81290b370c95]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Mention that iolog_user is useful for NFS.
	[9c8f9dfdebf0]

2017-03-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c:
	Only retry mkdir or create with PERM_IOLOG if errno is EACCES. Also
	always use PERM_IOLOG for mkdtemp() since we cannot retry if it
	fails. Since we are guaranteed to create a new directory there's no
	real need to try w/o PERM_IOLOG in this case.
	[c3c67d78e46a]

2017-03-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c:
	Add fallback to PERM_IOLOG when making the final componenet of
	iolog_dir.
	[72924e4c8f5d]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/env.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h:
	Add restricted_env_file which is like env_file but subject to the
	same restrictions as the user's own environment.
	[ec887cc57a8b]

	* plugins/sudoers/iolog.c:
	quiet a warning on older zlib
	[bcd3cac968a2]

	* plugins/sudoers/iolog.c, plugins/sudoers/timestamp.c:
	cast mode_t to unsigned int when printing with %o
	[f9ca9ead134e]

2017-03-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot:
	regen
	[f62e81f74d10]

	* plugins/sudoers/iolog.c, plugins/sudoers/mkdir_parents.c,
	plugins/sudoers/timestamp.c:
	Set umask temporarily when creating files instead of changing the
	mode after the fact. This is slightly less error prone.
	[a9b4cf336b73]

	* plugins/sudoers/iolog.c:
	remove now-useless variable
	[9a36b2449ac4]

	* plugins/sudoers/mkdir_parents.c:
	Don't set owner/mode on directories that already exist, only on
	newly-created ones.
	[2b616be0e165]

	* plugins/sudoers/iolog.c, plugins/sudoers/mkdir_parents.c:
	Explicitly set the file mode of I/O log files so the mode is not
	affected by the invoking user's umask.
	[ec7d5dd47b6b]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/iolog.c, plugins/sudoers/mkdir_parents.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/timestamp.c:
	Add PERM_IOLOG so we can create I/O log files on an NFS-mounted
	filesystem where root is remapped to an unprivileged user.
	[01804a971cd5]

	* plugins/sudoers/mkdir_parents.c:
	Restore the '/' in the path before returning if we encounter an
	error.
	[bb12cfce16fd]

	* plugins/sudoers/sssd.c:
	zero out nss->handle after it has been freed to make sure we cannot
	free it twice
	[00d5340b7541]

2017-03-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/timestamp.c:
	When creating the timestamp directory, use the group of the
	timestamp owner instead of inheriting the group of the parent
	directory.
	[7a4a10cafe08]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/iolog.c:
	Add iolog_flush option.
	[96baa17409cf]

2017-03-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/iolog.c:
	Don't allow the user to specify an I/O log file mode that sudo can't
	read or write to. I/O logs must always be readable and writable by
	the owner.
	[b32e2ef04905]

2017-03-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo_plugin.cat,
	doc/sudoers.cat, doc/sudoers.ldap.cat, doc/sudoreplay.cat,
	doc/visudo.cat:
	Regenerate the cat pages with newer mandoc which formats double
	quotes as "foo" instead of ``foo''.
	[5f14e527ae05]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Make it clear that I/O logs will be complete even if the command run
	by sudo is terminated by a signal. The I/O log buffering just
	prevents the logs from being displayed in real-time as the command
	is running.
	[072fd419ac1e]

2017-03-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c, src/exec_monitor.c, src/signal.c, src/sudo.h:
	Replace pipe_nonblock() with pipe2()
	[c106b62d7835]

	* MANIFEST, config.h.in, configure, configure.ac,
	include/sudo_compat.h, lib/util/Makefile.in, lib/util/pipe2.c,
	mkdep.pl:
	Emulate pipe2() on systems without it.
	[5a183dd380f0]

2017-03-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/kerb5.c:
	Fix declaration of sudo_krb5_verify() in the case where
	krb5_verify_user() is not present. Bug #777
	[eafd4e2d7c7f]

	* plugins/sudoers/rcstr.c:
	Use HAVE_STDBOOL_H to detect systems w/o stdbool.h. Bug #778
	[dbac86777429]

2017-03-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen
	[2fc489ddc143]

	* src/exec_monitor.c, src/exec_nopty.c, src/exec_pty.c:
	Move SIGCHLD handling into handle_sigchld() functions and move the
	remaining bits of dispatch_signal() into signal_pipe_cb()
	[b120f5cfa8cc]

2017-03-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/utmp.c:
	e_termination should be set to the value of WTERMSIG not WEXITSTATUS
	[95f37078ae8f]

2017-03-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, src/Makefile.in, src/exec_nopty.c, src/sudo.h,
	src/tcsetpgrp_nobg.c:
	Add tcsetpgrp_nobg() which acts like tcsetpgrp() but returns -1 for
	a background process. This is safer than blocking SIGTTOU which
	would cause tcsetpgrp() to succeed in the background.
	[7ab75c47b8bf]

2017-03-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_nopty.c:
	Prevent sudo from receiving SIGTTOU when it tries to restore the
	controlling terminal. There appears to be a race with the shell
	(bash) which we may lose.
	[aab018fb9940]

2017-03-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/timestamp.c, src/exec_monitor.c:
	Add some casts to quiet gcc warnings on Solaris and remove a now-
	useless debug printf.
	[16c862eab0ce]

	* src/exec_pty.c:
	change debug info when suspending sudo
	[f5c5ee07f8e3]

	* MANIFEST, src/Makefile.in, src/exec.c, src/exec_monitor.c,
	src/exec_nopty.c, src/exec_pty.c, src/sudo_exec.h:
	Reorganize the command execution code to separate out the pty and
	non-pty code paths into their own event loops. The non-pty exec code
	is now contained in exec_nopty.c and the pty exec code is split
	between exec_pty.c (parent process) and exec_monitor.c (session
	leader). This results in a small bit of duplicated code but improves
	readability. Some of the duplicated code will fall out in future
	changes to the event subsystem (the signal pipe).
	[fe239d2a3cbd]

2017-02-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/ttysize.c, src/exec_pty.c:
	Remove support for the TIOCGSIZE ioctl. Systems that use this rather
	than TIOCGWINSZ are too old for sudo to build on anyway.
	[0179b16c70f9]

2017-02-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c, src/exec_pty.c:
	Set the child pid to -1 after we've waited for it and take care to
	avoid killing pid -1. This makes it a bit more explicit and removes
	the need for a separate variable to track the child's status. Sudo
	already stops processing signals after it receives SIGCHLD so it is
	not vulnerable to CVE-2017-2616.
	[1123704858ae]

2017-02-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in:
	Update the description of strict mode to current reality. Aliases
	haven't needed to be defined before they are used since sudo 1.7.
	[9dc4ce4ec538]

	* doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in,
	plugins/sudoers/regress/visudo/test2.err.ok,
	plugins/sudoers/regress/visudo/test3.err.ok,
	plugins/sudoers/visudo.c:
	Go back to using a Warning/Error prefix in the message printed to
	stderr for alias problems. Requested by Tomas Sykora.
	[ad4dc6e34222]

2017-02-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/filedigest.c, plugins/sudoers/filedigest_openssl.c:
	fix copyright years
	[b9f013f95bb2]

2017-02-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/digestname.c,
	plugins/sudoers/filedigest.c, plugins/sudoers/ldap.c,
	plugins/sudoers/match.c, plugins/sudoers/parse.h,
	plugins/sudoers/sssd.c, plugins/sudoers/visudo_json.c:
	Move the file digest code out of match.c and into filedigest.c.
	Inspired by RedHat changes that used libgcrypt. Also add
	digest_type_to_name() to map a sudo digest type (int) to a name
	(string) and use it.
	[9213d8c94b8f]

	* INSTALL, MANIFEST, configure, configure.ac, mkdep.pl,
	plugins/sudoers/Makefile.in, plugins/sudoers/filedigest_openssl.c:
	Add support for using the message digest functions in OpenSSL
	instead of sudo's own SHA2 implementation.
	[d77639c97e43]

	* INSTALL, MANIFEST, configure, configure.ac, mkdep.pl,
	plugins/sudoers/Makefile.in, plugins/sudoers/filedigest_gcrypt.c:
	Add support for using the message digest functions in libgcrypt
	instead of sudo's own SHA2 implementation.
	[0259467c38dd]

	* plugins/sudoers/gmtoff.c:
	Check for gmtime() or localtime() returning NULL and just use a zero
	offset in that case. Should not be possible.
	[ed210dd8bf46]

2017-02-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers2ldif:
	Add support for ROLE, TYPE, PRIVS, LIMITPRIVS, TIMEOUT, NOTBEFORE
	and NOTAFTER.
	[d0310b017c78]

	* config.h.in, configure, configure.ac, plugins/sudoers/timestr.c:
	strftime() was in C89 so use it unconditionally.
	[87bf66aa18fd]

	* MANIFEST, config.h.in, configure, configure.ac, doc/sudoers.cat,
	doc/sudoers.man.in, doc/sudoers.mdoc.in, include/sudo_debug.h,
	lib/util/sudo_debug.c, lib/util/util.exp.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/gentime.c,
	plugins/sudoers/gmtoff.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.h, plugins/sudoers/gram.y,
	plugins/sudoers/parse.c, plugins/sudoers/parse.h,
	plugins/sudoers/regress/parser/check_gentime.c,
	plugins/sudoers/regress/sudoers/test19.in,
	plugins/sudoers/regress/sudoers/test19.json.ok,
	plugins/sudoers/regress/sudoers/test19.out.ok,
	plugins/sudoers/regress/sudoers/test19.toke.ok,
	plugins/sudoers/regress/visudo/test10.out.ok,
	plugins/sudoers/regress/visudo/test10.sh,
	plugins/sudoers/sudoers_version.h, plugins/sudoers/testsudoers.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Add NOTBEFORE and NOTAFTER command options similar to what is
	already available in LDAP.
	[3ba0f9567f83]

2017-02-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen
	[f2876eadc1f5]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, include/sudo_plugin.h:
	Bump version to 1.11 for timeout entry in settings[]
	[7b288e4bab93]

	* doc/sudo.conf.cat, doc/sudo_plugin.cat, doc/sudoers.ldap.cat,
	doc/sudoreplay.cat, doc/visudo.cat:
	regen
	[8c059a57d367]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in, doc/sudoers.cat,
	doc/sudoers.man.in, doc/sudoers.mdoc.in, plugins/sudoers/def_data.c,
	plugins/sudoers/def_data.h, plugins/sudoers/def_data.in,
	plugins/sudoers/policy.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, src/parse_args.c, src/sudo_usage.h.in:
	Add a command line option to specify the command timeout, as long as
	sudoers does not specify a shorter time limit.
	[a8ef7f923d0a]

2017-02-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y:
	Better error message when the timeout value does not parse.
	[2360fb093e3e]

	* plugins/sudoers/timeout.c:
	set errno to ERANGE not EOVERFLOW on range error
	[9654e1acab0d]

2017-02-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in:
	regen
	[46a124dd72aa]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/gram.c, plugins/sudoers/gram.h,
	plugins/sudoers/gram.y, plugins/sudoers/parse.h:
	Merge command tags, SELinux type/role and Solaris privs settings
	into "command options". This relaxes the order of things so tags and
	other options can be interspersed.
	[0970fd78cbe8]

	* MANIFEST, doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/def_data.c,
	plugins/sudoers/def_data.h, plugins/sudoers/def_data.in,
	plugins/sudoers/defaults.c, plugins/sudoers/defaults.h,
	plugins/sudoers/gram.c, plugins/sudoers/gram.h,
	plugins/sudoers/gram.y, plugins/sudoers/ldap.c,
	plugins/sudoers/mkdefaults, plugins/sudoers/parse.c,
	plugins/sudoers/parse.h, plugins/sudoers/policy.c,
	plugins/sudoers/regress/sudoers/test17.in,
	plugins/sudoers/regress/sudoers/test17.json.ok,
	plugins/sudoers/regress/sudoers/test17.out.ok,
	plugins/sudoers/regress/sudoers/test17.toke.ok,
	plugins/sudoers/regress/sudoers/test18.in,
	plugins/sudoers/regress/sudoers/test18.json.ok,
	plugins/sudoers/regress/sudoers/test18.out.ok,
	plugins/sudoers/regress/sudoers/test18.toke.ok,
	plugins/sudoers/testsudoers.c, plugins/sudoers/timeout.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/visudo_json.c:
	Add support for command timeouts in sudoers. After the timeout, the
	command will be terminated.
	[a36a748e9324]

	* doc/fixman.sh, doc/fixmdoc.sh, doc/sudoers.cat, doc/sudoers.man.in,
	doc/sudoers.mdoc.in, plugins/sudoers/gram.c, plugins/sudoers/gram.h,
	plugins/sudoers/gram.y, plugins/sudoers/parse.h:
	Split out tags again so they must precede the command and not allow
	them to be mixed in with options.
	[e7e7d60316cc]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y:
	Only inherit SELinux role/type and Solaris privilege sets if the
	command does not include any. Previously, a command with only a role
	would inherit a type from the previous command which is not what was
	intended.
	[171a3ad972e7]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	List SELinux role/type for "sudo -l" with LDAP and SSSd backends.
	Also fix printing of the timeout.
	[740723a49ab5]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y:
	Plug some memory leaks found by ASAN.
	[08189098a5b6]

	* plugins/sudoers/Makefile.in:
	Only inhibit ASAN leak detector for tests that result in a parse
	error. The parser cannot currently clean up completely on error.
	[b2f82dcd2545]

	* plugins/sudoers/rcstr.c:
	supress cppcheck memory leak false positive
	[e0caf2275a44]

	* lib/util/strtoid.c:
	fix typo that prevented compilation on FreeBSD
	[27866f6a2b5e]

2017-02-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/Makefile.in:
	Link vsyslog.lo directly into vsyslog_test to make sure the syslog()
	stub gets called. Otherwise, the real syslog will get called via
	libutil on AIX.
	[693bc8411a98]

	* lib/util/regress/vsyslog/vsyslog_test.c:
	Fix final test with a format > 2048 bytes. Keep track of tests run
	in the syslog() stub so we can detect if the stub is not being
	called.
	[d10d784446c1]

	* lib/zlib/deflate.c:
	avoid redefining the MIN macro
	[45b7b0ba0f01]

	* plugins/sudoers/parse.h, plugins/sudoers/timestr.c:
	Include parse.h in timestr.c which is where function prototype
	lives.
	[3ec9ec84a84c]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Fix for including a sudoers file that begins with the letter 'i'.
	The hack to determine whether we are parsing an include or
	includedir is no longer safe now that relative include paths are
	permitted. Bug #776.
	[4d9691a43867]

2017-02-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/def_data.c, plugins/sudoers/def_data.in:
	Display the value of syslog_maxlen in sudo -V output.
	[0841ad36531c]

2017-02-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/defaults.c:
	Add ignore_unknown_defaults flag to ignore unknown Defaults entries
	in sudoers instead of producing a warning.
	[a7fdb44677dd]

2017-01-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/match.c:
	Always set the close-on-exec bit on the fd used to generate the
	digest (i.e. the command to run) on systems that lack fexecve(2).
	That way we don't need to explicitly close it using #ifdefs.
	[f840a22fac1c]

	* plugins/sudoers/po/ca.mo, plugins/sudoers/po/ca.po,
	plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/sr.mo, plugins/sudoers/po/sr.po,
	plugins/sudoers/po/sv.mo, plugins/sudoers/po/sv.po, po/ca.mo,
	po/ca.po, po/eo.mo, po/eo.po, po/sv.mo, po/sv.po:
	sync with translationproject.org
	[57e877674892]

	* NEWS:
	first updates for 1.8.20
	[118208688b08]

	* configure, configure.ac:
	sudo 1.8.20
	[6cba125ea903]

2017-01-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/LICENSE, lib/zlib/adler32.c, lib/zlib/compress.c,
	lib/zlib/crc32.c, lib/zlib/deflate.c, lib/zlib/deflate.h,
	lib/zlib/gzguts.h, lib/zlib/gzlib.c, lib/zlib/gzread.c,
	lib/zlib/gzwrite.c, lib/zlib/infback.c, lib/zlib/inffast.c,
	lib/zlib/inflate.c, lib/zlib/inflate.h, lib/zlib/inftrees.c,
	lib/zlib/trees.c, lib/zlib/uncompr.c, lib/zlib/zconf.h.in,
	lib/zlib/zlib.exp, lib/zlib/zlib.h, lib/zlib/zutil.c,
	lib/zlib/zutil.h:
	update zlib to version 1.2.11
	[75a563663083]

2017-01-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/match.c:
	Fix fdexec=never when a digest is present.
	[49d3ab5baad0]

2017-01-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/defaults.c,
	plugins/sudoers/match.c:
	Add new fdexec sudoers setting to allow choose whether execve() or
	fexecve() is used.
	[6a7623aa9a64]

	* src/exec.c, src/exec_pty.c:
	Close execfd in parent processes where it is not needed.
	[f44e334d43e2]

2017-01-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/match.c:
	Add support for digest matching when the command is a glob-style
	pattern or a directory. For example:

	millert ALL = sha224:TmUvLkp3a2txliSC2X6CiK42626qdKsH72m/PQ== /bin/
	millert ALL = sha224:TmUvLkp3a2txliSC2X6CiK42626qdKsH72m/PQ== /bin/*

	would only match /bin/ls (assuming the digest matches).

	Previously, only explicit path matches checked the digest.
	[d4f6822ba9bb]

2017-01-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in, plugins/sudoers/ldap.c:
	Add support for SASL_MECH in ldap.conf; Bug #764
	[d057bb7f2ddc]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Fix documentation bug, the contents of env_file have never been
	subject to env_keep or env_check. However, variables are only added
	if they have not already been preserved.
	[4483b1b44709]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	examples/sudoers:
	Safer example for rule that can change non-root passwords. GNU
	getopts allows options to follow arguments so we need to be able to
	deny things like "passwd root -q". From Paul "Joey" Clark. Bug #772
	[c809f1372811]

2017-01-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	Don't overwrite the return value of ldap_sasl_interactive_bind_s()
	by the subsequent call to sudo_set_krb5_ccache_name(). From Paul
	Zirnik of SUSE.
	[448baff2b586]

	* plugins/sudoers/env.c:
	In sudo_unsetenv_nodebug(), decrement envp.env_len after removing
	the variable. From Paul Zirnik of SUSE.
	[3d87a008671c]

2017-01-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/Makefile.in:
	only run vsyslog_test if it exists
	[5323dfcfb009]

	* MANIFEST, configure, configure.ac, lib/util/Makefile.in,
	lib/util/regress/vsyslog/vsyslog_test.c:
	Add regress for vsyslog replacement.
	[1f767b8f5940]

2017-01-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Define HAVE_NANOSLEEP if we find nanosleep in librt
	[ec8d949bf411]

	* configure, configure.ac:
	sudo_nanosleep not nanosleep in util.exp.in
	[18a3bca78962]

	* configure, configure.ac:
	add nanosleep to util.exp.in if needed
	[6ac2e9266d67]

	* NEWS, configure, configure.ac:
	sudo 1.8.19p2
	[9c15593a007a]

	* lib/util/vsyslog.c:
	Double the size of new_fmt[] and remove an extraneous break in the
	%m handling that was leftover from an earlier edit.
	[fcb28dc9cd4e]

	* lib/util/vsyslog.c:
	Fix typo, want vsnprintf not snprintf.
	[2717f2125ecd]

	* plugins/sudoers/logging.c:
	move va_start() in mysyslog()
	[b58ec40bbfc3]

	* plugins/sudoers/sudoers.c:
	Only treat failure of expand_iolog_path() as fatal if
	ignore_iolog_errors is not set.
	[1ba009311cf7]

2017-01-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, config.h.in, configure, configure.ac,
	include/sudo_compat.h, lib/util/Makefile.in, lib/util/nanosleep.c,
	mkdep.pl, src/exec_pty.c:
	When waiting for the parent to grant us the tty, use nanosleep
	instead of spinning to avoid hogging the CPU.
	[76335b380d7c]

	* src/sudo.c:
	Use ROOT_UID instead of 0
	[5ed03a4e0b0b]

2017-01-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in:
	regen
	[99b26e2c523d]

2017-01-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/interfaces.c,
	plugins/sudoers/regress/visudo/test9.out.ok,
	plugins/sudoers/regress/visudo/test9.sh, plugins/sudoers/visudo.c:
	Fix crash in visudo introduced in sudo 1.8.9 when an IP address or
	network is used in a host-based Defaults entry. Bug #766
	[ff9001f126b5]

2017-01-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac, doc/LICENSE:
	Avoid using the system strnlen/strndup on AIX < 6. Even if configure
	correctly detects it is working on the build machine, the sudo
	package may be run on a system with an old libc were it is broken.
	[28d148db0aaa]

2016-12-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, configure, configure.ac:
	sudo 1.8.19p1
	[7bfd43fa5caf]

	* plugins/sudoers/defaults.c:
	Fix logic bug when matching syslog priority and facility.
	[576cc9eb850f]

	* doc/HISTORY:
	Dell spun off Quest so simplify the history by just talking about
	Quest and not Dell.
	[a66120495435]

2016-12-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/LICENSE:
	Fix copyright year
	[3122e55195a6]

	* NEWS:
	typo
	[ffe9e84928b6]

2016-12-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/sudo_compat.h:
	HAVE_DECL_GETGROUPLIST_2 is always defined if HAVE_GETGROUPLIST_2
	is, we need to check its value, not whether it is defined.
	[849eb3113149]

2016-12-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/ko.mo, plugins/sudoers/po/ko.po:
	sync with translationproject.org
	[abf5d356a33b]

2016-12-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po,
	plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
	plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/sr.mo, plugins/sudoers/po/sr.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po, po/sr.mo,
	po/sr.po:
	sync with translationproject.org
	[fec672d5a4c7]

	* config.h.in, configure.ac, include/sudo_compat.h,
	plugins/sudoers/pwutil_impl.c, src/sudo.c:
	Use getgrouplist_2() on macOS if available.
	[3bf58af56d18]

2016-12-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot:
	regen
	[3f4d52230317]

	* plugins/sudoers/interfaces.c:
	In set_interfaces() treat a parse error as fatal.
	[7d0048108b1d]

2016-12-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/regress/atofoo/atofoo_test.c:
	Fix a clang warning on macOS
	[58e9d192e907]

2016-12-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/ko.mo, plugins/sudoers/po/ko.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po, po/ko.mo,
	po/ko.po, po/vi.mo, po/vi.po:
	sync with translationproject.org
	[99cce0f5fddc]

	* NEWS:
	update for 1.8.19b2
	[18cfc9b8b8e7]

	* plugins/sudoers/timestamp.c:
	Ignore a boot time that is in the future, which can happen when the
	clock is corrected down after boot. Otherwise, the timestamp file
	will be unlinked each time sudo is run and a password is always
	required.
	[dd3b2b7ae709]

2016-11-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.in,
	plugins/sudoers/defaults.c, plugins/sudoers/logging.c:
	Allow syslog priority to be negated or set to "none" to disable
	logging successes or failures.
	[624eddac4ab1]

	* doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in,
	plugins/sudoers/sudoreplay.c:
	Allow stdin and ttyin to be displayed too. The only one that is
	really useful in sudoreplay is stdin when input is from a pipe.
	[5aa8b3a90c84]

	* src/regress/noexec/check_noexec.c:
	Solaris 10 wordexp() returns 127 on execve() failure like popen()
	does.
	[f927c50dda17]

	* config.h.in, configure, configure.ac, include/sudo_debug.h,
	lib/util/regress/atofoo/atofoo_test.c, lib/util/strtoid.c,
	lib/util/sudo_debug.c, lib/util/util.exp.in:
	id_t is 64-bits on FreeBSD so use strtoll() there. Fixes the strtoid
	regress.
	[448a9857e89f]

2016-11-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	fix typo
	[92ea657a87f5]

	* plugins/sudoers/sudoers.c:
	Fix the "all" setting for verifypw and listpw; nopass would never be
	true even if all the user's entries had the NOPASSWD tag. Regression
	introduce in sudo 1.8.17. Bug #762
	[c672e3ebfbe2]

2016-11-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/ca.mo, plugins/sudoers/po/cs.mo,
	plugins/sudoers/po/cs.po, plugins/sudoers/po/da.mo,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/el.mo, plugins/sudoers/po/eo.mo,
	plugins/sudoers/po/eu.mo, plugins/sudoers/po/fi.mo,
	plugins/sudoers/po/fr.mo, plugins/sudoers/po/hr.mo,
	plugins/sudoers/po/hr.po, plugins/sudoers/po/hu.mo,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
	plugins/sudoers/po/ko.mo, plugins/sudoers/po/ko.po,
	plugins/sudoers/po/lt.mo, plugins/sudoers/po/nb.mo,
	plugins/sudoers/po/nb.po, plugins/sudoers/po/nl.mo,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/ru.mo, plugins/sudoers/po/sk.mo,
	plugins/sudoers/po/sl.mo, plugins/sudoers/po/sr.mo,
	plugins/sudoers/po/tr.mo, plugins/sudoers/po/uk.mo,
	plugins/sudoers/po/uk.po, plugins/sudoers/po/zh_CN.mo,
	plugins/sudoers/po/zh_CN.po, po/cs.mo, po/cs.po, po/de.mo, po/de.po,
	po/es.mo, po/es.po, po/fr.mo, po/fr.po, po/hr.mo, po/hr.po,
	po/it.mo, po/it.po, po/ja.mo, po/ja.po, po/ko.mo, po/ko.po,
	po/nb.mo, po/nb.po, po/pl.mo, po/pl.po, po/pt_BR.mo, po/pt_BR.po,
	po/tr.mo, po/tr.po, po/uk.mo, po/uk.po, po/zh_CN.mo, po/zh_CN.po:
	sync with translationproject.org
	[8a4ab570d132]

2016-11-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/visudo.c, src/openbsd.c:
	Just use malloc_options "S" on OpenBSD instead of "AFGJPR".
	[2851cd2da1c7]

2016-11-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	Update year in license
	[e370bf3d1035]

2016-11-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen
	[d524f0306467]

	* doc/sudo.conf.cat, doc/sudoers.ldap.cat, doc/sudoreplay.cat:
	regen
	[185328ea20c3]

	* include/sudo_debug.h, lib/util/sudo_debug.c,
	plugins/sudoers/iolog.c, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoers_debug.c,
	plugins/sudoers/visudo.c, src/sudo.c:
	Add SUDO_DEBUG_INSTANCE_ERROR return value for sudo_debug_register()
	and check for it in places where we check the return value of
	sudo_debug_register().
	[d1e74c5f21a6]

2016-11-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	update for 1.8.19
	[b248866c511d]

2016-11-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.ac, plugins/sudoers/getspwuid.c:
	Add support for getpwnam_shadow() on OpenBSD
	[4db7ed374c33]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, plugins/sudoers/policy.c, src/sudo.c:
	Add umask to user_info passed in from the front end to the plugin.
	[4a4eee52a717]

	* plugins/sudoers/auth/rfc1938.c:
	Fix sign compare warning.
	[8732d632cbff]

	* MANIFEST, aclocal.m4, configure, configure.ac, m4/ax_append_flag.m4,
	m4/sudo.m4:
	Use AX_APPEND_FLAG instead of SUDO_APPEND_CPPFLAGS and direct
	modification of LDFLAGS.
	[c1464dcd45e0]

	* MANIFEST, configure, configure.ac, plugins/sudoers/aixcrypt.exp:
	Remove aixcrypt.exp, it was a remnant of the 90's crypto wars where
	crypt() was not exported.
	[785d57666d41]

	* doc/TROUBLESHOOTING:
	Remove obsolete solaris issue with snprintf
	[3ce6cc899026]

	* INSTALL:
	SunOS 4.x is no longer supported
	[2239eb30ff2c]

2016-11-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/regress/sudo_conf/test1.in, lib/util/sudo_conf.c:
	Plug memory leak when a particular Path is set more than once.
	[debc97dac01d]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Add sudo_ldap_is_negated() and sudo_ldap_is_negated() functions and
	use them to parse negated entries instead of doing it manually.
	[12010b64afe5]

	* plugins/sudoers/ldap.c:
	Fix printing of sudoedit_follow in "sudo -l"
	[2094a8f880c4]

	* plugins/sudoers/sssd.c:
	For "sudo -l" print sudoOption sudoedit_follow as FOLLOW.
	[9c860b1fa721]

	* config.h.in, configure, configure.ac, include/sudo_conf.h,
	lib/util/regress/sudo_conf/conf_test.c,
	lib/util/regress/sudo_conf/test1.out.ok, lib/util/sudo_conf.c,
	lib/util/util.exp.in, plugins/sudoers/policy.c, src/exec_common.c,
	src/load_plugins.c, src/parse_args.c:
	Always define _PATH_SUDO_NOEXEC, _PATH_SUDO_SESH,
	_PATH_SUDO_PLUGIN_DIR, even if only defined to NULL. This means the
	accessors can always be present.

	Use RTLD_PRELOAD_VAR instead of _PATH_SUDO_NOEXEC to tell when
	noexec is available.

	Add ENABLE_SUDO_PLUGIN_API and use it instead of
	_PATH_SUDO_PLUGIN_DIR to tell when the plugin API is available.

	Add sudo_conf_clear_paths() to clear the path values so the regress
	tests are not affected by compile-time settings.
	[2b05e4a143d9]

	* plugins/sudoers/ldap.c:
	Use readline() in sudo_ldap_read_secret()
	[3f0506e5cbe3]

2016-11-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/sudo_conf.c:
	Get rid of struct sudo_conf_paths and just use #defined index values
	to access the path values. Make all accessors available even when
	the feature is not enabled.
	[58d1ec6170a8]

	* configure, configure.ac, lib/util/Makefile.in, lib/zlib/Makefile.in,
	mkdep.pl, plugins/group_file/Makefile.in,
	plugins/sample/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/system_group/Makefile.in, src/Makefile.in:
	Add ASAN_CFLAGS and ASAN_LDFLAGS and use -Wc prefix in ASAN_LDFLAGS
	to prevent libtool from strippign them out. Avoid using ASAN flags
	when building sudo_noexec.so.
	[9644dd92e586]

2016-11-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Disable noexec for HP-UX 10.x which probably doesn't support
	LD_PRELOAD
	[d87bc5ea4688]

	* config.h.in, configure, configure.ac, plugins/sudoers/getspwuid.c:
	Remove SunOS 4 support, it is not modern enough to run sudo.
	[b6e15f8360b6]

	* config.h.in, configure, configure.ac, plugins/sudoers/getspwuid.c:
	Remove HP-UX 9 support, it is not modern enough for sudo.
	[226dda48c1e1]

	* config.h.in, configure, configure.ac, plugins/sudoers/auth/passwd.c,
	plugins/sudoers/getspwuid.c:
	Remove Ultrix support, modern sudo can't run on Ultrix anyway.
	[95a11ef29a2b]

	* MANIFEST, configure, configure.ac, lib/util/sudo_conf.c,
	src/Makefile.in, src/exec_common.c,
	src/regress/noexec/check_noexec.c, src/sudo_exec.h:
	Add regress for noexec functionality
	[2cadd8e04677]

	* src/Makefile.in:
	Unbreak sudo_noexec on macOS where shared libraries and dynamic
	modules are different. We still want to install sudo_noexec.so
	without the "lib" prefix so some hackery is required.
	[93d7b69491a1]

	* configure, configure.ac:
	Don't enable noexec for AIX 5.0-5.2, we need 5.3 and above.
	[92cad0180239]

2016-11-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/Makefile.in:
	Need to link sudo_noexec.so with -ldl for dlsym() on some platforms.
	Otherwise, the wordexp(3) wrapper will fail due to an undefined
	symbol. Bug #761
	[120a317ce25b]

	* plugins/sudoers/visudo.c:
	In strict mode, go to the file/line with an undefined aliases or
	aliases cycle directly.
	[b4f51b79bd9e]

2016-11-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in,
	plugins/sudoers/alias.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/parse.h,
	plugins/sudoers/regress/visudo/test2.err.ok,
	plugins/sudoers/regress/visudo/test3.err.ok,
	plugins/sudoers/visudo.c:
	Store the file/lineno for alias and userspec entries so we can
	provide that info if there is an error.
	[7deb4e41ca7b]

2016-11-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/rcstr.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, plugins/sudoers/visudo.c,
	plugins/sudoers/visudo_json.c:
	Add simple reference-counted string allocator and use it for passing
	around references to the sudoers path. This lets us avoid making
	copies of the sudoers path for the errorfile as well as each
	Defaults entry.
	[afcff7b5b647]

	* lib/util/sha2.c:
	Cast len from size_t to uint64_t before bit shifting since we are
	adding to count which is also uint64_t. Quiets a PVS-Studio warning.
	[167210670b30]

2016-11-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/regress/visudo/test7.out.ok,
	plugins/sudoers/regress/visudo/test7.sh,
	plugins/sudoers/regress/visudo/test8.err.ok,
	plugins/sudoers/regress/visudo/test8.out.ok,
	plugins/sudoers/regress/visudo/test8.sh:
	Add checks for sudoers_locale early Defaults
	[582c08c9418c]

	* src/parse_args.c, src/sudo.c, src/sudo.h:
	Add the argument vector allocated for -s and -i mode to the garbage
	collector list. Avoids an ASAN warning on exit when the -s or -i
	flags are used.
	[652691a5216b]

2016-11-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c:
	add missing sudo_pw_delref/sudo_gr_delref to plug memory leak
	[c4ba4c26e0c1]

	* plugins/sudoers/defaults.c, plugins/sudoers/defaults.h,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/ldap.c, plugins/sudoers/parse.c,
	plugins/sudoers/parse.h,
	plugins/sudoers/regress/parser/check_fill.c, plugins/sudoers/sssd.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c,
	plugins/sudoers/visudo_json.c:
	Go back to parsing Defaults entries in update_defaults instead of as
	sudoers is read. Otherwise, we cannot properly support early
	defaults like sudoers_locale.
	[ff1328a86b97]

	* mkpkg:
	Use expr instead of POSIX sh numerical expression to avoid a syntax
	error on older shells.
	[638383bb40d5]

2016-11-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, include/sudo_plugin.h:
	Bump plugin minor version to 10 for sudo_mode, sudo_group and
	sudo_user.
	[0c65dc1f2874]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Fix a bug in host matching where a negated sudoHost entry would
	prevent other sudoHosts following it from matching.
	[40cbd5790106]

	* plugins/sudoers/defaults.c:
	Zero out sd_un before calling parse_default() so we don't try to
	free stack garbage in the ldap/sssd backends.
	[6b64a8e3a19d]

2016-11-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	Use "ret", not "rc" for the function return value.
	[fdfe637adee6]

	* include/sudo_compat.h, lib/util/strtomode.c,
	plugins/sudoers/defaults.c, plugins/sudoers/goodpath.c,
	plugins/sudoers/logging.c, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/timestamp.c,
	plugins/sudoers/visudo.c, src/sesh.c, src/sudo.c, src/sudo_edit.c:
	Use sys/stat.h defines instead of bare octal values.
	[215c80e09830]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, doc/sudoers.cat, doc/sudoers.man.in,
	doc/sudoers.mdoc.in, plugins/sudoers/iolog.c,
	plugins/sudoers/policy.c:
	Pass iolog mode, group and user from policy plugin to I/O log
	plugin.
	[1ed4967771c8]

2016-11-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/defaults.c, plugins/sudoers/defaults.h,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/ldap.c, plugins/sudoers/parse.h,
	plugins/sudoers/regress/parser/check_fill.c, plugins/sudoers/sssd.c:
	Instead of parsing sudoers Defaults twice, parse once while reading
	sudoers and then just set the parsed value in update_defaults().
	[370d51681c6e]

	* plugins/sudoers/defaults.c:
	Use "struct defaults *d" instead of "struct defaults *def"
	throughout for consistency and to avoid confusino with "struct
	def_values *def". Use "str" not "var" for the string argument to
	convert and store in sd_un for the store_* functions.
	[5cc3efc609df]

	* plugins/sudoers/parse.c:
	In display_bound_defaults() rename dtype arg -> deftype.
	[b3323960e1db]

2016-11-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/regress/sudo_conf/test4.err.ok,
	lib/util/regress/sudo_conf/test5.err.ok,
	plugins/sudoers/regress/visudo/test2.err.ok,
	plugins/sudoers/regress/visudo/test3.err.ok:
	Update error output to match quoting changes.
	[27bbf5004d1e]

	* plugins/sudoers/defaults.c:
	Avoid passing in a struct sudo_defs_types pointer to the store
	functions. Pass in a pointer to the union to fill instead.
	[ea956d00aae3]

	* plugins/sudoers/defaults.h:
	no longer need struct defaults forward referebce
	[21e34ca85de5]

2016-11-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/sudo_conf.c, plugins/sudoers/alias.c,
	plugins/sudoers/defaults.c, plugins/sudoers/logging.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/visudo.c,
	plugins/sudoers/visudo_json.c, src/load_plugins.c:
	Use "double quotes" in messages instead of a combination of the
	accent (grave) mark and apostrophe.
	[10dee3ecf3e1]

	* plugins/sudoers/defaults.c, plugins/sudoers/defaults.h,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Add file:linenumber prefix to all Defaults warnings so we can see
	them when running sudo too. For LDAP/SSSD we print the sudoRole
	instead of the file name and omit the line number.
	[5c6b95cd3792]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Use sudoedit in examples instead of "sudo vi"
	[6008c208682c]

2016-11-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/parse.c, plugins/sudoers/parse.h,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c,
	plugins/sudoers/visudo_json.c:
	Only treat an unknown Defaults entry as a parse error in visudo, not
	in sudo itself.
	[8d8aa7ac5a32]

	* plugins/sudoers/defaults.c, plugins/sudoers/defaults.h,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/visudo.c:
	Instead of checking Defaults values after the fact, check them at
	sudoers parse time. This makes it possible to display the file and
	line number with the problem and for visudo to go right to the
	error.
	[ac66bd690d05]

	* plugins/sudoers/alias.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/parse.h:
	Refactor freeing of a member_list into free_members().
	[d29daa01bb9c]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y:
	add_defaults() now calls sudoerserror() itself instead of the caller
	assuming any error means out of member.
	[a25e51321e0b]

	* plugins/sudoers/defaults.c, plugins/sudoers/mkdir_parents.c:
	s/rval/ret/g -- old habits die hard
	[fa55d08b233a]

2016-10-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	Remove inaccurate XXX comment, sudo_file_parse() sends mail on parse
	error.
	[052b0e112839]

	* plugins/sudoers/visudo.c:
	The fix for Bug #408 broke editing of files in an include dir that
	have a syntax error. Normally, visudo does not edit those files, but
	if a syntax error is detected in one, the user gets a chance to fix
	it.
	[6b00f9bfff31]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/sudoers.h, plugins/sudoers/visudo.c,
	plugins/sudoers/visudo_json.c:
	Make a copy of the current sudoers path when assigning errorfile.
	Fixes a potential use after free in visudo when there is an error in
	one of the include files.
	[eb6db5d15b61]

	* plugins/sudoers/sudoers_debug.c:
	sudoers_debug_register() was not setting the active debug instance
	to sudoers_debug_instance when called from the I/O log plugin. This
	is because it relied on sudo_debug_register to do that but
	sudoers_debug_parse_flags() doesn't set debug_files[]
	sudoers_debug_instance is already set (we can only init sudoers
	debug once).

	To work around this, just make sudoers_debug_instance the active
	debug instance in sudoers_debug_register() when it is already set.
	[71b0221c8c28]

	* src/load_plugins.c:
	Fix pasto when setting I/O plugin debug files
	[03c3aab22e65]

	* plugins/sudoers/iolog.c:
	use cp instead of *cur when comparing against plugin_path
	[f2dfe69549f5]

2016-10-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/mkdir_parents.c:
	In sudo_mkdir_parents() inherit the gid of / instead of using gid 0
	for the first component.
	[5f2bf33bccb5]

	* plugins/sudoers/iolog.c:
	We want to inherit the gid from the parent directory when not
	setting permissions on intermerdiate directories.
	[845f5a20b5fa]

2016-10-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/iolog.c,
	plugins/sudoers/mkdir_parents.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/timestamp.c:
	Move io_mkdir_parents() to its own file and use it in ts_mkdirs().
	[c1d55f588a60]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/defaults.c,
	plugins/sudoers/iolog.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	Make the I/O log file/dir permissions and owner configurable.
	[e7a74f3dfa56]

	* lib/util/Makefile.in, mkdep.pl:
	Add vsyslog.lo
	[18362a9ae32e]

	* configure, configure.ac:
	sudo 1.8.19
	[97743604e6e3]

2016-10-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/defaults.c:
	Don't try to syntax check an unrecognized Defaults value in visudo.
	[e4972655b5d3]

2016-10-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c:
	Create I/O log files with the same gid as the parent directory.
	[0da5824e006d]

	* plugins/sudoers/ldap.c:
	Check for sudo_ldap_result_last_search() returning NULL. This can't
	happen in practice because we always call
	sudo_ldap_result_add_search() first which guarantees there is a
	result to be found. Quiets a PVS-Studio warning.
	[4f6074f40fbc]

	* src/exec_pty.c:
	Quiet a PVS-Studio warning about the spin loop when waiting for the
	parent to assign us the terminal pgrp.
	[d063a283477b]

	* plugins/sudoers/env.c:
	Fix incorrect strncmp() lengths. The check for USERNAME was only
	looking at the first 5 characters (copy and paste error). The check
	for SUDO_PS1 was not checking the trailing '=' character (off by one
	error). Found by PVS-Studio.
	[297380eb6940]

	* plugins/sudoers/env.c:
	When checking for old-style bash functions in the environment, check
	for values starting with "() " (note the trailing space) rather than
	"()". Bash will only treat the value as a function if the space
	after "()" is present. The trailing space was already present in the
	compare string but when it was added, the length passed to strncmp()
	was not updated from 3 to 4. Found by PVS-Studio. No security
	impact.
	[7e35f39d356b]

	* plugins/sudoers/set_perms.c:
	Add some missing casts from uid_t/gid_t to int when printing uid/gid
	values. We print these as signed so a value of -1 (no change) is
	obvious. Quiets PVS-Studio warnings.
	[9773e5b166e1]

	* plugins/sudoers/timestamp.c:
	def_timestamp_timeout is a double so compare against 0.0 not 0 to
	avoid making it appear to be an integer type.
	[8675db470ab7]

	* plugins/sudoers/defaults.c:
	When checking syslog facility or priority, move the string compare
	into the body of the loop and return if it matches. If we finish the
	loop it means we didn't find a match. This makes the code a little
	bit more readable.
	[d1df1649a01e]

	* lib/util/strlcpy.c, lib/util/strnlen.c, plugins/sudoers/defaults.c,
	plugins/sudoers/env.c, plugins/sudoers/logging.c,
	plugins/sudoers/visudo_json.c, src/env_hooks.c, src/exec_pty.c:
	Replace bare ";" in the body of for() loops with "continue;" for
	improved readability.
	[92eff8dbe5f8]

2016-10-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.guess, config.sub:
	Update from http://git.savannah.gnu.org/gitweb/?p=config.git
	[86e6144dfdd7]

	* config.guess, config.sub, configure, ltmain.sh, m4/libtool.m4,
	m4/ltoptions.m4, m4/ltsugar.m4, m4/ltversion.m4, m4/lt~obsolete.m4:
	Update to libtool 2.4.6
	[8d85d9e8687b]

2016-10-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/vsyslog.c:
	Use a static buffer if possible.
	[758ce6478994]

	* MANIFEST, configure, configure.ac, include/sudo_compat.h,
	lib/util/vsyslog.c, plugins/sudoers/logging.c:
	add vsyslog() for systems without it.
	[c6457f333252]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	There are now 14 tag values, not 10. Don't bother mentioning the
	number since it keeps increasing. Bug #759
	[17e4c900dc12]

2016-10-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.ac, plugins/sudoers/logging.c:
	Use vsyslog() if available.
	[ea9b7a51eaec]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/defaults.c,
	plugins/sudoers/logging.c:
	Add syslog_maxlen to control the max size of syslog messages.
	[5f9872d2073f]

2016-10-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/tgetpass.c:
	Don't generate SIGTOU when restoring the terminal modes. It doen't
	make sense to suspend the process only to restore the terminal
	settings since in this case the shell has already taken ownership of
	the tty.
	[981c26f3fc8f]

	* plugins/sudoers/sudoreplay.c, src/exec_pty.c, src/tgetpass.c:
	The flush parameter of sudo_term_restore() is bool, not int.
	[c2597f1881f3]

2016-10-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.conf.cat, doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in:
	Add wordexp() to the list of functions wrapped by sudo_noexec.so.
	[2e847ce3f02f]

2016-10-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo_noexec.c:
	Need RTLD_NEXT for wordexp() on dlopen() systems. It is missing on
	AIX 5.1 at least.
	[167a518d8129]

	* src/sudo_noexec.c:
	add missing guard around wordexp()
	[7b8357b0a358]

	* NEWS:
	expand on 1.8.18p1 changes
	[f560e06ad584]

2016-10-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, configure, configure.ac:
	sudo 1.8.18p1
	[a36e17d1c5db]

	* config.h.in, configure, configure.ac, src/sudo_noexec.c:
	Fix configure check for seccomp filter on Linux
	[5d88d7cda853]

2016-10-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.ac, src/sudo_noexec.c:
	Use a seccomp filter on Linux to disable execve(2) and execveat(2).
	This still relies on LD_PRELOAD to work so it has the same issues as
	the existing mether with respect to running 32-bit binaries on a
	64-bit kernel.
	[59d76bdc0f0c]

	* src/Makefile.in:
	regen
	[9e313cb0900b]

	* plugins/sudoers/Makefile.in:
	regen
	[5ca77049e5cd]

2016-10-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* aclocal.m4, config.h.in, configure, configure.ac, src/sudo_noexec.c:
	Wrap wordexp(3) in sudo_noexec.
	[e7d09243e51b]

2016-09-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in:
	Clean .json files created by "make check"
	[d214117fbda1]

2016-09-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* po/ca.mo, po/da.mo, po/eo.mo, po/es.mo, po/eu.mo, po/fi.mo,
	po/gl.mo, po/hr.mo, po/hu.mo, po/ko.mo, po/nl.mo, po/ru.mo,
	po/sk.mo, po/sl.mo, po/sr.mo, po/tr.mo:
	recompile .po files
	[3d91cbf75744]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Fix matching when no sudoRunAsUser is present in a sudoRole. If only
	a sudoRunAsGroup is present, match on the invoking user if the -g
	option was specified and the group matched. If no sudoRunAsGroup is
	present and the -g option was specified, allow it if it matches the
	passwd gid of the runas user. This matches the behavior of the
	sudoers backend.
	[e1a52c34da5e]

	* plugins/sudoers/match.c:
	runas_pw can no longer be NULL
	[020c6ddcae11]

2016-09-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	RunAsGroup without RunAsUser issues
	[52d1547c9d3a]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	user_matched and group_matched must be type int, not bool
	[204d8de97a05]

	* plugins/sudoers/ldap.c, plugins/sudoers/match.c,
	plugins/sudoers/parse.h, plugins/sudoers/sssd.c:
	Use RUNAS_USER_SPECIFIED and RUNAS_GROUP_SPECIFIED when deciding
	whether to check runas user/group instead of checking runas_pw or
	runas_gr.
	[d17f223e8313]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	When matching against runas_default use userpw_matches() instead of
	just strcasecmp().
	[ce70077c5861]

	* plugins/sudoers/testsudoers.c:
	Set RUNAS_USER_SPECIFIED when -u is specified and/or
	RUNAS_GROUP_SPECIFIED when -g is specified.
	[fa7a1035a058]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Fix printing of the default runas user when a RunAsGroup is
	specified but no RunAsUser is present.
	[c05dabd194a1]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Only match against runas_default if both sudoRunAsUser and
	sudoRunAsGroup are missing.
	[019084f428b2]

	* plugins/sudoers/match.c:
	runas_pw can no longer be NULL here
	[e73dcebafa15]

	* plugins/sudoers/ldap.c, plugins/sudoers/match.c,
	plugins/sudoers/parse.h, plugins/sudoers/sssd.c:
	Update check for whether or not the runas user was set in the ldap
	and sssd backends to match the sudoers file backend. Introduces the
	runas_user_set() macro to improve readability. Previously, runas_pw
	was set late, now it is set before checking sudoers.
	[d8280d8a96c9]

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	Document that negated sudoHosts are only supported by 1.8.18 and
	higher.
	[f56824fe61bc]

	* plugins/sudoers/Makefile.in,
	plugins/sudoers/regress/testsudoers/test4.sh,
	plugins/sudoers/regress/testsudoers/test5.sh:
	Disable Address Sanitizer leak detection for tests which generate
	parse errors. The parser leaks a bit on error.
	[4b0ddb11df3a]

	* plugins/sudoers/sssd.c:
	Fix underflow in get_ipa_hostname() when trimming trailing
	whitespace.
	[875f2f5cd363]

2016-09-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Document negated sudoHost entries.
	[41d9853f89f7]

	* plugins/sudoers/sssd.c:
	Support negated sudoHost entries.
	[7c25f9111633]

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	Document negated sudoHost entries.
	[6c8444c6bc6c]

	* plugins/sudoers/ldap.c:
	Support negated sudoHost entries.
	[1899906b8ef4]

2016-09-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/match.c:
	Don't check the username when matching a host netgroup unless
	def_netgroup_tuple is enabled.
	[238c8064542f]

	* plugins/sudoers/match.c:
	Move valid domain name check into a new valid_domain() function. Fix
	memory leak if getdomainname(2) fails and avoid using heap garbage
	for the domain name matching in this case.
	[946f2441c90a]

2016-09-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po, po/it.mo,
	po/it.po:
	sync with translationproject.org
	[40eab0801eae]

2016-09-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	Add back line mistakenly removed in 0cf2a9351740
	[8622c83c1474]

	* plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po, po/nb.mo,
	po/nb.po:
	sync with translationproject.org
	[f180826bb77b]

2016-09-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Bug #757
	[de67bc9e26f8]

	* plugins/sudoers/sudoers.c:
	Fix typo that broke short host name matching when the fqdn flag is
	enabled. Bug #757
	[605c03afc80f]

2016-09-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/sudo_debug.h, lib/util/aix.c, lib/util/fnmatch.c,
	lib/util/getgrouplist.c, lib/util/secure_path.c,
	lib/util/setgroups.c, lib/util/strtoid.c, lib/util/sudo_conf.c,
	lib/util/sudo_debug.c, plugins/sample/sample_plugin.c,
	plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/securid5.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/check.c,
	plugins/sudoers/env.c, plugins/sudoers/goodpath.c,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/interfaces.c, plugins/sudoers/iolog.c,
	plugins/sudoers/ldap.c, plugins/sudoers/logging.c,
	plugins/sudoers/match.c, plugins/sudoers/parse.c,
	plugins/sudoers/policy.c, plugins/sudoers/pwutil.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/timestamp.c, plugins/sudoers/visudo.c,
	plugins/sudoers/visudo_json.c, src/env_hooks.c, src/exec.c,
	src/exec_pty.c, src/get_pty.c, src/hooks.c, src/load_plugins.c,
	src/regress/ttyname/check_ttyname.c, src/selinux.c, src/signal.c,
	src/sudo.c, src/sudo_edit.c, src/tgetpass.c, src/ttyname.c,
	src/utmp.c:
	Be consistent with the naming of the variable used to store the
	function return value. Previously, some code used "rval", some used
	"ret". This standardizes on "ret" and uses "rc" for temporary return
	codes.
	[017866310d24]

2016-09-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/ca.po, plugins/sudoers/po/cs.mo,
	plugins/sudoers/po/cs.po, plugins/sudoers/po/da.po,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/el.po, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/eu.po, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/fr.po, plugins/sudoers/po/hr.po,
	plugins/sudoers/po/hu.po, plugins/sudoers/po/it.po,
	plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
	plugins/sudoers/po/ko.po, plugins/sudoers/po/lt.po,
	plugins/sudoers/po/nb.po, plugins/sudoers/po/nl.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/ru.po, plugins/sudoers/po/sk.po,
	plugins/sudoers/po/sl.po, plugins/sudoers/po/sr.po,
	plugins/sudoers/po/sv.mo, plugins/sudoers/po/sv.po,
	plugins/sudoers/po/tr.po, plugins/sudoers/po/uk.mo,
	plugins/sudoers/po/uk.po, plugins/sudoers/po/vi.mo,
	plugins/sudoers/po/vi.po, plugins/sudoers/po/zh_CN.mo,
	plugins/sudoers/po/zh_CN.po, po/ca.po, po/cs.mo, po/cs.po, po/da.po,
	po/de.mo, po/de.po, po/eo.po, po/es.po, po/eu.po, po/fi.po,
	po/fr.mo, po/fr.po, po/gl.po, po/hr.po, po/hu.po, po/it.po,
	po/ja.mo, po/ja.po, po/ko.po, po/nb.po, po/nl.po, po/pl.mo,
	po/pl.po, po/pt_BR.mo, po/pt_BR.po, po/ru.po, po/sk.po, po/sl.po,
	po/sr.po, po/sv.mo, po/sv.po, po/tr.po, po/uk.mo, po/uk.po,
	po/vi.mo, po/vi.po, po/zh_CN.mo, po/zh_CN.po:
	sync with translationproject.org
	[6312962695df]

	* MANIFEST, NEWS, doc/CONTRIBUTORS, po/nn.mo, po/nn.po:
	Norwegian Nynorsk translation of sudo from translationproject.org
	[05203a266265]

	* NEWS:
	Fix for Bug #756
	[89ff21579216]

2016-09-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	In sudoers_main() avoid setting rval prematurely. Prevents a crash
	when auditing fails after successfully authenticating. Bug #756
	[d17a06bce04c]

	* plugins/sudoers/defaults.c:
	Apply match_group_by_gid early.
	[1259c7fd66ca]

2016-09-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	update
	[292a9e21474e]

	* src/ttyname.c:
	Don't disable large file support for Linux, just SVR4-style /proc.
	Otherwise, stat(2) may fail on Linux when running a 32-bit sudo on a
	64-bit machine. Bug #755
	[09450ce8b8a8]

2016-09-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/sudo_util.h:
	Make sudo_parseln() flags hex to make it more obvious that they are
	bit flags.
	[b912a078047e]

	* plugins/sudoers/env.c:
	Don't try to support line continuation in /etc/environment.
	[d7e30e821c0e]

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in, plugins/sudoers/ldap.c:
	No line continuation support in ldap.conf.
	[211caaba2395]

	* include/sudo_util.h, lib/util/parseln.c:
	Add flag to sudo_parseln() to disable line continuation support.
	[d2820247fc07]

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	A comment character ('#') is only special at the beginning of the
	line.
	[b3b67b7e4fc0]

	* include/sudo_util.h, lib/util/parseln.c,
	lib/util/regress/sudo_parseln/parseln_test.c, lib/util/sudo_conf.c,
	lib/util/util.exp.in, plugins/sudoers/env.c, plugins/sudoers/ldap.c,
	plugins/sudoers/sudo_nss.c:
	Add a flags option to sudo_parseln() and a flag to only mach
	comments at the beginning of the line. Use the flag when parsing
	ldap.conf.
	[40c560fc9a10]

	* src/sudo.c:
	If get_process_ttyname() fails for errno != ENOENT, just warn
	instead of making it a fatal error. Bug #755
	[1a028b861801]

2016-08-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/mkdefaults:
	use strict
	[681281bc0f6d]

	* plugins/sudoers/def_data.h, plugins/sudoers/mkdefaults:
	Define def_foo in terms of the I_FOO index instead of a bare number.
	[abb119f84ae6]

	* plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/hr.mo, plugins/sudoers/po/hr.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
	plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po:
	sync with translationproject.org
	[d339717f8692]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Mention that match_group_by_gid has no effect when sudoers is stored
	in LDAP.
	[5eb6ae45c699]

	* include/sudo_compat.h, src/sudo.c:
	Use W_EXITCODE to construct the wait status if sudo could not
	execute the command. Fixes the sudo exit value for exec(3) failure.
	[95eae2d60292]

	* src/exec.c:
	fix brace style
	[54448c10b6b5]

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen
	[794b06ba727b]

	* src/sudo.c:
	It is possible for get_user_info() to fail for reasons other than
	ENOMEM so print the warning message there rather than in main().
	[8c24df8d6b78]

2016-08-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	match_group_by_gid is only available in sudo 1.8.18 and above
	[dd237eb540d0]

	* doc/UPGRADE:
	Mention match_group_by_gid
	[417f27e9059a]

	* NEWS, doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document match_group_by_gid
	[2234997acb8d]

	* plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/pwutil.c:
	Add match_group_by_gid Defaults option to allow sites with slow
	group lookups and a small number of groups in sudoers to match
	groups by group ID instead of by group name.
	[20714580da96]

2016-08-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Mention "sudo -l command" bug fix.
	[cb8ade186880]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Fix "sudo -l command" in the LDAP and SSS backends when the command
	is not allowed.
	[631038350b2a]

2016-08-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/defaults.c:
	Use sudo_strsplit() instead of doing the equivalent manually.
	[9eb6d1cc78bd]

2016-08-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Move SIGPIPE bug fix to 1.8.18 where it belongs
	[52509fd0100e]

	* plugins/sudoers/defaults.c:
	Fix memset size typo in previous commit.
	[e00299f7c50f]

	* plugins/sudoers/regress/visudo/test6.out.ok,
	plugins/sudoers/regress/visudo/test6.sh:
	Add regress for check_defaults() use-after-free bug.
	[0b362678ca10]

	* MANIFEST, plugins/sudoers/defaults.c:
	Fix use-after-free in check_defaults(), reported by Radovan Sroka of
	RedHat.
	[ab3a4227c12f]

2016-08-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	SIGPIPE bug fix
	[24c9a12f7e59]

	* src/signal.c:
	Now that we ignore SIGPIPE in sudo we need to restore it at exec
	time. Problem reported by Radovan Sroka of RedHat.
	[3cfa7e3510ff]

2016-08-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg:
	Fix appending to make_opts
	[abe28b6b7663]

	* NEWS:
	Add Bug #753 and fix reference to Bug #752.
	[e8c959e1cd6c]

2016-08-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po,
	plugins/sudoers/po/sr.mo, plugins/sudoers/po/sr.po, po/da.mo,
	po/da.po, po/pt_BR.mo, po/pt_BR.po:
	sync with translationproject.org
	[219c3f0aeee7]

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen pot files
	[d0c56a4ff553]

2016-08-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Update with logging changes.
	[f41beca23b99]

	* plugins/sudoers/logging.c:
	Avoid duplicate warnings when we cannot write to the log file. Also
	send the warning in mail if possible.
	[9b8509cff137]

	* plugins/sudoers/iolog.c, src/exec_pty.c, src/sudo.c, src/sudo.h:
	Move the ignoring of I/O log plugin errors into the I/O log plugin
	itself.
	[25b7fd056614]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/defaults.c,
	plugins/sudoers/iolog.c, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.c, src/exec_pty.c, src/sudo.c, src/sudo.h:
	Make the behavior when we cannot write to a log or audit file
	configurable. File log failures are ignored by default for
	consistency with syslog. Audit errors are ignored by default to
	allow the admin to fix the issue. I/O log file errors are still
	fatal by default since if I/O logging is activated it is usually to
	have an audit trail. Bug #751
	[dbd085e7c736]

2016-08-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/logging.c:
	Make sure we print an error message to stderr (and not just send
	mail) if do_logfile() fails. Bug #751
	[7884a23a0cdc]

2016-08-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/pwutil.c:
	Separate out the supplemental group ID checks from the supplemental
	group name checks in user_in_group(). We now call sudo_get_gidlist()
	only when the group name in sudoers begins with a '#' (which is
	seldom used).
	[80534785d8b7]

	* plugins/sudoers/ldap.c, plugins/sudoers/policy.c,
	plugins/sudoers/pwutil.c, plugins/sudoers/pwutil.h,
	plugins/sudoers/pwutil_impl.c, plugins/sudoers/set_perms.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h:
	Cache the user's group IDs and group names separately and only
	resolve group IDs -> names when needed. If the sudoers file doesn't
	contain groups we will no longer try to resolve all the user's group
	IDs to names, which can be expensive on some systems.
	[8ce3564e896e]

2016-08-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/defaults.c:
	Remove the "op" parameter from all the store_foo() functions except
	store_list() where it is actually needed. For the others, a NULL
	value indicates the setting was negated. This unconfuses static
	analyzers (and perhaps humans too).
	[fca031b57f15]

	* plugins/sudoers/defaults.c:
	Flags always have a NULL value. Regression introduced by refactor of
	set_default_entry().
	[71fe4fad097b]

	* plugins/sudoers/defaults.c:
	Set rc to true when setting a flag Defaults value.
	[cf016b6aedd4]

	* src/utmp.c:
	suppress a cppcheck false positive
	[0d44aa7cf05c]

	* plugins/sudoers/defaults.c:
	Refactor the error parts of set_default_entry() so the switch() is
	mostly just calls to store_foo() functions. Avoids a lot of
	duplicated error checking and silences a cppcheck false positive.
	[1112b894007c]

	* plugins/sudoers/defaults.c:
	In set_default_entry() check for unsupported Defaults type.
	[beb1ae20179f]

	* lib/util/aix.c:
	Add missing break in switch that sets the max limit for
	RLIMIT_NOFILE. Found by cppcheck.
	[39b1979b1b92]

	* plugins/sudoers/defaults.c:
	Check sudoers_initlocale return value and treat as oom. Coverity CID
	141832
	[b1cad9d6c49d]

2016-08-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/match.c, plugins/sudoers/parse.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/testsudoers.c:
	Set runas_pw early and adjust runaslist_matches() to deal. Since we
	now set runas_default early there is no need to call update_defaults
	with SETDEF_RUNAS after sudoers has been parsed.
	[35e0b08219a8]

2016-08-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/defaults.c, plugins/sudoers/group_plugin.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/testsudoers.c:
	Load sudoers group plugin via an early callback.
	[0fc4382cd6e4]

	* sudo.pp:
	System Integrity Protection on Mac OS X won't allow us to write
	directly to /etc or /var. We must install in /private/{etc,var}
	instead.
	[831c78241e78]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document that fqdn, runas_default and sudoers_locale are parsed
	early.
	[beb4868c449e]

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo_plugin.cat,
	doc/sudoers.cat, doc/sudoers.ldap.cat, doc/sudoreplay.cat,
	doc/visudo.cat:
	Regen for 1.8.18
	[eb4feabb8fee]

2016-08-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/defaults.h, plugins/sudoers/ldap.c,
	plugins/sudoers/sssd.c:
	Avoid passing around struct defaults when it is not needed. As a
	result, we no longer need to include gram.h in the LDAP and SSSD
	backends.
	[14d0bfdc8bd2]

	* plugins/sudoers/defaults.c, plugins/sudoers/defaults.h,
	plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Instead of deferring setting early defaults until we have traversed
	the entire defaults list, just defer running the callbacks.
	Otherwise, if the last early default setting we see has a bad value
	we won't set any defaults of that type even if there was an earlier
	one that was valid.
	[552863e5a097]

	* plugins/sudoers/defaults.c:
	Run callbacks once in set_default_entry() instead of each of the
	store_foo() functions.
	[b92b51c67845]

2016-08-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg:
	Use /proc/cpuinfo on Linux instead of running lscpu
	[450ea436dbe4]

	* mkpkg:
	If using GNU make on a multi-cpu system, use the -j flag to run make
	jobs in parallel, up to the number of cpus/cores.
	[7a6670de96dc]

2016-07-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo.c:
	Only check SUDO_USER if euid is 0
	[f42d00c94817]

2016-07-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo.c:
	Initialize sudo_user based on the SUDO_USER environment variable if
	present. This allows things like :Defaults:username editor=foo" to
	work when visudo is run via sudo.
	[a526d6f74198]

2016-07-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	Add function name in "command resumed" debug message
	[e209f199a79f]

	* src/exec_pty.c:
	If waitpid() returns 0 or -1, display a warning, this should never
	happen. Add a check for unhandled wait status (also should never
	happen).
	[983a0b79b527]

	* plugins/sudoers/defaults.c:
	Flag settings have a NULL value so we can't use that to test whether
	an entry in struct early_default is set or not. Add a "set" member
	and use that instead.
	[68a7c0de9b0e]

2016-07-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	Explicitly check for a continued process with waitpid(2). Otherwise,
	waitpid() will return 0 when the command is resumed after being
	suspended, which we were treating the same as -1. Fixes suspend and
	resume on Linux and probably others.
	[54a464b116ad]

	* plugins/sudoers/defaults.c:
	Fix --with-fqdn, the value should be NULL since it is a flag.
	[95bc8b82911e]

	* plugins/sudoers/defaults.c, plugins/sudoers/defaults.h,
	plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Add support for early defaults to the ldap and sssd backends.
	[3a034360c177]

2016-07-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo_edit.c:
	Repair symlink check in sudo_edit_openat_nofollow() on systems
	without O_NOFOLLOW, it must be done relative to dfd. Previously the
	lstat() would always fail, possibly leading to a false positive.
	Also add an early symlink check like in sudo_edit() while here.
	[f72901c7f7cc]

	* src/sudo_edit.c:
	On systems that lack the O_NOFOLLOW open(2) flag, check in
	sudo_edit_open() whether the path to be opened is symlink before
	opening it. This is racey but we detect losing the last post-open
	and it is better to fail early if possible. When editing a link to a
	non-existent file, a zero-length file will be left behind but it is
	too dangerous to try and remove it after the fact. Bug #753
	[dac04f305262]

	* src/sudo_edit.c:
	Update debug_decl for sudo_edit_openat_nofollow() Remove unused
	variables when O_NOFOLLOW is not present.
	[8dc0afb1de58]

2016-07-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/defaults.c, plugins/sudoers/visudo.c:
	Split set_default_entry() out of set_default() so we can call it
	from check_defaults() to validate the defaults value. In visudo,
	suppress warnings from update_defaults() and rely on
	check_defaults() to provide warnings.
	[7d9b50f42d0b]

	* plugins/sudoers/defaults.c:
	Split binding match code out of default_type_matches() into
	default_binding_matches(). We can now use default_type_matches() in
	check_defaults().
	[c158768b12c5]

	* plugins/sudoers/visudo.c:
	Pass quiet flag to init_parser() and update_defaults() when doing
	first parse of sudoers.
	[3af76c1a0d84]

2016-07-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/defaults.c, plugins/sudoers/defaults.h,
	plugins/sudoers/ldap.c, plugins/sudoers/parse.c,
	plugins/sudoers/sssd.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c:
	Update defaults in visudo after sudoers has been edited so we pick
	up locale changes. The init_defaults() function will now re-init the
	sudoers locale.
	[ceb099392289]

2016-07-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/testsudoers.c:
	Set sudoers locale before calling sudoersparse(). We don't need to
	restore the user's locale since warnings are displayed in the user's
	locale anyway.
	[c44a38a496d1]

	* plugins/sudoers/visudo.c:
	Set the locale to the sudoers locale when parsing and restore the
	user's locale afterward. Also set the warn/fatal locale helper
	function so warning messages during a sudoers parse are displayed in
	the user's own locale.
	[a0b2cdb69d43]

	* plugins/sudoers/logging.h:
	Add forward decl of union sudo_defs_val to silence a gcc warning.
	[9e717510f132]

	* plugins/sudoers/sudoers.c:
	Set the warn/fatal locale helper function in sudoers_policy_init()
	so warning messages during sudoers loading are displayed in the
	user's own locale.
	[b6c7bab1ca80]

	* plugins/sudoers/locale.c, plugins/sudoers/logging.h,
	plugins/sudoers/sudoers.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/visudo.c:
	Move sudoers locale callback function to locale.c and user it in
	visudo and testsudoers.
	[7c4e9a71e252]

	* plugins/sudoers/sudoers.c:
	In cb_sudoers_locale() actually set the locale in addition to
	storing its name. Otherwise, it won't take effect until sudoers
	lookup time.
	[ceb446c2168b]

	* plugins/sudoers/defaults.c:
	Fix regression that would cause early defaults entries to be set
	multiple times.
	[5f5cd02d5f0f]

	* NEWS, configure, configure.ac:
	sudo 1.8.18
	[7c778904c39b]

2016-07-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/defaults.c, plugins/sudoers/sudoers.c:
	Only set early defaults once, regardless of how many times the
	variable is set in sudoers. This avoids running an early callback
	more than once. For example, we don't want to call cb_fqdn() if sudo
	is compiled with FQDN set but sudoers has "Defaults !fqdn".
	[0c5d80939ea2]

	* plugins/sudoers/defaults.c, plugins/sudoers/defaults.h:
	Make strings const in functions that set defaults as they are not
	modified.
	[d01f22ab1902]

	* plugins/sudoers/sudoers.c:
	In cb_fqdn() just return if the fqdn flag is set to false.
	[0cb3d78aa944]

2016-07-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/defaults.c:
	Implement callbacks for defaults flags (T_FLAG).
	[936adcc98800]

	* plugins/sudoers/sudoers.c:
	add debug_decl for cb_runas_default and cb_sudoers_locale
	[4667b1e14172]

	* plugins/sudoers/defaults.c, plugins/sudoers/sudoers.c:
	Convert fqdn to a callback and add it to the list of early defaults.
	[df863787cf5e]

	* plugins/sudoers/defaults.c, plugins/sudoers/defaults.h,
	plugins/sudoers/iolog.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/testsudoers.c:
	Change defaults callbacks to take a union sudo_defs_val * instead of
	a char *.
	[c7730fa19e46]

	* plugins/sudoers/defaults.c:
	When updating defaults, process certain values fist since they can
	influence how other defaults are parsed. Currently, runas_default
	and sudoers_locale are processed early.
	[32062737a1ae]

2016-07-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/toke_util.c:
	Fix typo introduced in last commit to fix fill_args() overflow
	check.
	[535d13b81c5d]

	* plugins/sudoers/toke_util.c:
	Fix underflow checl in fill_args().
	[2c6852e65ad6]

	* plugins/sudoers/toke_util.c:
	Make sure we account for the trailing NUL when computing arg_size in
	fill_args(). Bug #752
	[c73c1ea4b230]

	* plugins/sudoers/toke_util.c:
	Make arg_size and arg_len unsigned since we do bitwise operations on
	them.
	[0a551c7a5e67]

2016-07-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/Makefile.in, lib/zlib/Makefile.in,
	plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in,
	src/Makefile.in:
	Only remove backup files as part of "make uninstall" when
	INSTALL_BACKUP is set.
	[c2541d2de89c]

	* configure, configure.ac, lib/util/Makefile.in, lib/zlib/Makefile.in,
	plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in,
	src/Makefile.in:
	Only keep backups of installed files on HP-UX where you cannot
	unlink a shared library that is in use.
	[8763a1d0d515]

2016-07-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Ignore a missing or insecure #includedir, it is not a fatal error.
	[8a82818c9f0d]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Make sure we always call sudoerserror() on error in
	read_dir_files(), otherwise sudo will not treat it as a fatal error.
	[1a38da425ca0]

2016-06-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	Set the sudoers locale before opening the sudoers file. Previously
	the sudoers locale was used when evaluating sudoers but not during
	the inital parse. Bug #748
	[c8deb0da75b4]

	* plugins/sudoers/locale.c:
	Add debugging
	[5fbe2f109b92]

	* plugins/sudoers/Makefile.in:
	Don't link test programs with the sudoers-specific locale code if we
	don't need to.
	[41224154534e]

	* plugins/sudoers/Makefile.in:
	sudoreplay does not need to link with the sudoers-specific locale
	code.
	[348638a68f69]

2016-06-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y:
	new_digest was prototyped as static but not explicitly declared
	static.
	[52949a024acb]

	* configure, configure.ac:
	Some versions of HP-UX 11.11 do not expose struct sockaddr_ext if
	_XOPEN_SOURCE_EXTENDED is defined. Only define
	_XOPEN_SOURCE_EXTENDED if we can still compile net/if.h.
	[0189ff7daa63]

	* plugins/sudoers/Makefile.in:
	Some versions of HP-UX make will ignore suffix rules if they are
	empty.
	[cffeee232752]

2016-06-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	Don't skip debug printfs in handle_sigchld() just because execve()
	returned an error.
	[0cf2a9351740]

	* include/compat/charclass.h, include/sudo_compat.h, lib/util/aix.c,
	lib/util/getaddrinfo.c, lib/util/sudo_debug.c,
	plugins/sudoers/insults.h,
	plugins/sudoers/regress/parser/check_base64.c,
	plugins/sudoers/regress/parser/check_fill.c,
	plugins/sudoers/sudoers_debug.c:
	Add definition of nitems for those without it and use it throughout.
	[4b30c8834fdd]

2016-06-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Update copyright year.
	[638c964e44fd]

	* NEWS, configure, configure.ac:
	Sudo 1.8.17p1
	[bc30a172370c]

	* src/sudo.c, src/sudo.h:
	Set user groups in exec_setup() if they were not already set by
	policy_init_session(). Bug #749
	[3bf16489800c]

2016-06-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.conf.cat, doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in:
	Point the reader to the sudoers manual for the list of supported
	arguments after the plugin path.
	[40cbfa5deeb1]

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	forgot to update date in last commit
	[3872a46e229b]

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	Fix typo; cn=default should be cn=defaults
	[06e097667465]

2016-06-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/Makefile.in, lib/zlib/Makefile.in,
	plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in,
	src/Makefile.in:
	Fold lines at 80 characters for the clean: target
	[651623231cd8]

	* lib/util/Makefile.in:
	Remove mksiglist, siglist.c, mksigname, signame.c as part of
	"distclean"
	[ed7f58685633]

2016-06-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po:
	sync with translationproject.org
	[a3bb8c15ef3d]

	* plugins/sudoers/sssd.c:
	LDAP sudoers doesn't support negated users, groups or netgroups.
	[d6585245c24d]

2016-06-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Bug #746
	[e0bba3ae78c2]

	* plugins/sudoers/match.c:
	When matching paths with glob(3), check returned matches against
	user_cmnd first if it is fully-qualified. This avoids a lot of
	needless stat(2) calls and avoids a mismatch between safe_cmnd and
	argv[0] if there are multiple matches with the same inode/dev due to
	links. Bug #746.
	[29bdba0cf2eb]

	* NEWS:
	Add execve failure in pty bug fix.
	[941672cc6793]

	* plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po:
	sync with translationproject.org
	[a4f789cedecc]

	* src/exec_pty.c:
	In handle_sigchld() fix the return value when we've already received
	an exec error. We don't want to overwrite the error status but we do
	need to indicate that the command is no longer running. Fixes as
	hang on execve(2) error when running in a pty.
	[797bed2c39a7]

	* src/exec.c, src/exec_common.c:
	Move sudo_debug_execve() call into sudo_execve().
	[ab2ea3459a7c]

	* plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/hr.mo, plugins/sudoers/po/hr.po,
	plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
	plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/sv.mo, plugins/sudoers/po/sv.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po, po/sr.mo,
	po/sr.po, po/sv.mo, po/sv.po:
	sync with translationproject.org
	[046ba9a0fca8]

2016-06-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	update for 1.8.17 final
	[a2f02775aba5]

	* lib/util/aix.c:
	Fix setting of hard stack limit when stack_hard is not specified in
	/etc/security/limits. When 64-bit resource limits are supported we
	can use the default value of 8388608 512-byte blocks directly. We
	should only resort to using RLIM_SAVED_MAX for 32-bit resource
	limits.
	[cc4933fc41bd]

2016-06-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot:
	regen
	[4ab85a46cf63]

2016-06-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sssd.c:
	Ignore empty ipa_hostname
	[9421ade7b47f]

	* plugins/sudoers/sssd.c:
	Better martching of ipa_hostname in sssd.conf
	[abd53491cb4b]

2016-06-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL, configure, configure.ac, pathnames.h.in,
	plugins/sudoers/sssd.c:
	Use the value of ipa_hostname from /etc/sssd/sssd.conf if present
	instead of the system hostname.
	[3f5cffcd8432]

2016-06-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sssd.c:
	When matching host, short-circuit the loop when we get a match. Only
	check username as part of the netgroup when netgroup_tuple is
	enabled.
	[2eab4070dcf7]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Avoid using !strcmp()
	[f976b3d973e0]

2016-06-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sssd.c:
	SSSD doesn't handle netgroups, we have to ensure they are correctly
	filtered in sudo. The rules may contain mixed sudoUser specification
	so we have to check not only for netgroup membership but also for
	user and group matches. Adapted from a patch from Daniel Kopecek.
	[50d8d88bcc28]

2016-06-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/pam.c:
	Return PAM_CONV_ERR from the conversation function if getpass
	returns NULL or the user pressed ^C.
	[bec7e2ec26ff]

	* plugins/sudoers/base64.c:
	Make base64 decoding table-driven.
	[2d001c111552]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Back out cfa26b99228f, it was already fixed differently. Caught by
	regress checks.
	[0584f80e9951]

2016-05-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Allow double-quoted groups and netgroups to be part of a Defaults
	spec. From Daniel Kopecek.
	[cfa26b99228f]

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	The sudoers.ldap manual is installed in section 4 or 5, not 1m or 8.
	Also fix the section for ldap.conf cross-references.
	[eb1c0a2b84a1]

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	Fix copy pasta, "sudoNotAfter" not "sudoNotBefore". Add missing word
	"order" in a sentence describing sudoOrder.
	[653cb783f89b]

	* plugins/sudoers/sssd.c:
	For sudo -ll (long list) print the SSSD role just like we do for the
	LDAP backend. Adapted from sudo-1.8.6p3-sssdrulenames.patch
	[46f962b1f3ef]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Setting timestamp_timeout less than zero only lasts until the next
	reboot. Adapted from a RedHat patch.
	[f8ce1dfebfe9]

	* po/it.mo, po/it.po, po/nb.mo, po/nb.po:
	sync with translationproject.org
	[31b55426358b]

2016-05-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/conversation.c:
	fputs() is now specified as returning non-negative on success, not
	explicitly zero. Fixes a failure on glibc.
	[55f8a25d4af4]

	* src/conversation.c:
	Don't try to dereference replies[] if it is a NULL pointer.
	[c4fdd838f2f5]

	* plugins/sudoers/policy.c:
	sudo_version should be unsigned
	[7719d425c65a]

	* plugins/sudoers/po/ca.mo, plugins/sudoers/po/ca.po,
	plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/hr.mo, plugins/sudoers/po/hr.po,
	plugins/sudoers/po/sv.mo, plugins/sudoers/po/sv.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po, po/ca.mo,
	po/ca.po, po/cs.mo, po/cs.po, po/da.mo, po/da.po, po/de.mo,
	po/de.po, po/fr.mo, po/fr.po, po/hr.mo, po/hr.po, po/ja.mo,
	po/ja.po, po/pl.mo, po/pl.po, po/sk.mo, po/sk.po, po/sv.mo,
	po/sv.po, po/uk.mo, po/uk.po, po/vi.mo, po/vi.po, po/zh_CN.mo,
	po/zh_CN.po:
	sync with translationproject.org
	[e40cdc972d19]

	* MANIFEST, NEWS, doc/CONTRIBUTORS, plugins/sudoers/po/ko.mo,
	plugins/sudoers/po/ko.po, po/ko.mo, po/ko.po:
	Korean translation for sudo and sudoers from translationproject.org.
	[188ffbed5bf2]

	* NEWS, plugins/sudoers/auth/pam.c:
	Ignore PAM_SESSION_ERR from pam_open_session() since this can
	apparently happen on systems using Solaris-derived PAM. Other errors
	from pam_open_session() are treated as fatal. This avoids the
	"policy plugin failed session initialization" error message seen on
	some systems.
	[0f7f3e7ead21]

2016-05-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, src/exec_pty.c:
	Don't read from stdin when flushing final buffers in blocking mode.
	Reading from the pipe can block too if the other end is not closed.
	[a651f913a1ef]

2016-05-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Mention visudo -x change.
	[2fd35df055b2]

	* plugins/sudoers/regress/sudoers/test1.json.ok,
	plugins/sudoers/regress/sudoers/test14.json.ok,
	plugins/sudoers/regress/sudoers/test15.json.ok,
	plugins/sudoers/regress/sudoers/test16.json.ok,
	plugins/sudoers/regress/sudoers/test2.json.ok,
	plugins/sudoers/visudo_json.c:
	There's no need to escape forward slashes in JSON output. While it
	is legal to escape a forward slash, it is not required.
	[044710f516a9]

	* doc/UPGRADE:
	Document that in 1.8.12 sudo started being able to check the NIS
	domain on Solaris.
	[bced94478c0e]

2016-05-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Better description of the I/O logging pipe issue.
	[6eee2f8a1fae]

	* src/exec_pty.c:
	In del_io_events(), avoid reading from the pty master in blocking
	mode. We now do two passes, one with SUDO_EVLOOP_NONBLOCK and
	another that could block if stdin is a pipe. This ensures we consume
	the pipe until EOF.
	[564ae2b4c305]

	* lib/util/event.c:
	Improve debug info in sudo_ev_add() and sudo_ev_del()
	[ca839439ff22]

	* src/exec_pty.c:
	In pty_close(), call del_io_events with the SUDO_EVLOOP_ONCE flag so
	the event loop will exit after a single run through. Otherwise, we
	may hang at exit on non-BSD systems.
	[e6c38d5a341b]

2016-05-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* po/sudo.pot:
	regen
	[18a4570be506]

2016-05-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	Bump I/O buffer size to 64K. We don't use PIPE_BUF or _PC_PIPE_BUF
	for this because that corresponds to the value for atomic pipe
	writes. The actual pipe buffer is much larger on modern systems and
	64K is what BSD and Linux support for large pipe buffers.
	[3b5d995966ef]

	* NEWS:
	I/O logging bug fix
	[934d755ac12c]

	* src/exec_pty.c:
	Don't use SUDO_EVLOOP_NONBLOCK when flushing buffers at pty close
	time, only when the user suspends sudo. Fixes a problem where all
	buffers might not get flushed at exit when logging I/O. Reproducible
	via "sudo tar cf - foo | (cd /tmp && sudo tar xf -)" on OpenBSD.
	[bbe0e18739ec]

2016-05-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo_json.c:
	Don't try to fflush(export_fp) or ferror(export_fp) if export_fp is
	NULL, which can happen on the error path.
	[ccfb4dd260fa]

	* plugins/sudoers/sudoers.c, src/exec.c, src/exec_pty.c, src/sudo.c,
	src/tgetpass.c:
	O_NOCTTY has no effect when opening /dev/tty as the open can only
	succeed if there is already a controlling tty.
	[9ca106c499b2]

	* src/sudo.c:
	Do not need to open /dev/tty with O_NONBLOCK, it doesn't block on
	first open like a physical terminal. By definition, if you have a
	controlling tty, the first open (which might block) has already
	occurred.
	[15a5f006836a]

	* src/selinux.c:
	Use O_NOCTTY when opening a tty.
	[5f9fd6458be4]

	* src/Makefile.in:
	regen
	[105ef4533724]

	* plugins/sudoers/auth/sudo_auth.c:
	No need to set pass to NULL after freeing at the end of the loop it
	since it is already set to NULL each time through the loop.
	[2657b0b4260d]

2016-05-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	SELinux fixes in 1.8.17.
	[f743cf0d9c62]

	* plugins/sudoers/logging.h, plugins/sudoers/logwrap.c:
	Check fprintf() return value in writeln_wrap() and return the number
	of characters actually written, or -1 on error.
	[4739e0f58fa3]

	* src/conversation.c:
	Check fputs() return value.
	[e85778cbe0e3]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Do not write directly to stdout/stderr, use sudo_printf which calls
	the conversation function.
	[e86d5ed4dca7]

	* plugins/sudoers/auth/dce.c, plugins/sudoers/auth/fwtk.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/securid5.c:
	Do not write directly to stdout/stderr, use sudo_printf which calls
	the conversation function.
	[002a30fdb4e0]

	* plugins/sudoers/iolog.c, plugins/sudoers/visudo_json.c:
	Use ferror() after fflush() to check the error status of the stdio
	stream we wrote to.
	[fa1db13fe9ac]

2016-05-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/parse.c:
	printf() returns < 0 on error, not explicitly -1
	[2a2385b941de]

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo_plugin.cat,
	doc/sudoers.ldap.cat, doc/sudoreplay.cat, doc/visudo.cat:
	Regen for 1.8.17
	[e24b0f944000]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document that you need to preserve EDITOR and/or VISUAL for
	env_editor to be useful.
	[ef0ce8917307]

	* src/selinux.c:
	Fix last commit, now that argc is not reset we need to explicitly
	start the copy from argv[1]. From Daniel Kopecek
	[f52403ef587a]

2016-05-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/selinux.c:
	cosmetic change to warning string
	[a2893e3f9b70]

	* plugins/sudoers/auth/pam.c:
	Avoid adding an extraneous warning string to sudoers.pot.
	[6b07043b48f7]

	* lib/util/snprintf.c:
	Use EOVERFLOW, not ENOMEM for overflow conditions. For snprintf()
	and vsnprintf(), POSIX says we should return -1 and set errno to
	EOVERFLOW if the size param is > INT_MAX; also zero out the string
	in this case (not mandated by POSIX) for safety.
	[294720fc981a]

2016-05-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/pam.c:
	Now that pam_open_session() failure is fatal we should print and log
	an error from it. Bug #744
	[0e98a92ef910]

	* src/selinux.c:
	Repair SELinux support, broken by 397722cdd7ec. From Daniel Kopecek.
	[1246583c7c1f]

	* plugins/sudoers/iolog.c, plugins/sudoers/pwutil.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c:
	Remove sudo_mkpwcache() and sudo_mkgrcache(). We now create the
	caches as needed on demand. Also remove calls to sudo_freepwcache()
	and sudo_freegrcache() that are immediately followed by execve(),
	they are not needed.
	[60448afe813d]

	* plugins/sudoers/iolog.c, plugins/sudoers/logging.c,
	plugins/sudoers/pwutil.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/testsudoers.c,
	plugins/sudoers/visudo.c:
	Eliminate use of setpwent()/endpwent() and setgrent()/endgrent().
	Sudo never iterates over the passwd or group file. Rename
	sudo_set{pw,gr}ent() -> sudo_mk{pw,gr}cache() and use
	sudo_free{pw,gr}cache() instead of sudo_end{pw,gr}ent().
	[66e6f5e7b51b]

2016-05-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/parse.h:
	Remove unnecessary NULL checks in the RUNAS_CHANGED macro. The only
	place where the pointers could be NULL is in visudo_json.c but we
	already check for "next" being NULL there. Quiets a cppcheck
	warning.
	[a0d84832c154]

2016-05-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoreplay.c:
	In replay_session() free iov at the end of the function (if needed)
	instead of after processing each line from the timing file. Coverity
	CID 104843.
	[5112f514af87]

	* plugins/sudoers/sudoreplay.c:
	Add io_log_read() and io_log_gets() to hide differences between
	gzread/fread and gzgets/fgets. Check for premature EOF and error
	from io_log_read(). Also sanity check the index in the timing file.
	Coverity CID 104630.
	[6a3b9932f567]

	* src/exec_pty.c:
	Break up io_callback() into read_callback() and write_callback() to
	make it clear that we can't get an event with both read and write
	set.
	[cd3a1e182dd4]

2016-05-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	In io_callback() make sure we clear SUDO_EV_READ if we close the fd.
	It should not be possible for SUDO_EV_READ to be set when revent is
	non-NULL but this makes static analyzers happier. Coverity CID
	104124.
	[7acc249fa098]

	* plugins/sudoers/ldap.c:
	In sudo_krb5_copy_cc_file() move the close(ofd) to the done: label
	so we only have to cleanup in one place. Coverity CID 104577.
	[0f189e70c59d]

	* plugins/sudoers/ldap.c:
	Fix memory leak in sudo_netgroup_lookup() in the non-error case.
	Coverity CID 104572, 104573, 104574, 104575.
	[7f9fb7a360b7]

	* plugins/sudoers/ldap.c:
	Fix fd leak in sudo_krb5_copy_cc_file() if restore_perms() fails.
	Coverity CID 104571.
	[d9434cdfb73c]

	* plugins/sudoers/sudoreplay.c:
	Free the events and event base before returning from
	replay_session(). Coverity CID 104116, 104117.
	[321216089e4a]

	* src/sudo_edit.c:
	In sudo_edit_create_tfiles(), fix fd leak if sudo_edit_mktemp()
	fails. Coverity CID 104114.
	[713de09ff956]

	* src/sudo_edit.c:
	Fix fd leak in sudo_edit_open_nonwritable() if dir_is_writable()
	returns an error. Coverity CID 104113.
	[314a57004f00]

	* src/sudo_edit.c:
	Fix memory leak of sesh_args in selinux_edit_copy_tfiles(). Coverity
	CID 104112.
	[ac7f0cbd07c9]

	* plugins/sudoers/visudo.c:
	Fix memory leak in get_editor() if resolve_editor() fails with an
	error. Coverity CID 104107.
	[e355b1f45bcb]

	* src/sudo.c:
	Fix memory leak on error if sudo_new_key_val() fails. Coverity CID
	104103.
	[c2ee1557aef2]

	* plugins/sudoers/visudo.c:
	Ignore the return value of the initial sudoersparse(), before we
	have actually edited any files. Coverity CID 104078.
	[184d9c6aec65]

	* src/exec.c:
	Ignore the result of send() on exec error, if it fails the other end
	of the pipe is gone and we are headed for exit. Coverity CID 104066.
	[cdcd7dfcbca1]

	* plugins/sudoers/toke_util.c:
	In fill_args() clean up properly if there is an internal overflow
	(which should not be possible). Coverity CID 104569.
	[0bc710e91ec4]

	* plugins/sudoers/gc.c:
	Fix logic inversion in sudoers_gc_remove(), currently unused.
	Coverity CID 104568
	[e29df8da11ea]

2016-05-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c:
	In io_mkdirs(), change the order from stat then mkdir, to mkdir then
	stat. This more closely matches what "mkdir -p" does. Coverity CID
	104120.
	[e462528ff7ea]

	* plugins/sudoers/timestamp.c:
	In ts_mkdirs(), change the order from stat then mkdir, to mkdir then
	stat. This more closely matches what "mkdir -p" does. Coverity CID
	104119.
	[c0c0e2662883]

	* plugins/sudoers/sudoers.c:
	Newer versions of Ubuntu have switched from using the "admin" group
	to the "sudo" group to align with Debian.
	create_admin_success_flag() now accepts either one.
	https://bugs.launchpad.net/ubuntu/+source/sudo/+bug/1387347
	[17b4d725dac4]

	* plugins/sudoers/timestamp.c:
	Cast off_t printed via printf(3) instead of assuming it is long
	long.
	[b1d398f4a8dc]

	* plugins/sudoers/sudoers.c:
	Instead of using stat(2) to see if the admin flag file exists and
	creating it if not, just try to create the file and treat EEXIST as
	a non-error. Coverity CID 104121.
	[bd58b0a35a3c]

	* MANIFEST, plugins/sample/README:
	README file for the sample plugin that tells the user how to build,
	install and enable it.
	[8d7096ce78cc]

	* plugins/sample/sample_plugin.c:
	Fix compilation error and export sample_policy struct. From Michael
	Evans
	[5280c1576e7f]

	* NEWS:
	Update for 1.8.17
	[979688a5ef13]

	* configure, configure.ac:
	Sudo 1.8.17
	[09311b2e9697]

	* plugins/sudoers/logging.c:
	Check return value of restore_perms() in vlog_warning(). Coverity
	CID 104079.
	[86555dd0942d]

	* plugins/sudoers/editor.c:
	Fix memory leaks in resolve_editor() in the error path. Coverity CID
	104109, 104110
	[6ac3f7e3ada9]

	* plugins/sudoers/policy.c:
	Fix memory leak of gid_list in sudoers_policy_exec_setup() in the
	error path. Coverity CID 104111.
	[eac1e9489367]

	* plugins/sudoers/logging.c:
	Fix fd leak in do_logfile() if we fail to lock the log file.
	Coverity CID 104115.
	[164a693207a8]

	* plugins/sudoers/sssd.c:
	Fix memory leak of sss_result in sudo_sss_lookup() Coverity CID
	104106
	[7dcee1e6d76f]

	* plugins/sudoers/iolog.c:
	Fix fd leak in open_io_fd() if gzdopen/fdopen fails. Coverity CID
	104105
	[c4c2848c1167]

	* plugins/sudoers/iolog.c:
	Fix fd leak in io_nextid() in error path. Coverity CID 104104
	[8920cdaab5bd]

2016-05-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/timestamp.c:
	Check lseek() return value. Coverity CID 104061.
	[bf3bb4c80cfc]

	* plugins/sudoers/timestamp.c:
	Ignore ts_write() return value when disabling an entry with a bogus
	timestamp. We ignore the timestamp entry even it doesn't succeed.
	Coverity CID 104062.
	[5e5925ebbc75]

	* plugins/sudoers/iolog.c, plugins/sudoers/match.c,
	plugins/sudoers/tsgetgrpw.c, src/exec.c, src/exec_pty.c, src/sudo.c:
	Cast the return value of fcntl() to void when setting FD_CLOEXEC.
	Coverity CID 104063, 104064, 104069, 104070, 104071, 104072, 104073,
	104074
	[48720d2f6658]

	* plugins/group_file/getgrent.c:
	Cast the return value of fcntl() to void when setting FD_CLOEXEC.
	Coverity CID 104075, 104076, 104077.
	[7fe1d9f97321]

	* plugins/sudoers/env.c:
	Avoid a false positive. Coverity CID 104056.
	[0256978219a6]

	* plugins/sudoers/visudo_json.c:
	Avoid calling fclose(NULL) on error in export_sudoers(). Coverity
	CID 104091.
	[2f73d86ab929]

	* plugins/sudoers/toke_util.c:
	In fill_args(), check for "arg_size == 0" instead of
	"sudoerslval.command.args == NULL" since the latter leads Coverity
	to imply that sudoerslval.command.args could be NULL later on.
	Coverity CID 104093.
	[bab505438881]

	* plugins/sudoers/sudoers.c:
	Avoid calling fclose(NULL) if the sudoers file is not secure and
	restore_perms() fails. Coverity CID 104090.
	[150db126c221]

2016-05-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/toke.h, plugins/sudoers/toke_util.c:
	In fill_args(), replace loop that increments arg_size() with a
	simple add and mask. Should prevent a false positive from Coverity
	CID 104094.
	[411c7e398286]

	* plugins/sudoers/sudoreplay.c:
	In parse_expr(), move the "bad" label after the "default" case in
	the switch(), not before it. This seemed to confuse Covertity,
	resulting in a false positive, CID 104095.
	[4371f26995fb]

	* doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in:
	For "sudoreplay -l", not all predicates may be shortened to a single
	character. Both 'c' and 't' have more than one possibility.
	[29a5a9a313e2]

	* src/exec.c, src/exec_pty.c, src/sudo.c:
	pid_t is defined by POSIX as a signed integer type so we don't need
	a cast when comparing to -1.
	[98f0a86260a0]

	* src/exec.c:
	In dispatch_signal() for stopped processes check for tcgetpgrp()
	returning -1. Also change checks from "saved_pgrp != -1" to "fd !=
	-1". Coverity CID 104098.
	[42ac4ad85900]

	* src/selinux.c:
	In relabel_tty() always jump to bad: on error, regardless of the
	value of se_state.enforcing. On error, return -1 if enforcing, else
	0. Coverity CID 104099.
	[db1a54d718f1]

	* config.h.in, configure.ac:
	Define NO_LEAKS when sudo is built with Coverity.
	[f4209b9ade8c]

	* src/exec_pty.c:
	In io_callback() if we write the complete buffer and find that there
	is no associated reader just return as there is nothing else to be
	done. In practice is it not possible for SUDO_EV_READ to be set if
	revent is NULL but an early return is harmless and possibly easier
	to understand. Coverity CID 104124.
	[3b3eb45b701e]

	* src/sudo_edit.c:
	Handle read() returning -1 when creating temporary files. Coverity
	CID 104100
	[e82af51e4f48]

	* plugins/sudoers/policy.c:
	Fix cut and paste error when checking cols for 0. Coverity CID
	104081
	[22a3b7d9bce1]

	* plugins/sudoers/pwutil.c:
	Use a single debug message for cache hit or store to avoid another
	situation where they get out of sync. Bug #743
	[4cf484e9b016]

	* plugins/sudoers/pwutil.c:
	Sync the "cache hit" debug messages with the "cached" debug
	messages. This fixes a bug where we could dereference a NULL pointer
	when we look up a negative cached entry which is stored as a NULL
	passwd or group struct pointer. Bug #743.
	[1d13341d53ec]

2016-04-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Remove the check for __sprintf_chk when checking for
	_FORTIFY_SOURCE, Some implementations are purely header-file based.
	As long as we can link a test program using sprintf() when
	_FORTIFY_SOURCE=2 it should be safe to use.
	[910af8ba4666]

	* config.h.in, configure, configure.ac:
	Remove configure checks for dev_t, id_t, ino_t, ptrdiff_t, size_t
	and ssize_t. These have been specified by either ANSI C or POSIX for
	long enough that if the system doesn't support them, it is unlikely
	to be able to compile sudo anyway.
	[c9fd433cfe27]

	* src/sudo.c:
	Do group setup in policy_init_session() before calling out to the
	plugin. This makes it possible for the pam_group module to change
	the group in pam_setcred(). It's a bit bogus since pam_setcred() is
	documented as not changing the group or user ID, but pam_group is
	shipped with stock Linux-PAM so we need to support it.
	[814cda602541]

2016-04-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/logging.c:
	Add missing newline when logging to a file (not syslog) and
	loglinelen is set to a non-positive number. Bug #742
	[ef0a5428a574]

2016-04-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c:
	style fix; fork_cmnd should start on a new line
	[e8211fe0f8d7]

2016-04-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, plugins/sudoers/ldap.c,
	plugins/sudoers/logging.c, src/signal.c, src/sudo.c, src/tgetpass.c:
	Ignore SIGPIPE for the duration of sudo and not just in a few select
	places. We have no control over what nss, PAM modules or sudo
	plugins might do so ignoring SIGPIPE is safest.
	[7c919101b8ec]

	* src/selinux.c:
	Use string_to_security_class() instead of pulling SECCLASS_CHR_FILE
	from flask.h. Avoids a warning with new SELinux includes.
	[24f357b419c4]

2016-04-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c, plugins/sudoers/parse.c,
	plugins/sudoers/sssd.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	When determining whether or not "sudo -l" or "sudo -b" should prompt
	for a password, take all sudoers sources into account. In other
	words, if both file and ldap sudoers sources are in use, "sudo -v"
	will now require that all entries in both sources be have NOPASSWD
	(file) or !authenticate (ldap) in the entries.
	[51e2a5ecacc6]

2016-03-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/sudo_auth.h:
	If the auth_type setting in /etc/security/login.cfg is set to
	PAM_AUTH but pam_start() fails, fall back to use AIX authentication.
	Skip the auth_type check if sudo is not compiled with PAM support.
	[cdbe432c465c]

2016-03-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.conf.cat, doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in:
	The header for sudo.conf(5) should be SUDO.CONF(5) not SUDO(5).
	[d3afd5bd550f]

2016-03-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/policy.c:
	hook_version and hook_type are unsigned so use 0, not -1 in the
	final (empty) entry. Quiets a warning on Solaris Studio 12.2.
	[4947de8e35b7]

2016-03-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, config.h.in, configure, configure.ac,
	plugins/sudoers/auth/pam.c:
	Work around an ambiguity in the PAM spec with respect to the
	conversation function. It is not clear whether the "struct
	pam_message **msg" is an array of pointers or a pointer to an array.
	Linux-PAM and OpenPAM use an array of pointers while Solaris/HP-
	UX/AIX uses a pointer to an array. Bug #726.
	[d2b926e2f7d6]

2016-03-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
	plugins/sudoers/po/sr.mo, plugins/sudoers/po/sr.po, po/eo.mo,
	po/eo.po, po/it.mo, po/it.po, po/ja.mo, po/ja.po, po/ru.mo,
	po/ru.po, po/sr.mo, po/sr.po:
	sync with translationproject.org
	[271c6738213d]

2016-02-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Bug #738
	[9e7974480cdc]

2016-02-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po, po/nb.mo,
	po/nb.po:
	sync with translationproject.org
	[6aa32f6e5240]

	* lib/util/regress/fnmatch/fnm_test.in:
	Better test for negated character classes.
	[635e3c17bca1]

	* lib/util/regress/fnmatch/fnm_test.in:
	Add test for negated character class
	[0d813e098864]

	* plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po, po/cs.mo,
	po/cs.po, po/de.mo, po/de.po, po/fr.mo, po/fr.po, po/pl.mo,
	po/pl.po, po/pt_BR.mo, po/pt_BR.po, po/uk.mo, po/uk.po, po/vi.mo,
	po/vi.po, po/zh_CN.mo, po/zh_CN.po:
	sync with translationproject.org
	[9398ffdc7719]

	* NEWS:
	sync
	[a27a7d40491e]

	* lib/util/fnmatch.c:
	Fix negation of character classes.
	[aed07c013a41]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Fix the check for whether a user is allowed to lists another user's
	privileges. The "matched" variable is not boolean, it can also have
	the value UNSPEC so we need to check explicitly for true. Bug #738
	[e8ed706fda03]

	* plugins/sudoers/auth/pam.c:
	Log the number of PAM messages in the conversation function at debug
	level.
	[3f16eea5875f]

2016-02-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Don't check for posix_spawn() or posix_spawnp() if we were unable to
	find spawn.h. This should only be a problem on systems with broken
	headers. Bug #730
	[5e5b0646dca4]

2016-02-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	update for 1.8.16
	[bad5e6534f39]

	* doc/CONTRIBUTORS, plugins/sudoers/sudoers2ldif:
	Fix documented bug with duplicate role names and turn on perl
	warnings. Based on a diff from Aaron Peschel
	[344a1c1f5c93]

2016-02-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/aix.c:
	Add declaration of getauthdb() for AIX 5.1
	[f758960bcfd6]

2016-02-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen
	[e61e1241f15f]

	* plugins/sudoers/po/fr.mo, plugins/sudoers/po/fr.po,
	plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po:
	sync with translationproject.org
	[2f3dea24199b]

	* INSTALL:
	Add a note that --with-solaris-audit is only for Solaris 11 and
	above. Bug #737
	[6722331c2830]

2016-02-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Remove last remnants of the deprecated --with-stow option.
	[8616d6de7ecd]

	* src/Makefile.in:
	src/load_plugins.c needs _PATH_SUDO_CONF so allow it to be
	overridden via the Makefile like other consumers of _PATH_SUDO_CONF.
	Bug #735
	[10148ef883ec]

2016-02-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac, include/sudo_util.h, lib/util/aix.c,
	lib/util/getgrouplist.c, plugins/sudoers/pwutil.c,
	plugins/sudoers/pwutil.h, plugins/sudoers/pwutil_impl.c,
	plugins/sudoers/set_perms.c, src/sudo.c:
	Add an administrative domain to the passwd/group cache key for AIX
	which can have different name <-> ID mappings depending on whether
	the database is local, LDAP, etc.
	[5319c11aefe9]

	* mkpkg, sudo.pp:
	Fedora dropped "core" from the name some time ago so just match on
	f[0-9] for the rpm distro name provided by pp. Since the version
	numbers of Fedora and RHEL are so different switch to defining
	variables to indicate which features should be enabled. Works for
	Fedora 23.
	[4ec50b352293]

2016-01-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg, sudo.pp:
	Treat fedora core like centos/rhel for package building.
	[0dfc607d07a1]

2016-01-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/parser/check_fill.c:
	Plug some memory leaks in the tests.
	[ce76ba538867]

	* plugins/sudoers/toke_util.c:
	If realloc of sudoerslval.command.args fails, reset
	sudoerslval.command.args as well as arg_len and arg_size after
	freeing sudoerslval.command.args.
	[6481bad56e6a]

	* src/exec_pty.c:
	When freeing the iobs after pty tear-down, also free the associated
	event structures. Quiets a memory leak warnings from address
	sanitizer and valgrind.
	[f19c689a2ded]

2016-01-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c:
	iolog_compress should be bool, not int
	[b437123a242b]

	* plugins/sudoers/visudo.c:
	Quiet address sanitizer leak detector.
	[b7ce672331f6]

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/env.c,
	plugins/sudoers/gc.c, plugins/sudoers/sudoers.h:
	Simple garbage collection (really a to-be-freed list) for the
	sudoers plugin. Almost identical to what sudo.c uses. Currenly only
	the environment strings are collected at exit time which is enough
	to quiet address sanitizer's leak detector.
	[47f32e047b1a]

	* src/sudo.c:
	Rename gc_cleanup to gc_run and remove I/O plugins from the plugin
	list when freeing them.
	[ea640f0b46f9]

	* src/sudo.c:
	Free up the garbage via an atexit() handler instead of requiring a
	call to gc_exit.
	[cc9c96d88595]

	* src/sudo_edit.c:
	Plug a memory leak in sudo_edit.
	[cab9a13a669b]

2016-01-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL:
	mention --enable-asan
	[ee2bc0f60c8b]

	* plugins/sudoers/auth/sudo_auth.c:
	Try to deconfuse static analyzers a bit.
	[7e728c76f5df]

	* plugins/sudoers/sssd.c:
	Avoid possible NULL deref found by clang analyzer.
	[8bb3cbfe0446]

	* config.h.in, configure, configure.ac:
	Add --enable-asan configure flag to enable address sanitizer
	[8aae250fb68e]

	* src/sudo.c, src/sudo_plugin_int.h, src/ttyname.c:
	Add support for garbage collecting info passed to the plugin before
	exit to appease address sanitizer's leak detector (and valgrind's
	leak checker). We can't free these sooner since the plugin may be
	using the memory. For plugin API 2.0 it should be make clear that
	the plugin must make a copy of the data in the arrays passed in to
	the plugin's open() function. Only enabled if NO_LEAKS is defined.
	[8458bcb165d8]

	* plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/bsdauth.c,
	plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/securid5.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/auth/sudo_auth.c:
	auth_getpass() returns a dynamically allocated copy of the plaintext
	password which needs to be freed after checking (and clearing) it.
	[28d2c83c3ac4]

	* src/sudo.c:
	Remove sudo_fatalx() calls from format_plugin_settings().
	[96a18a3ccc49]

	* plugins/sudoers/sssd.c:
	fn_free_result() (aka sss_sudo_free_result() in sss_sudo.c) handles
	a NULL poiner so there's no need to check before calling it. Add
	missing initialization of sss_sudo_result to NULL in
	sudo_sss_setdefs().
	[fa1c8eaed6ac]

	* plugins/sudoers/sssd.c:
	Add missing return when user is not found in sudo_sss_result_get().
	Previously we fell through to the default case which just logged a
	debug message and returned so this just avoids the extra (generic)
	debug message.
	[68c2201f3a85]

2016-01-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/gettime.c:
	Fix a warning on AIX.
	[4ebc19a143ff]

	* src/sudo.c:
	Pass updated user_env_out, not envp, to the I/O open function.
	[f02e6f32f189]

	* src/sudo.c:
	Pass updated argv/envp to the I/O open function like the plugin API
	documents.
	[ff9f4fae5cf3]

2016-01-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c:
	Add check for I/O log file handle being NULL. This could only happen
	if the front-end calls iolog_open with argc == 0 but actually runs a
	command.
	[5113a3c04494]

2016-01-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/pwutil.c:
	Additional debugging for pwutil functions.
	[908b83c3acbb]

	* config.h.in, configure, configure.ac, lib/util/aix.c:
	When calling setauthdb(), save the old registry value so we can
	restore it properly. Previously we were setting the registry to
	unrestricted instead of actually restoring it.
	[5a2921412663]

	* plugins/sudoers/sudoers.c:
	Use SUDOERS_DEBUG_UTIL not SUDO_DEBUG_UTIL in the plugin.
	[79b012777e71]

2016-01-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/sudo_debug.c:
	When parsing debug entries, don't make a lower value override a
	higher one. For example, for "pcomm@debug,all@warn" the "all@warn"
	should not set pcomm to "warn" when it is already at "debug".
	[031037a56e51]

2016-01-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/policy.c:
	Set sudoedit_checkdir=false in command_details when it is disabled
	in sudoers.
	[811dd43b29f5]

	* include/sudo_compat.h, lib/util/strtobool.c, plugins/sudoers/ldap.c,
	plugins/sudoers/sssd.c, src/sudo_edit.c:
	Update copyright year
	[5ec484920763]

	* src/sudo_edit.c:
	If the user runs "sudoedit /" we will receive ENOENT from openat(2)
	and sudoedit will try to create a file with the null string. If path
	is empty, open the cwd instead so sudoedit can give a sensible error
	message.
	[fc39d5804f1f]

	* lib/util/strtobool.c:
	Log an error for invalid boolean strings.
	[004afa5e05c5]

	* src/sudo.c:
	Fix off by one error in new SET_FLAG macro.
	[5bdce4edf8b9]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document the race with sudoedit_checkdir in 1.8.15.
	[cb7aed3367e9]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in:
	Document sudoedit_checkdir
	[89f2452272ad]

2016-01-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo_edit.c:
	There are no systems that support O_SEARCH/O_PATH that do not also
	support O_DIRECTORY so simplify the definition of DIR_OPEN_FLAGS a
	bit.
	[a48f11ea53b3]

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen
	[8ae4d883ac59]

	* NEWS, doc/UPGRADE:
	Add 1.8.16 changes
	[8d3a3f5cdf59]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in, doc/sudoers.cat,
	doc/sudoers.man.in, doc/sudoers.mdoc.in, plugins/sudoers/defaults.c,
	src/sudo.c:
	Make sudoedit_checkdir the default and update the documentation
	accordingly.
	[84bbc1b73411]

	* src/sudo.c:
	Add a SET_FLAG macro to simplify parsing command details boolean
	flags. Previously, flags were only set and never cleared even if the
	boolean value was false. This was not a problem as there were no
	default flags for the plugin to enable. That will change in the
	future.
	[75f24ca13f41]

2016-01-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo_edit.c:
	Need to be root when switching to a different user.
	[06d5f010b607]

	* src/sudo_edit.c:
	Use O_SEARCH on systems without O_PATH if present. It can be used
	for a similar purpose.
	[3f559a389bf9]

	* config.h.in, configure, configure.ac, src/sudo_edit.c:
	Use faccessat(2) for directory writability instead of doing the
	checks manually where possible. This also allows us to remove the
	#ifdef __linux__ bits since we no longer use fstat(2) on Linux with
	an O_PATH fd.
	[fe50d0c1f1b9]

2016-01-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Add "I/O LOG FILES" section to the manual and move many of the
	details from the log_input and log_output descriptions to it.
	[a604903f5ae3]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Use "Nm sudoers" when talking about the plugin and "Em sudoers" when
	talking about the sudoers file.
	[727a68b02de7]

2016-01-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/zlib/zlib.exp:
	Remove gzopen_w which is only defined on Windows.
	[a73236903e7b]

	* config.h.in, configure, configure.ac, include/sudo_compat.h:
	Work around the buggy pread(2) on 32-bit HP-UX 11.00 by using
	pread64() on that platform.
	[31c4be934115]

2016-01-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/defaults.c,
	plugins/sudoers/ldap.c, plugins/sudoers/match.c,
	plugins/sudoers/parse.c, plugins/sudoers/parse.h,
	plugins/sudoers/sssd.c, plugins/sudoers/testsudoers.c:
	Add support for matching the entire netgroup tuple (user, host,
	domain).
	[9f694ba7c86d]

	* plugins/sudoers/ldap.c:
	Use asprintf() to generate the netgroup filter instead of using lots
	of concatenation.
	[f8290c040aea]

	* lib/util/util.exp.in:
	Add missing sudo_debug_exit_ssize_t_v1 symbol.
	[9407fb25dfa4]

2016-01-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/match.c:
	Silence warning in digest_matches() on systems with no fexecve(2).
	[0cd3cc8fa195]

	* plugins/sudoers/sssd.c:
	Fix free() of invalid pointer introduced in the commit that stripped
	whitespace between a '!' and the name in a sudoOption.
	[4d2c1761c752]

	* plugins/sudoers/ldap.c:
	Fix free() of invalid pointer introduced in the commit that stripped
	whitespace between a '!' and the name in a sudoOption.
	[14391603a9e5]

	* src/sudo_edit.c:
	Add missing dfd argument to the version of
	sudo_edit_openat_nofollow() for systems without O_NOFOLLOW.
	[574e4a840879]

	* plugins/sudoers/ldap.c:
	In sudo_netgroup_lookup() only build up the search filter once
	instead of once per netgroup_base.
	[a03440237078]

	* plugins/sudoers/ldap.c:
	It is safe to pass ldap_msgfree() a NULL pointer.
	[abc2eaddbf83]

	* plugins/sudoers/ldap.c:
	On overflow, warn before freeing anything.
	[2e3bcfa4a8f9]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Use user_runhost and user_srunhost instead of user_host and
	user_shost. Fixes "sudo -l -h other_host" for LDAP and sssd.
	[e1abfdc82242]

	* plugins/sudoers/def_data.c, plugins/sudoers/def_data.in:
	Update description of sudoedit_checkdir. Reported by Sander Bos.
	[ee44e7255096]

	* src/sudo_edit.c:
	No need to check whether the fd we opened is really a directory in
	sudo_edit_open_nonwritable() since if not, the openat() will fail
	with ENOTDIR anyway.
	[b41c5b289f35]

2016-01-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS, doc/UPGRADE, doc/sudoers.cat, doc/sudoers.man.in,
	doc/sudoers.mdoc.in, include/sudo_compat.h, src/sudo_edit.c:
	Rewritten sudoedit_checkdir support that checks all the dirs in the
	path and refuses to follow symlinks in writable directories. This is
	a better fix for CVE-2015-5602. Adapted from a diff by Ben
	Hutchings. Bug #707
	[c2e36a80a279]

2016-01-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/po/ca.mo, plugins/sudoers/po/ca.po,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/fr.mo, plugins/sudoers/po/fr.po,
	plugins/sudoers/po/sr.mo, plugins/sudoers/po/sr.po, po/ca.mo,
	po/ca.po, po/fi.mo, po/fi.po, po/hu.mo, po/hu.po, po/sr.mo,
	po/sr.po:
	sync with translationproject.org
	[94ffd6b18431]

	* configure, configure.ac, doc/sudo_plugin.cat,
	doc/sudo_plugin.man.in, doc/sudo_plugin.mdoc.in, doc/sudoers.cat,
	doc/sudoers.man.in, doc/sudoers.mdoc.in, include/sudo_plugin.h,
	plugins/sudoers/match.c, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.h, src/exec.c, src/exec_common.c,
	src/selinux.c, src/sesh.c, src/sudo.c, src/sudo.h, src/sudo_exec.h:
	Add support for using fexecve() if supported on commands that are
	checksummed.
	[397722cdd7ec]

2015-12-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo_edit.c:
	Call openat() with the basename not the full path. From Ben
	Hutchings.
	[33272418bb10]

2015-12-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/group_plugin.c, plugins/sudoers/policy.c:
	Fix compilation with --disable-shared
	[84c084618676]

2015-12-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_common.c:
	Check for existing dso in LD_PRELOAD and only add it if it is not
	already present.
	[15042e8999f7]

2015-12-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Clarify when SIGINT and SIGQUIT are relayed by sudo to the command.
	[8efed5784393]

	* plugins/sudoers/group_plugin.c, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.h, src/load_plugins.c:
	Actually use the plugin_dir Path setting in sudo.conf.
	[bccc548127a2]

	* lib/util/sudo_conf.c:
	The Path setting for the plugin directory is "plugin_dir" not
	"plugin".
	[07c2677bbce5]

	* doc/sudo.conf.cat, doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in,
	lib/util/sudo_conf.c, src/exec_common.c:
	Allow sudo.conf Path settings to disable path names (by setting the
	value of NULL).
	[81a44e011a40]

2015-12-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/selinux.c, src/sudo.h:
	Change noexec flag in selinux_execve() from int to bool.
	[7cb872aac155]

	* src/exec_common.c, src/sudo_exec.h:
	Refactor code to set LD_PRELOAD (or the equivalent) in the
	environment into a preload_dso() function. Also avoid allocating a
	new copy of the environment array if the size of the array does not
	change.
	[72194b0b51f7]

	* configure, configure.ac:
	Add missing square brackets in configure option descriptions.
	[6e25685c6349]

2015-12-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document the names of the I/O log files and mention buffering.
	Document that I/O logs are in gzip format by default.
	[474838e7b365]

2015-12-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/env.c:
	Add BASHOPTS to initial_badenv_table[]; from Stephane Chazelas
	[f206a9089a69]

2015-12-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	When parsing sudoOptions that include an operator (!, +, +=, -=)
	strip out any whitespace on either side of the operator.
	[62041b5888e5]

2015-12-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers2ldif:
	Strip whitespace around '!', '=', '+=' and '-=' in Defaults entries.
	[dcc9d15b0f3c]

2015-12-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document the race condition between the digest check and command
	execution.
	[24a3d9215c64]

2015-12-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	When checking the query results, don't set user_matches in the
	netgroup pass unless sudo_ldap_check_non_unix_group() returns true.
	This was preventing the mail_no_user sudoOption from being
	effective.
	[31004144421b]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	In list mode, we always want to clear FLAG_NO_USER and FLAG_NO_HOST
	regardless of whether or not there was an actual match. Otherwise,
	warning mail may be sent which is not what we want in list mode.
	This is consistent with what the sudoers file backend does.
	[2809338a7b21]

2015-11-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/toke.h, plugins/sudoers/toke_util.c:
	Use size_t for length parameters in the fill functions used by the
	lexer.
	[0428c9067182]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Use yy_size_t for digest_len since newer flex uses yy_size_t for
	yyleng. Old flex uses int for yyleng so we need to use a cast to
	avoid a sign compare warning.
	[4a3dc6fb8f99]

2015-11-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, README, configure, configure.ac,
	plugins/sudoers/regress/sudoers/test1.in, sudo.pp:
	Use https in sudo.ws urls
	[04e5177022d3]

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo.conf.man.in,
	doc/sudo.conf.mdoc.in, doc/sudo.man.in, doc/sudo.mdoc.in,
	doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, doc/sudoers.cat, doc/sudoers.ldap.cat,
	doc/sudoers.ldap.man.in, doc/sudoers.ldap.mdoc.in,
	doc/sudoers.man.in, doc/sudoers.mdoc.in, doc/sudoreplay.cat,
	doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in, doc/visudo.cat,
	doc/visudo.man.in, doc/visudo.mdoc.in:
	Use https in urls.
	[855b05943b2d]

	* configure, configure.ac:
	sudo 1.8.16
	[b745f7031aeb]

	* plugins/sudoers/env.c:
	When preserving variables from the invoking user's environment, if
	there are duplicates only keep the first instance.
	[d4dfb05db5d7]

2015-11-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/sudo_debug.h, lib/util/parseln.c, lib/util/sudo_debug.c,
	plugins/sudoers/timestamp.c:
	Add debug_return_ssize_t
	[d491ed281726]

	* plugins/sudoers/timestamp.c:
	Avoid compilation error on Solaris 10 with Stun Studio 12. Bug #727
	[facd8ff1ee6c]

2015-10-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po, po/da.mo,
	po/da.po:
	sync with translationproject.org
	[6711d740d3d0]

	* NEWS:
	Mention ssp configure fix.
	[92d64fd724cc]

2015-10-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
	plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po,
	plugins/sudoers/po/nl.mo, plugins/sudoers/po/nl.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po, po/cs.mo,
	po/cs.po, po/de.mo, po/de.po, po/fr.mo, po/fr.po, po/it.mo,
	po/it.po, po/ja.mo, po/ja.po, po/nb.mo, po/nb.po, po/pl.mo,
	po/pl.po, po/pt_BR.mo, po/pt_BR.po, po/uk.mo, po/uk.po, po/vi.mo,
	po/vi.po, po/zh_CN.mo, po/zh_CN.po:
	sync with translationproject.org
	[9c8eb0062d8c]

	* configure, configure.ac:
	Don't use CPPFLAGS for the -fstack-protector check. Otherwise on
	systems with _FORTIFY_SOURCE support we'll get an error due to the
	lack of optimization flags. Bug #725
	[1a9f8571a82d]

	* configure, configure.ac:
	When checking for stack protector support we need to actually link
	the test program.
	[ab4f94aac7de]

2015-10-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Preserve LDFLAGS when checking for stack protector as they may
	include rpath settings to allow the stack protector lib to be found.
	Avoid using existing CFLAGS since we don't want the compiler to
	optimize away the stack variable.
	[e6bc59225c06]

	* configure, configure.ac:
	Better configure test for -fstack-protector. Some gcc installations
	may be missing the ssp library even though the compiler supports it.
	[4ade5d1249f4]

2015-10-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo_edit.c:
	Set errno to EISDIR instead of ENOTDIR if directory is writable
	since ENOTDIR can be a legitimate errno. This avoids a bogus
	"directory is writable" error in that case.
	[97ee37d905ce]

	* mkpkg:
	Fix the check for whether to include 32-bit arch in Mac OS X
	packages.
	[a76654512f6b]

2015-10-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen
	[58277a8f418b]

	* NEWS, src/sudo_edit.c:
	When creating a new file, sudoedit will now check that the file's
	parent directory exists before running the editor.
	[65bc45510fb2]

	* NEWS, doc/UPGRADE, doc/sudoers.cat, doc/sudoers.man.in,
	doc/sudoers.mdoc.in, plugins/sudoers/def_data.c,
	plugins/sudoers/def_data.h, plugins/sudoers/def_data.in,
	plugins/sudoers/match.c:
	Add always_query_group_plugin
	[7e9060d4c13a]

2015-10-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* ABOUT-NLS, MANIFEST:
	Add ABOUT-NLS from GNU gettext.
	[971c168c065a]

	* NEWS, config.h.in, configure, configure.ac, doc/sudoers.cat,
	doc/sudoers.man.in, doc/sudoers.mdoc.in, plugins/sudoers/def_data.c,
	plugins/sudoers/def_data.h, plugins/sudoers/def_data.in,
	plugins/sudoers/policy.c, plugins/sudoers/sudoers_version.h,
	src/sudo.c, src/sudo.h, src/sudo_edit.c:
	Add directory writability checks for sudoedit.
	[f5349d059a98]

2015-10-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Latest.
	[9aae49302c60]

	* src/conversation.c:
	Ignore the SUDO_CONV_PROMPT_ECHO_OK flag when echo is enabled. This
	was preventing a match of SUDO_CONV_PROMPT_ECHO_ON which resulted in
	a masked password instead of an echoed one.
	[53f6a78d79e3]

	* plugins/sudoers/auth/bsdauth.c:
	Repair challenge/response prompting for BSD authentication which got
	broken while it was converted to use the conversation function.
	[2d0b0cec5e4f]

	* plugins/sudoers/auth/sia.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/auth/sudo_auth.h:
	Use the auth_getpass (and the plugin conversation fuction) for Tru64
	SIA. This prevents sudo from sleeping while holding the tty ticket
	lock.
	[9221eec812cf]

	* NEWS, doc/UPGRADE, plugins/sudoers/env.c:
	For env_reset, SHELL should be set based on the target user, not the
	invoking user unless preserved via env_keep.
	[b77adbc08c91]

	* plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po:
	sync with translationproject.org
	[adb927ad5e86]

2015-10-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Hungarian and Slovak translations
	[d3b6acece125]

	* MANIFEST, doc/CONTRIBUTORS, plugins/sudoers/po/hu.mo,
	plugins/sudoers/po/hu.po, plugins/sudoers/po/sk.mo,
	plugins/sudoers/po/sk.po, po/sk.mo, po/sk.po:
	Add new Slovak and Hungarian translations from
	translationproject.org
	[132ec9b7a927]

2015-10-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo_edit.c:
	Remove S_ISREG check from sudo_edit_open(), it is already done in
	the caller.
	[9fff8c0bb1f7]

	* src/sudo_edit.c:
	Open sudoedit files with O_NONBLOCK and fail if they are not regular
	files.
	[56b01164869c]

	* plugins/sudoers/logging.c, plugins/sudoers/visudo.c, src/tgetpass.c:
	It is possible for WIFSTOPPED to be true even if waitpid() is not
	given WUNTRACED if the child is ptraced. Don't exit the waitpid()
	loop if WIFSTOPPED is true, just in case.
	[a2cab04a03da]

2015-09-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/cs.mo, plugins/sudoers/po/de.mo,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/it.mo,
	plugins/sudoers/po/ja.mo, plugins/sudoers/po/nb.mo,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pt_BR.mo,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/vi.mo,
	plugins/sudoers/po/zh_CN.mo, po/cs.mo, po/de.mo, po/fi.mo, po/fr.mo,
	po/gl.mo, po/it.mo, po/ja.mo, po/nb.mo, po/pl.mo, po/pt_BR.mo,
	po/uk.mo, po/vi.mo, po/zh_CN.mo:
	rebuild .mo files
	[676362ed6061]

	* plugins/sudoers/po/pt_BR.po, po/pt_BR.po:
	sync with translationproject.org
	[be932694e600]

2015-09-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.ac, src/sudo_noexec.c:
	There's no point in trying to interpose protected versions of the
	exec family of functions. Many modern C libraries use hidden symbols
	for the functions and syscalls defined in libc such that they cannot
	be overridden inside libc itself. We have to just wrap all the exec
	variants plus system and popen.
	[30aa4bd6c15b]

	* doc/sudo.conf.cat, doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in:
	List all the functions wrapped by sudo_noexec.so.
	[57a9db56f4e0]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	The section is now called "EXEC and NOEXEC" and it is above, not
	below.
	[9b0a2537f65d]

	* src/sudo_noexec.c:
	Also wrap popen(3).
	[a826cd7787e9]

	* src/sudo_noexec.c:
	Also interpose system(3). On glibc systems you cannot interpose the
	syscalls used internally by libc.
	[58a5c06b5257]

	* src/conversation.c:
	Set active debug instance to sudo_debug_instance() during the
	conversation function.
	[22fb750d92a9]

2015-09-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	LOGNAME and USERNAME are set the same way as USER
	[54f170cf2536]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Document behavior when the command dies from a signal in EXIT
	STATUS.
	[3c93d682e5e6]

2015-09-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Bug #722
	[5cca49bb0e02]

	* src/sudo.c:
	When the command sudo is running is killed by a signal, sudo will
	now send itself the same signal with the default signal handler
	instead of exiting. The bash shell appears to ignore some signals,
	e.g. SIGINT, unless the command is killed by that signal. This makes
	the behavior of commands run under sudo the same as without sudo
	when bash is the shell. Bug #722
	[153f016db8f1]

2015-09-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Adjust set_logname description to new behavior when any of LOGNAME,
	USER or USERNAME are preserved.
	[89009c2dcf38]

	* NEWS, plugins/sudoers/env.c:
	If some, but not all, of the LOGNAME, USER or USERNAME environment
	variables have been preserved from the invoking user's environment,
	sudo will now use the preserved value to set the remaining variables
	instead of using the runas user. This ensures that if, for example,
	only LOGNAME is present in the env_keep list, that sudo will not set
	USER and USERNAME to the runas user.
	[54a60fe72b9a]

2015-09-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/pam.c:
	Fix passing of the callback pointer to the conversation function.
	This was preventing the on_suspend and on_resume functions from
	being called on PAM systems.
	[611246ded4ff]

	* include/sudo_plugin.h:
	Explicitly mark large hex constants unsigned.
	[5b67b0090814]

	* plugins/sudoers/timestamp.c:
	Cast sizeof(entry) to off_t before making it a negative offset for
	lseek(). Fixes "sudo -k" on Solaris and probably others.
	[ed5d312f6baa]

2015-09-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Add explicit mention of sudo's netgroup semantics since they differ
	from most other netgroup consumers.
	[0e9030f8cf56]

	* plugins/sudoers/po/fi.po, po/fi.po:
	sync with translationproject.org
	[f9236f25a616]

	* plugins/sudoers/check.c:
	Fix potential double free of the cookie when sudo is suspended at
	the password prompt.
	[cbecb3136155]

2015-09-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/cs.po, plugins/sudoers/po/zh_CN.po, po/cs.po,
	po/zh_CN.po:
	sync with translationproject.org
	[21138f16a3a6]

2015-09-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/de.po, plugins/sudoers/po/it.po,
	plugins/sudoers/po/ja.po, plugins/sudoers/po/nb.po,
	plugins/sudoers/po/pl.po, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.po, po/de.po, po/fr.po, po/gl.po, po/it.po,
	po/ja.po, po/nb.po, po/pl.po, po/uk.po, po/vi.po:
	sync with translationproject.org
	[2d9f3e4c3ccf]

	* NEWS:
	Bug #719
	[cfa393164a0f]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	SIGHUP is now relayed to the command. Bug #719
	[8db7c492c52a]

	* src/exec.c:
	When a terminal device is closed, SIGHUP is sent to the controlling
	process associated with that terminal. It is not sent to the entire
	process group so sudo needs to relay SIGHUP to the command when it
	is not being run in a new pty. Bug #719
	[b408a792f31a]

	* NEWS:
	Mention visudo bug in 1.8.14
	[0fec829807fd]

	* plugins/sudoers/visudo.c:
	We reserved two slots at the end of the editor argv for the line
	number and the file name. However, resolve_editor() adds "--" before
	the file names so the +line_number is interpreted as a file name,
	not a line number so we need to overwrite the "--" as well.
	[ff107430ee4b]

2015-09-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.ac, lib/util/sig2str.c,
	lib/util/strsignal.c:
	Remove checks for __sys_siglist and __sys_signame. They are internal
	to libc and there are no known systems that export those symbols
	that do not already export the single underbar or no- underbar
	versions.
	[2b3efe0a91f2]

	* plugins/sudoers/po/ru.mo, plugins/sudoers/po/ru.po, po/es.mo,
	po/es.po:
	Sync with translationproject.org
	[feb5eb934a9e]

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen
	[947e8320c557]

2015-09-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/tgetpass.c:
	Restore old signal handlers before tty settings. That way SIGTTOU is
	at its original value if sudo_term_restore() should fail.
	[69d2cc6c0702]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in:
	Document what happens when the on_suspend/on_resume callbacks return
	an error.
	[d8c9dcf7a926]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, include/sudo_plugin.h,
	plugins/group_file/group_file.c, plugins/group_file/plugin_test.c,
	plugins/sudoers/group_plugin.c, plugins/sudoers/policy.c,
	plugins/system_group/system_group.c, src/hooks.c:
	No need to have version macros for hooks, callbacks and the sudoers
	group plugin. We can just use the main sudo API macros. The sudoers
	group plugin macros are preserved for source compatibility but are
	not documented.
	[8c52bb83f991]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Properly escape the backslash before a comma in an example so the
	example rule is parsable by visudo.
	[6745d38e9876]

	* src/tgetpass.c:
	Ignore callbacks if major version doesn't match.
	[f852e6ebff01]

	* MANIFEST, config.h.in, configure, configure.ac,
	include/compat/timespec.h, lib/util/Makefile.in, lib/util/gettime.c,
	lib/util/utimens.c, plugins/sudoers/Makefile.in,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/timestamp.c,
	plugins/sudoers/visudo.c, src/Makefile.in, src/sudo_edit.c:
	Remove include/compat/timespec.h. Systems old enough to lack struct
	timespec are too old to build a modern sudo.
	[37812e10a449]

	* NEWS:
	Bug #713
	[8a7245d76799]

	* src/exec.c:
	Fill in cstat if exec_setup() fails. Previously it was only filled
	in for an execve() failure. Fixes an unkillable sudo process when
	exec_setup() fails and I/O logging is enabled.
	[ff1d39d9e505]

	* src/sudo.c:
	Fix running commands as non-root when neither setresuid() not
	setreuid() are available. At this point we are already root so
	setuid() must succeed. Bug #713
	[34754ad586c7]

	* src/sudo.c:
	Cast uid_t to unsigned int when printing as %u
	[669e2d5244a6]

	* doc/UPGRADE:
	Mention time stamp file locking changes, fix some spelling.
	[c4563ea85e3a]

	* NEWS:
	Update with latest changes.
	[2cbd50e7c158]

2015-09-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, include/sudo_fatal.h,
	include/sudo_plugin.h, lib/util/fatal.c, plugins/sudoers/auth/afs.c,
	plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/bsdauth.c,
	plugins/sudoers/auth/dce.c, plugins/sudoers/auth/fwtk.c,
	plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/rfc1938.c,
	plugins/sudoers/auth/secureware.c, plugins/sudoers/auth/securid5.c,
	plugins/sudoers/auth/sia.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/auth/sudo_auth.h, plugins/sudoers/check.c,
	plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.h,
	src/conversation.c, src/sudo.c, src/sudo.h, src/sudo_plugin_int.h,
	src/tgetpass.c:
	Add a struct sudo_conv_callback that contains on_suspend and
	on_resume function pointer args plus a closure pointer and at it to
	the conversation function.
	[5608cb4c18f2]

	* config.h.in, configure, configure.ac, include/sudo_util.h,
	lib/util/locking.c, lib/util/util.exp.in, plugins/sudoers/check.c,
	plugins/sudoers/check.h, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/timestamp.c:
	Lock individual records in the timestamp file instead of the entire
	file. This will make it possible for multiple sudo processes using
	the same tty to serialize their timestamp lookups.
	[f4ad82e36d90]

	* lib/util/term.c, plugins/sudoers/check.c,
	plugins/sudoers/sudoreplay.c, src/tgetpass.c:
	Implement suspend/resume callbacks for the conversation function. If
	suspended, close the timestamp file (dropping all locks). On resume,
	lock the record before reading the password.

	For this to work properly we need to be able to run th callback when
	tsetattr() suspends us, not just when the user does. To accomplish
	this the term_* functions now return EINTR if SIGTTOU would be
	generated. The caller now has to restart the term_* function (and
	send itself SIGTTOU) instead of it being done automatically.
	[572374035897]

	* plugins/sudoers/timestamp.c:
	Allow the time stamp lock to be interrupted by signals.
	[aa5017f86210]

	* plugins/sudoers/timestamp.c:
	Adjust new locking to work when tty_tickets is disabled. We need to
	use per-tty/ppid locking to gain exclusive access to the tty for the
	password prompt but use a separate (short term) lock that is shared
	among all sudo processes for the user.
	[d6d7a0bb6bd0]

	* lib/util/locking.c:
	Set errno to EINVAL if sudo_lock_* is called with a bad type.
	[cfba014f1c1a]

	* src/exec_pty.c:
	sudo_term_* already restart themselve for all but SIGTTOU so we
	don't need to use our own restart loops.
	[113924cd05c0]

	* config.h.in, configure, configure.ac, plugins/sudoers/iolog.c,
	plugins/sudoers/timestamp.c:
	Use pread(2) and pwrite(2) where possible.
	[86cd3f6bab9e]

	* plugins/sudoers/timestamp.c:
	Bring back the check for time stamp files that predate the boot
	time. Instead of truncating we now unlink the file since another
	process may be sleeping on the lock.
	[9cdf7468d0f2]

	* plugins/sudoers/check.c:
	Avoid touching the time stamp directory for "sudo -k command"
	[391d20c17775]

2015-09-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, include/sudo_plugin.h:
	Make hook_version and hook_type unsigned.
	[77cb84793f07]

2015-09-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/base64.c, plugins/sudoers/match.c,
	plugins/sudoers/regress/parser/check_base64.c:
	When decoding base64, avoid using '=' in the decoded temporary array
	as a sentinel as it can legitimately be present. Instead, just use
	the count of bytes stored in the temp array to determine which bytes
	to fold into the destination.
	[6abef15d3954]

2015-08-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, plugins/sudoers/sudoers.c, plugins/sudoers/visudo.c:
	When parsing def_editor, break out of the loop when we find the
	first valid editor. Bug #714
	[c7508ed075c2]

2015-08-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo.c:
	The condition for adding a missing newline at the end of sudoers was
	never reached. Keep track of the last character and write a newline
	character if when copying to the temp file. Found by Radovan Sroka.
	[86c20e7fc6bd]

	* plugins/sudoers/sudoers.c, plugins/sudoers/visudo.c:
	Remove extraneous while() from botched do {} while() loop conversion
	to use sudo_strsplit. Noticed by Radovan Sroka.
	[cd2d25510129]

2015-08-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/pam.c, plugins/sudoers/auth/sudo_auth.c:
	In sudo_pam_begin_session() and sudo_pam_end_session() return
	AUTH_FATAL on error, not AUTH_FAILURE. In sudo_auth_begin_session()
	treat anything other than AUTH_SUCCESS as a fatal error.
	[3ad7296390f2]

	* doc/CONTRIBUTORS, src/exec.c, src/exec_pty.c:
	Linux sets si_pid in struct siginfo to 0 when the process that sent
	the signal is in a different container since the PID namespaces in
	different conatiners are separate. Avoid looking up the process
	group by id when si_pid is 0 since getpgid(0) returns the process
	group of the current process. Since sudo ignores signals sent by
	processes in its own process group, this had the effect of ignoring
	signals sent from other containers. From Maarten de Vries
	[6d3f43b95a1f]

	* plugins/sudoers/auth/pam.c:
	Sprinkle some debugging.
	[f5a94a3a1192]

2015-08-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo.conf.man.in,
	doc/sudo.man.in, doc/sudo.mdoc.in:
	Document that sudo uses the real uid to map from uid to passwd file
	user name.
	[04f6709675cc]

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo.conf.man.in,
	doc/sudo.conf.mdoc.in, doc/sudo.man.in, doc/sudo.mdoc.in:
	disable_coredump can be set to no on modern OSes without security
	consequences.
	[ebe6d5bb2274]

2015-08-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in, doc/sudoers.cat,
	doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Emphasis on the never.
	[39ca000281c7]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Explicitly tell people not to grant sudoedit to directories the user
	can write to. While sudoedit will no longer open symbolic links,
	hard links are still an issue.
	[26e0afae9bae]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Add warning about writable directories and sudo/sudoedit.
	[701ff725af42]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Emphasize that wildcards are not regexps. Bug #692
	[1e071810c4cb]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Emphasize that wildcards in command line arguments are dangerous.
	Document the failings of the passwd example on GNU systems. Bug #691
	[54d793aea6b2]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Escape the colons in [[:alpha:]] as required by sudoers.
	[ad875dd5ca64]

	* po/sudo.pot, src/sudo_edit.c:
	Change warning when user tries to sudoedit a symbolic link.
	[b8f44e834c2f]

2015-08-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST:
	add .json regress files to MANIFEST
	[03ddb3a9671b]

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen
	[5abaa0eeab86]

	* doc/sudo.conf.cat, doc/sudoers.ldap.cat, doc/sudoreplay.cat,
	doc/visudo.cat:
	regen
	[43e6b445734c]

	* doc/UPGRADE, doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in,
	doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, doc/sudoers.cat, doc/sudoers.man.in,
	doc/sudoers.mdoc.in, include/sudo_compat.h, include/sudo_plugin.h,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/gram.c,
	plugins/sudoers/gram.h, plugins/sudoers/gram.y,
	plugins/sudoers/ldap.c, plugins/sudoers/parse.c,
	plugins/sudoers/parse.h, plugins/sudoers/policy.c,
	plugins/sudoers/regress/sudoers/test1.in,
	plugins/sudoers/regress/sudoers/test1.json.ok,
	plugins/sudoers/regress/sudoers/test1.out.ok,
	plugins/sudoers/regress/sudoers/test1.toke.ok,
	plugins/sudoers/sudoers_version.h, plugins/sudoers/testsudoers.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/visudo_json.c, src/sesh.c, src/sudo.c, src/sudo.h,
	src/sudo_edit.c:
	Do not follow symbolic links in sudoedit by default. This behavior
	can be controlled by the sudoedit_follow Defaults flag as well as
	the FOLLOW/NOFOLLOW tags.
	[9636fd256325]

	* NEWS, aclocal.m4, configure, configure.ac:
	Sudo 1.8.15
	[bf18da363b06]

	* plugins/sudoers/Makefile.in,
	plugins/sudoers/regress/sudoers/test1.json.ok,
	plugins/sudoers/regress/sudoers/test10.json.ok,
	plugins/sudoers/regress/sudoers/test11.json.ok,
	plugins/sudoers/regress/sudoers/test12.json.ok,
	plugins/sudoers/regress/sudoers/test13.json.ok,
	plugins/sudoers/regress/sudoers/test14.json.ok,
	plugins/sudoers/regress/sudoers/test15.json.ok,
	plugins/sudoers/regress/sudoers/test16.json.ok,
	plugins/sudoers/regress/sudoers/test2.json.ok,
	plugins/sudoers/regress/sudoers/test3.json.ok,
	plugins/sudoers/regress/sudoers/test4.json.ok,
	plugins/sudoers/regress/sudoers/test5.json.ok,
	plugins/sudoers/regress/sudoers/test6.json.ok,
	plugins/sudoers/regress/sudoers/test7.json.ok,
	plugins/sudoers/regress/sudoers/test8.json.ok,
	plugins/sudoers/regress/sudoers/test9.json.ok:
	Check JSON output of sudoers test files too.
	[3d8517812b80]

2015-08-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	Move comment to match moved code.
	[7a30f06462a8]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	maxseq is an int not a string
	[bffd97d22064]

2015-08-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/preserve_fds.c:
	Include sys/types.h for id_t. Bug #711
	[fda95d9ca1e9]

2015-07-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/fnmatch.c:
	Avoid a potential out of bounds read found by enh while fuzzing with
	address sanitizer enabled.
	[52d6b9916593]

2015-07-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg:
	Set sssd lib location to /usr/lib64 on 64-bit RHEL/Centos. Bug #710
	[428421925a20]

2015-07-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS, src/Makefile.in:
	The init.d files are generated from a .in file so we need to install
	from top_builddir not top_srcdir. From Ross Burton. Bug #708
	[df1e7a0d3182]

2015-07-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/term.c:
	Replace two "return 0" with debug_return_bool(false).
	[49f8fb3dcd36]

	* src/ttyname.c:
	fix typo in previous commit
	[094488696f2c]

	* NEWS, configure, configure.ac:
	Sudo 1.8.14p3
	[0079c43d8247]

2015-07-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/ttyname.c:
	Fix errno value from get_process_ttyname() when no tty is present.
	[ff7b12bb0638]

	* src/ttyname.c:
	On AIX, only convert the tty device number from dev64_t to dev32_t
	if dev_t is 32-bits.
	[0e728a1eb07a]

2015-07-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, configure, configure.ac:
	Sudo 1.8.14p2
	[55fe56b28c7b]

	* plugins/sudoers/timestamp.c:
	Fix creation of the timestamp file; bug #704
	[1ff77fd5cc8f]

2015-07-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/regress/ttyname/check_ttyname.c, src/sudo.c, src/sudo.h,
	src/ttyname.c:
	Avoid needless memory allocation when resolving the tty name.
	[c58cce92d5e0]

2015-07-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, configure, configure.ac:
	Sudo 1.8.14p1
	[973705806759]

	* plugins/sudoers/sssd.c:
	Fix typo in sudo_sss_attrcpy() that caused a memory allocation
	error.
	[0fa324a7bb56]

2015-07-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/ja.mo, plugins/sudoers/po/uk.mo,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/zh_CN.mo:
	rebuild
	[e4c7cda46475]

2015-07-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/lbuf.c, plugins/sudoers/env.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/interfaces.c,
	plugins/sudoers/match.c, plugins/sudoers/pwutil_impl.c,
	plugins/sudoers/redblack.c, src/hooks.c, src/net_ifs.c, src/sudo.c:
	Add some debugging printfs when malloc fails and we don't have an
	explicit call to sudo_warnx().
	[07aebb5839c3]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/toke_util.c:
	Add missing warnings for memory allocation failure. Add function
	name to memory allocation warnings.
	[4f6027786a28]

	* lib/util/parseln.c:
	Return -1 if realloc() fails.
	[707632291eac]

	* lib/util/event.c, lib/util/event_poll.c, lib/util/event_select.c:
	Add line number to debug log for memory allocation errors.
	[f4f3debdfcc5]

	* plugins/sudoers/auth/pam.c:
	Add warning if calloc() fails. Add debugging for other unexpected
	errors.
	[a1e0945237d8]

	* plugins/sudoers/ldap.c:
	Add missing check for calloc(3) return value.
	[37fe3ca78e8e]

2015-07-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document that the values printed by "sudo -V" are affected by
	Defaults settings in sudoers.
	[80ec2572861b]

2015-07-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/group_plugin.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/sssd.c, src/load_plugins.c:
	Avoid calling dlerror() multiple times since it clear the error
	status after printing the error. Problem caused by
	sudo_warn/sudo_fatal being macros...
	[c0fd3b0fb9c3]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in, doc/sudoers.cat,
	doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Attempt to clarify the conditions under which MAIL and HOME are set
	to the target user.
	[ebd269bebe64]

2015-07-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg:
	Better checks for the libaudit package for Debian and error out if
	we can't figure it out.
	[225c1bfcb629]

	* mkpkg:
	Fix linux_audit setting on non-multiarch Debian.
	[0a38e9d158f4]

	* sudo.pp:
	Fix typo that broke the linux_audit dependency on Debian.
	[0917bd45acf1]

	* NEWS:
	Mention /proc/stat btime fix.
	[754050a340e2]

	* config.h.in, configure, configure.ac, lib/util/getaddrinfo.c,
	plugins/sudoers/interfaces.c, plugins/sudoers/match_addr.c,
	src/net_ifs.c:
	Solaris 2.6 has the prototypes for inet_pton() and inet_ntop() in
	resolv.h.
	[dc0f62743845]

	* plugins/sudoers/boottime.c:
	Sprinkle debugging for boottime.
	[dfb45c763179]

	* mkpkg:
	The old Solaris /bin/sh doesn't support POSIX $( .. ) syntax, use
	backquotes instead.
	[c9e33ffef2b1]

2015-07-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg, sudo.pp:
	Only use --with-sssd-lib on Debian/Ubuntu w/ multipackage. Use dpkg-
	query to determine the name of the audit package for proper
	dependencies.
	[e9669389aa2f]

	* mkpkg, plugins/sudoers/sudoers.in, sudo.pp:
	Update Debian/Ubuntu packages to be more like the vendor ones. One
	notable exception is that sudo.ws packages use /var/run, not
	/var/lib for timestamp files.
	[0f4c49a3768e]

	* doc/CONTRIBUTORS:
	Add Jakub Wilk
	[78bfdf2e441b]

	* plugins/sudoers/boottime.c:
	Strip newline from /proc/stat btime line to avoid a strtonum()
	failure. From Jakub Wilk.
	[8a04f85a070f]

	* src/exec_pty.c:
	In io_callback() service writes before reads. That way, if both
	SUDO_EV_READ and SUDO_EV_WRITE are set and read() returns 0 (EOF) we
	don't close the fd before the write() is performed.

	If the write() returns EPIPE, ENXIO, EIO or EBADF, clear
	SUDO_EV_READ before we close the fd to avoid calling read() on a
	closed fd.
	[167548fd8af2]

2015-07-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/regress/sudo_conf/conf_test.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/visudo.c, src/sesh.c, src/sudo.c:
	Check sudo_conf_read() return value and exit on fatal error (a
	warning was already printed by sudo_conf_read()).
	[d05797f4f197]

	* NEWS:
	Mention double-quoted sudoOption value support.
	[55684a73f097]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Add support for parsing quoted strings in a sudoOption just like
	sudoers Defaults settings.
	[fe8291414179]

	* plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po, po/da.mo,
	po/da.po:
	Sync with translationproject.org
	[1c15d1a3dbdd]

2015-07-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	Update year.
	[6ca660e4a957]

	* plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po, po/de.mo,
	po/de.po, po/nb.mo, po/nb.po:
	Sync with translationproject.org
	[d7ede74dcb19]

	* src/sudo.c:
	Fix utmp setup broken by commit be0ca60facf8
	[cd8a06f57f2b]

2015-07-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/ja.po, plugins/sudoers/po/pl.mo,
	plugins/sudoers/po/pl.po, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.po, plugins/sudoers/po/zh_CN.po, po/cs.mo,
	po/cs.po, po/fr.mo, po/fr.po, po/it.mo, po/it.po, po/pl.mo,
	po/pl.po:
	Sync with translationproject.org
	[aa473519e66d]

	* plugins/sudoers/po/sudoers.pot:
	regen
	[8f8aa321f043]

	* plugins/sudoers/logging.c:
	Fix typo in error message.
	[220832711826]

2015-07-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Bug #702 is the AIX timespec issue.
	[c597a312e816]

	* config.h.in, configure, configure.ac, lib/util/closefrom.c,
	lib/util/getcwd.c, lib/util/glob.c, plugins/sudoers/match.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, src/ttyname.c:
	We require POSIX so no need to conditionally include dirent.h. Add a
	check for d_namlen and use the result in the NAMLEN macro.
	[2728194cb6cf]

	* lib/util/event.c, lib/util/event_poll.c, lib/util/event_select.c,
	lib/util/getcwd.c, lib/util/gettime.c, lib/util/glob.c,
	lib/util/lbuf.c, lib/util/locking.c, lib/util/mktemp.c,
	lib/util/parseln.c, lib/util/secure_path.c, lib/util/setgroups.c,
	lib/util/sudo_conf.c, lib/util/sudo_debug.c, lib/util/ttysize.c,
	plugins/group_file/group_file.c, plugins/sample/sample_plugin.c,
	plugins/sudoers/alias.c, plugins/sudoers/auth/afs.c,
	plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/bsdauth.c,
	plugins/sudoers/auth/dce.c, plugins/sudoers/auth/fwtk.c,
	plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/rfc1938.c,
	plugins/sudoers/auth/secureware.c, plugins/sudoers/auth/securid5.c,
	plugins/sudoers/auth/sia.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/check.c, plugins/sudoers/defaults.c,
	plugins/sudoers/editor.c, plugins/sudoers/env.c,
	plugins/sudoers/find_path.c, plugins/sudoers/getspwuid.c,
	plugins/sudoers/goodpath.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/group_plugin.c,
	plugins/sudoers/interfaces.c, plugins/sudoers/iolog.c,
	plugins/sudoers/ldap.c, plugins/sudoers/logging.c,
	plugins/sudoers/match.c, plugins/sudoers/match_addr.c,
	plugins/sudoers/parse.c, plugins/sudoers/policy.c,
	plugins/sudoers/pwutil.c, plugins/sudoers/pwutil_impl.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sssd.c,
	plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers_debug.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/timestamp.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/toke_util.c, plugins/sudoers/visudo.c,
	plugins/sudoers/visudo_json.c, plugins/system_group/system_group.c,
	src/conversation.c, src/exec.c, src/exec_common.c, src/exec_pty.c,
	src/get_pty.c, src/hooks.c, src/load_plugins.c, src/net_ifs.c,
	src/openbsd.c, src/parse_args.c, src/preserve_fds.c, src/signal.c,
	src/solaris.c, src/sudo.c, src/sudo_edit.c, src/sudo_noexec.c,
	src/tgetpass.c, src/ttyname.c, src/utmp.c:
	There's no need to conditionalize the #include <unistd.h>, we
	require a POSIX system.
	[79389c527c08]

	* include/sudo_compat.h:
	Remove some compatibilty defines that should no longer be needed.
	[e9136646d1c6]

2015-06-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Final changes in 1.8.14
	[3a5cd4f2875a]

	* include/sudo_compat.h:
	Need to include stddef.h to get rsize_t on Mac OS X for
	sudo_memset_s() prototype.
	[9615efed4a9a]

	* lib/util/regress/parse_gids/parse_gids_test.c,
	lib/util/regress/strsplit/strsplit_test.c:
	Add missing exit value.
	[484202b53893]

	* lib/util/regress/mktemp/mktemp_test.c:
	Add missing fcntl.h include.
	[020fe6252d96]

	* configure, configure.ac:
	Do check for inet_pton before inet_ntop since we may need to record
	dependent libraries for inet_pton when linking our getaddrinfo
	replacement.
	[fde03eefd88d]

	* include/sudo_debug.h, lib/util/sudo_debug.c:
	Fix build on compilers w/o __func__ or __FUNCTION__
	[196d75416cd5]

	* lib/util/util.exp.in:
	Remove sudo_evasprintf_v1, missed during alloc.c removal.
	[7d0ac7e5909d]

	* lib/util/snprintf.c:
	Add missing fcntl.h include.
	[23b886deb879]

	* config.h.in, configure, configure.ac:
	Add check for inline support.
	[061dab0e411c]

2015-06-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/LICENSE:
	Add reallocarray.c license.
	[b4b4d46309f3]

2015-06-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS:
	Fix entry for Joel Pelaez Jorge.
	[386434049903]

2015-06-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/sudo_lbuf.h, lib/util/lbuf.c, lib/util/util.exp.in,
	plugins/sudoers/ldap.c, plugins/sudoers/parse.c,
	plugins/sudoers/sssd.c, plugins/sudoers/sudo_nss.c:
	Add an error flag to the lbuf struct to simplify error checking.
	Callers of the lbuf functions now check the error flag to tell if a
	memory allocation error ocurred.
	[bc44b0fbc03b]

	* plugins/sudoers/parse.c, plugins/sudoers/sudo_nss.c,
	plugins/sudoers/sudo_nss.h, plugins/sudoers/sudoers.h:
	display_privs() and display_cmnd() may need to return -1 on error.
	[b6d8826900bb]

2015-06-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/check.c, plugins/sudoers/check.h,
	plugins/sudoers/ldap.c, plugins/sudoers/logging.c,
	plugins/sudoers/parse.c, plugins/sudoers/policy.c,
	plugins/sudoers/prompt.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/timestamp.c:
	Check restore_perms() return value in all cases, pushing the return
	value back up the call stack.
	[c9beeed2b614]

	* plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	Return -1, not 0 from sudoers when there is an error (as opposed to
	a policy denial).
	[5d197fe29e0e]

	* doc/CONTRIBUTORS:
	Add Joel Pelaez Jorge
	[55387b44d6e9]

	* plugins/sudoers/auth/pam.c:
	When checking whether the PAM prompt matches "Password:", also check
	for the untranslated version. The PAM module might not be using the
	localized string even though it exists. From Joel Pelaez Jorge.
	Fixes Bug #701
	[d87f6f2ccb42]

2015-06-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	Silence clang analyzer warning on glibc systems where the first
	argument to qsort() is marked as non-NULL. Also change some counters
	from into to unsigned int and two flags from int to bool.
	[09e400445ca2]

2015-06-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoreplay.c:
	Silence clang analyzer warning on glibc systems where the first
	argument to qsort() is marked as non-NULL.
	[34fa7256f1e2]

	* include/sudo_compat.h, include/sudo_debug.h, include/sudo_util.h,
	src/preserve_fds.c:
	Use our own bitmap macros instead of borrowing the ones from select.
	[51ef403511d9]

	* lib/util/sudo_debug.c:
	Must call round_nfds() with fd+1 since it takes a count not the fd
	number. In other words, the lowest value is 1, not 0.
	[cc175cba5371]

	* src/ttyname.c:
	Quiet clang analyzer false positive.
	[9ebecd6b6b29]

	* src/sesh.c:
	Fix uninitialized variables warnings in error case when src file
	cannot be opened. At least one of these is a false positive.
	[98b417c1307a]

2015-06-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/getline.c, plugins/sudoers/toke_util.c:
	It's safe to rely on C89 semantics for realloc(NULL, size).
	[b633582413ac]

	* plugins/sudoers/env.c:
	malloc() sets errno to ENOMEM on failure so we don't need to set it
	explicitly.
	[09cb5ceaaec3]

	* include/sudo_compat.h:
	No longer need __malloc_like
	[a41b69f256f6]

	* lib/util/util.exp.in:
	Remove symbols from the now-removed alloc.c.
	[da0753d85d20]

	* include/sudo_compat.h, lib/util/aix.c, lib/util/closefrom.c,
	lib/util/event.c, lib/util/event_poll.c, lib/util/event_select.c,
	lib/util/getaddrinfo.c, lib/util/getcwd.c, lib/util/getgrouplist.c,
	lib/util/gethostname.c, lib/util/getline.c, lib/util/getopt_long.c,
	lib/util/gettime.c, lib/util/gidlist.c, lib/util/glob.c,
	lib/util/key_val.c, lib/util/lbuf.c, lib/util/locking.c,
	lib/util/mksiglist.c, lib/util/mksigname.c, lib/util/parseln.c,
	lib/util/progname.c, lib/util/pw_dup.c, lib/util/reallocarray.c,
	lib/util/regress/atofoo/atofoo_test.c,
	lib/util/regress/parse_gids/parse_gids_test.c,
	lib/util/regress/progname/progname_test.c,
	lib/util/regress/strsplit/strsplit_test.c,
	lib/util/regress/sudo_conf/conf_test.c,
	lib/util/regress/sudo_parseln/parseln_test.c, lib/util/setgroups.c,
	lib/util/sha2.c, lib/util/sig2str.c, lib/util/snprintf.c,
	lib/util/strndup.c, lib/util/strsplit.c, lib/util/strtobool.c,
	lib/util/strtoid.c, lib/util/strtomode.c, lib/util/strtonum.c,
	lib/util/sudo_conf.c, lib/util/sudo_debug.c, lib/util/sudo_dso.c,
	lib/util/term.c, lib/util/ttysize.c, plugins/group_file/getgrent.c,
	plugins/group_file/group_file.c, plugins/group_file/plugin_test.c,
	plugins/sample/sample_plugin.c, plugins/sudoers/alias.c,
	plugins/sudoers/audit.c, plugins/sudoers/auth/afs.c,
	plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/bsdauth.c,
	plugins/sudoers/auth/dce.c, plugins/sudoers/auth/fwtk.c,
	plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/rfc1938.c,
	plugins/sudoers/auth/secureware.c, plugins/sudoers/auth/securid5.c,
	plugins/sudoers/auth/sia.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/base64.c, plugins/sudoers/boottime.c,
	plugins/sudoers/check.c, plugins/sudoers/defaults.c,
	plugins/sudoers/editor.c, plugins/sudoers/env.c,
	plugins/sudoers/find_path.c, plugins/sudoers/getdate.c,
	plugins/sudoers/getdate.y, plugins/sudoers/getspwuid.c,
	plugins/sudoers/group_plugin.c, plugins/sudoers/interfaces.c,
	plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c,
	plugins/sudoers/linux_audit.c, plugins/sudoers/locale.c,
	plugins/sudoers/logging.c, plugins/sudoers/logwrap.c,
	plugins/sudoers/match.c, plugins/sudoers/match_addr.c,
	plugins/sudoers/parse.c, plugins/sudoers/policy.c,
	plugins/sudoers/prompt.c, plugins/sudoers/pwutil_impl.c,
	plugins/sudoers/redblack.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/regress/parser/check_base64.c,
	plugins/sudoers/regress/parser/check_digest.c,
	plugins/sudoers/regress/parser/check_fill.c,
	plugins/sudoers/regress/parser/check_hexchar.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sssd.c,
	plugins/sudoers/sudo_nss.c, plugins/sudoers/sudo_printf.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers_debug.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/timestamp.c, plugins/sudoers/timestr.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/toke_util.c, plugins/sudoers/tsgetgrpw.c,
	plugins/sudoers/visudo.c, plugins/sudoers/visudo_json.c,
	plugins/system_group/system_group.c, src/conversation.c,
	src/env_hooks.c, src/exec.c, src/exec_common.c, src/exec_pty.c,
	src/get_pty.c, src/hooks.c, src/load_plugins.c, src/net_ifs.c,
	src/openbsd.c, src/parse_args.c, src/preserve_fds.c,
	src/regress/ttyname/check_ttyname.c, src/selinux.c, src/signal.c,
	src/solaris.c, src/sudo.c, src/sudo_edit.c, src/tgetpass.c,
	src/ttyname.c, src/utmp.c:
	Only include stddef.h where it is needed.
	[ce597fb7ffb9]

2015-06-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen
	[cad83b927f4e]

	* lib/util/sudo_conf.c, plugins/sudoers/locale.c:
	Better handling of setlocale() returning NULL.
	[7cd4fcdb528c]

	* lib/util/aix.c, lib/util/gidlist.c, lib/util/sudo_conf.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/rfc1938.c,
	plugins/sudoers/defaults.c, plugins/sudoers/editor.c,
	plugins/sudoers/env.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/group_plugin.c,
	plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c,
	plugins/sudoers/ldap.c, plugins/sudoers/linux_audit.c,
	plugins/sudoers/logging.c, plugins/sudoers/match.c,
	plugins/sudoers/parse.c, plugins/sudoers/policy.c,
	plugins/sudoers/prompt.c, plugins/sudoers/sssd.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers_debug.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/visudo.c, src/conversation.c, src/exec.c,
	src/exec_common.c, src/exec_pty.c, src/load_plugins.c,
	src/parse_args.c, src/preserve_fds.c, src/selinux.c, src/sesh.c,
	src/sudo.c, src/sudo_edit.c:
	Add function name to "unable to allocate memory" warnings.
	[98c07e26a13e]

	* configure, configure.ac, include/sudo_compat.h, lib/util/aix.c,
	lib/util/closefrom.c, lib/util/event.c, lib/util/event_poll.c,
	lib/util/event_select.c, lib/util/getaddrinfo.c, lib/util/getcwd.c,
	lib/util/getgrouplist.c, lib/util/gethostname.c, lib/util/getline.c,
	lib/util/getopt_long.c, lib/util/gettime.c, lib/util/gidlist.c,
	lib/util/glob.c, lib/util/key_val.c, lib/util/lbuf.c,
	lib/util/locking.c, lib/util/mksiglist.c, lib/util/mksigname.c,
	lib/util/parseln.c, lib/util/progname.c, lib/util/pw_dup.c,
	lib/util/reallocarray.c, lib/util/regress/atofoo/atofoo_test.c,
	lib/util/regress/parse_gids/parse_gids_test.c,
	lib/util/regress/progname/progname_test.c,
	lib/util/regress/strsplit/strsplit_test.c,
	lib/util/regress/sudo_conf/conf_test.c,
	lib/util/regress/sudo_parseln/parseln_test.c,
	lib/util/regress/tailq/hltq_test.c, lib/util/setgroups.c,
	lib/util/sha2.c, lib/util/sig2str.c, lib/util/snprintf.c,
	lib/util/strndup.c, lib/util/strsplit.c, lib/util/strtobool.c,
	lib/util/strtoid.c, lib/util/strtomode.c, lib/util/strtonum.c,
	lib/util/sudo_conf.c, lib/util/sudo_debug.c, lib/util/sudo_dso.c,
	lib/util/term.c, lib/util/ttysize.c, plugins/group_file/getgrent.c,
	plugins/group_file/group_file.c, plugins/sample/sample_plugin.c,
	plugins/sudoers/alias.c, plugins/sudoers/audit.c,
	plugins/sudoers/auth/afs.c, plugins/sudoers/auth/aix_auth.c,
	plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/dce.c,
	plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/kerb5.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/passwd.c,
	plugins/sudoers/auth/rfc1938.c, plugins/sudoers/auth/secureware.c,
	plugins/sudoers/auth/securid5.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/base64.c,
	plugins/sudoers/boottime.c, plugins/sudoers/check.c,
	plugins/sudoers/defaults.c, plugins/sudoers/editor.c,
	plugins/sudoers/env.c, plugins/sudoers/find_path.c,
	plugins/sudoers/getdate.c, plugins/sudoers/getdate.y,
	plugins/sudoers/getspwuid.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/group_plugin.c,
	plugins/sudoers/interfaces.c, plugins/sudoers/iolog.c,
	plugins/sudoers/iolog_path.c, plugins/sudoers/ldap.c,
	plugins/sudoers/linux_audit.c, plugins/sudoers/locale.c,
	plugins/sudoers/logging.c, plugins/sudoers/logwrap.c,
	plugins/sudoers/match.c, plugins/sudoers/match_addr.c,
	plugins/sudoers/parse.c, plugins/sudoers/policy.c,
	plugins/sudoers/prompt.c, plugins/sudoers/pwutil.c,
	plugins/sudoers/pwutil_impl.c, plugins/sudoers/redblack.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/regress/parser/check_base64.c,
	plugins/sudoers/regress/parser/check_digest.c,
	plugins/sudoers/regress/parser/check_fill.c,
	plugins/sudoers/regress/parser/check_hexchar.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sssd.c,
	plugins/sudoers/sudo_nss.c, plugins/sudoers/sudo_printf.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers_debug.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/timestamp.c, plugins/sudoers/timestr.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/toke_util.c, plugins/sudoers/tsgetgrpw.c,
	plugins/sudoers/visudo.c, plugins/sudoers/visudo_json.c,
	plugins/system_group/system_group.c, src/conversation.c,
	src/env_hooks.c, src/exec.c, src/exec_common.c, src/exec_pty.c,
	src/get_pty.c, src/hooks.c, src/load_plugins.c, src/net_ifs.c,
	src/openbsd.c, src/parse_args.c, src/preserve_fds.c,
	src/regress/ttyname/check_ttyname.c, src/signal.c, src/solaris.c,
	src/sudo.c, src/sudo_edit.c, src/tgetpass.c, src/ttyname.c,
	src/utmp.c:
	We require ANSI C so stop using the obsolete STDC_HEADERS.
	[35a5a680e5fe]

	* lib/util/getgrouplist.c, lib/util/regress/glob/globtest.c,
	lib/util/sudo_debug.c, plugins/group_file/getgrent.c,
	plugins/group_file/plugin_test.c, plugins/sample/sample_plugin.c,
	plugins/sudoers/group_plugin.c, plugins/sudoers/interfaces.c,
	plugins/sudoers/ldap.c, plugins/sudoers/logging.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/tsgetgrpw.c:
	Use strtok_r() instead of strtok()
	[6b8e3c253dcf]

	* config.h.in, configure, configure.ac:
	Add back _REENTRANT define on HP-UX to expose strtok_r on some
	versions. We may need to define it on other systems too.
	[12c36f12eed2]

	* configure, configure.ac:
	Fix check for strnlen() when cross-compiling.
	[e501c508891a]

	* plugins/sudoers/interfaces.c:
	Use sudo_strsplit() in dump_interfaces.
	[b76ee2f47f37]

2015-06-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/inet_pton.c, lib/util/key_val.c, lib/util/lbuf.c,
	lib/util/locking.c, lib/util/parseln.c,
	lib/util/regress/parse_gids/parse_gids_test.c,
	lib/util/regress/progname/progname_test.c,
	lib/util/regress/strsplit/strsplit_test.c,
	lib/util/regress/sudo_conf/conf_test.c,
	lib/util/regress/sudo_parseln/parseln_test.c,
	lib/util/regress/tailq/hltq_test.c, lib/util/sha2.c,
	lib/util/snprintf.c, lib/util/strtobool.c, lib/util/term.c,
	plugins/group_file/getgrent.c, plugins/group_file/group_file.c,
	plugins/sample/sample_plugin.c, plugins/sudoers/boottime.c,
	plugins/sudoers/editor.c, plugins/sudoers/getdate.c,
	plugins/sudoers/getdate.y, plugins/sudoers/interfaces.c,
	plugins/sudoers/iolog_path.c, plugins/sudoers/policy.c,
	plugins/sudoers/pwutil.c, plugins/sudoers/pwutil_impl.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_base64.c,
	plugins/sudoers/regress/parser/check_digest.c,
	plugins/sudoers/regress/parser/check_hexchar.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/tsgetgrpw.c, plugins/system_group/system_group.c,
	src/conversation.c, src/exec_pty.c, src/net_ifs.c, src/openbsd.c,
	src/preserve_fds.c, src/regress/ttyname/check_ttyname.c,
	src/solaris.c, src/sudo.c, src/tgetpass.c, src/ttyname.c,
	src/utmp.c:
	Remove obsolete memory.h include.
	[0c1351d614a9]

	* config.h.in, configure, configure.ac, lib/util/getcwd.c,
	lib/util/gethostname.c, lib/util/glob.c, lib/util/locking.c,
	lib/util/parseln.c, lib/util/pw_dup.c, lib/util/reallocarray.c,
	lib/util/snprintf.c, lib/util/strndup.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, plugins/sudoers/toke_util.c,
	src/env_hooks.c:
	Remove support for the obsolete malloc.h header.
	[2a118de27d4e]

	* config.h.in, configure, configure.ac, plugins/sudoers/defaults.c,
	plugins/sudoers/logging.c:
	Remove BROKEN_SYSLOG define which was for obsolete versions of HP-
	UX. Remove last remnants of 4.2BSD syslog support.
	[e234515f515d]

	* lib/util/sudo_conf.c:
	Use sudo_strsplit() instead of doing the equivalent manually.
	[220f2e4a0e68]

	* lib/util/regress/strsplit/strsplit_test.c:
	Test strsplit behavior with an empty string.
	[62ae80dcee4a]

	* lib/util/Makefile.in, lib/zlib/Makefile.in,
	plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in,
	src/Makefile.in:
	Allow "make LIBTOOL=/path/to/libtool" to work properly.
	[f9e5f7109107]

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/editor.c,
	plugins/sudoers/find_path.c, plugins/sudoers/goodpath.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/visudo.c:
	Use a common function for resolviong the user's editor in sudoedit
	and visudo. The find_path() function now returns a dynamically
	allocated path instead of using a static string.
	[97fe58966144]

	* config.h.in, configure, configure.ac, lib/util/Makefile.in,
	lib/zlib/Makefile.in, plugins/group_file/Makefile.in,
	plugins/sample/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/system_group/Makefile.in, src/Makefile.in:
	Replace use of OSDEFS with config.h defines. Rename DEFS in
	Makefile.in to CPPDEFS and include in CPPFLAGS. Bring back
	_BSD_SOURCE as a config.h define. Remove obsolescent _REENTRANT
	define.
	[0d76a12adca8]

2015-06-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, include/sudo_alloc.h, lib/util/Makefile.in,
	lib/util/alloc.c:
	Remove now-unused sudo_alloc.h and alloc.c
	[0fe70085c75c]

	* plugins/sudoers/Makefile.in, src/Makefile.in, src/conversation.c,
	src/env_hooks.c, src/exec.c, src/exec_common.c, src/exec_pty.c,
	src/hooks.c, src/load_plugins.c, src/net_ifs.c, src/parse_args.c,
	src/preserve_fds.c, src/regress/ttyname/check_ttyname.c,
	src/selinux.c, src/sesh.c, src/sudo.c, src/sudo.h, src/sudo_edit.c,
	src/ttyname.c:
	Avoid using exiting allocators in the front end.
	[be0ca60facf8]

	* include/sudo_conf.h, include/sudo_lbuf.h, lib/util/Makefile.in,
	lib/util/aix.c, lib/util/gidlist.c, lib/util/lbuf.c,
	lib/util/sudo_conf.c, lib/util/sudo_debug.c:
	Use non-exiting allocators in libsudo_util.
	[d9b7cf17b9b4]

	* plugins/sudoers/ldap.c, plugins/sudoers/logging.c:
	Remove asprintf() return value warnings.
	[fe25ce11f96a]

	* config.h.in, configure, configure.ac:
	Use AC_FUNC_STRNLEN to check for broken strnlen() on AIX. This
	requires that we use AC_USE_SYSTEM_EXTENSIONS so remove things from
	OSDEFS that are enabled by AC_USE_SYSTEM_EXTENSIONS.
	[1f64269cab6e]

	* plugins/sudoers/ldap.c:
	Remove extraneous semicolons in CHECK_* macros.
	[ef99aa3c9d70]

	* plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/visudo.c:
	Remove remaining SUDO_MAIN remnants.
	[1c077699f444]

	* plugins/sudoers/Makefile.in, plugins/sudoers/alias.c,
	plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/bsdauth.c,
	plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/rfc1938.c,
	plugins/sudoers/auth/secureware.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/check.c, plugins/sudoers/defaults.c,
	plugins/sudoers/defaults.h, plugins/sudoers/env.c,
	plugins/sudoers/find_path.c, plugins/sudoers/getspwuid.c,
	plugins/sudoers/group_plugin.c, plugins/sudoers/interfaces.c,
	plugins/sudoers/interfaces.h, plugins/sudoers/iolog.c,
	plugins/sudoers/iolog_path.c, plugins/sudoers/linux_audit.c,
	plugins/sudoers/locale.c, plugins/sudoers/logging.h,
	plugins/sudoers/match.c, plugins/sudoers/parse.c,
	plugins/sudoers/policy.c, plugins/sudoers/prompt.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/sudoers_debug.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c:
	Use non-exiting allocatings in the sudoers plugin.
	[a5668cb9c516]

2015-06-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sssd.c:
	Use non-exiting allocators in the sudoers SSSD backend.
	[dba29b55ac0b]

	* plugins/sudoers/ldap.c:
	Use non-exiting allocators in the sudoers LDAP backend.
	[37bfa441345a]

	* lib/util/Makefile.in:
	regen dependencies
	[5be6eb005946]

2015-06-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, lib/util/Makefile.in, mkdep.pl:
	Add missing dependency info for reallocarray.lo in
	lib/util/Makefile.in and regen configure to match last configure.ac
	change.
	[da1fc49b53dc]

	* plugins/sudoers/ldap.c:
	Use \28 and \29 instead of \( and \) in the ldap query as per RFC
	2254. Fixes netgroup queries on AIX. From Steven Soulen.
	[33267d6243aa]

2015-06-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/glob.c:
	Move pattern length check until after we have initialized the glob_t
	so we can call globfree() even on error. From Frank Denis.
	[a246f9054395]

2015-06-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c, src/sudo.c:
	We need to unlimit RLIMIT_NPROC in sudoers as well as the sudo front
	end since set_perms() and restore_perms change the read uid and may
	fail with EAGAIN on Linux kernels prior to 3.1.
	[e6a03c31f4e5]

2015-06-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Fix underlining of "root" in -u option descriptions. Bug #699
	[b3afe47d9798]

	* doc/UPGRADE, src/load_plugins.c:
	Remove support for converting plugin.so -> plugin.sl on HP-UX when
	plugin.so can not be found. This was a temporary hack for using an
	older (pre 1.8.7) sudoers plugin with a newer sudo front-end.
	[561e2ce444ed]

2015-06-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/event.c, lib/util/event_select.c:
	Add debugging output on memory alloc failure. Add missing checks in
	event_select.c for reallocarray() failure.
	[0853c7bcbeaa]

	* lib/util/event_poll.c:
	Use non-exiting allocators.
	[5ed0e276b551]

2015-06-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/logging.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	Bring back VALIDATE_ERROR which will be used in the case of memory
	allocation errors.
	[784c885db95c]

2015-06-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/snprintf.c:
	If asprintf() or vasprintf() fail, set the dest pointer to NULL like
	BSD and Solaris do. This appears to be the direction glibc is going
	as well.
	[92fb2283dc9a]

2015-05-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/env.c:
	Use a stack buffer for the validate_env_vars() error message.
	[69df3a0cbc2b]

2015-05-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/fatal.c:
	Fix typo/thinko in static buffer conversion; use vsnprintf() not
	snprintf()
	[9d42fb3a94f6]

	* plugins/sudoers/ldap.c:
	Fix old gcc2 variadic macro support.
	[fd951ed8865e]

	* plugins/sudoers/visudo.c:
	Restore old behavior where visudo prevents you from making the main
	sudoers file zero length.
	[b03ef908120f]

	* plugins/sudoers/logging.c, plugins/sudoers/logging.h,
	plugins/sudoers/sudoers.c:
	Non-exiting allocators for log functions. If log_allowed() fails the
	user may not run the command. We don't try to return early for
	log_failure(), log_auth_failure() or log_denial() as we would not
	run the command in that case.
	[40c3d0dd75bc]

	* plugins/sudoers/alias.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, plugins/sudoers/toke_util.c:
	Use non-exiting allocators in the parser (much of it already did).
	[f14222e5ad1b]

	* lib/util/aix.c, plugins/sudoers/pwutil.c,
	plugins/sudoers/pwutil_impl.c:
	Use non-existing allocators in the passwd/group cache functions.
	[86bbe840f348]

	* MANIFEST, configure.ac, lib/util/alloc.c, lib/util/reallocarray.c:
	Add standalone reallocarray.c from OpenBSD instead of rolling our
	own.
	[36ec5840729e]

	* plugins/sudoers/alias.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/iolog.c,
	plugins/sudoers/parse.h, plugins/sudoers/pwutil.c,
	plugins/sudoers/redblack.c, plugins/sudoers/redblack.h,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c:
	Use non-exiting allocators in the redblack tree and fix the fallout.
	Also switch to non-exiting allocators in affected code blocks.
	[bca56cf769cb]

	* plugins/sudoers/alias.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/parse.h:
	The error string returned by alias_add should be const.
	[b378188a0a8f]

	* plugins/sudoers/policy.c:
	Fix typo, efree vs. free.
	[9146ba7473ca]

	* plugins/sudoers/policy.c, src/exec_common.c, src/sudo.c:
	Add a few missing sudo_new_key_val() return value checks. Also use
	non-exiting allocators for consistency.
	[2ae76a679052]

2015-05-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, lib/util/Makefile.in,
	lib/util/regress/parse_gids/parse_gids_test.c,
	lib/util/regress/strsplit/strsplit_test.c:
	Add unit tests for strsplit and parse_gid_list.
	[e08c5ff7b5f0]

	* MANIFEST, include/sudo_util.h, lib/util/Makefile.in,
	lib/util/strsplit.c, lib/util/util.exp.in,
	plugins/sudoers/sudoers.c:
	Add sudo_strsplit(), similar to strtok_r() but non-destructive and
	operates on non-C strings (requires a length parameter).
	[45fb50775249]

	* lib/util/fatal.c:
	Use a static buffer for sudo_warn/sudo_fatal messages where
	possible.
	[6e1d6ecc022d]

	* include/sudo_compat.h:
	Fix sudo_strnlen() prototype.
	[1367bd9227b3]

	* MANIFEST, config.h.in, configure, configure.ac,
	include/sudo_compat.h, lib/util/Makefile.in, lib/util/strndup.c,
	mkdep.pl:
	Add strndup() for those without it. As strndup.c uses strnlen(), use
	our own if it is missing.
	[cf904a9c68f7]

	* lib/util/strnlen.c:
	Add missing sudo_ prefix and include sudo_compat.h.
	[d5e5dfc3fd20]

	* MANIFEST, config.h.in, configure, configure.ac,
	include/sudo_compat.h, lib/util/strnlen.c:
	Add strnlen() replacement needed for glob.c. Only used if no glob()
	and no strnlen().
	[bb6b7c4549b1]

2015-05-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/logging.h, plugins/sudoers/sudoers.h:
	Get rid of SUDO_MAIN. Modern compilers don't warn about mixing
	extern and auto declarations unless they conflict.
	[a273b73bca6d]

	* config.h.in, configure.ac, include/compat/endian.h,
	include/compat/fnmatch.h, include/compat/getaddrinfo.h,
	include/compat/getopt.h, include/compat/glob.h,
	include/compat/nss_dbdefs.h, include/compat/sha2.h,
	include/compat/stdbool.h, include/compat/timespec.h,
	include/sudo_alloc.h, include/sudo_compat.h, include/sudo_conf.h,
	include/sudo_debug.h, include/sudo_dso.h, include/sudo_event.h,
	include/sudo_fatal.h, include/sudo_gettext.h, include/sudo_lbuf.h,
	include/sudo_plugin.h, include/sudo_queue.h, include/sudo_util.h,
	lib/util/fatal.c, plugins/sudoers/bsm_audit.h,
	plugins/sudoers/check.h, plugins/sudoers/defaults.h,
	plugins/sudoers/ins_2001.h, plugins/sudoers/ins_classic.h,
	plugins/sudoers/ins_csops.h, plugins/sudoers/ins_goons.h,
	plugins/sudoers/insults.h, plugins/sudoers/interfaces.h,
	plugins/sudoers/iolog.h, plugins/sudoers/linux_audit.h,
	plugins/sudoers/logging.h, plugins/sudoers/parse.c,
	plugins/sudoers/parse.h, plugins/sudoers/pwutil.h,
	plugins/sudoers/redblack.c, plugins/sudoers/redblack.h,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/solaris_audit.h, plugins/sudoers/sssd.c,
	plugins/sudoers/sudo_nss.h, plugins/sudoers/sudo_printf.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/sudoers_debug.h, plugins/sudoers/sudoers_version.h,
	plugins/sudoers/testsudoers.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.h, plugins/sudoers/toke.l,
	plugins/sudoers/visudo.c, src/net_ifs.c, src/sudo.h,
	src/sudo_exec.h, src/sudo_plugin_int.h, src/sudo_usage.h.in:
	Avoid using a leading underbar in defines as they are reserved in
	ISO C.
	[a442d88c6490]

	* Makefile.in, doc/Makefile.in, examples/Makefile.in,
	include/Makefile.in, lib/util/Makefile.in, lib/zlib/Makefile.in,
	plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/auth/afs.c,
	plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/bsdauth.c,
	plugins/sudoers/auth/dce.c, plugins/sudoers/auth/fwtk.c,
	plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/rfc1938.c, plugins/sudoers/auth/secureware.c,
	plugins/sudoers/auth/securid5.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/bsm_audit.c, plugins/sudoers/linux_audit.c,
	plugins/sudoers/solaris_audit.c, plugins/sudoers/sssd.c,
	plugins/system_group/Makefile.in, src/Makefile.in, src/selinux.c:
	Add target for "make splint". A few files need extra guards to avoid
	errors on systems where they would not otherwise be compiled. No
	warnings from splint.
	[64fc04debc58]

2015-05-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/sia.c:
	Use reallocarray() instead of sudo_emallocarray() and return an
	error on allocation failure.
	[fee12ac1e0c8]

	* plugins/sudoers/auth/kerb5.c:
	In our krb5_get_init_creds_opt_alloc() replacement use malloc()
	instead of sudo_emalloc() and return KRB5_CC_NOMEM on allocation
	failure. Only old versions of Kerberos V will need this.
	[95ac6c5b7b60]

	* lib/util/event.c, lib/util/event_select.c:
	Use non-exiting allocators.
	[91bbc657901d]

2015-05-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.ac, src/sudo.c:
	There should be no need to check for tzset() as it is POSIX.
	[50825eb75c97]

	* configure, configure.ac:
	Add sudo_reallocarrary to util.exp.in if reallocarray is not found.
	[32588e00bb33]

2015-05-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	NLS now works on Mac OS X properly.
	[1485c9e51b04]

	* configure, configure.ac, src/Makefile.in:
	Force flat namespace on darwin to make the getenv() hooking work as
	it does on ELF.
	[0837cc3559ce]

2015-05-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/alloc.c, lib/util/snprintf.c,
	plugins/sample/sample_plugin.c, plugins/sudoers/auth/rfc1938.c,
	plugins/sudoers/redblack.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/toke_util.c:
	No need to cast malloc() return value.
	[09c7236d3e1a]

	* lib/util/getcwd.c, lib/util/getline.c, lib/util/glob.c,
	plugins/sudoers/env.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l:
	Use reallocarray where possible.
	[2b5957a38baa]

	* config.h.in, configure, configure.ac, include/sudo_compat.h,
	lib/util/alloc.c:
	Add reallocarray() for those without it.
	[3ac5a4abe077]

2015-05-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	The getenv() hook still doesn't work on Mac OS X.
	[d9297b9ff54c]

2015-05-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/sudo_fatal.h, lib/util/fatal.c:
	In sudo_warn_gettext_v1() call dgettext() not gettext() to make sure
	the domain is set correctly. The sudoers plugin uses its own text
	domain.
	[f7ce0100ff5c]

2015-05-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/Makefile.in:
	man pages should explicitly depend on config.status since it is used
	to substitute in variables/settings.
	[bebe8e19d767]

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo_plugin.cat,
	doc/sudoers.cat, doc/sudoers.ldap.cat, doc/sudoers.man.in,
	doc/sudoreplay.cat, doc/visudo.cat:
	regen
	[2e613d7bb477]

	* NEWS, configure, configure.ac:
	Sudo 1.8.14
	[66e33bc0d18e]

	* INSTALL, MANIFEST, aclocal.m4, config.h.in, configure, configure.ac,
	include/sudo_fatal.h, lib/util/Makefile.in, lib/util/fatal.c,
	lib/util/locale_weak.c, lib/util/util.exp.in,
	m4/ax_sys_weak_alias.m4, mkdep.pl, plugins/sudoers/Makefile.in,
	plugins/sudoers/locale.c, plugins/sudoers/logging.h,
	plugins/sudoers/sudoers.c, src/Makefile.in, src/locale_stub.c:
	Instead of trying to make weak functions work on all platforms, just
	use a registration function for a plugin-specific setlocale
	function. The sudoers version just wraps sudoers_setlocale().
	[0eef64f41cdf]

	* src/parse_args.c:
	Fix indentation of -a flag help line.
	[a2ed556b6454]

	* include/sudo_compat.h:
	Fix compilation when HAVE_DECL_SIG2STR_MAX is not defined.
	[31aa465affaa]

	* doc/Makefile.in:
	Add lint target to run "mandoc -Tlint" over the manuals.
	[63ed14d91adc]

2015-05-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/sudo_compat.h:
	HAVE_DECL_SIG2STR_MAX is always defined so use a
	!HAVE_DECL_SIG2STR_MAX check instead of #ifndef.
	[65cc03302d39]

2015-05-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/tgetpass.c:
	Sync tty_present() with sudoers version.
	[040c05e68627]

	* src/load_plugins.c:
	sudo_check_plugin() returns bool.
	[15b2851bfb90]

	* plugins/sudoers/match.c:
	In usergr_matches() matched should be bool but we have to take care
	to handle group_plugin_query() returning a value other than 0/1.
	[c120901f71c7]

	* plugins/sudoers/ldap.c:
	sudo_ldap_check_non_unix_group() returns bool, not int.
	[d12e9242454f]

	* plugins/sudoers/logging.c:
	Convert two debug_return_int to debug_return_bool.
	[594d0fc8efda]

	* include/sudo_debug.h, lib/util/sudo_debug.c,
	plugins/sudoers/auth/dce.c, plugins/sudoers/check.c,
	plugins/sudoers/env.c, plugins/sudoers/group_plugin.c,
	plugins/sudoers/iolog.c, plugins/sudoers/ldap.c,
	plugins/sudoers/match.c, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.c, src/sudo.c:
	Previously, debug_return_bool was the same as debug_return_int
	except that it logged true/false for 1/0. However, this appears to
	trigger a bug in some compilers. To avoid this, debug_return_bool
	now uses bool, not int. Callers that were passing it an int have
	been converted to use debug_return_int instead.
	[ca142b5a9433]

	* src/get_pty.c, src/sudo.h:
	get_pty() should return bool
	[2c72c8d3603b]

	* src/sudo.h, src/tgetpass.c:
	Make tty_present static to tgetpass.c
	[bb73a2cc8754]

	* config.h.in, configure, configure.ac, include/sudo_compat.h:
	Add configure check for SIG2STR_MAX, which may be missing on
	UnixWare.
	[e9dcac23c639]

	* m4/ax_sys_weak_alias.m4:
	Need to quote $GCC as it may include arguments. From Tim Rice.
	[9ed8a3be94bf]

	* MANIFEST:
	Add missing m4/ax_sys_weak_alias.m4
	[269a8d5bfb49]

2015-04-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg:
	There's no point in building i386 binaries for Mac OS X 10.7 and
	higher.
	[e8876ea36d14]

2015-04-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/fr.mo, plugins/sudoers/po/fr.po, po/ja.mo,
	po/ja.po:
	Sync with translationproject.org
	[414c51286530]

2015-04-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/bsm_audit.c:
	Only fall back on AUE_DARWIN_sudo if au_preselect() fails.
	[aea2f3a60b46]

2015-04-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/bsm_audit.c:
	Work around a problem on Mac OS X 10.10 which defines AUE_sudo but
	where au_preselect() only accepts AUE_DARWIN_sudo (the old value).
	[b5d32d6453d1]

2015-04-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/env_hooks.c:
	Don't use dlsym() to find the libc getenv() since this may allocate
	memory on some systems (glibc) which leads to a hang if malloc()
	calls getenv() (jemalloc).
	[441846664820]

	* include/sudo_debug.h, src/sudo.c:
	Split variable declaration out of debug_decl into debug_decl_vars()
	so we can use it in main() when we know sudo_debug_enter() cannot
	succeed.
	[6931948a57f8]

	* src/sudo.c:
	Defer conversation initialization until right before plugins are
	initialized.
	[83db53d4945c]

2015-04-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c, plugins/sudoers/testsudoers.c:
	When creating a passwd struct from a uid that is not in the passwd
	database, set pw_gid to the user's gid instead of whatever the user
	specified via the -g flag (or 0 if no -g).
	[4154970432df]

2015-04-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	Add some ldap_err2string() debugging when the LDAP search fails.
	Adapted from a diff from Steven Soulen.
	[e08d38481041]

2015-04-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/sr.mo, plugins/sudoers/po/sr.po, po/sr.mo,
	po/sr.po:
	Sync with translationproject.org
	[cbf24072ad07]

2015-04-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS:
	Add David Michael and Andrey Klyachkin.
	[e153a9b46e1f]

	* sudo.pp:
	Sync tmpfiles.d/sudo.conf with init.d/sudo.conf.in
	[9e3945c1fe6e]

	* include/sudo_util.h:
	Avoid struct assignment when stashing mtime since AIX at least uses
	a struct st_timespec that differs from struct timespec. From Andrey
	Klyachkin.
	[e267ea5b019e]

2015-04-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Work around a bug in pp that caused a warning when exampledir is a
	subdir of docdir.
	[d81db98f215f]

	* plugins/sudoers/solaris_audit.c:
	Add sys/types.h
	[e0794f05e95c]

	* lib/util/getopt_long.c, lib/util/mksiglist.c, lib/util/mksigname.c,
	lib/util/regress/fnmatch/fnm_test.c,
	lib/util/regress/glob/globtest.c, lib/util/sha2.c,
	plugins/sudoers/regress/parser/check_base64.c,
	plugins/sudoers/regress/parser/check_digest.c,
	plugins/sudoers/regress/parser/check_hexchar.c:
	Include sys/types.h instead of unistd.h to get uid_t and gid_t. Add
	missing include of sys/types.h to a few places.
	[86eb67f3c41a]

2015-04-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg:
	Remove unintended commit
	[2eeeb74b9174]

	* init.d/sudo.conf.in:
	Add tmpfiles.d/sudo.conf template.
	[ead9bb7b5328]

2015-04-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* .hgignore, INSTALL, MANIFEST, Makefile.in, configure, configure.ac,
	mkpkg, src/Makefile.in, sudo.pp:
	Create template tmpfiles.d/sudo.conf for installation instead of
	creating one via echo commands in the Makefile.

	Add --enable-tmpfiles.d configure option to enable/disable use of
	tmpfiles.d and override the default directory.

	Use --disable-tmpfiles.d in mkpkg so we no longer need to ignore
	tmpfiles.d/sudo.conf in sudo.pp.
	[930983f88927]

	* sudo.pp:
	Fix setting of pp_rpm_version when there is no patchlevel present.
	Also tighten up the regexp for pp_rpm_release.
	[d6a89aafd99d]

2015-04-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL, Makefile.in, configure, configure.ac, doc/sudoers.mdoc.in,
	examples/Makefile.in, mkpkg, sudo.pp:
	Make exampledir configurable and default to
	DATAROOTDIR/examples/sudo on BSD systems.
	[4c1271298712]

	* src/Makefile.in, sudo.pp:
	Install /usr/lib/tmpfiles.d/sudo.conf on systems with systemd but do
	not package it. For packages we create /usr/lib/tmpfiles.d/sudo.conf
	as needed in the postinstall script.
	[522666bc079f]

2015-03-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo.conf.man.in,
	doc/sudo.conf.mdoc.in, doc/sudo.man.in, doc/sudo.mdoc.in,
	doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, doc/sudoers.cat, doc/sudoers.ldap.cat,
	doc/sudoers.ldap.man.in, doc/sudoers.ldap.mdoc.in,
	doc/sudoers.man.in, doc/sudoers.mdoc.in, doc/sudoreplay.cat,
	doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in, doc/visudo.cat,
	doc/visudo.man.in, doc/visudo.mdoc.in:
	Fix "mandoc -Tlint" warnings. Sync AUTHORS section in man pages.
	Regenerate all man pages.
	[34e4149bb225]

	* lib/util/Makefile.in, plugins/sudoers/Makefile.in, src/Makefile.in:
	Make libsudo_util depend on libintl instead of requiring users of
	libsudo_util to link with libintl directly. Bug #690
	[f2508d1a21ee]

2015-03-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/logging.c:
	Use saved errno in vlog_warning() before calling
	sudo_vwarn_nodebug(). Fixes the error message printed if set_perms()
	fails.
	[68bd7297137e]

2015-03-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Update for 1.8.13 final.
	[4c03db3a740f]

2015-03-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/env.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	For sudoedit, run the editor with the user's original environment as
	per the documentation (and as in sudo 1.7.x). Bug #688
	[a5081c8f6950]

	* plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po, po/fr.mo,
	po/fr.po:
	Sync with translationproject.org
	[0b820c5ecb0c]

2015-03-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/term.c:
	Update function names in debug_decl.
	[b83f153b2f43]

	* lib/util/term.c:
	Use TCSAFLUSH instead of TCSANOW in sudo_term_copy(). Be consistent
	with where we put TCSASOFT in the action flags.
	[6ffeec3aa184]

2015-03-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po, po/da.mo,
	po/da.po, po/fi.mo, po/fi.po, po/zh_CN.mo, po/zh_CN.po:
	Sync with translationproject.org
	[0d20f88c0a83]

2015-03-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/sha2.c:
	Include unistd.h since sudo_compat.h uses gid_t.
	[da491d83e5dc]

2015-03-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL, configure, configure.ac:
	Add --disable-weak-symbols option to disable use of weak symbols in
	libsudo_util.
	[3edf2bccb4d8]

	* configure:
	regen
	[ff1abfcd2b61]

	* m4/ax_sys_weak_alias.m4:
	When checking for weak aliases, check the gcc attribute format last
	since some C compilers just ignore unsupported attributes.
	[e172cbbfa615]

	* sudo.pp:
	Update copyright year.
	[67bcd24c6477]

	* plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po, po/cs.mo,
	po/cs.po, po/de.mo, po/de.po, po/eo.mo, po/eo.po, po/it.mo,
	po/it.po, po/nb.mo, po/nb.po, po/pl.mo, po/pl.po, po/pt_BR.mo,
	po/pt_BR.po, po/uk.mo, po/uk.po, po/vi.mo, po/vi.po:
	Sync with translationproject.org
	[ceb62f98364c]

	* configure, configure.ac, include/compat/sha2.h:
	Fix symbol name collision with systems that have their own sha2
	implementation. This can result in PAM using the wrong sha2
	implementation on Solaris systems configured to use SHA512 for
	passwords.
	[3a25c4896804]

	* src/Makefile.in:
	Use SSP_LDFLAGS when linking sudo_noexec.la
	[6187b17fad90]

2015-03-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, config.h.in, configure, configure.ac,
	include/compat/utime.h, lib/util/Makefile.in, lib/util/utimens.c:
	Remove compat/utime.h, it was only useful for ancient systems that
	are no longer capable of compiling sudo.
	[94e4f02868db]

2015-03-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac, lib/util/Makefile.in:
	Link libsudo_util with -lrt on systems where clock_gettime is in
	-lrt.
	[44a9a0d0af69]

	* NEWS:
	Update.
	[811c8d7090c0]

	* lib/util/strlcat.c, lib/util/strlcpy.c:
	Update OpenBSD CVS Ids
	[933788497ee4]

	* lib/util/strlcat.c:
	Make comment match code.
	[b1b68810929d]

	* lib/util/utimens.c:
	Fix compilation error on systems without futimes().
	[4d55a58ea12e]

	* MANIFEST, config.h.in, configure, configure.ac,
	include/sudo_compat.h, include/sudo_util.h, lib/util/Makefile.in,
	lib/util/gettime.c, lib/util/util.exp.in, lib/util/utimens.c,
	lib/util/utimes.c, mkdep.pl, plugins/sudoers/Makefile.in,
	plugins/sudoers/boottime.c, plugins/sudoers/gettime.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/timestamp.c,
	plugins/sudoers/visudo.c, src/Makefile.in, src/sesh.c,
	src/sudo_edit.c:
	Use futimens() and utimensat() instead of futimes() and utimes().
	[8400f91466d8]

	* plugins/sudoers/visudo.c:
	Fix compiler warning on systems where mode_t is not unsigned int,
	such as 32-bit Solaris.
	[1eeeea1c203d]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Fix logic for verifypw/listpw all in sudoers LDAP and sssd.
	[5bc60a34a477]

	* src/tgetpass.c:
	Fix cut & pasto that prevented the SIGPIPE handler from being
	restored before returning from tgetpass(). From mancha
	[230b0a86876e]

2015-02-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sesh.c, src/sudo_edit.c:
	Our utimes() emulation support futime() too.
	[439851535285]

2015-02-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen
	[40aa9164563f]

	* plugins/sudoers/testsudoers.c:
	Define YYDEBUG to 0 if not already defined so we can protect use of
	sudoersdebug with "#if YYDEBUG" like the generated parser does. From
	David Michael.
	[394e1c237aac]

2015-02-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document that Aliases may not be redefined and that "sudo -f
	/etc/sudo.d/foo" will not catch the redefinition.
	[3bff3b5f7eb1]

	* sudo.pp:
	Only create /usr/lib/tmpfiles.d/sudo.conf if
	/usr/lib/tmpfiles.d/systemd.conf also exists. Some other package may
	have created /usr/lib/tmpfiles.d even though it is not used.
	[cf013d95b7d7]

	* plugins/sudoers/Makefile.in:
	regen
	[4dde632c35cd]

	* sudo.pp:
	Clear the ts dir instead of just making sure it exists.
	[c49b6e3e2360]

	* configure, configure.ac:
	Only substiture init.d scripts that we are going to use.
	[301f16bd04c5]

2015-02-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in, sudo.pp:
	Create /usr/lib/tmpfiles.d/sudo.conf when systemd is used.
	[532dc61e7bb7]

	* plugins/sudoers/iolog.c, plugins/sudoers/visudo.c, src/sudo_edit.c,
	src/utmp.c:
	Check the return value of gettimeofday(), even though it should
	never fail.
	[747715d8a11c]

2015-02-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, configure, configure.ac, include/sudo_compat.h,
	lib/util/Makefile.in, lib/util/clock_gettime.c, mkdep.pl,
	plugins/sudoers/Makefile.in, plugins/sudoers/gettime.c,
	plugins/sudoers/po/sudoers.pot, plugins/sudoers/sudoers.h,
	plugins/sudoers/timestamp.c:
	We cannot (easily) use clock_gettime(CLOCK_MONOTONIC) directly as it
	may be present but not implemented. Add sudo_gettime_real() and
	sudo_gettime_mono() functions to get the real and monotonic times
	respectively. Now sudo_gettime_mono() checks the value of
	sysconf(_SC_MONOTONIC_CLOCK) before calling
	clock_gettime(CLOCK_MONOTONIC) and falls back on sudo_gettime_real()
	as needed. The Mach version of sudo_gettime_mono() uses
	mach_absolute_time().

	This should fix problems with timestamp files on systems where the
	CLOCK_MONOTONIC is defined but not actually implemented.
	[cd04a21af4c5]

	* include/sudo_compat.h, plugins/sudoers/timestamp.c:
	Check clock_gettime() return value and warn if it fails. Currently,
	the timestamp will be ignored if clock_gettime() fails.
	[3658154638da]

2015-02-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/sudo_debug.c:
	Plug memory leak when debug file cannot be opened. Use %zu printf
	format now that our snprintf support it.
	[a168a002cd19]

	* plugins/sudoers/auth/pam.c:
	Pam conversation function changes: o use PAM_BUF_ERR as the return
	value when calloc() fails. o sanity check the value of num_msg o
	remove the workaround for old Apple PAM o PAM_AUTH_ERR is not a
	valid PAM conversation function return value

	If getpass_error is set after a call to pam_verify (usually because
	the user pressed ^C), return AUTH_INTR immediately instead of
	checking the pam_verify return value.
	[8d378f40fe1f]

	* INSTALL, NEWS, configure, configure.ac,
	plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/auth/sudo_auth.h:
	On AIX use the value of auth_type in /etc/security/login.cfg to
	determine whether to use LAM or PAM unless the user specified the
	--with-pam or --with-aixauth configure flags.
	[cb314c1ed5f8]

	* lib/util/parseln.c:
	Fix cast.
	[4f56047e2bc4]

2015-02-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.ac, lib/util/snprintf.c:
	Update snprintf.c from OpenBSD. The floating point and wide
	character code has been retained but is not compiled by default.
	[6801a77398fc]

2015-02-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/regress/sudoers/test1.in,
	plugins/sudoers/regress/sudoers/test1.out.ok,
	plugins/sudoers/regress/sudoers/test1.toke.ok:
	Update the regression test that check that all tags are parsed.
	[d0f9af2f9d45]

	* MANIFEST, configure, configure.ac, lib/util/Makefile.in,
	lib/util/mktemp.c, lib/util/regress/mktemp/mktemp_test.c, mkdep.pl:
	Add regress for mkdtemp and mkstemps from OpenBSD
	[18714ae9bffd]

	* plugins/sudoers/po/sudoers.pot:
	regen
	[b77490dd9b33]

	* plugins/sudoers/po/nl.mo, plugins/sudoers/po/nl.po, po/tr.mo,
	po/tr.po:
	Sync with translationproject.org
	[b2946065653d]

	* config.h.in, configure.ac:
	Correct SECURE_PATH comment.
	[3fd6132d5dba]

	* NEWS, configure, configure.ac:
	Sudo 1.8.13
	[32c1183b0666]

2015-02-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, config.h.in, configure, configure.ac,
	include/sudo_compat.h, include/sudo_util.h, lib/util/Makefile.in,
	lib/util/gethostname.c, lib/util/util.exp.in,
	plugins/sudoers/match.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/visudo.c, src/sudo.c:
	Avoid using HOST_NAME_MAX directly and use
	sysconf(_SC_HOST_NAME_MAX) instead.
	[97036b819d58]

	* plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/secureware.c:
	Historically, crypt() returned the empty string on error, which
	ensured that crypt("", "") would return "", which supported matcing
	empty encrypted passwords with no additional code. Some modern
	versions of crypt() (such as glibc) return NULL on error so we need
	an explicit test to match an empty plaintext password and an empty
	encrypted password.
	[b88eb9da5e57]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Sort tags lexically in the sudoers manual
	[66716c0b7a13]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/gram.c, plugins/sudoers/gram.h,
	plugins/sudoers/gram.y, plugins/sudoers/ldap.c,
	plugins/sudoers/parse.c, plugins/sudoers/parse.h,
	plugins/sudoers/regress/sudoers/test1.out.ok,
	plugins/sudoers/sssd.c, plugins/sudoers/sudoers_version.h,
	plugins/sudoers/testsudoers.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, plugins/sudoers/visudo_json.c:
	Add support for MAIL and NOMAIL command tags to toggle mail sending
	behavior on a per-command (or Cmnd_Alias) basis.
	[04f30a064c25]

	* config.h.in, configure, configure.ac, include/sudo_compat.h,
	lib/util/closefrom.c, lib/util/setgroups.c,
	plugins/sudoers/pwutil_impl.c, src/sudo.c:
	Almost no systems actually define OPEN_MAX since it is dynamic on
	modern OSes. If sysconf(_SC_OPEN_MAX) ever fails, fall back on
	_POSIX_OPEN_MAX instead. We can assume modern systems have
	sysconf(). Also remove checks for strrchr() and strtoll() for which
	the HAVE_* defines are no longer used.
	[c3058a6cca86]

	* lib/util/getline.c, plugins/group_file/getgrent.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/tsgetgrpw.c:
	All modern systems should have LINE_MAX.
	[117322b6d86c]

	* Makefile.in, sudo.pp:
	Don't need to pass exampledir to polypkg now that it is just under
	docdir.
	[9f24f0184a78]

2015-02-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Fix packaging of the example dir.
	[4c7cbc3fc190]

	* lib/util/mktemp.c:
	Fix mkstemps() extension handling. Sudoedit will now preserve the
	extension properly when the system libc lacks mkstemps().
	[b86f54331972]

2015-02-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, aclocal.m4, config.h.in, configure, configure.ac,
	lib/util/Makefile.in, lib/util/locale_weak.c,
	m4/ax_sys_weak_alias.m4, mkdep.pl, src/Makefile.in,
	src/locale_stub.c:
	Use weak symbols for sudo_warn_gettext() and sudo_warn_strerror() so
	distros using "-Wl,--no-undefined" in LDFLAGS don't run into
	problems.
	[708418615aae]

	* lib/util/mksiglist.c, lib/util/mksigname.c:
	Include unistd.h in siglist.c and signame.c to get gid_t which is
	used by sudo_compat.h. Bug #686
	[0ab6450a96ec]

2015-02-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/logging.c:
	Add mail_all_cmnds to always mail when a user runs a command (or
	tries to) including sudoedit. The mail_always flag goes back to its
	old semantic of always mailing when sudo is run.
	[edc904502061]

2015-02-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Minor change in description of TZ path handling.
	[579b02f0dbe0]

	* Makefile.in, examples/Makefile.in:
	Move example dir under the doc dir to conform to Debian guidelines.
	Bug #682.
	[494d9a0484b6]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document that a leading ':' is skipped when checking TZ for a fully-
	qualified path name.
	[91859f613b88]

2015-02-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Typo.
	[b9257ea66116]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Fix typos.
	[ac1467f71ac0]

	* plugins/sample/sample_plugin.c:
	Fix compilation on systems w/o __dso_public
	[b773ef9127fa]

2015-02-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, plugins/sudoers/po/ru.mo, plugins/sudoers/po/ru.po:
	Russian translation for sudoers from translationproject.org.
	[8a7fc2e00072]

2015-02-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, doc/CONTRIBUTORS, plugins/sudoers/po/ru.mo,
	plugins/sudoers/po/ru.po:
	Russian translation for sudoers from translationproject.org.
	[1d5869e4d4af]

	* config.h.in, configure, configure.ac, include/sudo_compat.h:
	Add check for getresuid() declaration, which may be missing on HP-
	UX. When checking for getdomainname() prototype, look in netdb.h
	too.
	[0ba583590b17]

	* INSTALL, NEWS, configure, configure.ac, doc/sudoers.cat,
	doc/sudoers.man.in, doc/sudoers.mdoc.in, m4/sudo.m4, pathnames.h.in,
	plugins/sudoers/env.c:
	Sanity check the TZ environment variable by special casing it in
	env_check. The --with-tzdir configure option can be used to specify
	the zoneinfo directory if configure doesn't find it.
	[650ac6938b59]

	* NEWS:
	Mention crash fixes.
	[f759c993e172]

	* src/parse_args.c:
	Bail with usage() early if argc <= 0.
	[aaba56c9a797]

2015-02-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/pwutil.c:
	Remove extraneous casts of node->data (which is void *).
	[950749570a00]

	* doc/CONTRIBUTORS:
	Add Stephane Chazelas
	[a6c7becabee7]

	* plugins/sudoers/pwutil.c:
	Fix a potential crash when getpwnam() of the running user fails and
	we don't replace the negative cached entry with a faked up one. From
	Stephane Chazelas
	[9088f041bbad]

	* src/parse_args.c, src/sudo.c:
	Don't assume argv[0] is set without first checking argc.
	[aabdc9d0ba26]

	* lib/util/progname.c:
	Call setprogname("sudo") if getprogname() returns NULL or the empty
	string.
	[45438f7227b1]

	* plugins/sudoers/set_perms.c:
	Handle sudo_get_grlist() returning NULL which can happen if
	getgrouplist() fails even after allocating the appropriate amount of
	memory. From Stephane Chazelas
	[25747a0ead7c]

	* config.h.in, configure, configure.ac:
	Remove configure checks for strrchr() and strtoll() for which the
	HAVE_* defines are no longer used.
	[f04216435aba]

	* config.h.in, configure, configure.ac, doc/sudoreplay.cat,
	doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in,
	plugins/sudoers/sudoreplay.c:
	Require POSIX regular expression support for sudoreplay.
	[1486747cd470]

	* config.h.in, configure, configure.ac, include/sudo_compat.h:
	Check whether getdomainname(), innetgr(), setresuid() and
	setresgid() are declared and add prototypes in sudo_compat.h as
	needed.
	[03aa144afce4]

	* plugins/sudoers/policy.c:
	The plugin no longer needs to call initprogname() now that it links
	with the same libsudo_util as sudo.
	[78b65a352ac5]

2015-02-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Add /usr/local/share/examples/ directory to parentdirs so it is
	explicitly added to the package.
	[ef1aa52b0aad]

	* plugins/sudoers/po/da.mo, po/da.mo:
	Sync with translationproject.org
	[943986acd31c]

	* plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po,
	plugins/sudoers/po/nl.mo, plugins/sudoers/po/nl.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po, po/nl.mo,
	po/nl.po:
	Sync with translationproject.org
	[4977ac967bdd]

2015-02-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/getdate.c, plugins/sudoers/gram.c:
	Regen with yacc skeleton that the clang analyzer doesn't complain
	about.
	[e15991fd4ab1]

	* configure, configure.ac, lib/util/alloc.c, lib/util/glob.c,
	plugins/sudoers/env.c, plugins/sudoers/getdate.c,
	plugins/sudoers/getdate.y, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y:
	Use stdint.h to get SIZE_MAX as inttypes.h on some pre-C99 HP-UX
	systems doesn't include stdint.h itself.
	[9fbd35811743]

	* configure, configure.ac:
	SIZE_MAX may be in limits.h on pre-C99 compilers.
	[d3b554f7e0e5]

	* config.h.in, configure, configure.ac, lib/util/aix.c:
	Add missing prototypes for usrinfo() and setauthdb() for AIX.
	[aa4b205296cf]

	* config.h.in, configure, configure.ac, plugins/sudoers/match.c:
	Solaris uses sysinfo(SI_SRPC_DOMAIN) instead of getdomainname() to
	get the host's NIS domain.
	[9234c62a1469]

2015-02-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Remove AC_PROG_GCC_TRADITIONAL and add AC_PROG_CC_STDC since we need
	C99.
	[005775f5662b]

	* plugins/sudoers/match.c:
	Actually use the check for prior initialization in
	sudo_getdomainname().
	[06368385ad0d]

	* configure, configure.ac:
	We need to add OSDEFS to CFLAGS to expose LLONG_MAX et al on glibc
	when not explicitly asking for c99.
	[ae9435631600]

	* NEWS, doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/logging.c:
	Don't send mail about pseudo-command failure unless it is an
	authentication failure.
	[deddcfc1f2ab]

	* configure, configure.ac:
	Fix check for SIZE_MAX, which should be in stdint.h not limits.h.
	[47bf0ab7dfca]

	* lib/util/glob.c:
	Need to include inttypes.h for SIZE_MAX
	[a11f42f40294]

	* plugins/sudoers/po/sudoers.pot:
	regen
	[d35b24f95ef8]

2015-02-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/sudo_debug.h, lib/util/aix.c, lib/util/event.c,
	lib/util/event_poll.c, lib/util/event_select.c, lib/util/gidlist.c,
	lib/util/key_val.c, lib/util/lbuf.c, lib/util/locking.c,
	lib/util/parseln.c, lib/util/secure_path.c, lib/util/setgroups.c,
	lib/util/strtobool.c, lib/util/strtoid.c, lib/util/strtomode.c,
	lib/util/sudo_conf.c, lib/util/sudo_debug.c, lib/util/term.c,
	lib/util/ttysize.c, lib/util/util.exp.in, plugins/sudoers/alias.c,
	plugins/sudoers/audit.c, plugins/sudoers/auth/afs.c,
	plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/bsdauth.c,
	plugins/sudoers/auth/dce.c, plugins/sudoers/auth/fwtk.c,
	plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/rfc1938.c,
	plugins/sudoers/auth/secureware.c, plugins/sudoers/auth/securid5.c,
	plugins/sudoers/auth/sia.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/base64.c, plugins/sudoers/boottime.c,
	plugins/sudoers/bsm_audit.c, plugins/sudoers/check.c,
	plugins/sudoers/defaults.c, plugins/sudoers/env.c,
	plugins/sudoers/find_path.c, plugins/sudoers/getspwuid.c,
	plugins/sudoers/goodpath.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/group_plugin.c,
	plugins/sudoers/hexchar.c, plugins/sudoers/interfaces.c,
	plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c,
	plugins/sudoers/ldap.c, plugins/sudoers/linux_audit.c,
	plugins/sudoers/logging.c, plugins/sudoers/logwrap.c,
	plugins/sudoers/match.c, plugins/sudoers/match_addr.c,
	plugins/sudoers/parse.c, plugins/sudoers/policy.c,
	plugins/sudoers/prompt.c, plugins/sudoers/pwutil.c,
	plugins/sudoers/pwutil_impl.c, plugins/sudoers/redblack.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sssd.c,
	plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoers_debug.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/timestamp.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, plugins/sudoers/toke_util.c,
	plugins/sudoers/visudo.c, plugins/sudoers/visudo_json.c, src/exec.c,
	src/exec_common.c, src/exec_pty.c, src/get_pty.c, src/hooks.c,
	src/load_plugins.c, src/net_ifs.c, src/parse_args.c,
	src/preserve_fds.c, src/selinux.c, src/sesh.c, src/signal.c,
	src/solaris.c, src/sudo.c, src/sudo_edit.c, src/tgetpass.c,
	src/ttyname.c, src/utmp.c:
	Go back to a 2 args debug_decl and just use the "default" instance,
	now renamed "active".
	[7130b7478355]

2015-01-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/LICENSE:
	Update copyright year.
	[e1dad7b195e4]

2015-01-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in, plugins/sudoers/ldap.c,
	plugins/sudoers/match.c, plugins/sudoers/parse.h:
	When querying LDAP netgroups, use the NIS domain if it is sent but
	also match nisNetgroupTriple entries that have no domain.
	[5a0fa3ac26f7]

	* plugins/sudoers/sudoreplay.c:
	Avoid setting the tty to non-blocking mode so "sudoreplay | cat"
	(for example) works as expected. We only read a single byte from the
	keyboard and only when interactive anyway so this should be fine.
	[9615a932545b]

	* lib/zlib/Makefile.in, plugins/sudoers/Makefile.in:
	regen
	[f19c6e000850]

	* plugins/sudoers/sudoreplay.c:
	Avoid a cppcheck warning about undefined behavior (using the address
	of a stack buffer - 1) and fix a memory leak of the iov when doing
	nl->crnl conversion.
	[e26f9008c2e4]

	* doc/CONTRIBUTORS:
	Add Steven Soulen
	[17a47303d5fe]

	* plugins/sudoers/sudoreplay.c:
	Fix handling of partial writes from writev() which can occur with
	large output buffers.
	[1065dbeaa13d]

2015-01-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in, plugins/sudoers/ldap.c:
	Add support for querying netgroups directly via LDAP since there is
	no other way to look up all the netgroups for a user (unlike regular
	groups). This introduces netgroup_base and netgroup_search_filter
	options to ldap.conf. Based on a diff from Steven Soulen.
	[7e3d55983e71]

2015-01-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	Sort ldap.conf options.
	[264608124698]

2015-01-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	Add macros to ease the checking of strlcpy, strlcat and
	sudo_ldap_value_cat return values.
	[e9122413d4fa]

2015-01-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/check.c, plugins/sudoers/ldap.c,
	plugins/sudoers/logging.c, plugins/sudoers/parse.c,
	plugins/sudoers/sssd.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	Rename VALIDATE_OK -> VALIDATE_SUCCESS Rename VALIDATE_NOT_OK ->
	VALIDATE_FAILURE
	[4379cac9f75d]

	* plugins/sudoers/logging.c, plugins/sudoers/sudoers.h:
	Remove now-unused VALIDATE_ERROR define.
	[569d4936b761]

	* plugins/sudoers/logging.c:
	should_mail() now returns bool.
	[0316d1fb08c3]

	* lib/util/sudo_debug.c:
	If sudo_debug_register() fails return
	SUDO_DEBUG_INSTANCE_INITIALIZER, not -1. Otherwise we could end up
	setting the instance to -1 which is invalid.
	[032bb1db6db5]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Fix typo.
	[014be972780c]

	* doc/Makefile.in:
	Use "mandoc -Tascii" to generate .cat pages to avoid locale-specific
	characters.
	[0ec42d8924fc]

2015-01-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, m4/sudo.m4:
	Use AC_PATH_PROG to find programs instead of checking the path
	manually.
	[2b5d9893a7a7]

2015-01-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/strlcat.c, lib/util/strlcpy.c:
	Sync with OpenBSD version
	[22c073c42a9e]

2015-01-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Use AC_CHECK_HEADERS_ONCE and AC_CHECK_FUNCS_ONCE where possible and
	quote the first args in AC_CHECK_FUNCS calls.
	[84aa40ab410a]

	* config.h.in, configure, configure.ac, include/sudo_compat.h:
	Avoid inadvertantly defining things like PATH_MAX simply because the
	source file doesn't include limits.h.
	[d2e7c4093f55]

2015-01-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, ltmain.sh, m4/libtool.m4, m4/ltoptions.m4,
	m4/ltversion.m4:
	Update to libtool 2.4.4 + HP-UX patches
	[859b7378bc37]

	* src/ttyname.c:
	Document why we need sys/param.h.
	[f21a4d7122f0]

	* configure, m4/sudo.m4:
	Don't need sys/param.h.
	[6aa24ecfc9d4]

	* lib/util/closefrom.c:
	Don't appear to need sys/param.h for pstat_getproc() on HP-UX even
	though the man page lists it.
	[47d75f3db288]

	* lib/util/inet_ntop.c, lib/util/inet_pton.c:
	Should not need sys/param.h here.
	[5c83cebcd75f]

2014-12-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/match_addr.c:
	Use standard CIDR -> netmask conversion and disallow 0-bit CIDRs.
	[d30313d726eb]

2014-12-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* README.LDAP:
	Update link to gq LDAP editor, now on sourceforge.
	[706dadea1abb]

2014-12-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/compat/glob.h, lib/util/glob.c:
	Add support for GLOB_LIMIT from OpenBSD (not currently used) and
	also a limit on the max recursion depth for glob().
	[6f9e26b88612]

	* lib/util/glob.c:
	Quiet compiler sign compare warning.
	[c4f35c02122c]

2014-12-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	fnmatch fix
	[07542b07ac67]

	* lib/util/fnmatch.c:
	Remove artificial limit on length of pattern and string. It is
	possible to use fnmatch() on things other than paths (such as
	arguments) so a limit of PATH_MAX does not make sense. Fixes a bug
	where rules would fail to match if the length of the arguments were
	larger than PATH_MAX (usually 1024).
	[942770c20422]

2014-12-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo.conf.man.in,
	doc/sudo.conf.mdoc.in, doc/sudo.man.in, doc/sudo.mdoc.in,
	doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, doc/sudoers.cat, doc/sudoers.ldap.cat,
	doc/sudoers.ldap.man.in, doc/sudoers.ldap.mdoc.in,
	doc/sudoers.man.in, doc/sudoers.mdoc.in, doc/sudoreplay.cat,
	doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in, doc/visudo.cat,
	doc/visudo.man.in, doc/visudo.mdoc.in:
	Remove the extra /sudo in sudo.ws urls
	[0b804e3a1008]

2014-11-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo.conf.man.in,
	doc/sudo.conf.mdoc.in, doc/sudo.man.in, doc/sudo.mdoc.in,
	doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, doc/sudoers.cat, doc/sudoers.ldap.cat,
	doc/sudoers.ldap.man.in, doc/sudoers.ldap.mdoc.in,
	doc/sudoers.man.in, doc/sudoers.mdoc.in, doc/sudoreplay.cat,
	doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in, doc/visudo.cat,
	doc/visudo.man.in, doc/visudo.mdoc.in:
	Reference bugzilla.sudo.ws
	[7dc11bbe6f13]

2014-11-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	sync
	[da17d5a611ce]

2014-11-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y:
	Require that a digest be specified with a real command, not an alias
	or pseudo-command. Found via a crash by afl.
	[55f6166cab63]

	* NEWS:
	sync
	[4b31247735c4]

	* MANIFEST, doc/CONTRIBUTORS, plugins/sudoers/po/fr.mo,
	plugins/sudoers/po/fr.po:
	French translation for sudoers from translationproject.org.
	[5c592350c4b0]

2014-11-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c, src/exec_pty.c, src/tgetpass.c:
	Defer registration of the SIGCHLD handler until just before we exec
	the command. Fixes a problem where pam_gnome_keyring installs its
	own SIGCHLD handler and may not restore the original one. As a
	result, we now have to explicitly wait for the askpass helper to
	finish. Bug #657
	[f499500fef71]

2014-11-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	Mention sssd support in the sudoers.ldap manual and cross-reference
	sssd-sudo(5).
	[32f84fbf210c]

2014-11-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS:
	Reorder an entry.
	[5d15735294f1]

2014-11-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, lib/util/Makefile.in, plugins/group_file/Makefile.in,
	plugins/sample/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/system_group/Makefile.in, src/Makefile.in:
	Prevent cppcheck from getting confused by our compat definition of
	the va_copy macro for pre-C99.
	[61d94525be2e]

2014-11-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog_path.c:
	Fix potential NULL pointer deref found by cppcheck.
	[668967e031e0]

	* plugins/sudoers/alias.c:
	Quiet a cppcheck false positive.
	[35a16ae4660c]

	* lib/util/sudo_debug.c:
	If there are multiple outputs, ap will be re-used so make a copy and
	operate on it instead.
	[f4f19df43c93]

	* src/hooks.c:
	Fix typo in hook return value check.
	[b12839dc6e78]

	* NEWS:
	Mention visudo use of sudoers plugin args to set default sudoers
	file name and owner/mode.
	[7f2733b53431]

	* NEWS:
	Mention fix for bug #678
	[7f7a6d8b985b]

2014-11-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	In set_fqdn() we neeed to set user_runhost/user_srunhost at the same
	time we set user_host/user_shost since that is what
	hostlist_matches() uses. Bug #678
	[4f75b01d4884]

2014-11-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/hooks.c:
	Do not call sudo_warnx() on invalid value from the env hook
	functions as the printf() family may call getenv() for locale
	reasons.
	[547fc25acb7c]

	* doc/sudo.conf.mdoc.in, doc/sudo.man.in, doc/sudo.mdoc.in,
	doc/sudo_plugin.man.in, doc/sudoers.cat, doc/sudoers.man.in,
	doc/sudoers.mdoc.in, doc/sudoreplay.mdoc.in, doc/visudo.cat,
	doc/visudo.man.in, doc/visudo.mdoc.in:
	No need to keep specifying ".Nm foo" since the Nm macro remembers
	the argument it was first called with and uses it if none is
	specified. Also fix a few minor formatting errors and regen bulleted
	lists in the .man.in files.
	[d2669e94add4]

	* doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in:
	Add sudo.conf to SEE ALSO and rename section on sudo.conf
	[d4cc8ad2c2b4]

	* doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in:
	Mention sudo.conf use for debugging
	[9393fb061bcd]

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo_plugin.cat,
	doc/sudoers.cat, doc/sudoers.ldap.cat, doc/sudoers.man.in,
	doc/sudoreplay.cat:
	regen
	[1d34d21b2136]

	* doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in:
	Document sudo.conf usage now that visudo will parse the sudoers
	arguments.
	[78a413c019a9]

2014-11-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo.c:
	Use sudoers.so args from sudo.conf to set sudoers_file, sudoers_uid,
	sudoers_gid, and sudoers_mode in visudo.
	[1c7408b5ff7e]

	* plugins/sudoers/visudo.c:
	Use sudoers_file, sudoers_uid, sudoers_gid, and sudoers_mode symbols
	from toke.l instead of the upper case defines.
	[21ba15518c7d]

	* lib/util/Makefile.in, lib/zlib/Makefile.in,
	plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in:
	Use SSP_LDFLAGS when creating shared objects.
	[2428de97d2c2]

	* lib/util/Makefile.in:
	We only build .lo (not .o) files for libsudo_util
	[2c1e0475cddc]

	* plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po,
	plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po, po/cs.mo,
	po/cs.po, po/da.mo, po/da.po, po/de.mo, po/de.po, po/eo.mo,
	po/eo.po, po/fi.mo, po/fi.po, po/it.mo, po/it.po, po/nb.mo,
	po/nb.po, po/pl.mo, po/pl.po, po/pt_BR.mo, po/pt_BR.po, po/ru.mo,
	po/ru.po, po/uk.mo, po/uk.po, po/vi.mo, po/vi.po, po/zh_CN.mo,
	po/zh_CN.po:
	Sync with translationproject.org
	[e51055fdffe1]

2014-11-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	sync
	[aab14a9942e0]

2014-11-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c, src/exec_pty.c:
	Make sure that SIGCHLD is not treated as a user-generated signal in
	which case it could be ignored. Bug #676
	[a4caaaaa47a8]

2014-10-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.ac, lib/util/mktemp.c:
	Use arc4random() for mkstemp/mkdtemp if available. If not, try to
	seed from /dev/urandom before falling back to the gettimeofday seed.
	[7a7096ab82c9]

	* lib/util/sudo_debug.c:
	Use a static buffer for sudo_debug_execve2() if possible.
	[abf1fd5891ab]

2014-10-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, ltmain.sh, m4/libtool.m4, m4/ltoptions.m4, m4/ltsugar.m4,
	m4/ltversion.m4, m4/lt~obsolete.m4:
	Update to libtool 2.4.3 + HP-UX patches
	[9ddfd96f3bea]

2014-10-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac, include/sudo_compat.h, lib/util/mktemp.c:
	If a system lacks mkdtemp() or mkstemps(), use our own mkdtemp() and
	mkstemps(). Previously we only exposed the missing one but since the
	guts are the same we might as well use them.
	[12d4ac64462f]

	* src/env_hooks.c:
	Mark the putenv(), setenv() and unsetenv() symbols as global, not
	hidden. Fixes a mismatch where a plugin (or its loaded dso) would
	call setenv() to set a variables but be unable to find it later with
	getenv().
	[96127ac4bbb3]

2014-10-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in:
	Fix install-nls target from builddir.
	[da63bc37f6c5]

	* Makefile.in:
	Fix dependency on sudo.pp, it needs to relative to srcdir.
	[c76088da98e8]

	* src/sesh.c:
	Adapt to new debug subsystem registration.
	[8e13b349b44b]

2014-10-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/zlib/Makefile.in, lib/zlib/zlib.exp:
	Add missing zlib.exp file and common LT_LDFLAGS Makefile.in.
	[0bc0092d3e03]

	* lib/util/sudo_conf.c:
	Fix path settings broken in rev 9731.
	[2b33916eb287]

	* MANIFEST, lib/util/regress/sudo_conf/test4.err.ok:
	Adjust regress test now that boolean settings display an error for
	invalid input.
	[73a7365f492e]

	* plugins/sudoers/iolog.c, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoers_debug.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c:
	Add sudoers_debug_deregister() and use it instead of calling
	sudo_debug_deregister() directly.
	[819b0e08196e]

	* configure, configure.ac, lib/util/Makefile.in, lib/zlib/Makefile.in,
	plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in:
	Use AC_PROG_AWK
	[945cf6deb18d]

	* NEWS:
	Mention shared zlib.
	[094bdada1106]

	* MANIFEST:
	Add lib/zlib/zlib.exp
	[7b5011e3eea9]

	* INSTALL, configure, configure.ac, lib/zlib/Makefile.in,
	lib/zlib/zconf.h.in:
	Add support for installing a shared zlib
	[6875ab6ca44f]

	* lib/util/Makefile.in:
	fix comment typo
	[35c3dda27eec]

	* configure, configure.ac, lib/zlib/Makefile.in:
	Newer zlib uses HAVE_HIDDEN to turn on symbol hiding so we don't
	need to disable it with NO_VIS.
	[b3eee86f015f]

	* po/sudo.pot:
	regen
	[687bc1ea88ac]

	* configure.ac, include/sudo_debug.h, lib/util/sudo_debug.c,
	lib/util/util.exp.in:
	Version the symbols for sudo_debug.c now that the API is stable.
	[873850a062a8]

2014-10-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/sudo_conf.c:
	Go back to parsing sudo.conf in place for settings and paths and
	improve debugging info for unsupported entries and parse errors.
	[264e1f7d6551]

	* include/sudo_conf.h, lib/util/regress/sudo_conf/conf_test.c,
	lib/util/sudo_conf.c, lib/util/util.exp.in,
	plugins/sudoers/sudoers_debug.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c,
	src/load_plugins.c, src/sudo.c, src/sudo_plugin_int.h:
	Add a flag argument to sudo_conf_read() so we can decide which bits
	get parsed. This lets us parse Debug statements first and init the
	debug subsystem early.
	[56dbf1e671de]

2014-10-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/zlib/gzguts.h:
	Include stdio.h after zlib.h, not before. We need the large file
	defines to come first.
	[b42b53d10252]

	* doc/LICENSE, lib/zlib/compress.c, lib/zlib/crc32.c,
	lib/zlib/crc32.h, lib/zlib/deflate.c, lib/zlib/deflate.h,
	lib/zlib/gzguts.h, lib/zlib/gzlib.c, lib/zlib/gzread.c,
	lib/zlib/gzwrite.c, lib/zlib/infback.c, lib/zlib/inffast.c,
	lib/zlib/inflate.c, lib/zlib/inftrees.c, lib/zlib/trees.c,
	lib/zlib/uncompr.c, lib/zlib/zconf.h.in, lib/zlib/zlib.h,
	lib/zlib/zutil.c, lib/zlib/zutil.h:
	Update zlib to version 1.2.8
	[f95280e0448d]

	* configure, configure.ac:
	Don't add -Wold-style-definition to CFLAGS as it causes problems
	with 3rd party libraries such as zlib.
	[1d7613d1c177]

	* src/load_plugins.c:
	Free up plugin info structs after converting to plugin containers.
	[1168e873d778]

	* INSTALL, MANIFEST, Makefile.in, configure, configure.ac,
	doc/Makefile.in, doc/TROUBLESHOOTING, doc/UPGRADE, doc/sample.pam,
	doc/sample.sudo.conf, doc/sample.sudoers, doc/sample.syslog.conf,
	examples/Makefile.in, examples/pam.conf, examples/sudo.conf,
	examples/sudoers, examples/syslog.conf, sudo.pp:
	Move sample.* files to a sudo examples dir
	[b53e3df56c66]

	* sudo.pp:
	Fix a packaging problem with the sudoedit man page link on Debian.
	[8ad77a37048e]

	* plugins/sudoers/iolog.c, plugins/sudoers/policy.c:
	Initialize the debug subsystem in sudoers early. Currently this
	means iterating over the settings list twice.
	[93b12ea08405]

	* lib/util/sudo_debug.c:
	No need to convert sudoedit -> sudo in sudo_debug_get_instance() as
	we store the actual program name and only do the sudoedit -> sudo
	conversion when reading the sudo.conf file. Fixes debugging when
	invoked as sudoedit.
	[535c01d83b14]

	* lib/util/sudo_conf.c, lib/util/sudo_debug.c,
	plugins/sudoers/iolog.c, plugins/sudoers/policy.c, src/exec_pty.c,
	src/load_plugins.c, src/sudo.c, src/sudo_plugin_int.h:
	In the plugin registers with the debug framework at open time, the
	sudo front-end will now set the default debug instance appropriately
	before calling into the plugin. This means the plugin no longer
	needs to do the sudo_debug_set_default_instance() dance.
	[10dd45a7884f]

	* Makefile.in:
	Remove duplicate -U__NBBY in CPPCHECK_OPTS
	[ad518cb36279]

2014-10-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in:
	Older shells don't support unset.
	[8762e40871ab]

	* configure, configure.ac, include/sudo_compat.h,
	lib/util/inet_ntop.c, src/net_ifs.c:
	Fix inet_ntop() replacement on older systems without it. We only
	expose the prototype for net_ifs.c due to the use of socklen_t.
	[18b95ca378ab]

	* lib/util/sudo_debug.c:
	Dynamically allocate debug_fds bitmap and realloc as needed.
	[e858199414f6]

	* Makefile.in, include/sudo_debug.h, lib/util/Makefile.in,
	lib/util/sudo_debug.c, plugins/group_file/Makefile.in,
	plugins/sample/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/sudoers/sudoers_debug.c, plugins/sudoers/sudoers_debug.h,
	plugins/system_group/Makefile.in, src/Makefile.in, src/exec.c:
	Use generic bitmap macros instead of select-style fd_set.
	[c382edc413be]

	* lib/util/sudo_debug.c:
	Replace sudo_debug_num_instances with sudo_debug_max_instance
	[12625fd174a4]

	* plugins/sudoers/iolog.c, plugins/sudoers/policy.c:
	Don't call into the debug subsystem after we've deregistered the
	plugin's instance.
	[fca7279d2f40]

	* lib/util/sudo_debug.c:
	Only fill in subsystem_ids[] for the instance if the caller passed
	in an array for it. If the caller only wants the default subsystems
	we don't actually need ids[].
	[07939da6d3a5]

	* lib/util/Makefile.in:
	Link with -ldl if needed when built with --disable-shared-libutil/
	[542eeffaf57d]

	* src/regress/ttyname/check_ttyname.c:
	Fix includes order.
	[ddd58edba5af]

	* lib/util/util.exp.in:
	Remove extra newline mistakenly introduced in rev 9682.
	[36a40e308bbc]

	* plugins/sudoers/Makefile.in:
	Fix typo in unset.
	[2c5fbe4c9a54]

	* plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/visudo.c, src/sesh.c:
	Set debug instance for standalone programs.
	[306225438408]

	* plugins/sudoers/bsm_audit.c, plugins/sudoers/linux_audit.c,
	src/net_ifs.c:
	Fix compilation issues, fallout from the debug changes.
	[aff5bb3d0322]

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	regen
	[bbb69f299d1f]

	* configure, configure.ac:
	Sudo 1.8.12
	[8d9b15c1de44]

	* NEWS:
	Update with debug system changes and revent bug fixes.
	[44133de1dee2]

	* include/sudo_debug.h, lib/util/sudo_conf.c, lib/util/sudo_debug.c,
	plugins/sudoers/sudoers_debug.c, plugins/sudoers/sudoers_debug.h:
	When registering with the debug subsystem, the caller now passes in
	an arrary of ints that gets filled in with the subsytem IDs to be
	used in debug_decl.
	[80e80ba194f7]

	* plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c:
	sudoers_debug_instance is now included in libparsesudoers so we
	don't need to declare it here.
	[a56f79e6fcf8]

2014-10-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, include/sudo_debug.h, lib/util/sudo_debug.c,
	lib/util/ttysize.c, plugins/sudoers/Makefile.in,
	plugins/sudoers/alias.c, plugins/sudoers/audit.c,
	plugins/sudoers/auth/afs.c, plugins/sudoers/auth/aix_auth.c,
	plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/dce.c,
	plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/kerb5.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/passwd.c,
	plugins/sudoers/auth/rfc1938.c, plugins/sudoers/auth/secureware.c,
	plugins/sudoers/auth/securid5.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/base64.c,
	plugins/sudoers/boottime.c, plugins/sudoers/bsm_audit.c,
	plugins/sudoers/check.c, plugins/sudoers/defaults.c,
	plugins/sudoers/env.c, plugins/sudoers/find_path.c,
	plugins/sudoers/getspwuid.c, plugins/sudoers/goodpath.c,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/group_plugin.c, plugins/sudoers/hexchar.c,
	plugins/sudoers/interfaces.c, plugins/sudoers/iolog.c,
	plugins/sudoers/iolog_path.c, plugins/sudoers/ldap.c,
	plugins/sudoers/linux_audit.c, plugins/sudoers/logging.c,
	plugins/sudoers/logwrap.c, plugins/sudoers/match.c,
	plugins/sudoers/match_addr.c, plugins/sudoers/parse.c,
	plugins/sudoers/policy.c, plugins/sudoers/prompt.c,
	plugins/sudoers/pwutil.c, plugins/sudoers/pwutil_impl.c,
	plugins/sudoers/redblack.c, plugins/sudoers/set_perms.c,
	plugins/sudoers/sssd.c, plugins/sudoers/sudo_nss.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/sudoers_debug.c, plugins/sudoers/sudoers_debug.h,
	plugins/sudoers/testsudoers.c, plugins/sudoers/timestamp.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/toke_util.c, plugins/sudoers/visudo.c,
	plugins/sudoers/visudo_json.c:
	The sudoers plugin now defines its own list of debugging subsystem
	names and defines.
	[e85d0375e059]

	* MANIFEST, include/sudo_debug.h, lib/util/aix.c, lib/util/event.c,
	lib/util/event_poll.c, lib/util/event_select.c, lib/util/gidlist.c,
	lib/util/key_val.c, lib/util/lbuf.c, lib/util/locking.c,
	lib/util/parseln.c, lib/util/secure_path.c, lib/util/setgroups.c,
	lib/util/strtobool.c, lib/util/strtoid.c, lib/util/strtomode.c,
	lib/util/sudo_conf.c, lib/util/sudo_debug.c, lib/util/term.c,
	lib/util/ttysize.c, lib/util/util.exp.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/alias.c,
	plugins/sudoers/audit.c, plugins/sudoers/auth/afs.c,
	plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/bsdauth.c,
	plugins/sudoers/auth/dce.c, plugins/sudoers/auth/fwtk.c,
	plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/rfc1938.c,
	plugins/sudoers/auth/secureware.c, plugins/sudoers/auth/securid5.c,
	plugins/sudoers/auth/sia.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/base64.c, plugins/sudoers/boottime.c,
	plugins/sudoers/bsm_audit.c, plugins/sudoers/check.c,
	plugins/sudoers/defaults.c, plugins/sudoers/env.c,
	plugins/sudoers/find_path.c, plugins/sudoers/getspwuid.c,
	plugins/sudoers/goodpath.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/group_plugin.c,
	plugins/sudoers/hexchar.c, plugins/sudoers/interfaces.c,
	plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c,
	plugins/sudoers/ldap.c, plugins/sudoers/linux_audit.c,
	plugins/sudoers/logging.c, plugins/sudoers/logwrap.c,
	plugins/sudoers/match.c, plugins/sudoers/match_addr.c,
	plugins/sudoers/parse.c, plugins/sudoers/policy.c,
	plugins/sudoers/prompt.c, plugins/sudoers/pwutil.c,
	plugins/sudoers/pwutil_impl.c, plugins/sudoers/redblack.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sssd.c,
	plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoers_debug.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/timestamp.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, plugins/sudoers/toke_util.c,
	plugins/sudoers/visudo.c, plugins/sudoers/visudo_json.c,
	src/Makefile.in, src/exec.c, src/exec_common.c, src/exec_pty.c,
	src/get_pty.c, src/hooks.c, src/load_plugins.c, src/net_ifs.c,
	src/parse_args.c, src/preserve_fds.c,
	src/regress/ttyname/check_ttyname.c, src/selinux.c, src/sesh.c,
	src/signal.c, src/solaris.c, src/sudo.c, src/sudo.h,
	src/sudo_edit.c, src/tgetpass.c, src/ttyname.c, src/utmp.c:
	Add support for multiple Debug lines per program. Callers may
	register arbitrary debug facilities or use built-in defaults. We now
	use separate Debug statements for plugins and programs.
	[5e553cbbfbb1]

	* MANIFEST, doc/sudo.conf.cat, doc/sudo.conf.man.in,
	doc/sudo.conf.mdoc.in, doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, include/sudo_conf.h, include/sudo_debug.h,
	lib/util/Makefile.in, lib/util/regress/sudo_conf/conf_test.c,
	lib/util/regress/sudo_conf/test7.in,
	lib/util/regress/sudo_conf/test7.out.ok, lib/util/sudo_conf.c,
	lib/util/sudo_debug.c, lib/util/util.exp.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/solaris_audit.c,
	plugins/sudoers/sssd.c, plugins/sudoers/sudoers.h, src/hooks.c,
	src/load_plugins.c, src/parse_args.c, src/sudo.c,
	src/sudo_plugin_int.h:
	Change how sudo.conf is parsed. We now do a quick parse and then set
	the values after the entire file has been parsed. This lets us init
	the debug system earlier. Plugin-specific debug flags are now stored
	in struct plugin_info and struct plugin_container and passed to the
	plugin via one or more debug_flags settings.
	[62fb1102e1e2]

	* src/parse_args.c, src/sudo.c, src/sudo.h:
	Return settings from parse_args as struct sudo_settings and format
	for the plugin at plugin open time. This will allow for additional,
	plugin-specific settings to be added to the array.
	[167929871b94]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, include/sudo_plugin.h, src/load_plugins.c,
	src/sudo.c, src/sudo_plugin_int.h:
	Pass plugin path in the settings array.
	[45bc2d087115]

	* plugins/sudoers/parse.c:
	Remove an unneeded NULL check to quiet a cppcheck warning.
	[64cb92122658]

2014-10-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in:
	Set locale to C for visudo and testsudoers regression tests. Bug
	#672
	[adf7997a0a65]

2014-10-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/linux_audit.c:
	Fix logic bug. We only want to return -1 from linux_audit_open()
	when audit_open() fails and errno is not one of EINVAL,
	EPROTONOSUPPORT, or EAFNOSUPPORT. For those errno values, we return
	AUDIT_NOT_CONFIGURED which is not a fatal error. Bug #671
	[6f0d8f1c7648]

2014-10-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Add back fix for Bug #663
	[a3dfc76ee776]

2014-10-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	The older style bash function exporting is not used by post-
	shellshock versions of bash.
	[223efe328e86]

	* plugins/sudoers/env.c:
	Apple uses a different variant of the BASH_FUNC prefix for bash
	functions.
	[ea13c8c2a716]

2014-10-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Remove change that is part of 1.8.12 not 1.8.11p1
	[8fdad4c4f314]

	* NEWS, configure, configure.ac:
	Update for sudo 1.8.11p1
	[80e9898f7c04]

	* src/regress/ttyname/check_ttyname.c:
	Only check stdin for the tty and avoid the check entirely if we
	don't have a way to get the tty from the kernel. Bug #643
	[deb799e16416]

	* lib/util/sudo_debug.c:
	Make a copy of ap in sudo_debug_vprintf2() in case the static buffer
	is not big enough and we need to call vasprintf().
	[a5d32b9d63be]

	* src/sudo.c:
	Avoid comparing new cwd with old one if getcwd() failed. Bug #670
	[e99093578ca7]

	* plugins/sudoers/env.c:
	Fix debugging printout output for env_should_keep()
	[a9e7ea4b6751]

2014-10-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, include/Makefile.in:
	Use INSTALL_OWNER instead of -O/-G flags so we can work with the
	autotools install-sh too. Bug #669
	[a5f87f6a52b7]

	* plugins/sudoers/policy.c, plugins/sudoers/sudoers.c:
	Move sudo_printf to policy.c to match sudo_conv.
	[f2d6065c3daf]

2014-10-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, include/sudo_fatal.h, lib/util/Makefile.in,
	lib/util/fatal.c, lib/util/sudo_printf.c, lib/util/util.exp.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/sudo_printf.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	src/conversation.c, src/sudo.c, src/sudo_plugin_int.h:
	Add sudo_warn_set_conversation() to specify a conversation function
	to use for warn/fatal. If no conversation function is specified, the
	standard error will be used. We now only need sudo_printf() for
	things that use the parser.
	[d6049e53e3e3]

2014-10-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Use correct names when referring to subsections in the sudoers
	manual.
	[7a016916f0ab]

2014-10-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, config.h.in, configure, configure.ac,
	lib/util/inet_ntop.c, src/net_ifs.c:
	Use inet_ntop() instead of inet_ntoa() and include a version for
	systems that are missing it.
	[1a1a70dba9c0]

2014-10-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Fix detection of functions in network libs like -lsocket, -lnsl and
	-linet when we have already added those libs to NET_LIBS. Fixes a
	problem where inet_pton() was not detected on Solaris.
	[27e10183649e]

	* NEWS:
	Mention --disable-shared-libutil fix.
	[7efe70688237]

	* src/Makefile.in:
	Always use --tag=disable-static to avoid installing a static
	sudo_noexec.
	[5d7d58879f99]

	* configure, configure.ac, lib/util/Makefile.in,
	plugins/sudoers/Makefile.in:
	Instead of building libutil statically for --disable-shared-libutil,
	just treat it as a convenience library. Do the same with sudoers for
	--enable-static-sudoers. Fixes link errors on Solaris among others
	when --disable-shared-libutil is used.
	[c5357fe78ab7]

	* configure, configure.ac, lib/util/Makefile.in,
	plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in:
	Remove LT_LDMAP and LT_LDOPT and just use LT_LDEXPORTS for the
	compiler-specific option to restrict symbol exporting.
	[09e8dab6f528]

	* src/preload.c:
	Include sys/types.h to get gid_t, etc used in sudo_compat.h. Fixes a
	build issue on Solaris.
	[b8917967df41]

2014-09-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/regress/ttyname/check_ttyname.c:
	Fix cust & pasto in error message when there is a mismatch between
	the sudo and libc ttys. From Diego Elio Petteno'. Bug #643
	[87d5f1a49535]

2014-09-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/env.c:
	Add BASH_FUNC_* to environment blacklist for newer-style bash
	functions.
	[b6e66c4a782e]

	* Makefile.in:
	Pull additional password prompts out of mkpkg instead of hard-coding
	them.
	[d2a6da883b34]

	* NEWS:
	Add post-1.8.11 changes
	[11169ace8fa4]

	* Makefile.in, configure.ac, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/sia.c, plugins/sudoers/po/sudoers.pot:
	Add a space after "Password:" in default password prompt so it is
	easier to read when pwfeedback is enabled.
	[a7750d845b5b]

	* plugins/sudoers/auth/sudo_auth.c:
	Simplify how we count the password tries
	[71b9f2021561]

	* plugins/sudoers/auth/sia.c, plugins/sudoers/auth/sudo_auth.c:
	Block SIGINT and SIGQUIT while verifying passwords so that
	authentication modules that use sleep() are not interrupted. If the
	user interrupted authentication, exit the loop.
	[1cfafd7fcb13]

	* configure, configure.ac:
	Remove Convex support; it is not modern enough to run sudo 1.8.
	[c3bdfbb2ee11]

	* configure, configure.ac:
	Only check for -lshadow if we haven't already found getspnam() in
	libc. Rather than treat this specially, just add -lshadow as another
	place to search in addition to -lgen.
	[fdf06757f25d]

2014-09-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/sudo_auth.c:
	If all authentication methods fail init/setup, fail with an error.
	[4cd0481bf05e]

	* plugins/sudoers/auth/sudo_auth.c:
	Move pass_warn() so that it is defined before it is called().
	[6ea697e89fef]

2014-09-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* pp:
	Remove duplicate Requires: line in generated rpm spec file.
	[335703b110c7]

	* pp:
	In pp_files_expand() set _target to be empty. Fixes a problem with
	Solaris sh where simply using typeset doesn't causes the variable to
	be treated as local so we can inadvertantly inherit a value from a
	previous call.
	[f3cecca3c7b0]

2014-09-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Fix version for release.
	[39f6a2e9a098]

2014-09-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac, pathnames.h.in:
	Only redefine _PATH_BSHELL on AIX if we included paths.h.
	[2dd4e808f69f]

	* NEWS:
	Bug 661
	[7f2b278086b2]

	* pathnames.h.in, src/exec_common.c, src/sudo.c:
	On AIX, _PATH_BSHELL is /usr/bin/bsh but we want to use /usr/bin/sh
	(which is usually ksh). This makes sudo's behavior when executing a
	shell without the #! magic number match execvp() on AIX.
	[2b438ff99991]

	* pathnames.h.in:
	Whitespace changes.
	[107f66ecfa54]

	* configure, m4/sudo.m4:
	Prefer /usr/bin/sh to /bin/sh to match modern systems.
	[9e2ccb5b239f]

	* NEWS, lib/util/Makefile.in:
	Don't use SSP_CFLAGS or PIE_CFLAGS when building mksiglist/mksigname
	as they are built with the host compiler which may be different when
	cross-compiling. From Gustavo Zacarias. Bug 662.
	[f1a6d58c0baa]

2014-09-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/sr.mo, plugins/sudoers/po/sr.po, po/cs.mo,
	po/cs.po, po/de.mo, po/de.po, po/eo.mo, po/eo.po, po/fi.mo,
	po/fi.po, po/nb.mo, po/nb.po, po/pl.mo, po/pl.po, po/pt_BR.mo,
	po/pt_BR.po, po/ru.mo, po/ru.po, po/sr.mo, po/sr.po, po/uk.mo,
	po/uk.po, po/vi.mo, po/vi.po, po/zh_CN.mo, po/zh_CN.po:
	Sync with translationproject.org
	[588c41d2eab5]

2014-09-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudo_nss.c:
	Make sure we can't insert an nss entry in the list that has already
	been used before.
	[b5fab945991b]

	* plugins/sudoers/visudo_json.c:
	Use correct gettext macro with sudo_warnx()
	[0a532986b016]

	* NEWS:
	Make nsswitch.conf bug fix description more accurrate. It affects
	the "files" nsswitch source too.
	[a29cce3a3ee9]

	* NEWS:
	Mention nsswitch.conf duplicate entry fix.
	[f8a45b59a577]

2014-09-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/parse.c, plugins/sudoers/sudoers.h:
	Make sudoers file nsswitch functions static to parse.c since they
	are self-contained.
	[cf22385d0659]

	* plugins/sudoers/sudo_nss.c:
	Fix infinite loop when mulitple sudoers entries are present in
	nsswitch.conf. From Daniel Kopecek.
	[e773e0eee736]

2014-09-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Fix for bug #660
	[e25192ad79cc]

	* src/get_pty.c:
	Fix compilation on systems without openpty(), _getpty() or
	grantpt(). From Vasilyy Balyasnyy
	[897280412e3e]

2014-09-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/conversation.c:
	Remove remaining use of SUDO_CONV_DEBUG_MSG.
	[4ee756b687ea]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, include/sudo_plugin.h:
	SUDO_CONV_DEBUG_MSG is no longer supported.
	[7bf46cf06578]

	* doc/sudo.conf.cat, doc/sudoers.cat:
	regen
	[5bff0d4d3956]

	* include/sudo_debug.h, lib/util/sudo_debug.c, lib/util/sudo_printf.c,
	plugins/sudoers/iolog.c, plugins/sudoers/policy.c:
	There is no longer a reason for the plugin to init the debug
	subsystem itself. It will always be initialized by the front-end if
	needed.
	[970dd80a9e3c]

	* include/sudo_alloc.h, include/sudo_compat.h, include/sudo_fatal.h:
	Add function arg names to prototypes where missing.
	[e78dc4c48521]

	* lib/util/alloc.c:
	Remove obsolete definition of SIZE_T which is now handled by
	sudo_compat.h and rename the format arg to fmt in
	sudo_evasprintf_v1() for consistency with sudo_easprintf_v1().
	[72c0fc5e5114]

	* src/parse_args.c:
	If we were invoked with any name ending in "edit", treat as
	sudoedit.
	[d307572f08bc]

2014-09-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* po/sudo.pot:
	regen
	[31c115ffbba8]

	* src/exec.c, src/exec_pty.c, src/signal.c:
	Check return value of sigaction(), even though it should never fail.
	[75c578e6a07c]

2014-09-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/Makefile.in, src/Makefile.in:
	regen
	[2fcb390e8e89]

	* MANIFEST, plugins/sudoers/Makefile.in,
	plugins/sudoers/regress/parser/check_hexchar.c:
	Add hexchar unit test
	[de65e0ded4a2]

	* plugins/sudoers/regress/parser/check_addr.c:
	Avoid division by zero if there was no test data.
	[de3324077ba0]

2014-09-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/event.c:
	Remove confusing comment.
	[ee1765a06b94]

	* lib/util/sudo_debug.c:
	Use a stack buffer for the debug message when possible, most are
	small.
	[945fb94a7aaf]

2014-09-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/ca.mo, plugins/sudoers/po/ca.po, po/ca.mo,
	po/ca.po:
	Sync with translationproject.org
	[661d536a7599]

2014-08-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c:
	Convert a debug printf to a user-visible warning.
	[c3866eaea3ec]

	* include/sudo_fatal.h, include/sudo_util.h, lib/util/fatal.c:
	Move sudo_printf extern to sudo_util.h
	[50275ef999e9]

	* include/sudo_fatal.h, include/sudo_lbuf.h, lib/util/fatal.c,
	lib/util/lbuf.c:
	Some versions of the HP C Compiler don't export functions that take
	function pointers as arguments unless a typedef is used.
	[97cc0525dbd7]

	* include/sudo_lbuf.h:
	Work around a bug in the HP C compiler.
	[5c902aefeba6]

	* lib/util/lbuf.c:
	Don't need sudo_fatal.h
	[bccfe4df4794]

2014-08-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* po/da.mo, po/da.po:
	Sync with translationproject.org
	[7910e3fc0f3e]

	* src/exec.c:
	Remove signal_event from evbase before calling sudo_ev_loopexit()
	when the command has exited or been killed. It is possible that we
	could receive another signal on the pipe if they are delivered out
	of order.
	[b8ed1c9482b4]

2014-08-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	Treat EOF on signal pipe (which should never happen) as ECONNRESET.
	[eb57e9047a2c]

	* include/sudo_event.h, lib/util/event.c, src/exec_pty.c:
	Don't allow sudo_ev_loopcont() to override sudo_ev_loopexit()
	[b6b53eacbc61]

	* include/sudo_event.h, lib/util/event.c, lib/util/event_poll.c,
	lib/util/event_select.c:
	Add some internal convenience functions.
	[b01063d82347]

2014-08-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Fix osrelease sed expression. It wasn't matching distros with a
	single digit version such as sles9.
	[44f3e9b7e6c0]

	* plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po, po/cs.mo,
	po/cs.po, po/de.mo, po/de.po, po/eo.mo, po/eo.po, po/fi.mo,
	po/fi.po, po/it.mo, po/it.po, po/nb.mo, po/nb.po, po/pl.mo,
	po/pl.po, po/pt_BR.mo, po/pt_BR.po, po/ru.mo, po/ru.po, po/uk.mo,
	po/uk.po, po/vi.mo, po/vi.po, po/zh_CN.mo, po/zh_CN.po:
	Sync with translationproject.org
	[5b2c6063db75]

	* plugins/sudoers/iolog.c:
	Return -1 from logging functions if we get a write error.
	[a3ae43d54101]

	* NEWS:
	Mention I/O plugin changes.
	[0bd2e99fe87a]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, include/sudo_plugin.h, src/exec_pty.c:
	Change behavior when plugin I/O logging function returns 0 or -1.
	For -1 (error) return, we now kill the command and disable the I/O
	logging function that returned the error. For a 0 (reject) return,
	we no longer display the rejected output to the user's terminal. The
	plugin API revision is now 1.6.
	[27bb504860f3]

	* doc/sudoers.cat:
	regen to fix version.
	[641ea29b7dd3]

	* plugins/sample/sample_plugin.c:
	Add trivial dirty word check to the sample output logging function.
	[a14494b87b4d]

2014-08-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Update for 1.8.11b2
	[72ac1f26ba78]

	* src/sudo_edit.c:
	Fix restoration of effective uid/gid in command_details. This masked
	the effects an unset (really zero) egid. Bug 656
	[b75eed459386]

	* src/sudo.c:
	Set runas egid to the same value as runas gid if egid not specified
	by the plugin. Only affects new files created by sudoedit. Bug #656
	[f2daabba4912]

	* src/sudo_edit.c:
	Don't leak temp fd in sudo_edit_copy_tfiles(). Fix fd leak in error
	path in sudo_edit_copy_tfiles().
	[465d6a79b5cf]

2014-08-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	fix typo
	[a4659abcbc1d]

	* src/signal.c:
	We write an unsigned char, not an int, to the signal pipe.
	[fae4217be608]

2014-08-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo_edit.c:
	Sprinkle some debugging around uid/gid setting in sudoedit.
	[15e4a337f0b0]

	* src/sesh.c, src/sudo.c, src/sudo.h, src/sudo_edit.c,
	src/sudo_exec.h:
	Make sudoedit work with SELinux RBAC. Adapted from RedHat patches
	(Daniel Kopecek) but made to behave a bit more like the non-SELinux
	bits.
	[8f3f7969220f]

	* src/sudo_edit.c:
	Refactor code that copies temp files into separate functions.
	[b1057f4bee87]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in:
	Fix typo, .em should be .Em
	[ec28aa3bdd6a]

2014-08-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sesh.c:
	Add missing call to initprogname().
	[71040679765f]

	* lib/util/sudo_debug.c, lib/util/sudo_printf.c:
	Don't recurse infinitely until we blow the stack when the debug file
	can't be opened in the front-end. The conversation-type debug mode
	will be removed in the future.
	[38cd1a6343c2]

2014-08-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Only use the first two digits of the version number. Fixes a problem
	on RHEL 7 which has version numbers like 7.0.1406
	[272727fd57fb]

	* plugins/sudoers/linux_audit.c:
	Fix return value when kernel has no audit support.
	[7ca1c9857058]

	* lib/util/progname.c:
	remove unused label
	[4179ea1ffa3a]

2014-08-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* aclocal.m4, autogen.sh:
	Update to automake 1.14 (no code changes).
	[5e04db4f7c5d]

2014-08-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document the interaction between sudoers environment handling and
	the pam_env module.
	[bd56868f078c]

	* plugins/sudoers/env.c:
	Don't allow pam_env to overwrite existing variables when env_reset
	is disabled unless the variables match the black list and would
	normally be removed. It may just be better to never overwrite when
	env_reset is disabled.
	[e0ae88fce535]

2014-08-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	Update year range to include 2014
	[6b3b5f3fa791]

2014-08-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/Makefile.in:
	Remove regress .err files in distclean target.
	[d66a4f1db130]

	* lib/util/Makefile.in, plugins/group_file/Makefile.in,
	plugins/sample/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/system_group/Makefile.in:
	Remove generated files for linker as part of distclean.
	[5d1bf6c32c6b]

	* .hgignore:
	Ignore .out and .err files in lib/util regress
	[9f4d91e77c0f]

	* NEWS:
	Add additional 1.8.11 changes and fix typos.
	[7980e2abb6ea]

	* configure, configure.ac, plugins/sudoers/Makefile.in:
	Avoid building/running the check_symbols test program unless we are
	building a shared sudoers plugin.
	[a6bde1a12111]

	* plugins/sudoers/Makefile.in, src/Makefile.in:
	Remove two instances of -no-fast-install that were missed before.
	[8a2c89cdf252]

	* INSTALL, NEWS, configure, configure.ac, lib/util/Makefile.in:
	Add --disable-shared-libutil configure option. It may only be used
	in conjunction with the --enable-static-sudoers option.
	[e19c71464399]

2014-08-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/Makefile.in:
	Remove noop man.sed files Use full path instead of $@.in when
	calling config.status with --file=-
	[53c69928427e]

	* src/preserve_fds.c:
	Fix "sudo -C" when we have internal fds to preserve from
	closefrom().
	[942db66345ea]

2014-08-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/env.c:
	Add explicit support for matching the full environment string
	(name=value). Bash functions may now be preserved for full matches,
	but not for name-only matches.
	[f4d816e11f66]

2014-08-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* .hgignore:
	Ignore lib/util/util.exp
	[e08306ca6a6d]

2014-07-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Fix exporting of asprintf/vasprintf symbols.
	[5ff59bdeb501]

	* configure, configure.ac:
	Don't export getaddrinfo symbols if we found the function in a
	library.
	[3bf4a5d3cfdb]

	* src/sudo_edit.c:
	It is now sudo_efree() not efree(). Don't try to free a pointer to
	garbage on error.
	[51a1ddaa220d]

	* plugins/sudoers/po/sudoers.pot, po/sudo.pot:
	Regen .pot files
	[8c46fe51d32e]

2014-07-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo_edit.c:
	Plug memory leak, even though we are headed for exit.
	[e2b28ddffabe]

	* configure, configure.ac, lib/util/Makefile.in,
	plugins/sudoers/Makefile.in:
	If getaddrinfo() is missing libsudoutil may need to pull in
	networking libraries.
	[4d6724d54927]

	* MANIFEST, configure, configure.ac, include/sudo_compat.h,
	lib/util/Makefile.in, lib/util/util.exp, lib/util/util.exp.in,
	m4/sudo.m4:
	Only include functions in util.exp that are actually in the library.
	Fixes a problem on Solaris where undefined functions that are listed
	as exported in the map file result in a link error. Also make sure
	we use our glob.c if the system is missing glob().
	[3121ad215f1e]

	* configure, configure.ac:
	Make sure shadow libs don't end up in LIBS, only SUDOERS_LIBS (and
	SUDO_LIBS if set_auth_parameters() or initprivs() are present.
	[fb084b157c76]

	* configure.ac:
	No need to AC_SUBST HAVE_BSM_AUDIT and HAVE_SOLARIS_AUDIT
	[5d73ccf3a7b9]

2014-07-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c, src/exec_pty.c, src/sudo_exec.h:
	Attempt to handle systems with SA_SIGINFO but that lack SI_USER.
	[0c8b09861ad5]

	* config.h.in, configure, configure.ac, include/sudo_compat.h:
	Replace use of HAVE_GETCWD with PREFER_PORTABLE_GETCWD. It is safe
	to assume getcwd() exists, we just need to handle broken ones.
	[e897223a8f38]

	* config.h.in, configure, configure.ac, plugins/sudoers/Makefile.in:
	Add check for inet_ntoa() since it may live in libnsl. Make getcwd()
	replacement private to the SunOS 4 section.
	[8e2cd0fdd6cd]

	* plugins/sudoers/match.c:
	Avoid mixing declarations and code for non-C99 compilers.
	[1fa5cf2356fd]

	* include/sudo_debug.h:
	For C89, use "const char __func__[]" instead of "const char
	*__func__".
	[c4e9f9d6691b]

	* plugins/sudoers/match.c:
	Fix compilation on systems w/o netgroups.
	[57deb66ef8ff]

2014-07-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/preserve_fds.c:
	Back out old workaround for sudoedit hang when debugging was
	enabled.
	[f547bf80c436]

	* src/sudo_edit.c:
	Don't memcpy() the preserved_fds TAILQ as the pointers into the head
	will be wrong. All we need to do is save the old command details and
	restore them after calling run_command(). Fixes a hang with sudoedit
	when debugging is enabled.
	[84ff8e1f490a]

2014-07-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo.c:
	The default policy close function should only print an error message
	if the error_code is non-zero.
	[2032c9e33e3f]

	* src/preserve_fds.c:
	If there the preserved fds list is empty, add a new element with
	TAILQ_INSERT_HEAD instead of TAILQ_INSERT_TAIL to avoid an infinite
	loop on AIX, Solaris and possibly others when debug mode is active.
	[63cefe22c515]

	* lib/util/progname.c:
	Remove support for getting program name via /proc as pr_fname is
	usually filled in after symbolic links have been processed, even on
	Solaris.
	[0460c613753c]

	* lib/util/Makefile.in:
	Use shlib_enable instead of soext when determining whether to
	install the library.
	[d46640a7733c]

	* lib/util/regress/atofoo/atofoo_test.c:
	Avoid potential division by zero
	[6411d276a138]

	* lib/util/Makefile.in:
	Don't link progname test with libsudo_util, just link in progname.lo
	directly since that is all we need. Avoid a linker issue on darwin.
	[ee6210ee5cc0]

	* lib/util/progname.c:
	Remove pstat_getproc() path as pst_ucomm on HP-UX will return the
	target of a symbolic link and not the name of the link itself. Avoid
	using pr_fname on AIX for the same reason. Bug 654
	[36aced8e3714]

	* MANIFEST, lib/util/Makefile.in,
	lib/util/regress/progname/progname_test.c:
	Add test for getprogname() and symbolic links; bug 654
	[fbbe9faeda46]

2014-07-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.conf.cat, doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in:
	Document tracing
	[cfd7f14d596d]

2014-07-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* lib/util/util.exp:
	sudo_term_{erase,kill} are regular symbols not functions.
	[3454a9c1328b]

2014-07-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	Fix NULL deref if base64_decode returns -1.
	[d03e207b1bb8]

	* MANIFEST, include/missing.h, include/sudo_compat.h,
	lib/util/Makefile.in, lib/util/aix.c, lib/util/alloc.c,
	lib/util/clock_gettime.c, lib/util/closefrom.c, lib/util/event.c,
	lib/util/event_poll.c, lib/util/event_select.c, lib/util/fatal.c,
	lib/util/fnmatch.c, lib/util/getaddrinfo.c, lib/util/getcwd.c,
	lib/util/getgrouplist.c, lib/util/getline.c, lib/util/getopt_long.c,
	lib/util/gidlist.c, lib/util/glob.c, lib/util/inet_pton.c,
	lib/util/isblank.c, lib/util/key_val.c, lib/util/lbuf.c,
	lib/util/locking.c, lib/util/memrchr.c, lib/util/memset_s.c,
	lib/util/mksiglist.c, lib/util/mksigname.c, lib/util/mktemp.c,
	lib/util/parseln.c, lib/util/progname.c, lib/util/pw_dup.c,
	lib/util/regress/atofoo/atofoo_test.c,
	lib/util/regress/fnmatch/fnm_test.c,
	lib/util/regress/glob/globtest.c,
	lib/util/regress/sudo_conf/conf_test.c,
	lib/util/regress/sudo_parseln/parseln_test.c,
	lib/util/regress/tailq/hltq_test.c, lib/util/secure_path.c,
	lib/util/setgroups.c, lib/util/sha2.c, lib/util/sig2str.c,
	lib/util/snprintf.c, lib/util/strlcat.c, lib/util/strlcpy.c,
	lib/util/strsignal.c, lib/util/strtobool.c, lib/util/strtoid.c,
	lib/util/strtomode.c, lib/util/strtonum.c, lib/util/sudo_conf.c,
	lib/util/sudo_debug.c, lib/util/sudo_dso.c, lib/util/sudo_printf.c,
	lib/util/term.c, lib/util/ttysize.c, lib/util/utimes.c,
	plugins/group_file/Makefile.in, plugins/group_file/getgrent.c,
	plugins/group_file/group_file.c, plugins/sample/Makefile.in,
	plugins/sample/sample_plugin.c, plugins/sudoers/Makefile.in,
	plugins/sudoers/audit.c, plugins/sudoers/base64.c,
	plugins/sudoers/boottime.c, plugins/sudoers/bsm_audit.c,
	plugins/sudoers/getdate.c, plugins/sudoers/getdate.y,
	plugins/sudoers/hexchar.c, plugins/sudoers/linux_audit.c,
	plugins/sudoers/locale.c, plugins/sudoers/redblack.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_base64.c,
	plugins/sudoers/regress/parser/check_digest.c,
	plugins/sudoers/regress/parser/check_fill.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/timestr.c, plugins/system_group/Makefile.in,
	plugins/system_group/system_group.c, src/Makefile.in,
	src/locale_stub.c, src/net_ifs.c, src/preload.c,
	src/regress/ttyname/check_ttyname.c, src/sesh.c, src/sudo.h,
	src/sudo_noexec.c:
	Rename missing.h -> sudo_compat.h
	[ddcc945a0f87]

	* MANIFEST, include/secure_path.h, include/sudo_util.h,
	lib/util/Makefile.in, lib/util/secure_path.c, lib/util/sudo_conf.c,
	plugins/sudoers/Makefile.in, plugins/sudoers/sudoers.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/timestamp.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Merge secure_path.h -> sudo_util.h
	[0385dfbf2e2d]

	* include/secure_path.h, include/sudo_alloc.h, include/sudo_conf.h,
	include/sudo_dso.h, include/sudo_event.h, include/sudo_fatal.h,
	include/sudo_lbuf.h, include/sudo_util.h, lib/util/aix.c,
	lib/util/alloc.c, lib/util/event.c, lib/util/fatal.c,
	lib/util/gidlist.c, lib/util/key_val.c, lib/util/lbuf.c,
	lib/util/locking.c, lib/util/parseln.c, lib/util/secure_path.c,
	lib/util/setgroups.c, lib/util/strtobool.c, lib/util/strtoid.c,
	lib/util/strtomode.c, lib/util/sudo_conf.c, lib/util/sudo_dso.c,
	lib/util/term.c, lib/util/ttysize.c, lib/util/util.exp,
	plugins/sudoers/locale.c, src/locale_stub.c:
	Version the functions in libsudo_util
	[c6d6eba95bb4]

2014-07-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/gettext.h, include/sudo_gettext.h, lib/util/Makefile.in,
	lib/util/aix.c, lib/util/alloc.c, lib/util/fatal.c,
	lib/util/gidlist.c, lib/util/strsignal.c, lib/util/strtoid.c,
	lib/util/strtomode.c, lib/util/strtonum.c, lib/util/sudo_conf.c,
	lib/util/sudo_debug.c, plugins/sudoers/Makefile.in,
	plugins/sudoers/audit.c, plugins/sudoers/bsm_audit.c,
	plugins/sudoers/linux_audit.c, plugins/sudoers/locale.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoreplay.c,
	src/Makefile.in, src/locale_stub.c, src/net_ifs.c, src/sesh.c,
	src/sudo.h:
	Rename gettext.h -> sudo_gettext.h
	[7f6b44473b8f]

	* include/fatal.h, include/sudo_fatal.h, lib/util/Makefile.in,
	lib/util/aix.c, lib/util/alloc.c, lib/util/event.c,
	lib/util/event_poll.c, lib/util/event_select.c, lib/util/fatal.c,
	lib/util/getopt_long.c, lib/util/gidlist.c, lib/util/lbuf.c,
	lib/util/regress/atofoo/atofoo_test.c,
	lib/util/regress/tailq/hltq_test.c, lib/util/sudo_conf.c,
	lib/util/sudo_debug.c, plugins/sudoers/Makefile.in,
	plugins/sudoers/bsm_audit.c, plugins/sudoers/linux_audit.c,
	plugins/sudoers/locale.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoreplay.c,
	src/Makefile.in, src/locale_stub.c, src/net_ifs.c,
	src/regress/ttyname/check_ttyname.c, src/sesh.c, src/sudo.h:
	Rename fatal.h -> sudo_fatal.h
	[bef3401dbb24]

	* include/queue.h, include/sudo_conf.h, include/sudo_event.h,
	include/sudo_queue.h, lib/util/Makefile.in, lib/util/fatal.c,
	lib/util/regress/tailq/hltq_test.c, plugins/sudoers/Makefile.in,
	plugins/sudoers/regress/parser/check_fill.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoreplay.c,
	src/Makefile.in, src/hooks.c:
	Rename queue.h -> sudo_queue.h to avoid collisions with the system
	version.
	[473614fdde5a]

	* include/sudo_debug.h, lib/util/sudo_debug.c:
	Conver sudo_debug_write() to a macro
	[0f110f27a23c]

2014-07-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/fixman.sh, doc/fixmdoc.sh:
	Fix man page post-processing; it was deleting more than intended.
	[716af03dcfb7]

2014-07-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/Makefile.in:
	Remove double $(srcdir) when running sed scripts.
	[16add67ae550]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	"an EXEC tag" not "a EXEC tag"
	[9ac1b8e322f9]

	* doc/sudoers.cat:
	Document that I/O logging is not enabled by default.
	[08fca95dd5a4]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document that exec_background is off by default.
	[87fe5defff58]

2014-07-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sesh.c:
	Error out if sesh is run as a login shell but the shell it needs to
	run has no slash. This shouldn't happen in practice.
	[10ff502888ee]

	* MANIFEST, include/compat/mksiglist.h, include/compat/mksigname.h,
	lib/util/Makefile.in, lib/util/mksiglist.c, lib/util/mksiglist.h,
	lib/util/mksigname.c, lib/util/mksigname.h:
	Move mksiglist.h and mksigname.h to lib/util where they belong.
	[d01046c69060]

	* config.h.in, configure, configure.ac, include/missing.h,
	lib/util/progname.c, lib/util/util.exp, plugins/sudoers/Makefile.in:
	Avoid passing -no-fast-install to libtool as this results in the
	build dir being left in the library path of the installed
	executable. Instead, we remove the "lt-" prefix from the program
	name in initprogname() so that the regress test output is unaffected
	by libtool's binary wrapper.
	[75d1563e95b4]

	* sudo.pp:
	Fix syntax error with some shells.
	[91e8da7702c5]

2014-07-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Force libtool to use runtime linking on AIX so that it installs the
	plugins as .so files and not .a files.
	[ae66488bd9ca]

	* plugins/sudoers/ldap.c:
	Be sure to NUL-terminate the decoded secret when converting from
	base64.
	[b3dc463c8882]

	* plugins/sudoers/ldap.c:
	Fix a pointer signednes warning calling base64_decode().
	[74f7354867a3]

	* lib/util/getgrouplist.c:
	Use sudo_strtoid() now that it is located in the same library.
	[4868532e2d65]

	* lib/util/strtoid.c:
	Skip leading space (ala strtol) so that we can pick up the sign even
	if it is not the first character of the string.
	[148ee633c6a4]

2014-07-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	For sudoedit, audit the actual editor being run, not just the
	sudoedit command.
	[59a5b0ad36af]

	* src/selinux.c:
	Audit failed user role changes. RedHat bz #665131
	[cf9777687124]

	* plugins/sudoers/Makefile.in:
	Avoid running check_symbols for static sudoers
	[71b13bada1ce]

	* plugins/sudoers/regress/visudo/test3.err.ok,
	plugins/sudoers/regress/visudo/test3.sh:
	Adapt to unused alias changes.
	[4b58e36c3d8f]

	* doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in,
	plugins/sudoers/visudo.c:
	An unused alias is not really an error, even in strict mode. RedHat
	bz #604297
	[f10b3b7ec5a6]

	* src/sesh.c:
	When running a login shell via sesh, make new argv[0] -shell, not
	/path/to-shell. RedHat bz #1065418
	[414cb512f102]

2014-07-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	The RHEL sudo package allows users in group wheel to run sudo.
	[9f22020a57cf]

	* Makefile.in, sudo.pp:
	Avoid packaging parent directories when they are system directories.
	Currently we just skip this when prefix is /usr
	[93ccede545cd]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Fix typo: sudo.d -> sudoers.d. From RedHat bz #726634
	[1c99a4fd9c7d]

	* mkpkg:
	RHEL 6 and above use /etc/sudo-ldap.conf not /etc/ldap.conf
	[ce3216e4390a]

	* pp:
	For rpm, do not specify a mode in %attr for symbolic links. Avoids
	the warning "Explicit %attr() mode not applicaple to symlink"
	[3f5a80ed5081]

2014-07-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/sudo_alloc.h, lib/util/aix.c, lib/util/event.c,
	lib/util/event_poll.c, lib/util/event_select.c, lib/util/fatal.c,
	lib/util/lbuf.c, lib/util/sudo_conf.c, plugins/sudoers/alias.c,
	plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/kerb5.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/passwd.c,
	plugins/sudoers/auth/secureware.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/check.c, plugins/sudoers/defaults.c,
	plugins/sudoers/env.c, plugins/sudoers/find_path.c,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/group_plugin.c, plugins/sudoers/interfaces.c,
	plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c,
	plugins/sudoers/ldap.c, plugins/sudoers/linux_audit.c,
	plugins/sudoers/locale.c, plugins/sudoers/logging.c,
	plugins/sudoers/match.c, plugins/sudoers/policy.c,
	plugins/sudoers/pwutil.c, plugins/sudoers/pwutil_impl.c,
	plugins/sudoers/redblack.c, plugins/sudoers/sssd.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/toke_util.c, plugins/sudoers/visudo.c, src/exec.c,
	src/exec_common.c, src/exec_pty.c, src/hooks.c, src/load_plugins.c,
	src/net_ifs.c, src/preserve_fds.c,
	src/regress/ttyname/check_ttyname.c, src/selinux.c, src/sudo.c,
	src/ttyname.c:
	efree -> sudo_efree for consistency
	[7dfd16fbb6cf]

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo_plugin.cat,
	doc/sudoers.cat, doc/sudoreplay.cat, doc/visudo.cat:
	regen
	[a1d38600d34c]

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in, plugins/sudoers/ldap.c:
	Add support for base64 secrets in ldap.conf and ldap.secret. Based
	on an idea from anthony AT rlost DOT com
	[4999b78f8b6d]

2014-07-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg:
	Don't use the HP compiler in preference to gcc. Some versions have
	trouble compiling lbuf.c.
	[322daf03ab6f]

2014-07-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac, plugins/group_file/Makefile.in,
	plugins/sample/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/system_group/Makefile.in, src/Makefile.in:
	Remove @SOEXT@ and @SHLIB_EXT@ now that we use libtool to install
	shared objects. Instead, use the new @SHLIB_ENABLE@ that is set to
	the value of $enable_dlopen. For sudo_noexec.so there is nothing
	special to do since the install-noexec target is only called when
	noexec is enabled by configure.
	[4447190f212b]

	* configure, configure.ac:
	Make dynamic shared objects non-writable on HP-UX. Using writable
	DSOs can substantially increase the load time.
	[8715aff11063]

	* include/fatal.h, lib/util/fatal.c, lib/util/util.exp,
	plugins/sudoers/locale.c, src/locale_stub.c:
	Add sudo_warn_strerror() that wraps strerror() with calls to
	setlocale() in sudoers so we always get the error string in the
	user's locale. Also change _warning() to take the error number as a
	parameter instead of examining errno.
	[cc38a8389a7b]

2014-07-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, lib/util/Makefile.in, plugins/group_file/Makefile.in,
	plugins/sample/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/system_group/Makefile.in, src/Makefile.in:
	Avoid a cppcheck warning when NSIG is not defined.
	[f8e5e92bab60]

	* include/missing.h:
	Fix typos in utimes/futimes macros.
	[10f022d933c2]

2014-07-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure:
	regen
	[e351d905c0c9]

	* configure.ac:
	Fix sudo when --disable-shared configure option was specified.
	[07899f6b43f0]

	* configure, m4/libtool.m4:
	Do not set an internal name for HP-UX modules, only archives. This
	works around a problem with some versions of HP-UX ld where setting
	an internal name that doesn't end in .sl causes link errors.
	[9a049adb22aa]

	* plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/system_group/Makefile.in:
	Never build build static versions of other plugins.
	[52123c4c17bc]

	* lib/util/Makefile.in:
	Don't build a static libsudo_util.a unless we are linking sudoers
	statically.
	[9c3327977dff]

2014-06-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac, lib/util/Makefile.in,
	plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in,
	src/Makefile.in:
	Use libtool to install/uninstall the plugins and sudo_noexec.
	[18ae09c53f2e]

	* configure, ltmain.sh, m4/libtool.m4:
	Fix my typos in the HP-UX libtool patch
	[6e70066d86bb]

2014-06-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Mention Solaris audit.
	[d90efa19ca16]

	* INSTALL, MANIFEST, config.h.in, configure, configure.ac, mkdep.pl,
	plugins/sudoers/Makefile.in, plugins/sudoers/audit.c,
	plugins/sudoers/solaris_audit.c, plugins/sudoers/solaris_audit.h:
	Add Solaris audit support; from Gary Winiger at Oracle.
	[6f68a27e53f5]

	* MANIFEST:
	Sync MANIFEST with file name changes.
	[d9958df5f9da]

	* plugins/sudoers/toke.c:
	regen
	[ad82b20093c3]

	* include/sudo_util.h, lib/util/Makefile.in, lib/util/atobool.c,
	lib/util/atoid.c, lib/util/atomode.c, lib/util/getgrouplist.c,
	lib/util/gidlist.c, lib/util/regress/atofoo/atofoo_test.c,
	lib/util/strtobool.c, lib/util/strtoid.c, lib/util/strtomode.c,
	lib/util/sudo_conf.c, lib/util/util.exp,
	plugins/group_file/getgrent.c, plugins/sudoers/defaults.c,
	plugins/sudoers/iolog.c, plugins/sudoers/ldap.c,
	plugins/sudoers/match.c, plugins/sudoers/policy.c,
	plugins/sudoers/pwutil.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/tsgetgrpw.c, plugins/sudoers/visudo_json.c,
	plugins/system_group/system_group.c, src/sudo.c:
	atobool -> sudo_strtobool atoid-> sudo_strtoid atomode ->
	sudo_strtomode
	[aefe6f09f4a4]

	* lib/util/alloc.c, lib/util/event_select.c:
	Fix regexp damage when renaming erecalloc() -> sudo_erecalloc()
	[d772a34032cc]

	* src/sudo_edit.c:
	Handle systems like AIX that lack a way to set the modification time
	on open fds.
	[b93c0a55c21b]

	* MANIFEST:
	update MANIFEST for alloc.h -> sudo_alloc.h change
	[ce240c682554]

	* include/alloc.h, include/sudo_alloc.h, lib/util/Makefile.in,
	lib/util/aix.c, lib/util/alloc.c, lib/util/event.c,
	lib/util/event_poll.c, lib/util/event_select.c, lib/util/fatal.c,
	lib/util/gidlist.c, lib/util/lbuf.c, lib/util/sudo_conf.c,
	lib/util/sudo_debug.c, lib/util/util.exp,
	plugins/sudoers/Makefile.in, plugins/sudoers/alias.c,
	plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/kerb5.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/rfc1938.c,
	plugins/sudoers/auth/sia.c, plugins/sudoers/defaults.c,
	plugins/sudoers/env.c, plugins/sudoers/find_path.c,
	plugins/sudoers/getspwuid.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/group_plugin.c,
	plugins/sudoers/interfaces.c, plugins/sudoers/iolog.c,
	plugins/sudoers/iolog_path.c, plugins/sudoers/ldap.c,
	plugins/sudoers/linux_audit.c, plugins/sudoers/locale.c,
	plugins/sudoers/logging.c, plugins/sudoers/match.c,
	plugins/sudoers/parse.c, plugins/sudoers/policy.c,
	plugins/sudoers/prompt.c, plugins/sudoers/pwutil.c,
	plugins/sudoers/pwutil_impl.c, plugins/sudoers/redblack.c,
	plugins/sudoers/sssd.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c,
	src/Makefile.in, src/conversation.c, src/env_hooks.c, src/exec.c,
	src/exec_common.c, src/exec_pty.c, src/hooks.c, src/load_plugins.c,
	src/net_ifs.c, src/parse_args.c, src/preserve_fds.c,
	src/regress/ttyname/check_ttyname.c, src/selinux.c, src/sesh.c,
	src/sudo.c, src/sudo.h, src/sudo_edit.c, src/ttyname.c:
	Add sudo_ prefix to alloc.c functions and rename alloc.h ->
	sudo_alloc.h
	[3a19f5391442]

	* lib/util/fatal.c:
	Remove extra sudo_ prefix from vfatalxnodebug and vfatalx_nodebug.
	[819ad8075005]

	* MANIFEST, include/fileops.h, include/sudo_util.h,
	lib/util/Makefile.in, lib/util/fileops.c, lib/util/locking.c,
	lib/util/parseln.c, lib/util/regress/sudo_parseln/parseln_test.c,
	lib/util/sudo_conf.c, plugins/sudoers/Makefile.in,
	plugins/sudoers/sudoers.h, src/Makefile.in, src/sudo.h:
	Split fileops.c into parseln.c and locking.c
	[361ea81e88d9]

	* include/fatal.h, include/gettext.h, lib/util/aix.c,
	lib/util/alloc.c, lib/util/fatal.c, lib/util/getopt_long.c,
	lib/util/gidlist.c, lib/util/regress/atofoo/atofoo_test.c,
	lib/util/regress/tailq/hltq_test.c, lib/util/sudo_conf.c,
	lib/util/util.exp, plugins/sudoers/auth/fwtk.c,
	plugins/sudoers/auth/rfc1938.c, plugins/sudoers/auth/securid5.c,
	plugins/sudoers/bsm_audit.c, plugins/sudoers/defaults.c,
	plugins/sudoers/env.c, plugins/sudoers/group_plugin.c,
	plugins/sudoers/iolog.c, plugins/sudoers/ldap.c,
	plugins/sudoers/linux_audit.c, plugins/sudoers/locale.c,
	plugins/sudoers/logging.c, plugins/sudoers/match.c,
	plugins/sudoers/policy.c, plugins/sudoers/prompt.c,
	plugins/sudoers/pwutil.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sssd.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/timestamp.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/toke_util.c, plugins/sudoers/visudo.c,
	plugins/sudoers/visudo_json.c, src/exec.c, src/exec_common.c,
	src/exec_pty.c, src/hooks.c, src/load_plugins.c, src/locale_stub.c,
	src/net_ifs.c, src/parse_args.c, src/selinux.c, src/sesh.c,
	src/signal.c, src/solaris.c, src/sudo.c, src/sudo_edit.c,
	src/tgetpass.c, src/ttyname.c, src/utmp.c:
	Rename warning/fatal -> sudo_warn/sudo_fatal to avoid namespace
	pollution in libsudo_util.so.
	[4eb69f501113]

2014-06-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/sudo_util.h, lib/util/term.c, lib/util/ttysize.c,
	lib/util/util.exp, plugins/sudoers/sudoreplay.c, src/exec_pty.c,
	src/sudo.c, src/tgetpass.c:
	Reduce name space pollution in libsudo_util.so
	[215e4413529a]

	* src/solaris.c:
	Use sudo_dso_load() from libsudo_util.so instead of dlopen() since
	we no longer link sudo directly with libdl.so.
	[fe6942873c2d]

	* MANIFEST, Makefile.in, doc/Makefile.in, include/alloc.h,
	include/compat/fnmatch.h, include/compat/getaddrinfo.h,
	include/compat/getopt.h, include/compat/glob.h,
	include/compat/sha2.h, include/fatal.h, include/fileops.h,
	include/lbuf.h, include/missing.h, include/secure_path.h,
	include/sudo_conf.h, include/sudo_debug.h, include/sudo_dso.h,
	include/sudo_event.h, include/sudo_util.h, install-sh,
	lib/util/Makefile.in, lib/util/fatal.c, lib/util/getaddrinfo.c,
	lib/util/pw_dup.c, lib/util/regress/fnmatch/fnm_test.c,
	lib/util/sudo_dso.c, lib/util/sudo_printf.c, lib/util/term.c,
	lib/util/util.exp, plugins/group_file/Makefile.in,
	plugins/sample/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/sudoers/match.c,
	plugins/sudoers/regress/parser/check_digest.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, plugins/sudoers/visudo.c,
	plugins/system_group/Makefile.in, src/Makefile.in, src/parse_args.c,
	src/preload.c:
	Add exported libsudo_util functions to util.exp and mark in headers
	using __dso_public.
	[18faff6ab915]

	* include/fatal.h, lib/util/fatal.c, lib/util/util.exp,
	plugins/sudoers/iolog.c, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.c:
	Remove use of setjmp/longjmp in the sudoers plugin. We no longer
	call fatal() except in the malloc wrappers and due to libsudo_util
	there is now a single copy of fatal/fatalx.
	[109407210f9c]

	* NEWS, configure, configure.ac:
	Sudo 1.8.11
	[5fb775825aab]

	* include/fileops.h, lib/util/fileops.c, lib/util/util.exp,
	plugins/sudoers/iolog.c, plugins/sudoers/ldap.c,
	plugins/sudoers/logging.c, plugins/sudoers/timestamp.c,
	plugins/sudoers/visudo.c, src/sudo_edit.c:
	Remove touch() from fileops.c and just call utimes/futimes directly.
	Rename lock_file -> sudo_lock_file to avoid namespace pollution
	[ec08128b6900]

	* MANIFEST, include/sudo_util.h, lib/util/Makefile.in,
	lib/util/fmt_string.c, lib/util/key_val.c, lib/util/util.exp,
	plugins/sample/sample_plugin.c, plugins/sudoers/policy.c,
	src/Makefile.in, src/exec_common.c, src/parse_args.c, src/sudo.c:
	Rename fmt_string -> sudo_new_key_val to better describe its
	function.
	[f9061e319cc3]

	* include/sudo_util.h, lib/util/gidlist.c, lib/util/util.exp,
	plugins/sudoers/policy.c, src/sudo.c:
	Rename parse_gid_list -> sudo_parse_gids to avoid namespace
	pollution.
	[d88f3cab97e1]

	* MANIFEST, Makefile.in, include/lbuf.h, include/sudo_lbuf.h,
	lib/util/Makefile.in, lib/util/lbuf.c, lib/util/util.exp,
	plugins/sudoers/Makefile.in, plugins/sudoers/ldap.c,
	plugins/sudoers/parse.c, plugins/sudoers/sssd.c,
	plugins/sudoers/sudo_nss.c, plugins/sudoers/sudo_nss.h,
	plugins/sudoers/sudoers.h, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, src/Makefile.in, src/parse_args.c:
	Don't pollute the namespace with lbuf struct and functions
	[7859e3c22fb9]

	* config.h.in, configure, configure.ac, include/compat/fnmatch.h,
	include/compat/getaddrinfo.h, include/compat/getopt.h,
	include/compat/glob.h, include/missing.h, lib/util/clock_gettime.c,
	lib/util/closefrom.c, lib/util/fnmatch.c, lib/util/getaddrinfo.c,
	lib/util/getcwd.c, lib/util/getgrouplist.c, lib/util/getline.c,
	lib/util/getopt_long.c, lib/util/glob.c, lib/util/inet_pton.c,
	lib/util/memrchr.c, lib/util/memset_s.c, lib/util/mktemp.c,
	lib/util/pw_dup.c, lib/util/sig2str.c, lib/util/snprintf.c,
	lib/util/strlcat.c, lib/util/strlcpy.c, lib/util/strsignal.c,
	lib/util/strtonum.c, lib/util/utimes.c:
	Prefix all libc replacements with sudo_ and #define the real name to
	the sudo_ version. That way we don't pollute the libc namespace.
	[5cf7101479b8]

	* .hgignore, MANIFEST, Makefile.in, common/Makefile.in, common/aix.c,
	common/alloc.c, common/atobool.c, common/atoid.c, common/atomode.c,
	common/event.c, common/event_poll.c, common/event_select.c,
	common/fatal.c, common/fileops.c, common/fmt_string.c,
	common/gidlist.c, common/lbuf.c, common/progname.c,
	common/regress/atofoo/atofoo_test.c,
	common/regress/sudo_conf/conf_test.c,
	common/regress/sudo_conf/test1.in,
	common/regress/sudo_conf/test1.out.ok,
	common/regress/sudo_conf/test2.in,
	common/regress/sudo_conf/test2.out.ok,
	common/regress/sudo_conf/test3.in,
	common/regress/sudo_conf/test3.out.ok,
	common/regress/sudo_conf/test4.in,
	common/regress/sudo_conf/test4.out.ok,
	common/regress/sudo_conf/test5.err.ok,
	common/regress/sudo_conf/test5.in,
	common/regress/sudo_conf/test5.out.ok,
	common/regress/sudo_conf/test6.in,
	common/regress/sudo_conf/test6.out.ok,
	common/regress/sudo_parseln/parseln_test.c,
	common/regress/sudo_parseln/test1.in,
	common/regress/sudo_parseln/test1.out.ok,
	common/regress/sudo_parseln/test2.in,
	common/regress/sudo_parseln/test2.out.ok,
	common/regress/sudo_parseln/test3.in,
	common/regress/sudo_parseln/test3.out.ok,
	common/regress/sudo_parseln/test4.in,
	common/regress/sudo_parseln/test4.out.ok,
	common/regress/sudo_parseln/test5.in,
	common/regress/sudo_parseln/test5.out.ok,
	common/regress/sudo_parseln/test6.in,
	common/regress/sudo_parseln/test6.out.ok,
	common/regress/tailq/hltq_test.c, common/secure_path.c,
	common/setgroups.c, common/sudo_conf.c, common/sudo_debug.c,
	common/sudo_dso.c, common/sudo_printf.c, common/term.c,
	common/ttysize.c, compat/Makefile.in, compat/charclass.h,
	compat/clock_gettime.c, compat/closefrom.c, compat/endian.h,
	compat/fnmatch.c, compat/fnmatch.h, compat/getaddrinfo.c,
	compat/getaddrinfo.h, compat/getcwd.c, compat/getgrouplist.c,
	compat/getline.c, compat/getopt.h, compat/getopt_long.c,
	compat/glob.c, compat/glob.h, compat/inet_pton.c, compat/isblank.c,
	compat/memrchr.c, compat/memset_s.c, compat/mksiglist.c,
	compat/mksiglist.h, compat/mksigname.c, compat/mksigname.h,
	compat/mktemp.c, compat/nss_dbdefs.h, compat/pw_dup.c,
	compat/regress/fnmatch/fnm_test.c,
	compat/regress/fnmatch/fnm_test.in, compat/regress/glob/files,
	compat/regress/glob/globtest.c, compat/regress/glob/globtest.in,
	compat/sha2.c, compat/sha2.h, compat/sig2str.c, compat/siglist.in,
	compat/snprintf.c, compat/stdbool.h, compat/strlcat.c,
	compat/strlcpy.c, compat/strsignal.c, compat/strtonum.c,
	compat/timespec.h, compat/utime.h, compat/utimes.c, configure,
	configure.ac, include/compat/charclass.h, include/compat/endian.h,
	include/compat/fnmatch.h, include/compat/getaddrinfo.h,
	include/compat/getopt.h, include/compat/glob.h,
	include/compat/mksiglist.h, include/compat/mksigname.h,
	include/compat/nss_dbdefs.h, include/compat/sha2.h,
	include/compat/stdbool.h, include/compat/timespec.h,
	include/compat/utime.h, lib/util/Makefile.in, lib/util/aix.c,
	lib/util/alloc.c, lib/util/atobool.c, lib/util/atoid.c,
	lib/util/atomode.c, lib/util/clock_gettime.c, lib/util/closefrom.c,
	lib/util/event.c, lib/util/event_poll.c, lib/util/event_select.c,
	lib/util/fatal.c, lib/util/fileops.c, lib/util/fmt_string.c,
	lib/util/fnmatch.c, lib/util/getaddrinfo.c, lib/util/getcwd.c,
	lib/util/getgrouplist.c, lib/util/getline.c, lib/util/getopt_long.c,
	lib/util/gidlist.c, lib/util/glob.c, lib/util/inet_pton.c,
	lib/util/isblank.c, lib/util/lbuf.c, lib/util/memrchr.c,
	lib/util/memset_s.c, lib/util/mksiglist.c, lib/util/mksigname.c,
	lib/util/mktemp.c, lib/util/progname.c, lib/util/pw_dup.c,
	lib/util/regress/atofoo/atofoo_test.c,
	lib/util/regress/fnmatch/fnm_test.c,
	lib/util/regress/fnmatch/fnm_test.in, lib/util/regress/glob/files,
	lib/util/regress/glob/globtest.c, lib/util/regress/glob/globtest.in,
	lib/util/regress/sudo_conf/conf_test.c,
	lib/util/regress/sudo_conf/test1.in,
	lib/util/regress/sudo_conf/test1.out.ok,
	lib/util/regress/sudo_conf/test2.in,
	lib/util/regress/sudo_conf/test2.out.ok,
	lib/util/regress/sudo_conf/test3.in,
	lib/util/regress/sudo_conf/test3.out.ok,
	lib/util/regress/sudo_conf/test4.in,
	lib/util/regress/sudo_conf/test4.out.ok,
	lib/util/regress/sudo_conf/test5.err.ok,
	lib/util/regress/sudo_conf/test5.in,
	lib/util/regress/sudo_conf/test5.out.ok,
	lib/util/regress/sudo_conf/test6.in,
	lib/util/regress/sudo_conf/test6.out.ok,
	lib/util/regress/sudo_parseln/parseln_test.c,
	lib/util/regress/sudo_parseln/test1.in,
	lib/util/regress/sudo_parseln/test1.out.ok,
	lib/util/regress/sudo_parseln/test2.in,
	lib/util/regress/sudo_parseln/test2.out.ok,
	lib/util/regress/sudo_parseln/test3.in,
	lib/util/regress/sudo_parseln/test3.out.ok,
	lib/util/regress/sudo_parseln/test4.in,
	lib/util/regress/sudo_parseln/test4.out.ok,
	lib/util/regress/sudo_parseln/test5.in,
	lib/util/regress/sudo_parseln/test5.out.ok,
	lib/util/regress/sudo_parseln/test6.in,
	lib/util/regress/sudo_parseln/test6.out.ok,
	lib/util/regress/tailq/hltq_test.c, lib/util/secure_path.c,
	lib/util/setgroups.c, lib/util/sha2.c, lib/util/sig2str.c,
	lib/util/siglist.in, lib/util/snprintf.c, lib/util/strlcat.c,
	lib/util/strlcpy.c, lib/util/strsignal.c, lib/util/strtonum.c,
	lib/util/sudo_conf.c, lib/util/sudo_debug.c, lib/util/sudo_dso.c,
	lib/util/sudo_printf.c, lib/util/term.c, lib/util/ttysize.c,
	lib/util/utimes.c, lib/zlib/Makefile.in, lib/zlib/adler32.c,
	lib/zlib/compress.c, lib/zlib/crc32.c, lib/zlib/crc32.h,
	lib/zlib/deflate.c, lib/zlib/deflate.h, lib/zlib/gzclose.c,
	lib/zlib/gzguts.h, lib/zlib/gzlib.c, lib/zlib/gzread.c,
	lib/zlib/gzwrite.c, lib/zlib/infback.c, lib/zlib/inffast.c,
	lib/zlib/inffast.h, lib/zlib/inffixed.h, lib/zlib/inflate.c,
	lib/zlib/inflate.h, lib/zlib/inftrees.c, lib/zlib/inftrees.h,
	lib/zlib/trees.c, lib/zlib/trees.h, lib/zlib/uncompr.c,
	lib/zlib/zconf.h.in, lib/zlib/zlib.h, lib/zlib/zutil.c,
	lib/zlib/zutil.h, plugins/group_file/Makefile.in,
	plugins/sample/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/system_group/Makefile.in, po/README, po/ca.mo, po/ca.po,
	po/cs.mo, po/cs.po, po/da.mo, po/da.po, po/de.mo, po/de.po,
	po/eo.mo, po/eo.po, po/es.mo, po/es.po, po/eu.mo, po/eu.po,
	po/fi.mo, po/fi.po, po/fr.mo, po/fr.po, po/gl.mo, po/gl.po,
	po/hr.mo, po/hr.po, po/it.mo, po/it.po, po/ja.mo, po/ja.po,
	po/nb.mo, po/nb.po, po/nl.mo, po/nl.po, po/pl.mo, po/pl.po,
	po/pt_BR.mo, po/pt_BR.po, po/ru.mo, po/ru.po, po/sl.mo, po/sl.po,
	po/sr.mo, po/sr.po, po/sudo.pot, po/sv.mo, po/sv.po, po/tr.mo,
	po/tr.po, po/uk.mo, po/uk.po, po/vi.mo, po/vi.po, po/zh_CN.mo,
	po/zh_CN.po, src/Makefile.in, src/po/README, src/po/ca.mo,
	src/po/ca.po, src/po/cs.mo, src/po/cs.po, src/po/da.mo,
	src/po/da.po, src/po/de.mo, src/po/de.po, src/po/eo.mo,
	src/po/eo.po, src/po/es.mo, src/po/es.po, src/po/eu.mo,
	src/po/eu.po, src/po/fi.mo, src/po/fi.po, src/po/fr.mo,
	src/po/fr.po, src/po/gl.mo, src/po/gl.po, src/po/hr.mo,
	src/po/hr.po, src/po/it.mo, src/po/it.po, src/po/ja.mo,
	src/po/ja.po, src/po/nb.mo, src/po/nb.po, src/po/nl.mo,
	src/po/nl.po, src/po/pl.mo, src/po/pl.po, src/po/pt_BR.mo,
	src/po/pt_BR.po, src/po/ru.mo, src/po/ru.po, src/po/sl.mo,
	src/po/sl.po, src/po/sr.mo, src/po/sr.po, src/po/sudo.pot,
	src/po/sv.mo, src/po/sv.po, src/po/tr.mo, src/po/tr.po,
	src/po/uk.mo, src/po/uk.po, src/po/vi.mo, src/po/vi.po,
	src/po/zh_CN.mo, src/po/zh_CN.po, zlib/Makefile.in, zlib/adler32.c,
	zlib/compress.c, zlib/crc32.c, zlib/crc32.h, zlib/deflate.c,
	zlib/deflate.h, zlib/gzclose.c, zlib/gzguts.h, zlib/gzlib.c,
	zlib/gzread.c, zlib/gzwrite.c, zlib/infback.c, zlib/inffast.c,
	zlib/inffast.h, zlib/inffixed.h, zlib/inflate.c, zlib/inflate.h,
	zlib/inftrees.c, zlib/inftrees.h, zlib/trees.c, zlib/trees.h,
	zlib/uncompr.c, zlib/zconf.h.in, zlib/zlib.h, zlib/zutil.c,
	zlib/zutil.h:
	Top level directory reorg Move src/po -> po Combine common and
	compat -> lib/util Move zlib -> lib/zlib
	[d699ccb60e7e]

	* configure, ltmain.sh, m4/libtool.m4:
	libtool patches for HP-UX to support DESTDIR
	[9df98a9582bd]

	* pp:
	Update polypkg from trunk.
	[4dc362248196]

	* plugins/sudoers/sssd.c, plugins/sudoers/sudo_nss.c:
	Fix sssd compiler warnings and fix the sha2 digest support.
	[2975b030b298]

2014-06-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	Don't call gss_krb5_ccache_name() with a NULL pointer when restoring
	the old credential cache file name. This can happen if there was no
	old name returned by gss_krb5_ccache_name(). Fixes a crash on
	kerberized LDAP on some platforms.
	[4090029e463e]

2014-06-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, doc/CONTRIBUTORS, plugins/sudoers/po/el.mo,
	plugins/sudoers/po/el.po:
	Add Greek PO file for sudoers from translationproject.org
	[6c0cc2def911]

2014-05-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c, src/exec_pty.c:
	Ignore signals sent by the command's process group, not just the
	command itself. If we cannot determine the process group ID of the
	sender (as it may no longer exist), just check the process ID.
	[7ffa2eefd3c0]

2014-05-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c:
	In handler_user_only() only forward the signal if it was not
	generated by the command. This should fix a problem with programs
	that catch SIGTSTP, perform cleanup, and then re-send the signal to
	their process group (of which sudo is the leader).
	[d590c899e194]

	* src/exec.c, src/exec_pty.c, src/signal.c:
	Handle EINTR from write(2) when writing to pipes and socket pairs.
	[d26a40d21d7a]

2014-05-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/po/nb.mo, plugins/sudoers/po/nb.po:
	Norwegian Bokmaal translation for sudoers from
	translationproject.com
	[92e4aea46c1e]

2014-05-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, doc/CONTRIBUTORS, src/po/nb.mo, src/po/nb.po:
	Norwegian Bokmaal translation for sudo from translationproject.com
	[3497f74028fe]

2014-05-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in,
	plugins/sudoers/visudo.c:
	Try to be clearer about which are the input and output files in
	export mode.
	[66167511a410]

	* plugins/sudoers/visudo_json.c:
	In -x mode, require that the input and output files be different.
	This won't currently catch collisions between the output file and an
	include file.
	[0c19b82a75e7]

	* plugins/sudoers/bsm_audit.h, plugins/sudoers/linux_audit.h:
	BSM and Linux audit do not yet use the argc function argument.
	[3291695d1dfb]

	* plugins/sudoers/audit.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/bsm_audit.c,
	plugins/sudoers/bsm_audit.h, plugins/sudoers/linux_audit.h,
	plugins/sudoers/logging.c, plugins/sudoers/logging.h,
	plugins/sudoers/sudoers.c:
	Pass argc to audit functions too. Will be needed for Solaris audit
	support.
	[d2114897a44e]

2014-05-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/fatal.c, include/fatal.h, plugins/sudoers/policy.c:
	Do not allow the same callback function to be registered more that
	once in fatal_callback_register(). Add fatal_callback_deregister()
	to deregister a callback.
	[eff74fb9d274]

	* MANIFEST, plugins/sudoers/regress/sudoers/test15.in,
	plugins/sudoers/regress/sudoers/test15.out.ok,
	plugins/sudoers/regress/sudoers/test15.toke.ok,
	plugins/sudoers/regress/sudoers/test16.in,
	plugins/sudoers/regress/sudoers/test16.out.ok,
	plugins/sudoers/regress/sudoers/test16.toke.ok:
	Add trivial sudoedit parsing tests.
	[291ba6f4d6fd]

	* MANIFEST, plugins/sudoers/po/ca.mo, plugins/sudoers/po/ca.po:
	Catalan translation for sudoers from translationproject.org.
	[b102f8cfeed1]

2014-05-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po,
	src/po/ca.mo, src/po/ca.po, src/po/gl.mo, src/po/gl.po:
	Sync with translationproject.org
	[62e5b4842834]

2014-05-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	lockf() is broken on the Hurd -- use flock instead Bug #647
	[7b8935a0c8b9]

	* plugins/sudoers/visudo.c:
	Don't try to install the temporary sudoers file if we didn't edit
	it. By default, visudo does not edit files in a #includedir. Fixes a
	NULL pointer defef on GNU hurd; Bug #647
	[3a677c4773e5]

2014-05-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/regress/ttyname/check_ttyname.c:
	When comparing tty names, resolve the tty for fds 0-3 and compare
	each one instead of just using the first that resolves.
	[c37946b280a5]

	* compat/getgrouplist.c, configure, configure.ac:
	Solaris 8 doesn't export _nss_initf_group() so we need to provide
	out own for getgrouplist().
	[d494b39e9376]

2014-05-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/getgrouplist.c, plugins/group_file/group_file.c,
	plugins/system_group/system_group.c:
	deal with NULL gr_mem here too
	[0db43ed71001]

	* NEWS, configure, configure.ac:
	Sudo 1.8.10p3
	[3f415a180023]

2014-05-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/kerb5.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/check.c,
	plugins/sudoers/env.c, plugins/sudoers/iolog.c,
	plugins/sudoers/logging.c, plugins/sudoers/logging.h,
	plugins/sudoers/parse.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/timestamp.c:
	Rename log_warning flags and only send mail if SLOG_SEND_MAIL is set
	instead of mailing by default like we used to.
	[5b3882833aa1]

	* plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/kerb5.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/check.c,
	plugins/sudoers/env.c, plugins/sudoers/iolog.c,
	plugins/sudoers/logging.c, plugins/sudoers/logging.h,
	plugins/sudoers/parse.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/timestamp.c:
	Add log_warningx
	[feef646cb8b1]

	* src/exec_pty.c:
	Add debugging info for when we delete I/O events that still have
	buffered data in them.
	[7f17992cdf22]

	* common/event.c:
	Fix non-blocking mode. We only want to exit the event loop when
	poll() or select() returns 0 and there are no active events. This
	fixes a problem on some systems where the last buffer was not being
	written when the command exited.
	[deb6b1a7b241]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Change return value of switch_dir() to an int so we can distinguish
	between an error and an empty dir in push_includedir().
	[d0462b84782e]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Move code to fill in the list of dirs out of switch_dir and into its
	own function. Quiets a false positive from cppcheck which got
	confused due to variable reuse.
	[6d6296f46255]

	* plugins/sudoers/audit.c:
	Avoid unused variable warning if auditing is not supported.
	[5e6fd2ffe039]

2014-05-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in:
	Fix library order when linking binaries.
	[3fec51f98ae1]

	* plugins/sudoers/getdate.c, plugins/sudoers/getdate.y:
	Include limits.h and inttypes.h for SIZE_MAX define.
	[41f8be660384]

	* include/missing.h, plugins/sudoers/env.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y:
	Move SIZE_MAX compat define into missing.h where it belongs.
	[1bb108cf9df3]

2014-04-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c, plugins/sudoers/logging.c,
	plugins/sudoers/logging.h, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.c:
	Remove now-unused log_fatal()
	[53478df3bb1e]

	* plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/env.c, plugins/sudoers/ldap.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h:
	Eliminate calls to fatal()/fatalx()/log_fatal() in env.c and just
	pass back a return value.
	[d7f2be8f2740]

2014-04-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/boottime.c, plugins/sudoers/sudoers.h:
	Make get_boottime() return bool.
	[9ff15a995d01]

	* doc/CONTRIBUTORS, plugins/sudoers/boottime.c:
	Fix fd leak on Linux when determing boot time. This is usually
	masked by the closefrom() call in sudo. From Jamie Anderson. Bug
	#645
	[0b4c430e8b88]

2014-04-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/audit.c:
	Handle the (currently impossible) case where both BSM and Linux
	auditing are supported. Pacifies cppcheck.
	[899cd6b5e487]

	* plugins/sudoers/iolog.c:
	Don't call ferror() on a closed stream, just check the return value
	of fclose() instead. Found by cppcheck.
	[e843f3c8f5d8]

2014-04-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS, plugins/sudoers/auth/pam.c:
	Use calloc() instead of malloc(n * s) followed by memset(). From
	Jean-Philippe Ouellet.
	[f416cebd3d8e]

	* plugins/sudoers/sudoers.c:
	Format string safety in error path.
	[956fd6dbba80]

	* common/alloc.c, common/event_poll.c, common/gidlist.c,
	common/sudo_conf.c, include/alloc.h, plugins/sudoers/auth/sia.c,
	plugins/sudoers/env.c, plugins/sudoers/group_plugin.c,
	plugins/sudoers/ldap.c, plugins/sudoers/pwutil_impl.c,
	plugins/sudoers/sssd.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/visudo.c,
	src/env_hooks.c, src/exec_common.c, src/parse_args.c, src/selinux.c,
	src/sudo.c, src/sudo_edit.c, src/ttyname.c:
	Rename emalloc2() -> emallocarray() and erealloc3() ->
	ereallocarray().
	[db3941093c68]

	* compat/Makefile.in, mkdep.pl, plugins/sudoers/Makefile.in:
	Add missing rule for building sha2.lo when not supported by libc or
	libmd.
	[70a16e10ddcd]

2014-04-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.in:
	Disable I/O logging for halt and poweroff in addition to reboot in
	commented out example.
	[40a7f11686ce]

	* doc/CONTRIBUTORS, plugins/sudoers/auth/pam.c:
	Use PAM_REINITIALIZE_CRED instead of PAM_ESTABLISH_CRED when
	changing the user. This is the correct flag to use with a program
	that changes the uid like su or sudo and fixes a role problem on
	Solaris. From Gary Winiger; Bug #642
	[ec23c3bf41bb]

	* plugins/sudoers/defaults.c:
	pam_setcred should default to true; from Gary Winiger Bug #642
	[23e6628ec546]

2014-04-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c, plugins/sudoers/logging.c,
	plugins/sudoers/parse.c, plugins/sudoers/policy.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/testsudoers.c,
	plugins/sudoers/timestamp.c:
	Make set_perms() and restore_perms() return an error instead of
	calling exit() on failure.
	[b1a1a36abdb4]

	* plugins/sudoers/sudoers.c:
	Eliminate calls to fatal() in sudoers.c and just pass back a return
	value.
	[e4d87a036f6d]

	* plugins/sudoers/logging.c:
	Elimate calls to fatal() in the logging code.
	[9847acdf7066]

2014-04-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/regress/atofoo/atofoo_test.c:
	Quiet a compiler warning on Solaris.
	[3b9827834800]

	* MANIFEST, common/Makefile.in, compat/Makefile.in, compat/sha2.c,
	compat/sha2.h, config.h.in, configure, configure.ac, m4/sudo.m4,
	plugins/sudoers/Makefile.in, plugins/sudoers/gram.c,
	plugins/sudoers/gram.h, plugins/sudoers/gram.y,
	plugins/sudoers/match.c,
	plugins/sudoers/regress/parser/check_digest.c,
	plugins/sudoers/regress/sudoers/test14.toke.ok,
	plugins/sudoers/sha2.c, plugins/sudoers/sha2.h,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Move the sha2 code into libreplace and add configure checks for
	SHA224Update in libc and libmd. Solaris uses "void *" where we use
	"unsigned char *" so we need a check for that too. Solaris sha2.h
	defines SHA224, SHA256, SHA384, and SHA512 so rename those tokens.
	Adapted from changes from Vladimir Marek in bug #641.
	[cd02732f0704]

	* MANIFEST, plugins/sudoers/match.c,
	plugins/sudoers/regress/testsudoers/test6.out.ok,
	plugins/sudoers/regress/testsudoers/test6.sh,
	plugins/sudoers/regress/testsudoers/test7.out.ok,
	plugins/sudoers/regress/testsudoers/test7.sh:
	Fix matching of uids and gids broken in sudo 1.8.9.
	[315eff4add59]

	* plugins/sudoers/testsudoers.c:
	Fix -P option in usage()
	[50753b6222b7]

2014-04-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/check.c, plugins/sudoers/prompt.c,
	plugins/sudoers/set_perms.c:
	Remove a few more unnecessary uses of fatal().
	[8cfb205831dc]

	* plugins/sudoers/auth/sudo_auth.c:
	Use log_warning() not log_fatal() for the "Invalid authentication
	methods compiled into sudo" message. We return -1 on error anyway.
	[c8da5cf74348]

	* plugins/sudoers/policy.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	Return MODE_ERROR from sudoers_policy_deserialize_info() instead of
	calling fatalx().
	[6faefdd188f2]

	* common/gidlist.c, src/sudo.c:
	parse_gid_list() now returns -1 on error instead of calling
	fatalx().
	[ccf19c4a0d5b]

2014-04-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c:
	Forward SIGINFO to running command if supported. If the command is
	being run in the background (or exec_background is set in sudoers),
	it is the sudo process, not the actual command, that receives the
	^T.
	[d2b020bdf0d5]

	* plugins/sudoers/defaults.h, plugins/sudoers/iolog.c,
	plugins/sudoers/iolog_path.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/testsudoers.c:
	Remove calls to log_fatal() in I/O log functions and just pass an
	error back to the caller.
	[e89593d9dc35]

2014-04-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/alloc.c, plugins/sudoers/env.c,
	plugins/sudoers/linux_audit.c, plugins/sudoers/policy.c,
	plugins/sudoers/prompt.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/testsudoers.c:
	Make "internal error, %s overflow" arguments consistent, using
	__func__ where possible (when debugging is allowed).
	[84e2c40d101b]

2014-03-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/toke_util.c, src/net_ifs.c:
	Use common printf format when warning of buffer overflow prevention.
	[8b0d732b0eae]

	* Makefile.in:
	Remove init.d/*.sh in distclean
	[99cd1eaf4684]

	* .hgignore:
	Correctly ignore init.d/*.sh
	[04aabe1893e5]

	* plugins/sudoers/ldap.c:
	Remove remaining calls to fatalx(); just pass the error to the
	caller.
	[a8bcf903d84b]

2014-03-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/pwutil.c, plugins/sudoers/sudoers.h:
	Make a password/group cache collision a warning rather than fatal.
	This should not be possible in practice and we can safely return the
	new (potentially duplicate) item as it will be freed by the caller.
	Make sudo_set_grlist() return an error on failure instead of calling
	fatalx().
	[5e8d3006862d]

	* plugins/sudoers/timestamp.c:
	Use log_warning() instead of log_fatal() if the ticket or lecture
	path is too long and just return an error. This can only happen from
	a misconfiguration so just ignoring the ticket/lecture file is safe.
	[864c5de8345b]

	* plugins/sudoers/find_path.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	In find_path(), return NOT_FOUND_ERROR instead of calling fatal() if
	the path is too long. Remove an extraneous check against PATH_MAX in
	set_cmnd() since find_path() already contains such a check.
	[183106753690]

	* plugins/sudoers/sudoers.h:
	Remove unused MODE_LISTDEFS define and correct a comment.
	[fb47e59ce5fe]

	* plugins/sudoers/hexchar.c, plugins/sudoers/match.c,
	plugins/sudoers/toke_util.c:
	Make hexchar() return -1 on invalid input instead of calling
	fatalx(). Callers used to check that the string was hex before
	calling hexchar(). Now callers must check for a -1 return value
	instead.
	[1be217c71ce7]

	* plugins/sudoers/audit.c, plugins/sudoers/bsm_audit.c,
	plugins/sudoers/bsm_audit.h, plugins/sudoers/linux_audit.c,
	plugins/sudoers/logging.h, plugins/sudoers/sudoers.c:
	Propagate errors in audit code to caller instead of using fatal().
	If we fail to audit an otherwise successful command, return an error
	from the policy. For Linux audit, sudo may be compiled with audit
	support but auditing may not be setup, so we don't consider that an
	error.
	[9a5753bfcb95]

	* plugins/sudoers/boottime.c:
	Remove unused variable on Linux.
	[f63d7b86797d]

	* plugins/sudoers/timestamp.c:
	Fix warning on systems where mode_t is not unsigned int (Solaris).
	[acd1457c23ec]

2014-03-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/env.c, plugins/sudoers/sudoers.c:
	Audit path too long errror. Add comments about non-audit events and
	placeholders for future audit hooks.
	[434ee47c83dc]

	* src/net_ifs.c:
	Fix aliasing warning in old-style interface probe code.
	[1d6ce6f46da1]

	* plugins/sudoers/set_perms.c:
	Fix some sign comparision warnings.
	[20c6068db104]

	* common/aix.c, common/gidlist.c, compat/getgrouplist.c,
	include/sudo_util.h, src/sudo.c:
	Don't call fatal/fatalx in common/*.c
	[ebf5e55a1ec1]

2014-03-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/check.c, plugins/sudoers/prompt.c,
	plugins/sudoers/sudoers.h:
	Fix expansion of %p in the prompt for "sudo -l" when rootpw, runaspw
	or targetpw is set. Bug #639
	[dff0208d1194]

2014-03-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, configure, configure.ac:
	Sudo 1.8.10p2
	[774ebec63b41]

	* plugins/sudoers/timestamp.c:
	Don't write an empty timestamp record when timestamp_timeout is
	zero. If we find an empty record in the timestamp file, overwrite it
	with a good one, truncating the file as needed.
	[9c226d81b660]

2014-03-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in:
	Fix typos in description of the -x option. Bug #637
	[6ff2bfaaf99d]

2014-03-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, configure, configure.ac:
	Sudo 1.8.10p1
	[33828a3385ad]

	* plugins/sudoers/timestamp.c:
	Fix typo/thinko that prevented "Defaults !tty_tickets" from working.
	[f65cc29dbcc7]

	* plugins/sudoers/parse.c:
	Fix "sudo -l command" output when the matching command is negated.
	Bug #636
	[b4a92803f733]

2014-03-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, common/Makefile.in, common/regress/atofoo/atofoo_test.c,
	common/regress/sudo_conf/test5.err.ok,
	common/regress/tailq/hltq_test.c:
	The atofoo_test and hltq_test tests now display their own test error
	rate. Display pass/fail count separately for sudo_conf and
	sudo_parseln tests. Check stderr output for the sudo_conf test.
	[5c814709ac70]

	* src/Makefile.in:
	Don't run the check_ttyname test if cross compiling.
	[874ecc1c3db0]

	* plugins/sudoers/Makefile.in:
	CWD no longer used.
	[13b2f3c4269b]

	* plugins/sudoers/Makefile.in:
	Fix diff of toke and err output files in "make check"
	[485cdf3c75e7]

2014-03-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/po/de.mo, src/po/de.po:
	sync with translationproject.org
	[d246c72a2350]

2014-03-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Check whether ber.h is needed before ldap.h even if we are not using
	any ber functions. Needed for older versions of nss ldap.
	[c2310324dc34]

	* plugins/sudoers/sssd.c:
	Fix compiler warning in debug code.
	[8ee4cb6cafad]

	* MANIFEST, NEWS, doc/CONTRIBUTORS, src/po/ca.mo, src/po/ca.po:
	Catalan translation for sudo from translationproject.org.
	[d6af7d06ee36]

2014-03-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Document negation fix in JSON output.
	[37a85423ae49]

2014-03-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo_json.c:
	Fix handling of '!' operator when converting sudoers. We now add a
	"negated" boolean flag to objects that have the '!' operator.
	[071926c10280]

2014-03-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, NEWS, plugins/sudoers/po/cs.mo, plugins/sudoers/po/cs.po:
	Czech translation for sudoers from translationproject.org
	[c0aae297f7c1]

2014-02-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Try -libmldap before -lldap in case there is no link from
	libibmldap.so to libldap.so. Since IBM ldap is installed under /opt
	we should only be able to reach it if --with-ldap was given an
	explicit path.

	Only check for ber_set_option() if LBER_OPT_DEBUG_LEVEL is defined.
	[89d50c29d737]

2014-02-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/set_perms.c:
	Fix typo in setreuid() PERM_ROOT error message.
	[533415f53165]

	* plugins/sudoers/auth/API, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/auth/sudo_auth.h:
	Remove unused FLAG_USER auth flag. We have no auth methods that
	require that authentication be run as the invoking user.
	[4a9a9f557cb1]

	* mkpkg:
	No longer need to disable setresuid() on debian.
	[96ba687c35f0]

2014-02-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/timestamp.c:
	Fix conversion of timestamp_timeout from double to struct timeval.
	Also quiet a printf format warning on 32-bit systems.
	[59d1f3094dda]

2014-02-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, NEWS, plugins/sudoers/po/sr.mo, plugins/sudoers/po/sr.po:
	Serbian translation for sudoers from translationproject.org.
	[7134b386d658]

2014-02-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS:
	Add Ingo Schwarze
	[114cdf286987]

	* NEWS, plugins/sudoers/visudo_json.c:
	When exporting sudoers in JSON format, use the same type of Options
	object for both Defaults and Cmnd_Specs.
	[caa57043e197]

2014-02-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/inet_pton.c:
	Silence cppcheck false positive.
	[b2781c42a80f]

	* plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po:
	sync with translationproject.org
	[baba43a6d682]

	* NEWS, doc/UPGRADE:
	Mention init.d scripts on AIX and HP-UX Mention sudoers group
	mismatch fix
	[0259cb1f7cae]

	* INSTALL:
	Talk about clearing files at boot time, not reboot time since it
	happens when the system comes up, not down.
	[e8e480bc34fd]

	* plugins/sudoers/sudoers.c:
	We also need to open the sudoers file as root if there is a GID
	mismatch.
	[2fb2ba6fc4e6]

	* sudo.pp:
	Install /etc/rc.d/init.d/sudo and /etc/rc.d/rc2.d/S90sudo for AIX
	rpm packages.
	[4aca1d318599]

2014-02-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/Makefile.in:
	Remove init.d file and link in uninstall target.
	[249a9f105cdd]

	* configure, configure.ac, sudo.pp:
	Fix INIT_DIR for real this time.
	[5444eb1afbc5]

	* configure, configure.ac, sudo.pp:
	Use correct init.d dir on HP-UX. Fix pp warnings from rc.d and
	init.d dirs.
	[809b54ef95f8]

	* .hgignore, MANIFEST, configure, configure.ac, init.d/aix.sh.in,
	init.d/hpux.sh.in, src/Makefile.in, sudo.pp:
	First cut add installing an init.d file for HP-UX and AIX to remove
	old sudo timestamp files at boot time.
	[ec6d35c62d88]

2014-02-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Use .Ar macro instead of "file ..." Use ".Cm -" instead of ".Li -"
	for the default login class. From Ingo Schwarze.
	[f13ea603760e]

	* doc/sudo.conf.mdoc.in, doc/sudo.mdoc.in, doc/sudo_plugin.mdoc.in,
	doc/sudoers.ldap.mdoc.in, doc/sudoers.mdoc.in,
	doc/sudoreplay.mdoc.in, doc/visudo.mdoc.in:
	Remove some extraneous markup; from Ingo Schwarze
	 * No need to explicitly end a macro with No before | because | counts
	as middle punctuation and falls out of the macro, anyway.
	 * No need to explicitly re-open in-line macros after | because |
	counts as middle punctuation and the macros resume afterwards,
	anyway.
	 * Simplify the mnemonic remarks regarding the option letters, no need
	for manual font and spacing control with No and Ns.
	 * Trim Ns No to just Ns, it already implies No.
	[cc63d66c6655]

	* doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Move zerowidth space in :alpha: after the colon for consistency.
	[799f6656c6e8]

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo.conf.man.in,
	doc/sudo.man.in, doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudoers.cat, doc/sudoers.ldap.man.in, doc/sudoers.man.in,
	doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/visudo.cat,
	doc/visudo.man.in:
	regen
	[14d682732b6f]

	* doc/sudo.mdoc.in, doc/sudoreplay.mdoc.in, doc/visudo.mdoc.in:
	Remove extraneous keeps in SYNOPSIS now that mandoc does implied
	keeps when converting from mdoc to man.
	[0f48fc289f29]

	* doc/sudoers.mdoc.in:
	Properly escape the : in :alpha:
	[e41d4533a55f]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Replace some uses of .Sy with .Ar, .Ev and .Pa as appropriate. From
	Jan Stary.
	[90ec488905de]

2014-02-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo_json.c:
	Fix indentation of Defaults entries. The initial indent should be
	outside the loop iterating over the entries.
	[dc493c888fb2]

2014-02-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po:
	sync with translationproject.org
	[fc517bc0908e]

	* common/aix.c, common/alloc.c, common/atoid.c, common/atomode.c,
	common/fatal.c, common/gidlist.c, common/sudo_conf.c,
	common/sudo_debug.c, compat/strsignal.c, compat/strtonum.c,
	plugins/sudoers/audit.c, plugins/sudoers/bsm_audit.c,
	plugins/sudoers/linux_audit.c, plugins/sudoers/locale.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/visudo.c, plugins/sudoers/visudo_json.c,
	src/locale_stub.c, src/net_ifs.c, src/sesh.c, src/sudo.h:
	We must include gettext.h before missing.h as it includes system
	headers. Also add missing DEFAULT_TEXT_DOMAIN defines in sudoers
	audit code that does not include sudoers.h.
	[3ac4aa43ce40]

	* common/sudo_dso.c:
	When emulating DSO_NEXT with shl_get() we need to skip the program's
	handle. This used to be documented as being index -2 but now it
	seems to be index 0. As this is not guaranteed we need to look up
	the real handle value for PROG_HANDLE and skip it when interating
	through all the DSOs. Fixes infinite recursion on HP-UX in the
	getenv() replacement.
	[ade1b3045232]

	* src/env_hooks.c:
	Export getenv() so it is visible to shared objects we link with.
	[1ac08446a3a7]

2014-02-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/regress/atofoo/atofoo_test.c,
	common/regress/sudo_conf/conf_test.c,
	common/regress/sudo_parseln/parseln_test.c,
	common/regress/tailq/hltq_test.c,
	plugins/sudoers/regress/parser/check_fill.c:
	Add some initprogname() calls to the test programs.
	[e4320585a88b]

2014-02-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot:
	regen
	[038d066a866d]

	* doc/UPGRADE:
	Mention that there is now a default LDAP search filter.
	[6351da3f8377]

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	Minor word choice change.
	[7e59ab3eb453]

	* NEWS, doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/defaults.c,
	plugins/sudoers/ldap.c, plugins/sudoers/match.c:
	Add use_netgroups sudoers option. For LDAP-based sudoers, netgroup
	support requires an expensive substring match on the server. If
	netgroups are not needed, this option can be disabled to reduce the
	load on the LDAP server.
	[e6bd6c103390]

2014-02-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	Update copyright year.
	[1299eed430a5]

	* NEWS:
	Mention LDAP changes.
	[512b1e363587]

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in, plugins/sudoers/ldap.c:
	Use a default LDAP search filter of (objectClass=sudoRole). When
	constructing the netgroup query, add (sudoUser=*) to the query so we
	don't fall below the 3 character OpenLDAP substring threshold.
	Otherwise the index for sudoUser will never be used for that query.
	Pointed out by Michael Stroeder.
	[54856973af41]

	* plugins/sudoers/timestamp.c:
	Don't warn about an insecure lecture dir twice. Display warnings in
	the user's locale.
	[2c56b8b6d6f9]

2014-02-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Mention the fix for ^Z at the password prompt when sudo was started
	in the background.
	[352d52ad1f7d]

	* common/term.c, src/exec_pty.c:
	In term_restore(), only restores the terminal if we are in the
	foregroup process group. Instead of calling tcgetpgrp(), which is
	racy, we set a temporary handler for SIGTTOU and check whether it
	was received after a failed call to tcsetattr().
	[94979d51daa2]

	* MANIFEST, compat/getaddrinfo.c, compat/inet_pton.c, config.h.in,
	configure, configure.ac, doc/LICENSE, include/missing.h, mkdep.pl,
	plugins/sudoers/interfaces.c, plugins/sudoers/match_addr.c:
	Use inet_pton() instead of inet_aton() and include a version from
	BIND for those without it.
	[fe61a27c76d3]

	* common/regress/atofoo/atofoo_test.c:
	Quiet a gcc warning.
	[f197821892ea]

	* compat/getaddrinfo.c:
	Need to include limits.h for USHRT_MAX.
	[d1d8bd9a0e01]

2014-02-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/term.c, include/sudo_util.h:
	Use bool for function return values instead of 1 or 0.
	[99e357c0800b]

	* configure, configure.ac:
	Warn the user if the rundir needs to be cleared in the rc files.
	Neither AIX not HP-UX clear /var/run (if it even exists).
	[6cdbf57a2f9e]

	* NEWS:
	Update for sudo 1.8.9p5
	[efb737c32615]

	* src/preserve_fds.c:
	When the closefrom limit is greater than any of the preserved fds,
	the pfds list will be non-empty but lastfd will be -1 triggering an
	ecalloc(0) assertion. Instead, test for lastfd being -1 and make
	sure we always update it, even if dup() fails. Also restore initial
	value of lowfd after we are done relocating. Fixes bug #633
	[a11206a31f28]

	* common/term.c:
	Document function return values.
	[267bc85f6fbb]

2014-02-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	term_restore() now restarts itself so we don't need to do it
	ourselves.
	[a17e885d0b0a]

	* common/term.c:
	syscall restarting is broken on Mac OS X when interrupted by a tty
	signal so restart tcsetattr() by hand. For details, see.
	http://openradar.appspot.com/radar?id=6402578615107584
	[3997b2a0577e]

	* MANIFEST, common/Makefile.in, common/regress/atofoo/atofoo_test.c:
	Add regress for atobool(), atoid() and atomode()
	[e1cbdf86d6e2]

	* plugins/sudoers/Makefile.in:
	Add back boottime.lo
	[0b7ddc31e13e]

	* INSTALL:
	Mention that rundir and vardir may be the same and what to do if
	they are.
	[301df9a31d43]

	* MANIFEST, doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/boottime.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/timestamp.c:
	Bring back boot time checking code and zero out time stamp files
	that predate the boot time. This should help systems w/o /var/run
	where the admin has setup rc.d to clear the timestamp directory.
	[e09389a8b1ca]

	* configure, configure.ac:
	Check libraries for inet_pton() if not in libc.
	[9f9bd83895e8]

2014-02-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Fix clock_gettime() detection when it lives in librt. Some systems
	have inet_aton() in libresolv (older Solaris).
	[e5f7c8bc9a81]

	* sudo.pp:
	Avoid duplicate directories if vardir and rundir are the same.
	[c5df5ebc191b]

	* plugins/sudoers/po/sudoers.pot:
	regen
	[740b2cc42fea]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Elaborate on time stamp error message causes.
	[2838fea2e21a]

2014-02-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Remove the time stamp dir and its contents when uninstalling. We
	currently leave the lecture status files installed until there is a
	better way to detect upgrades.
	[61532b7113ff]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Update time stamp error messages and regen.
	[edf570c98cd5]

	* plugins/sudoers/timestamp.c:
	Restore warning when sudoers is unable to update the time stamp
	file.
	[86648a771250]

	* INSTALL, Makefile.in, configure, configure.ac, doc/sudoers.mdoc.in,
	m4/sudo.m4, plugins/sudoers/Makefile.in, sudo.pp:
	Replace --with-timedir and --with-lecture_dir with --with-rundir and
	--with-vardir which are the parent directories of the time stamp and
	lecture dirs. These directories need to be searchable by non-root so
	that the timestampowner setting can function.
	[5c38d77a2d0c]

	* plugins/sudoers/timestamp.c:
	Fix use of timestampowner in the new time stamp world order. Parent
	directories for timestampdir and lecture_dir are now created with
	the execute bit set so that we can traverse them as non-root.
	[9ff6f07c0a5d]

2014-01-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in:
	Regen Makefiles.
	[59542bcdb222]

	* common/sudo_debug.c, config.h.in, include/sudo_util.h,
	plugins/sample/sample_plugin.c:
	Move ctim_get and mtim_get to sudo_util.h
	[d565391f5491]

	* plugins/sudoers/timestamp.c:
	sprinkle some debug printfs and add function header comments
	[1842d9b8170d]

	* plugins/sudoers/timestamp.c:
	Properly handle the case where /var/run/sudo/ts doesn't exist.
	[895f3ad6ad60]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	fix typo
	[50041ebb6ce6]

	* NEWS:
	Mention "sudo -K" change.
	[e99bd7657aae]

	* doc/UPGRADE:
	Upgrade info for 1.8.10
	[0867718b9af5]

2014-01-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/timestamp.c:
	Warn on ftruncate failure().
	[d2081876da25]

	* plugins/sudoers/timestamp.c:
	Fix checking of lecture status.
	[e12d78234d17]

	* mkpkg:
	Do not override timedir on Debian.
	[283fa2e69a0a]

	* common/event.c, common/event_select.c, include/missing.h,
	plugins/sudoers/iolog.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/visudo.c, src/sudo_edit.c:
	Use sudo_timeval macros and remove compat macros from missing.h
	[1de76d8b811e]

	* INSTALL, MANIFEST, NEWS, compat/Makefile.in, compat/clock_gettime.c,
	config.h.in, configure, configure.ac, doc/sudoers.cat,
	doc/sudoers.man.in, doc/sudoers.mdoc.in, include/missing.h,
	include/sudo_util.h, m4/sudo.m4, mkdep.pl, pathnames.h.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/boottime.c,
	plugins/sudoers/check.h, plugins/sudoers/def_data.c,
	plugins/sudoers/def_data.h, plugins/sudoers/def_data.in,
	plugins/sudoers/defaults.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/timestamp.c, src/Makefile.in:
	Switch to new time stamp file format. Each user now has a single
	file which may contain multiple records when per-tty time stamps are
	in use (the default). The time stamps use a monotonic timer where
	available and are once again stored in /var/run/sudo. The lecture
	status is now stored separately from the time stamps in a different
	directory.
	[7e16eb37bacc]

	* common/atomode.c:
	Zero out errstr when there is no error; fixes bug #632
	[74950ef1a0dc]

2014-01-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/check.c:
	When listing a user's privileges, always prompt the user for their
	own password, regardless of the value of target_pw, root_pw or
	runas_pw.
	[73a13ccc7933]

2014-01-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac, plugins/sudoers/interfaces.c,
	plugins/sudoers/match_addr.c:
	Use inet_aton() instead of inet_addr() as it allows us to
	distinguish between the address (or mask 255.255.255.255) and an
	error. In the future we may consider switching to inet_pton() for
	IPv4 too.
	[b6b4e4c77e9a]

2014-01-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/missing.h:
	Fix typo, ULONG_MAX vs. ULLONG_MAX
	[5d274daa9fb1]

	* plugins/sudoers/sudo_nss.c:
	Fix typo in the AIX case.
	[ee531c950fce]

	* plugins/sudoers/sudo_nss.c:
	Size pointer for sudo_parseln() should be size_t not ssize_t. This
	was already correct for the nsswitch.conf case.
	[cfaf895c1db4]

2014-01-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, common/sudo_conf.c, doc/sudo.conf.cat, doc/sudo.conf.man.in,
	doc/sudo.conf.mdoc.in, include/sudo_conf.h, src/net_ifs.c:
	It is now possible to disable network interface probing in sudo.conf
	by changing the value of the probe_interfaces setting.
	[e9dc28c7db60]

2014-01-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/match_addr.c:
	If inet_addr() returns INADDR_NONE, return false instead of
	iterating through the interfaces looking for a match that will never
	happen.
	[1559c301caec]

	* configure, configure.ac, src/Makefile.in:
	Add explicit dependency on sudoers.la to sudo target when sudoers is
	compiled statically into the sudo binary.
	[d08cc66e18bd]

2014-01-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/getdate.c, plugins/sudoers/getdate.y,
	plugins/sudoers/iolog_path.c, plugins/sudoers/logging.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/timestr.c:
	Do not assume localtime(), gmtime() and ctime() always return non-
	NULL.
	[a1b5b67436de]

2014-01-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, common/Makefile.in, compat/Makefile.in,
	doc/Makefile.in, include/Makefile.in,
	plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in,
	src/Makefile.in, zlib/Makefile.in:
	Update copyright years
	[37d2aaa92544]

	* plugins/sudoers/visudo_json.c:
	Eliminate dead store found by clang checker.
	[86874d5340f1]

	* NEWS, configure, configure.ac:
	Update for sudo 1.8.9p4
	[f79ab7c6c1c5]

	* common/sudo_debug.c, include/sudo_debug.h, src/preserve_fds.c:
	When relocating fds, update the debug fd if it is set so we are
	guaranteed to get debugging output.
	[b1deaa472aa6]

2014-01-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c:
	If the event loop exits due to an error and we are not logging I/O,
	kill the command if still running. Fixes a bug where sudo could exit
	while the command was still running.
	[844018ff8a8c]

	* src/preserve_fds.c:
	When relocating preserved fds, start with the highest ones first to
	avoid moving fds around more than we have to. Now uses a bitmap to
	keep track of which fds are being preserved. Fixes a bug where the
	debugging fd could be relocated to the same fd as the error
	backchannel temporarily, resulting in debugging output being printed
	to the backchannel if util@debug was enabled.
	[55e006dbeaf3]

	* src/preserve_fds.c:
	When restoring fds traverse list from high -> low, not low -> high
	to avoid implicitly closing an fd we want to relocate.
	[6351225f47d7]

	* src/exec.c:
	If not logging I/O we may get EOF when the command is executed and
	the other end of the backchannel is closed. Just remove the
	backchannel event in this case or we will continue to receive the
	event. Bug #631
	[a204b69d91f7]

	* src/po/sr.mo, src/po/sr.po:
	sync with translationproject.org
	[987087ce4658]

2014-01-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/ttyname.c:
	Fix strtonum() usage when parsing /proc/self/stat on Linux. Bug #630
	[3448dffe9701]

	* NEWS, configure, configure.ac:
	Update for sudo 1.8.9p3
	[22e5a6f69999]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Do not leak old istack if realloc fails; found by cppcheck. Also
	modify yyless() to avoid a harmless cppcheck warning every time it
	is used.
	[021077017a23]

	* common/term.c:
	Add suppression line to quiet a bogus (inconclusive) cppcheck
	warning.
	[065207271e5d]

	* plugins/group_file/plugin_test.c:
	Make this compile again
	[f0ff8df475e8]

	* plugins/sudoers/logwrap.c:
	Remove dead store; found by cppcheck
	[a59833af3401]

	* Makefile.in, common/Makefile.in, compat/Makefile.in,
	doc/Makefile.in, include/Makefile.in,
	plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in,
	src/Makefile.in, zlib/Makefile.in:
	Add cppcheck target to run cppcheck on all source files.
	[d207c2ef49a2]

2014-01-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, configure, configure.ac:
	Update for sudo 1.8.9p2
	[2e7fe6e371a4]

	* config.h.in, configure, ltmain.sh, m4/libtool.m4, m4/ltoptions.m4,
	m4/ltsugar.m4, m4/ltversion.m4, m4/lt~obsolete.m4:
	Update to libtool-2.4.2.418
	[d1dbed89d733]

	* config.guess, config.sub:
	Update from http://git.savannah.gnu.org/gitweb/?p=config.git
	[2b5e32d23be5]

2014-01-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sesh.c:
	Quiet a cppcheck warning about a negative subscript.
	[ab98b72f5bdf]

	* src/exec_common.c, src/selinux.c, src/sesh.c, src/sudo_exec.h:
	Make noexec parameter to sudo_execve() bool.
	[daa75e4c248a]

	* plugins/sudoers/sudoreplay.c:
	Quiet a few innocuous cppcheck warnings.
	[90ffa16d27b1]

	* plugins/sudoers/sssd.c:
	Handle in_res being NULL for sudo_debug_printf() in
	sudo_sss_filter_result().
	[8595cc05d2a8]

	* plugins/sudoers/iolog.c:
	When writing length to timing file, use %u not %d as it is unsigned.
	[a7f2fcb6919e]

	* plugins/sudoers/visudo_json.c:
	Close export_fp in the error path too, but do not close stdout.
	[5c918718ab45]

	* plugins/sudoers/auth/secureware.c:
	Move right brace outside #ifdef HAVE_DISPCRYPT; found by cppcheck.
	[f2619d2eb7a8]

	* NEWS:
	Sudo 1.8.9 also fixes bug #617
	[cc5c18228719]

2014-01-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	The fix for the hang was already in the 1.8.9 tarballs.
	[f038ebcc1071]

	* NEWS, configure, configure.ac:
	Update for sudo 1.8.9p1
	[732fca0003cf]

	* common/atobool.c, common/event.c, plugins/sudoers/iolog.c,
	plugins/sudoers/parse.h, src/exec.c, src/preserve_fds.c:
	Update copyright year.
	[fdeb5956810e]

	* plugins/sudoers/parse.h:
	Go back to making the bit fields in struct cmndtag explicitly
	signed. This fixes a problem on gcc 4.8 (at least) which appears to
	be treating the value as unsigned by default.
	[46b9a7bb10ac]

	* common/atobool.c:
	Use debug_return_int() instead of bare return for debugging support.
	[c273f822de5f]

2014-01-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/event.c:
	Fix infinite loop that could be triggered by sudo_ev_loopbreak() and
	sudo_ev_loopcontinue().
	[1723561c46b0]

	* NEWS:
	Update for 1.8.9 final.
	[d49c14d21410]

2014-01-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c:
	Handle a sequence file with no trailing newline.
	[aa29306e4f6d]

2014-01-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c:
	Truncate io log and timing files on open when recycling them. Only
	an issue when the sequence number wraps around.
	[01b2dfe15ff0]

	* plugins/sudoers/iolog.c:
	Repair reading of the iolog sequence number that got broken when
	adding stricter strtoul() checks.
	[e0f4a11c3437]

	* src/exec.c:
	If invoked as sudoedit we can't just exec the command directly since
	the temporary files need to be updated before sudo exits.
	[508503be1c4f]

	* src/preserve_fds.c:
	Fix restoration of the close-on-exec flag when moving a relocated fd
	back into its original position.
	[5572f1f8b48a]

2014-01-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Add "see below" to reference "Secure editing" section in "Preventing
	shell escapes".
	[b2db990a36b3]

2014-01-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Add initial "Secure editing" section.
	[0d7a192e0e25]

	* doc/LICENSE:
	Update copyright year.
	[4a639d9207a9]

2013-12-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po, src/po/eo.mo,
	src/po/eo.po, src/po/fi.mo, src/po/fi.po:
	sync with translationproject.org
	[5c15a411b10d]

	* plugins/sudoers/policy.c:
	Make user_cwd and user_tty dynamically allocated even for the
	"unknown" case.
	[015454bf97f8]

2013-12-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Use -fstack-protector-strong in preference to -fstack-protector-all
	or -fstack-protector.
	[bdd1066eefc4]

	* doc/HISTORY:
	Dell acquired Quest
	[3d5b7d27a313]

2013-12-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po, src/po/ru.mo,
	src/po/ru.po, src/po/vi.mo, src/po/vi.po:
	sync with translationproject.org
	[f964671d08ce]

2013-12-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po,
	src/po/cs.mo, src/po/cs.po, src/po/da.mo, src/po/da.po,
	src/po/it.mo, src/po/it.po, src/po/pl.mo, src/po/pl.po,
	src/po/pt_BR.mo, src/po/pt_BR.po, src/po/uk.mo, src/po/uk.po,
	src/po/zh_CN.mo, src/po/zh_CN.po:
	sync with translationproject.org
	[5f5becf5fb7a]

	* doc/sudoers.ldap.cat:
	regen
	[77745e6bc0d5]

	* NEWS:
	Update for recent changes.
	[365b9084268a]

	* plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/visudo.c:
	Fix typo; we want setlocale(LC_ALL, "") since we are setting the
	locale for the first time.
	[e2b9660e9d48]

2013-12-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/visudo.c:
	Use sudoers_initlocale() in main() startup, not sudoers_setlocal()
	as the latter assumes we are already in the user's locale which may
	not be the case. For sudoreplay, we can just use setlocale()
	directly as there is no sudoers locale.
	[12235e50dea0]

2013-12-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/preserve_fds.c, src/sudo.c, src/sudo.h:
	Redo preserve_fds support to remap high fds so we can get the most
	out of closefrom(). The fds are then restored after closefrom().
	[7d712ec49db7]

	* plugins/sudoers/Makefile.in:
	Fix install-plugin when sudoers is compiled statically.
	[36a8bf3b588d]

2013-12-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, common/sudo_debug.c, doc/sudo_plugin.cat,
	doc/sudo_plugin.man.in, doc/sudo_plugin.mdoc.in,
	include/sudo_debug.h, include/sudo_plugin.h, src/Makefile.in,
	src/exec.c, src/exec_pty.c, src/preserve_fds.c, src/sudo.c,
	src/sudo.h, src/sudo_exec.h:
	Add support for preventing fds from getting clobbered by
	closefrom().
	[269f45964ff0]

2013-12-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in:
	regen
	[b8f458379b5b]

2013-12-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/alloc.c:
	Need to include limits.h here too.
	[b53c6edef597]

2013-12-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.ac, plugins/sudoers/parse.h:
	No need to use __signed.
	[05f9648d1953]

	* plugins/sudoers/regress/logging/check_wrap.c:
	Need limits.h here too.
	[54aac3bbf66a]

	* compat/closefrom.c:
	Still need limits.h here.
	[0abc6b2be208]

	* plugins/sudoers/po/sudoers.pot:
	regen
	[386b47ced07f]

	* compat/closefrom.c:
	Go back to using /proc/self/fd instead of /proc/$$/fd as only AIX
	lacks /proc/self and it has F_CLOSEM.
	[b5735fbcfdce]

2013-12-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo_json.c:
	Use a switch to map digest type to name instead of an array of
	strings.
	[ab17ceb4dd60]

	* compat/closefrom.c:
	Use /dev/fd in closefrom() on FreeBSD < 8.0 and Mac OS X.
	[e70df3b3144b]

	* compat/snprintf.c:
	Remove _MAX and _MIN compat; we rely on missing.h for that. We
	already require the compiler handle long long so there's no need to
	use HAVE_LONG_LONG_INT everywhere.
	[2bda15071439]

	* common/ttysize.c, include/missing.h:
	Remove _MAX and _MIN defines that any system from the last 20 years
	should have. Add ULLONG_MAX in case it is missing.
	[2db0cee4aaa8]

	* doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in,
	plugins/sudoers/visudo.c, plugins/sudoers/visudo_json.c:
	Change visudo -x to take a file name argument, which may be '-' to
	write the exported sudoers file to stdout.
	[84cb72c3c391]

	* plugins/sudoers/auth/bsdauth.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/parse.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/testsudoers.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, plugins/sudoers/visudo.c,
	plugins/sudoers/visudo_json.c, src/regress/ttyname/check_ttyname.c:
	Move symbol extern defs into sudoers.h
	[b631a0b57fae]

	* plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/logging/check_wrap.c:
	Add missing sudo_util.h
	[ed0edc2e2d0c]

2013-12-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoreplay.c:
	Warn if the time stamp in the I/O log file does not fit in time_t.
	Warn if the info line is not well-formed instead of silently
	ignoring it.
	[37a050de5be5]

2013-12-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/Makefile.in, plugins/sudoers/Makefile.in, src/Makefile.in:
	Rename libcommon libsudo_util
	[df3ffd4229e5]

2013-12-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, common/Makefile.in, common/aix.c, common/atobool.c,
	common/atoid.c, common/atomode.c, common/fmt_string.c,
	common/gidlist.c, common/progname.c, common/setgroups.c,
	common/sudo_conf.c, common/term.c, common/ttysize.c,
	include/missing.h, include/sudo_util.h,
	plugins/group_file/Makefile.in, plugins/group_file/getgrent.c,
	plugins/sudoers/Makefile.in, plugins/sudoers/sudoers.h,
	plugins/sudoers/sudoreplay.c, plugins/system_group/Makefile.in,
	plugins/system_group/system_group.c, src/Makefile.in, src/sudo.h:
	Move prototypes for functions provided by libcommon that don't have
	their own header files into sudo_util.h.
	[43f423a24416]

2013-12-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/def_data.c,
	plugins/sudoers/def_data.h, plugins/sudoers/def_data.in,
	plugins/sudoers/defaults.c, plugins/sudoers/defaults.h,
	plugins/sudoers/logging.c, plugins/sudoers/logging.h,
	plugins/sudoers/mkdefaults:
	Now that we have proper number parsing functions we should store
	T_UINT defaults values as unsigned int, not int.
	[67d8c2244f1d]

	* plugins/sudoers/defaults.c, plugins/sudoers/defaults.h:
	Don't use int where we really mean enum def_tuple. When this code
	was written it was assumed that we may have multiple tuple types.
	However, that hasn't happened and probably never will.
	[8491f970f343]

	* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
	Regen after string parsing changes.
	[fd6bf79c3286]

	* common/atoid.c, common/atomode.c, compat/strtonum.c, configure,
	configure.ac, include/missing.h, plugins/sudoers/defaults.c,
	plugins/sudoers/iolog.c, plugins/sudoers/ldap.c,
	plugins/sudoers/sudoreplay.c, src/parse_args.c, src/ttyname.c:
	The OpenBSD strtonum() uses very short error strings that can't be
	translated usefully. Convert them to longer strings on error. Also
	use the longer strings for atomode() and atoid().
	[dace028594da]

2013-12-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, common/Makefile.in, common/atoid.c, common/atomode.c,
	plugins/sudoers/defaults.c, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.h, src/sudo.c, src/sudo.h:
	Add atomode() function for parsing a file mode.
	[44e29629aa5e]

	* common/sudo_conf.c, common/ttysize.c, compat/Makefile.in,
	compat/closefrom.c, compat/getaddrinfo.c, compat/strtonum.c,
	configure, configure.ac, include/missing.h,
	plugins/sudoers/boottime.c, plugins/sudoers/defaults.c,
	plugins/sudoers/iolog.c, plugins/sudoers/ldap.c,
	plugins/sudoers/match_addr.c, plugins/sudoers/policy.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/sudoreplay.c, plugins/system_group/system_group.c,
	src/parse_args.c, src/sudo.c, src/ttyname.c:
	Use strtonum() instead of atoi(), strtol() or strtoul() where
	possible.
	[e4a1fc84b893]

	* MANIFEST, compat/Makefile.in, compat/strtonum.c, config.h.in,
	configure, configure.ac, include/missing.h, mkdep.pl:
	Add strtonum.c to compat for simpler number parsing.
	[a4c69b003da0]

2013-12-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_common.c:
	Fix a warning on Solaris, we need to use debug_return_const_ptr.
	[932aa94c0cac]

	* plugins/sudoers/Makefile.in:
	check_symbols needs to link with SUDO_LIBS in order to get -lpthread
	on HP-UX for libldap (which uses threads). It would be better to
	have a separate variable for the pthread library but this is no
	worse than it used to be.
	[94591b765371]

2013-12-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	add missing comma
	[7dcbd1c6dd25]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Make -c option description more accurate.
	[3f305ae6037e]

2013-12-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS, plugins/sudoers/sudoers.c:
	When checking whether a user may change the login class, just check
	pw_uid of the runas user, which was passed in to set_loginclass().
	[aaf736440441]

2013-12-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo_json.c:
	Use atoid() when parsing user/group IDs and print them as unsigned
	int.
	[40c77459a36a]

2013-12-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoreplay.c:
	Correctly parse 64-bit times in I/O log files.
	[d053ee75adc3]

	* compat/getgrouplist.c, plugins/group_file/getgrent.c,
	plugins/sudoers/pwutil.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/testsudoers.c:
	Use atoid() not atoi() when parsing uids/gids.
	[491146596626]

	* plugins/sudoers/match.c, plugins/sudoers/match_addr.c,
	plugins/sudoers/parse.h, plugins/sudoers/pwutil.c,
	plugins/sudoers/pwutil.h, plugins/sudoers/pwutil_impl.c,
	plugins/sudoers/sudoers.h:
	Better match debugging. Sprinkle const in match functions.
	[4cd8d793f165]

2013-12-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo.conf.man.in,
	doc/sudo.conf.mdoc.in, doc/sudo.man.in, doc/sudo.mdoc.in,
	doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in:
	Document that plugins can be compiled statically into the sudo
	binary.
	[434061cf909f]

2013-12-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sssd.c:
	sudo_sss_filter_user_netgroup(): fix comment typos, break out of
	loop early if we match ALL or netgroup.
	[0691731f4b12]

	* plugins/sudoers/sssd.c:
	When filtering netgroups, use the passwd struct stashed in the
	handle, not user_name since we may be listing another users
	privileges.
	[f2669cf7b70c]

	* mkpkg:
	RHEL 6 and above builds sudo with SSSD support
	[afc3d894851e]

	* plugins/sudoers/sssd.c:
	Avoid passing NULL domainname to sudo_debug_printf().
	[b08abe5e6d23]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document sssd debug subsystem.
	[250c3ab1bcf0]

	* doc/sudo.conf.cat, doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in:
	Document "event" debug subsystem.
	[85d220b48edc]

	* plugins/sudoers/match.c:
	Use atoid() instead of atoi() when parsing uids/gids so we get
	proper range checking.
	[5c3e2f3f6cb9]

	* plugins/sudoers/sssd.c:
	Add user netgroup filtering for SSSD. Previously, rules for a
	netgroup were applied to all even when they did not belong to the
	specified netgroup. RedHat Bugzilla 880150.
	[784848b5462c]

	* plugins/sudoers/sssd.c:
	Fix several issues found by the clang static analyzer; Daniel
	Kopecek
	[520261dd7461]

2013-12-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* README.LDAP:
	Mention how to dump sudoers info from LDAP.
	[a53c93790a30]

	* src/exec_common.c:
	On Solaris, disabling the proc_exec privilege appears to interfere
	with DAC file permissions. Adding DAC override permissions to the
	inheritable set works around this for commands run as root without
	giving extra permissions to other users. Bug #626
	[391ad44026c3]

2013-12-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, common/Makefile.in, common/progname.c, compat/Makefile.in,
	compat/getprogname.c, configure, configure.ac, include/missing.h,
	mkdep.pl, plugins/sample/sample_plugin.c, plugins/sudoers/policy.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/visudo.c, src/parse_args.c,
	src/regress/ttyname/check_ttyname.c, src/sudo.c:
	Instead of setprogname(), add initprogname() which gets the program
	name for getprogname() using /proc or pstat() if possible.
	[e2d48d81456f]

2013-11-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/ttyname.c:
	Ignore EOVERFLOW from pstat_getproc(). The HP-UX kernel appears to
	return this in certain situations but it appears to be harmless at
	least insofar as retrieving the tty goes.
	[105bea4e1c20]

	* plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po,
	src/po/cs.mo, src/po/cs.po, src/po/eo.mo, src/po/eo.po,
	src/po/fi.mo, src/po/fi.po, src/po/it.mo, src/po/it.po,
	src/po/pl.mo, src/po/pl.po, src/po/pt_BR.mo, src/po/pt_BR.po,
	src/po/ru.mo, src/po/ru.po, src/po/uk.mo, src/po/uk.po,
	src/po/vi.mo, src/po/vi.po, src/po/zh_CN.mo, src/po/zh_CN.po:
	Sync with translationproject.org
	[3694d7ad4c9d]

2013-11-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo.c:
	Add missing newline in help message after export option.
	[1c0bff0c181e]

2013-11-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac, plugins/sudoers/Makefile.in,
	src/Makefile.in:
	Do not add LIBDL to SUDO_LIBS or SUDOERS_LIBS in configure, do it in
	Makefile.in so we can make it last. Fixes a linking problem on
	Ubuntu precise.
	[f8d3bddbe742]

2013-11-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, m4/ax_func_getaddrinfo.m4:
	Do not rely on NULL being defined for getaddrinfo() test. Fixes the
	check on HP-UX 11.23.
	[a5dcf0283693]

2013-11-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
	Regen for sudo 1.8.9b1
	[945f27a7aa1c]

	* src/po/de.mo, src/po/de.po, src/po/sr.mo, src/po/sr.po:
	Sync with translationproject.org
	[52abae16ccfa]

2013-11-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL, MANIFEST, NEWS, common/Makefile.in, common/sudo_dso.c,
	compat/Makefile.in, compat/dlfcn.h, compat/dlopen.c, config.h.in,
	configure, configure.ac, include/sudo_dso.h, mkdep.pl,
	plugins/sudoers/Makefile.in, plugins/sudoers/group_plugin.c,
	plugins/sudoers/ldap.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/sssd.c, plugins/system_group/Makefile.in,
	plugins/system_group/system_group.c, src/Makefile.in,
	src/env_hooks.c, src/load_plugins.c, src/preload.c, src/sudo.c,
	src/sudo.h:
	Add wrapper functions for dlopen() et al so that we can support
	statically compiling in the sudoers plugin but still allow other
	plugins to be loaded. The new --enable-static-sudoers configure
	option will cause the sudoers plugin to be compiled statically into
	the sudo binary. This does not prevent other plugins from being
	loaded as per sudo.conf.
	[9425770e9d2b]

2013-11-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo_json.c:
	Handle non-unix groups correctly. Get rid of runasuser and
	runasgroup types and use username and usergroup instead. The fact
	that the user or group is inside a Runas_List doesn't affect its
	underlying type.
	[ea1789258c11]

2013-11-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo_json.c:
	Simplify Defaults list option object. The name and value strings are
	superfluous.
	[5852b0184669]

	* compat/dlopen.c:
	Back out unintended change.
	[85156e49e96e]

	* MANIFEST, aclocal.m4, configure, configure.ac,
	m4/ax_func_getaddrinfo.m4:
	Add dedicated test for getaddrinfo(). Tru64 UNIX contains two
	versions of getaddrinfo and we must include netdb.h to get the
	proper definition.
	[9882e3e1e8e3]

	* compat/dlopen.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c:
	Define RTLD_GLOBAL for older systems without it. Bug #621
	[ed38ac84f1da]

2013-11-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/snprintf.c, include/missing.h:
	Rename snprintf replacement rpl_snprintf since we may now replace
	the libc version and #define rpl_snprintf snprintf in missing.h so
	we get our version when needed. This is consistent with how we
	replace glob and fnmatch.
	[309aa17d0dfe]

	* common/Makefile.in, common/regress/sudo_conf/conf_test.c,
	common/regress/sudo_parseln/parseln_test.c,
	common/regress/tailq/hltq_test.c, src/Makefile.in:
	libcommon tests need locale_stub.lo to link.
	[baae40f36de5]

	* MANIFEST, aclocal.m4, compat/snprintf.c, config.h.in, configure,
	configure.ac, m4/ax_func_snprintf.m4:
	Add check for C99 compliant (v)snprintf function.
	[79e02551543c]

	* compat/sig2str.c, configure, configure.ac:
	Include unistd.h in sig2str.c for Tru64 as it defines SIGRTMIN and
	SIGRTMAX in terms of sysconf(), which is prototyped in unistd.h. Bug
	#621; from Daniel Richard G.
	[2a59ccb8c966]

	* include/gettext.h, plugins/sudoers/locale.c, src/locale_stub.c:
	Add definition of U_ for --disable-nsl Don't define warning_gettext
	if --disable-nsl Bug #621; from Daniel Richard G.
	[c0054eb89c2b]

2013-11-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo_json.c:
	When merging Defaults entries we need to check the type of the next
	entry and not just assume it is the same as the previous one.
	[e97d9b9cf0d5]

	* plugins/sudoers/visudo_json.c:
	runasgroups not runasgroup in the Cmnd_Spec.
	[92ea5dc20e4d]

	* plugins/sudoers/visudo_json.c:
	Fix some syntax errors and change how lists are handled.
	[027b8dea44b2]

	* common/sudo_debug.c, config.h.in, configure, configure.ac,
	include/fatal.h, include/sudo_debug.h:
	Allow sudo to compile without variadic macro support in cpp.
	Debugging support will be limited (no file info from warnings.) From
	Daniel Richard G.; Bug #621
	[51b8b868cd4b]

	* Makefile.in, common/aix.c, common/fatal.c, common/gidlist.c,
	common/sudo_conf.c, include/fatal.h, include/gettext.h,
	include/missing.h, plugins/sudoers/auth/fwtk.c,
	plugins/sudoers/auth/rfc1938.c, plugins/sudoers/auth/securid5.c,
	plugins/sudoers/bsm_audit.c, plugins/sudoers/defaults.c,
	plugins/sudoers/env.c, plugins/sudoers/group_plugin.c,
	plugins/sudoers/iolog.c, plugins/sudoers/ldap.c,
	plugins/sudoers/linux_audit.c, plugins/sudoers/locale.c,
	plugins/sudoers/logging.c, plugins/sudoers/match.c,
	plugins/sudoers/policy.c, plugins/sudoers/prompt.c,
	plugins/sudoers/pwutil.c, plugins/sudoers/set_perms.c,
	plugins/sudoers/sssd.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/timestamp.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, plugins/sudoers/toke_util.c,
	plugins/sudoers/visudo.c, plugins/sudoers/visudo_json.c, src/exec.c,
	src/exec_common.c, src/exec_pty.c, src/load_plugins.c,
	src/locale_stub.c, src/net_ifs.c, src/parse_args.c, src/selinux.c,
	src/sesh.c, src/signal.c, src/solaris.c, src/sudo.c,
	src/sudo_edit.c, src/tgetpass.c, src/utmp.c:
	Add warning_gettext() wrapper function that changes to the user
	locale, then calls gettext(). Add U_ macro that calls
	warning_gettext() instead of gettext(). Rename warning2()/error2()
	back to warning_nodebug()/error_nodebug().
	[f3bb207db201]

2013-11-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/fileops.c, compat/getaddrinfo.c, compat/mktemp.c,
	compat/utimes.c, configure.ac, plugins/sudoers/boottime.c,
	plugins/sudoers/check.c, plugins/sudoers/getdate.c,
	plugins/sudoers/getdate.y, plugins/sudoers/group_plugin.c,
	plugins/sudoers/iolog.c, plugins/sudoers/ldap.c,
	plugins/sudoers/logging.h, plugins/sudoers/sssd.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/timestamp.c,
	plugins/sudoers/visudo.c, src/exec.c, src/exec_pty.c, src/preload.c,
	src/sudo.c, src/sudo_edit.c, src/ttyname.c, src/utmp.c:
	Fix some #if vs. #ifdef and remove an extraneous semicolon. Bug
	#624; from Daniel Richard G.
	[b212e4694018]

	* include/sudo_debug.h, plugins/sudoers/defaults.c,
	plugins/sudoers/ldap.c, src/exec_common.c:
	Add debug_return_const_str and debug_return_const_ptr for returning
	a const string or pointer. Using const for the normal versions
	produces warnings with the Tru64 compiler.
	[45018a149cb4]

	* common/event_poll.c, compat/getaddrinfo.c, config.h.in, configure,
	configure.ac, m4/sudo.m4:
	Fixes for building under Tru64; from Daniel Richard G. Bug #624
	[fc4a6cbae1ba]

2013-11-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/logging.c:
	log_{fatal,warning} now logs to the debug file itself.
	log_{fatal,warning} now calls warningx2() after setting the locale
	itself instead of using the wrapper macros. This removes the only
	use of warningx(ngettext(...)).
	[930129361e0a]

2013-11-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.ac:
	Add -Wpointer-arith to --enable-warnings
	[2043ae306d1b]

	* configure, configure.ac:
	Fix more instances of #include directives where the '#' was not in
	column 1. From Daniel Richard G. (bug #622)
	[75f36f39dcab]

	* MANIFEST, doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/visudo.c,
	plugins/sudoers/visudo_json.c:
	Add support to visudo to export sudoers in JSON format.
	[1697b2b4bfd2]

2013-11-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/parse.h:
	Remove unused digest field from struct cmndspec, the digest really
	lives in struct sudo_command.
	[e9a1e2e112d6]

	* config.h.in, configure:
	Regen with autoconf 2.69
	[275f69f98f9e]

	* MANIFEST, Makefile.in, config.h.in, configure.ac, configure.in,
	doc/Makefile.in:
	Rename configure.in -> configure.ac
	[0aeafe425373]

	* MANIFEST, aclocal.m4, autogen.sh, config.h.in, configure,
	configure.in, ltmain.sh, m4/sudo.m4:
	From Daniel Richard G. (bug #622) Add an autogen.sh script that
	rebuilds the autoconf world. Move old aclocal.m4 contents to
	m4/sudo.m4. New (generayed) aclocal.m4 contains the m4_include
	directives. Some tests had #include directives where the '#' was not
	in column 1. Updated obsolete macro usage via autoupdate.
	[5fe8de5a56df]

2013-11-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo_exec.h:
	Very old systems (pre XPG 4.2) may not support MSG_WAITALL. The
	likelihood of receiving a partial message is quite low so this is
	not a big deal.
	[900a304f9548]

	* configure, configure.in:
	HP-UX may require _XOPEN_SOURCE_EXTENDED to be defined for
	MSG_WAITALL to be visible.
	[f08b1a00a30a]

	* MANIFEST, plugins/sudoers/regress/visudo/test5.out.ok,
	plugins/sudoers/regress/visudo/test5.sh:
	Add regress test for bug #623
	[8e83cfccaf14]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Cope with a comment on the last line of the file with no newline.
	Bug #623
	[f826243bc4e6]

	* compat/getaddrinfo.c:
	Include arpa/inet.h for HP-UX; from Daniel Richard G.
	[d4d7a4303bae]

	* doc/Makefile.in:
	Add missing $(mansrcdir) to visudo.mdoc and visudo.man. From Daniel
	Richard G.
	[f664c8d2f961]

2013-11-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/fatal.h:
	In v{warning,fatal}x?() make a new copy of ap for the debug
	functions. It is not legal to use ap twice without reinitializing
	it. Noticed by Daniel Richard G.
	[6ca8bc48ecb3]

	* include/fatal.h:
	Remove errant warning_restore_locale() call.
	[4ef7aecefcbb]

	* include/missing.h, plugins/sudoers/logging.c:
	Move va_copy compat macro to missing.h
	[c873e4cc4c8a]

	* common/Makefile.in, compat/Makefile.in, mkdep.pl,
	plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in,
	src/Makefile.in, zlib/Makefile.in:
	Uniquify header dependencies so we don't end up with duplicates when
	a header file includes other headers. The header dependencies are
	sorted so the generated order is stable.
	[95747db2f07a]

	* compat/Makefile.in, configure, configure.in, doc/CONTRIBUTORS,
	mkdep.pl:
	Add getaddrinfo.lo to LTLIBOBJS for systems that need it. From
	Daniel Richard G.
	[e94ee99a52a9]

	* plugins/sudoers/testsudoers.c:
	Fix pasto
	[5262735e78e0]

2013-11-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.mdoc.in:
	Fix typo.
	[6b11a4eec6b6]

2013-11-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/getdate.c, plugins/sudoers/gram.c:
	regen
	[995ca9f21862]

	* plugins/sudoers/getdate.c, plugins/sudoers/getdate.y,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/toke.c:
	Fix warnings from -Wold-style-definition
	[a748c5c7b423]

	* configure, configure.in:
	Add -Wold-style-definition to --enable-warnings
	[0484de0deb59]

	* common/event_poll.c:
	Extra debugging for ready fds.
	[91fb85cdecbb]

	* common/event_select.c:
	When deleting an event, check ev->events to determine whether to
	remove from readfds or writefds instead of blinding removing from
	both. Also fix highfd adjustment.
	[7384db65ca9c]

2013-11-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/event_select.c:
	Only check an fd that is >= 0. Timeout-only events may have a
	negative fd.
	[fa0e5cbc3cc2]

2013-11-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/event.c:
	Don't call sudo_ev_{add,del}_impl() for timeout-only events. This
	makes it possible to pass sudo_ev_alloc() an fd of -1 for events
	only use SUDO_EV_TIMEOUT.
	[6838657a1a2f]

2013-10-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/alloc.c, common/event_select.c, include/sudo_event.h:
	Make a copy of readfds/writefds before calling select() instead of
	calculating it each time. Keep track of high fd in the base.
	[6048b78f2e94]

2013-10-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS:
	Add Stephen Gelman
	[0028c7a91a4f]

	* plugins/sudoers/getdate.c, plugins/sudoers/gram.c:
	Fix sign comparison warning.
	[914cb36b9ed2]

	* plugins/sudoers/sudoreplay.c:
	Fix potential NULL dereference in non-interactive mode.
	[9233428d3f32]

2013-10-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c, src/exec_pty.c:
	Use MSG_WAITALL when receiving struct command_status over the Unix
	domain socket since we no longer use datagrams. This should avoid
	the need to handle incomplete reads, though in theory it is still
	possible.
	[28a92888a908]

	* plugins/sudoers/sudoreplay.c:
	SIGKILL is not catchable
	[79f82e4cb11d]

	* common/event.c, include/sudo_event.h, plugins/sudoers/sudoreplay.c:
	Add sudo_ev_get_timeleft() to get the amount of time left before an
	event times out and use it in sudoreplay.
	[d5b17ee30fa4]

2013-10-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in,
	plugins/sudoers/sudoreplay.c:
	If the user presses <return> or <enter> in sudoreplay, skip to the
	next event. Useful for skipping past long pauses in the data.
	[43343f45c94d]

	* common/event.c, common/event_poll.c, common/event_select.c:
	Fix sudo_ev_scan_impl() return value in event_poll.c. Make sure we
	clear active flag from unprocessed events if sudo_ev_loopbreak() or
	sudo_ev_loopcontinue() are used. Remove bogus optimization when the
	timeout is zero or negative; it could prevent an I/O event from
	being triggered.
	[a13603fb3134]

	* plugins/sudoers/sudoreplay.c:
	Move session replay into its own function.
	[e323f7729595]

	* common/event.c, common/event_poll.c, common/event_select.c,
	include/sudo_event.h:
	Get rid of cur and pending pointers in struct sudo_event_base. We
	now pop the first event off the active queue instead of using a
	foreach loop with deferred removal of the event. Add
	SUDO_EVQ_INSERTED and SUDO_EVQ_TIMEOUTS flags to indicate that the
	event on the event queue and timeouts queue respectively. No longer
	need to compare the timeout to {0,0} or compare the event's base
	pointer to NULL to determine queue membership.
	[f2b2251fd523]

	* common/event_poll.c:
	rename sudo_ev_loop_impl() -> sudo_ev_scan_impl()
	[614faaff04e3]

	* MANIFEST, common/event.c, common/event_poll.c,
	common/event_select.c, compat/Makefile.in, compat/nanosleep.c,
	config.h.in, configure, configure.in, include/missing.h,
	include/sudo_event.h, mkdep.pl, plugins/sudoers/Makefile.in,
	plugins/sudoers/sudoreplay.c, src/exec.c, src/exec_pty.c:
	Add support for libevent-style timed events. Adding a timed event is
	currently O(n). The only consumer of timed events is sudoreplay
	which only used a singled one so O(n) == O(1) for now. This also
	allows us to remove the nanosleep compat function as we now use a
	timeout event instead.
	[db41c08e92dc]

2013-10-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c, src/exec_pty.c:
	Now that sudo_ev_base_free() removes all events before freeing we
	don't need to do this by hand.
	[b59d43658c5f]

	* common/event.c, common/event_poll.c, common/event_select.c,
	include/sudo_event.h:
	Add a list of active events in the base that the back end sets when
	it calls poll or select. This allows the front end to iterate over
	the events instead of having that code in both back ends. It will
	also simplify support for timeout events. Also make sure we can't
	touch freed memory if a callback frees its own event.
	[933b99b3f2bc]

	* common/event.c:
	Remove any existing events before freeing the event base.
	[2543c6620cf1]

2013-10-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	mon_handler() should be static
	[b1a62ef65c96]

2013-10-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	If user specified start_tls and ldaps, display a warning and ignore
	start_tls. There's no reason to make this a fatal error.
	[bf446dd1e740]

	* src/exec_pty.c:
	Add missing else when the connection from the monitor to the parent
	sudo process is broken (due to the parent dying). Prevents a
	spurious "unexpected reply type on backchannel" warning.
	[5c44053cef08]

	* src/exec_pty.c:
	When flushing output we don't care whether we are the foreground
	process or not, we still need to flush to /dev/tty. If we are in the
	background, it is OK to get SIGTTOU.
	[9716892d1fb5]

	* plugins/sudoers/ldap.c:
	Should not attempt start_tls on an ldaps connection.
	[9d01d461c52c]

2013-10-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/regress/parser/check_fill.c:
	Fix sign compare warning.
	[6130fa8df758]

	* doc/Makefile.in:
	Eliminate warning about circular dependency from GNU make.
	[7ed5df762089]

	* plugins/sudoers/set_perms.c, plugins/sudoers/sudoers.c,
	src/ttyname.c:
	More sign compare fixes. On Solaris id_t is signed so use uid_t in
	the set_perms.c ID macro instead.
	[8166dcc50d0b]

	* common/fileops.c, common/lbuf.c, common/secure_path.c,
	common/sudo_debug.c, include/secure_path.h,
	plugins/sudoers/find_path.c, plugins/sudoers/getdate.c,
	plugins/sudoers/group_plugin.c, plugins/sudoers/interfaces.h,
	plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c,
	plugins/sudoers/ldap.c, plugins/sudoers/logging.c,
	plugins/sudoers/match_addr.c, plugins/sudoers/parse.h,
	plugins/sudoers/policy.c, plugins/sudoers/prompt.c,
	plugins/sudoers/pwutil_impl.c, plugins/sudoers/set_perms.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/timestamp.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/toke_util.c, src/load_plugins.c, src/sudo.c,
	src/ttyname.c:
	Quiet sign comparision warnings.
	[e34f45dad10c]

	* configure, configure.in:
	Add -Wsign-compare to --enable-warnings
	[d560e274a6ae]

	* plugins/sudoers/ldap.c:
	Ignore SIGPIPE when connecting to the LDAP server so we can get a
	proper error message with the IBM LDAP libs. Also return
	LDAP_SUCCESS instead of 0 from most sudo_ldap_* functions that
	return an int.
	[611a4ed9b8ee]

	* plugins/sudoers/regress/parser/check_base64.c,
	plugins/sudoers/regress/parser/check_digest.c:
	Quiet compiler warnings.
	[7d82dcca7126]

2013-10-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	sudo_ldap_parse_uri() should join multiple URIs in the string list
	together but it was clearing the host entry each time through the
	loop. Fixes a bug with multiple URI entries in ldap.conf where only
	the last one was being honored.
	[83cee19b136d]

	* src/exec_pty.c:
	Avoid a double free introduced when plugging a memory leak in
	safe_close(). A new ev_free_by_fd() function is used to remove and
	free any events sharing the specified fd. This can be used after
	safe_close() to make sure we don't try to select() on a closed fd.
	[54f48a281147]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y, src/exec.c:
	Quiet some llvm check false positives. The common idiom of using
	TAILQ_FIRST, TAILQ_REMOVE and free in a loop to free each entry in a
	TAILQ confuses llvm. Use TAILQ_FOREACH_SAFE instead (which is
	probably faster anyway).
	[bd1b8c11f416]

	* plugins/sudoers/auth/pam.c:
	If pam_open_session() fails don't call pam_getenvlist() with a NULL
	pam handle.
	[352e0329acba]

	* plugins/sudoers/defaults.c:
	Fix newly introduced use after frees found by llvm checker.
	[a81080230f1f]

	* common/event_select.c:
	Remove an errant list_next() call that should have been removed in
	the TAILQ conversion.
	[3bbf8d117ce4]

	* MANIFEST, common/Makefile.in, common/list.c,
	common/regress/tailq/hltq_test.c, include/list.h, include/queue.h,
	plugins/sudoers/Makefile.in, plugins/sudoers/alias.c,
	plugins/sudoers/defaults.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/match.c,
	plugins/sudoers/parse.c, plugins/sudoers/parse.h,
	plugins/sudoers/regress/parser/check_fill.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c:
	Add "headless" tail queues and use them in place of the semi-
	circular lists in sudoers. Once the headless tail queue is built up
	it is converted to a normal TAILQ. This removes the last consumer of
	list.c and list.h so those can now be removed.
	[5986ba762a24]

	* common/Makefile.in, common/fatal.c, plugins/sudoers/Makefile.in,
	plugins/sudoers/defaults.c, plugins/sudoers/defaults.h,
	plugins/sudoers/env.c, plugins/sudoers/interfaces.c,
	plugins/sudoers/interfaces.h, plugins/sudoers/ldap.c,
	plugins/sudoers/match_addr.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/visudo.c, src/Makefile.in, src/exec_pty.c,
	src/hooks.c:
	Use SLIST and STAILQ macros instead of doing headless singly linked
	lists manually. As a bonus we now use a tail queue for ldap.c and
	sudoreplay.c.
	[c31bc2d99082]

	* MANIFEST, common/Makefile.in, common/event.c, common/event_poll.c,
	common/event_select.c, common/list.c,
	common/regress/sudo_conf/conf_test.c, common/sudo_conf.c,
	doc/LICENSE, include/list.h, include/missing.h, include/queue.h,
	include/sudo_conf.h, include/sudo_event.h,
	plugins/sudoers/Makefile.in, plugins/sudoers/ldap.c,
	plugins/sudoers/parse.c, plugins/sudoers/parse.h,
	plugins/sudoers/sssd.c, plugins/sudoers/sudo_nss.c,
	plugins/sudoers/sudo_nss.h, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/visudo.c,
	src/Makefile.in, src/exec.c, src/exec_pty.c, src/load_plugins.c,
	src/sudo.c, src/sudo.h, src/sudo_plugin_int.h:
	Convert sudo to use BSD TAILQ macros instead of home ground tail
	queue functions. This includes a private queue.h header derived from
	FreeBSD. It is simpler to just use our own header rather than try to
	deal with macros that may or may not be present in various queue.h
	incarnations.
	[450bce095d7c]

2013-10-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoreplay.c:
	Fix AND operator broken by changes to fix OR.
	[a4d3485ee943]

2013-10-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoreplay.c:
	Fix OR operator.
	[f5c1c90ee284]

2013-10-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	Fix memory leak of I/O buffer events in safe_close().
	[08cd790cfbba]

2013-10-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/sudo_debug.c:
	Don't allow the debug subsystem to be initialized twice. Otherwise
	we can exhuast our stack when built in static mode.
	[fadacb6a4617]

	* common/event_poll.c:
	Make sure we do not try to usie index -1 in base->pfds[].
	[beeb922aba3f]

2013-10-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, configure, configure.in:
	Bump version to 1.8.9
	[758dbb464796]

2013-10-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	Convert the monitor process to the event subsystem.
	[c4fe8e2ba53c]

	* src/exec.c, src/exec_pty.c, src/sudo_exec.h:
	Convert the main sudo event loop to use the event subsystem. Read
	events for I/O buffers are added before the loop starts. Write
	events are added on demand as the buffers are filled.
	[72a603e997e0]

	* INSTALL, MANIFEST, common/Makefile.in, common/event.c,
	common/event_poll.c, common/event_select.c, common/list.c,
	common/sudo_debug.c, config.h.in, configure, configure.in,
	include/list.h, include/sudo_debug.h, include/sudo_event.h,
	mkdep.pl, plugins/sudoers/Makefile.in, src/Makefile.in,
	src/exec_pty.c:
	Simple event subsystem that uses poll() or select(). Basically a
	simplied subset of libevent2. Currently only fd events are supported
	(since that's all we need). The poll() backend is used by default,
	except on Mac OS X where poll() is broken for devices (including
	/dev/tty and ptys).
	[8773142b4117]

	* src/exec.c, src/exec_pty.c:
	Use SOCK_STREAM for socketpair, not SOCK_DGRAM so we get consistent
	semantics when the other end closes. This should make the conversion
	to poll() less problematic.
	[b6a321722a91]

2013-10-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/sudo_debug.c:
	Fix removal of trailing newlines in a debug message.
	[6f5ce5ac64e0]

2013-10-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo.c:
	When checking for unused Runas_Aliases, count those used as part of
	a Runas Group too. Fixes a false positive warning.
	[f13271a4a377]

2013-09-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/missing.h:
	Include stddef.h for rsize_t and errno_t on systems that support it
	natively.
	[bc547d47e9c6]

	* MANIFEST:
	Fix braino.
	[67b79747312f]

	* plugins/sudoers/po/da.mo, plugins/sudoers/po/de.mo,
	plugins/sudoers/po/eo.mo, plugins/sudoers/po/fi.mo,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/pl.mo,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/uk.mo,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/zh_CN.mo:
	Rebuild message catalog files.
	[0a9befb0674e]

	* src/po/da.mo, src/po/eo.mo, src/po/fi.mo, src/po/it.mo,
	src/po/pl.mo, src/po/pt_BR.mo, src/po/ru.mo, src/po/uk.mo,
	src/po/vi.mo, src/po/zh_CN.mo:
	Rebuild message catalog files.
	[25191089ddf2]

	* MANIFEST, NEWS, doc/CONTRIBUTORS, src/po/cs.mo, src/po/cs.po:
	Czech translation for sudo from translationproject.org.
	[8bc0ed069ddb]

2013-09-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/da.po, plugins/sudoers/po/de.po,
	plugins/sudoers/po/eo.po, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/it.po, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt_BR.po, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.po, plugins/sudoers/po/zh_CN.po, src/po/da.po,
	src/po/eo.po, src/po/fi.po, src/po/it.po, src/po/pl.po,
	src/po/pt_BR.po, src/po/ru.po, src/po/uk.po, src/po/vi.po,
	src/po/zh_CN.po:
	Sync with translationproject.org
	[c16f9bb4579e]

	* NEWS, plugins/sudoers/getdate.c, plugins/sudoers/getdate.y:
	Change "next" back to 2. In the context of "next Friday" we really
	do want the friday of the upcoming (not current) week.
	Unfortunately, this means that things like "next week" and "next
	year" will match one more than we really want. Fixing this will
	require some fairly major changes to the grammar.
	[7f863c930121]

	* doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in:
	Mention that relative times don't always do what you might expect.
	[710a9b0dd36f]

2013-09-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS:
	Add diacritical for Zdenek Behan.
	[78d333f88e6c]

2013-09-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/regress/ttyname/check_ttyname.c:
	Do not fail if ttyname() cannot determine the tty but sudo can.
	Should fix problems with running "make check" under pbuilder.
	[e6fc06a6c5cf]

	* plugins/sudoers/Makefile.in:
	Remove extraneous $$CWD; from Bdale Garbee
	[4d040ddd7446]

2013-09-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, plugins/sudoers/getdate.c, plugins/sudoers/getdate.y:
	Make "this" and "next" qualifiers work a bit better. There is still
	room for improvement as "this week" will use the current time
	instead of the beginning of the week. That's a separate issue
	though.
	[e844c02f754a]

2013-09-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/regress/sudo_conf/conf_test.c,
	common/regress/sudo_parseln/parseln_test.c:
	Mark main() public to silence a warning on HP-UX.
	[ac0b869b9842]

2013-09-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot, plugins/sudoers/timestamp.c:
	Be specific that we are talking about the Unix epoch; bug #615
	[25887775371b]

	* plugins/sudoers/auth/bsdauth.c, plugins/sudoers/po/sudoers.pot,
	src/po/sudo.pot, src/selinux.c:
	Do not use "setup" as a verb; bug #614
	[17c4750aac5f]

	* plugins/sudoers/iolog.c:
	Fix logic goof when checking open() status.
	[76ece1445d71]

	* plugins/sudoers/po/nl.mo, plugins/sudoers/po/nl.po, src/po/nl.mo,
	src/po/nl.po, src/po/ru.mo, src/po/ru.po:
	Sync with translationproject.org
	[21351498000f]

	* NEWS, plugins/sudoers/sudoreplay.c:
	Work around a bug in sudo 1.8.7 timing files where the indexes are
	off by two.
	[4aa0cd58af58]

	* MANIFEST, plugins/sudoers/iolog.c, plugins/sudoers/iolog.h,
	plugins/sudoers/sudoreplay.c:
	Repair writing of the I/O log file indices broken in sudo 1.8.7.
	[6a5f867884f5]

2013-08-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Try to improve the PAGERS noexec example a bit.
	[226f11118daa]

2013-08-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	Document comment character in ldap.conf Clarify what is and is not
	supported in TLS_KEYPW Mention that gsk8capicmd can be used to
	create a stash file
	[fb8f06ab4458]

2013-08-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	New bugs fixed for 1.8.8.
	[c158df7cd9d2]

	* plugins/sudoers/visudo.c:
	Fix setting of quiet flag when -q / --quiet is specified. Do not
	print "sudoers: parsed OK" in quiet mode.
	[df55acd57ce6]

	* plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po, src/po/fi.mo,
	src/po/fi.po, src/po/it.mo, src/po/it.po:
	Updated translations from translationproject.org
	[e9e8abd23a28]

	* plugins/sudoers/check.c:
	Don't allow root to change its SELinux role without a password. Bug
	#611
	[f8b599acb29d]

2013-08-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Mention new Mac OS X symbol interposition.
	[98293b7c4e0f]

	* plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po, src/po/eo.mo,
	src/po/eo.po, src/po/fr.mo, src/po/fr.po:
	Updated translations from translationproject.org
	[865be7454354]

	* config.h.in, configure, configure.in, src/sudo_noexec.c:
	Add configure checks for the exec functions we will dummy out. This
	is only really needed on Mac OS X when symbol interposition is being
	performed but won't hurt elsewhere.
	[49c20cf6bab0]

2013-08-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in, src/Makefile.in,
	src/sudo_noexec.c:
	Fix installation of sudo_noexec on Mac OS X. Use library symbol
	interposition on Mac OS X 10.4 and higher so we don't need to set
	DYLD_FORCE_FLAT_NAMESPACE=1.
	[a82999dff8e6]

2013-08-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	Fix typo in tls_key example for Tivoli
	[36599f424ac4]

	* src/parse_args.c:
	Don't escape '$' when running "sudo -i command". Bug #564
	[17542d52f714]

	* plugins/sudoers/iolog_path.c:
	Fix typo in comment.
	[d0510ed5eaba]

	* plugins/sudoers/auth/pam.c:
	Fix comment.
	[4e89e0bfd6af]

	* plugins/sudoers/timestr.c, plugins/sudoers/visudo.c:
	Quiet some gcc -Wformat=2 false positives
	[28a2014b9822]

2013-08-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/pam.c:
	Remove now-obsolete arg to env_merge()
	[ba015cf5d935]

	* plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/pt_BR.mo, plugins/sudoers/po/pt_BR.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po,
	src/po/pl.mo, src/po/pl.po, src/po/pt_BR.mo, src/po/pt_BR.po,
	src/po/uk.mo, src/po/uk.po, src/po/vi.mo, src/po/vi.po,
	src/po/zh_CN.mo, src/po/zh_CN.po:
	Updated translations from translationproject.org
	[72b6aeaba505]

	* MANIFEST, NEWS, doc/CONTRIBUTORS, src/po/fr.mo, src/po/fr.po:
	French translation for sudo from translationproject.org.
	[a72321771860]

	* plugins/sudoers/logging.h:
	Add __printflike to audit_failure.
	[1686b3699d41]

	* include/missing.h:
	Use __nonnull__ attribute in __printflike.
	[d123613a1fb6]

2013-08-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/env.c, plugins/sudoers/sudoers.h:
	When merging the PAM environment, allow environment variables set in
	PAM to override ones set by sudo as long as they do not match the
	env_keep or env_check lists.
	[f3c64967fed7]

	* plugins/sudoers/auth/pam.c:
	Call pam_getenvlist() after we've opened the session to get the
	session-specific environment variables.
	[b413fb9e1c77]

	* plugins/sudoers/ldap.c:
	Fix error display from ldap_ssl_client_init(). There are two error
	codes. The return value can be decoded via ldap_err2string() but the
	ssl reason code cannot (you have to look it up in a table online).
	[0267125ce9f0]

2013-08-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	option not flag
	[08c31af7b818]

	* compat/getopt_long.c, config.h.in, configure, configure.in:
	Don't redefine opterr, optind, optopt, optarg in getopt_long.c. Add
	a check for optreset which is a BSD extension and provide a
	definition in getopt_long.c if it is not present.
	[3393e8d83400]

	* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
	regen
	[f38f65830118]

	* plugins/sudoers/sudoreplay.c, plugins/sudoers/visudo.c:
	Use lower case for the long option arguments to match the manual.
	This is inconsistent with GNU but it is better to match the sudo
	documentation.
	[8fac2d64f5d2]

	* NEWS:
	Sudo 1.8.8
	[105c73752474]

	* src/parse_args.c:
	Use lower card for the long option arguments to match the manual.
	This is inconsistent with GNU but it is better to match the sudo
	documentation.
	[af243dd39850]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in:
	Describe how remote command execution can be implemented.
	[3eba7f93b7f6]

	* doc/sudoers.ldap.cat:
	Bump version.
	[0ee7f02f3627]

2013-08-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo.c:
	Make it a fatal error if the plugin returns invalid or out of range
	command info.
	[8a7e56c7584a]

	* plugins/sudoers/policy.c:
	Use strtol() instead of atoi() and perform error checking of
	parameters passed from the sudo front-end.
	[05e05be3c6c4]

	* plugins/sudoers/auth/pam.c:
	It is not possible for auth to be NULL here.
	[771500e776e9]

	* plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c:
	Initialize user_runhost and user_srunhost to user_host and
	user_shost in visudo and testsudoers.
	[c47cca74e1fc]

	* MANIFEST, common/Makefile.in, common/aix.c, common/alloc.c,
	common/error.c, common/fatal.c, common/gidlist.c, common/lbuf.c,
	common/list.c, common/sudo_conf.c, common/sudo_debug.c,
	compat/Makefile.in, compat/getopt_long.c, include/error.h,
	include/fatal.h, plugins/sudoers/Makefile.in,
	plugins/sudoers/bsm_audit.c, plugins/sudoers/hexchar.c,
	plugins/sudoers/linux_audit.c, plugins/sudoers/locale.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoreplay.c,
	src/Makefile.in, src/locale_stub.c, src/net_ifs.c,
	src/regress/ttyname/check_ttyname.c, src/sesh.c, src/sudo.h:
	Rename error.h -> fatal.h now that there is no error() function.
	[3a3827f10f04]

	* common/sudo_debug.c, include/sudo_debug.h:
	Add support to the debug subsystem for zero-length strings. This can
	happen for things like warning(NULL) or fatal(NULL) where we just
	want to log the errno string.
	[3ed739c5cc91]

	* include/error.h:
	Add __printflike for vfatal, vfatalx, vwarning and vwarningx.
	[57e65ed595d2]

	* plugins/sudoers/audit.c:
	Need to include gettext.h for BSM audit.
	[a87fda2d0123]

	* common/alloc.c, plugins/sudoers/env.c, src/exec_common.c,
	src/parse_args.c, src/sudo.c:
	Change some fatalx(NULL) that should be fatal(NULL).
	[8b1efda9f578]

	* include/error.h, include/missing.h:
	Use __printf0like for warning() and fatal() since the fmt string may
	be NULL.
	[858a890f00ad]

	* compat/pw_dup.c:
	Quiet a gcc "used uninitialized in this function" false positive.
	[98f47f89ce60]

	* mkpkg:
	Enable bsm audit on Mac OS X and Solaris >= 11.
	[8607488f986c]

	* plugins/sudoers/bsm_audit.c:
	Fix compilation on Solaris 11.
	[01aa46298ed7]

	* plugins/sudoers/bsm_audit.c:
	Add missing missing.h
	[080de69a55a1]

	* plugins/sudoers/sudoers.c:
	Move the -C (user_closefrom) check until after set_cmnd() so that
	closefrom_override can be used in a command-specific Defaults line.
	Fixes bug #610 from Mengtao Sun.
	[413565c6ff6b]

2013-08-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c:
	If not using a pty and the child process gets SIGTTOU or SIGTTIN and
	sudo is the foreground process, make the child the foreground
	process and continue it.
	[5ff433443bc4]

	* src/sudo.c:
	If sudo is not setuid and was not invoked with a full path, look in
	the user's PATH for the sudo binary to give a better error message.
	[a740129a38f0]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in,
	plugins/sudoers/logging.c, plugins/sudoers/match.c,
	plugins/sudoers/policy.c, plugins/sudoers/sudo_nss.c,
	plugins/sudoers/sudoers.h:
	Add limited support for "sudo -l -h other_host". Since group lookups
	are done on the local host, rules that use group membership may be
	incorrect if the group database is not synchronized between hosts.
	[2c8b222a5f7f]

	* src/parse_args.c:
	Fix parsing of "-h host" when used in conjunction with the -l flag.
	[62f3d726d52b]

	* configure, configure.in, doc/fixman.sh, doc/fixmdoc.sh,
	doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in, doc/sudoreplay.cat,
	doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in, doc/visudo.cat,
	doc/visudo.man.in, doc/visudo.mdoc.in, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/visudo.c, src/parse_args.c, src/sudo.c,
	src/sudo_usage.h.in:
	Simplify usage messages a bit and make --help output more closely
	resemble GNU usage wrt long options. Sync usage and man page
	SYNOPSYS sections and improve long options in the manual pages. Now
	that we have long options we don't need to give the mnemonic for the
	single-character options in the description.
	[17b7e386955a]

2013-08-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/logging.c:
	Fix setting of mailer argv[0] to basename of mailerpath. No need to
	strdup() mailerpath as it is not modified.
	[8843cdd958ee]

	* plugins/sudoers/logging.c:
	Make sure the mailer exists and is a regular file before trying to
	exec it.
	[b73d6214014f]

	* plugins/sudoers/timestamp.c:
	If tty_tickets are enabled but there is no tty, use a ticket file
	based on the parent pid.
	[75408bd61ced]

	* common/sudo_conf.c, doc/sudo.conf.cat, doc/sudo.conf.man.in,
	doc/sudo.conf.mdoc.in, include/sudo_conf.h, src/parse_args.c:
	Allow default plugin dir to be configured in sudo.conf.
	[478883594cc5]

	* doc/CONTRIBUTORS:
	UTF8 for Ruusamae, Elan; from Tae Wong
	[02e0c95b4fa6]

2013-08-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, common/regress/sudo_conf/test5.in,
	common/regress/sudo_conf/test5.out.ok,
	common/regress/sudo_conf/test6.in,
	common/regress/sudo_conf/test6.out.ok, common/sudo_conf.c,
	doc/sudo.conf.cat, doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in,
	plugins/sudoers/policy.c, plugins/sudoers/pwutil_impl.c, src/sudo.c:
	Don't allow max_groups to be set to zero, it just complicates things
	needlessly. Fixes an assertion in visudo when there is a group-
	based Defaults entry.
	[d62a8ea32db9]

2013-08-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, common/Makefile.in, common/gidlist.c,
	plugins/sudoers/policy.c, plugins/sudoers/sudoers.h, src/sudo.c,
	src/sudo.h:
	Refactor code to parse list of gids into its own function that is
	shared by the sudo front-end and the sudoers module. Make uid/gid
	parse error be fatal, not just a warning.
	[da3b2b06605c]

	* common/atoid.c:
	Add function comment block.
	[09a324de716f]

	* common/atoid.c:
	Default text domain is now sudo, not sudoers.
	[1acb1da6f304]

	* common/Makefile.in:
	Update dependency for atoid.lo
	[5e367cd44288]

	* common/atoid.c, plugins/sudoers/iolog.c, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/tsgetgrpw.c, src/sudo.c,
	src/sudo.h:
	Add endpointer and separator args to atoid()
	[2077e4ed8578]

2013-08-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/getgrouplist.c:
	Use private version of atoid() to avoid a dependency on libcommon.a
	(since that already depends on libreplace.a).
	[7c12d63b0560]

	* doc/CONTRIBUTORS:
	More UTF8 in names; from Tae Wong
	[512b263f51c8]

	* compat/getgrouplist.c, plugins/sudoers/iolog.c,
	plugins/sudoers/tsgetgrpw.c, src/sudo.c, src/sudo.h:
	Use atoid() in more places.
	[06f4ae57c707]

	* MANIFEST, common/Makefile.in, common/atoid.c,
	plugins/sudoers/Makefile.in, plugins/sudoers/atoid.c:
	Move atoid() to common so it can be used in src and compat too.
	[095d730701e4]

	* compat/closefrom.c:
	Avoid a crash on Mac OS X 10.8 (at least) when we close
	libdispatch's fds out from under it before executing the command.
	Switch to just setting the close on exec flag instead.
	[349ebf4987df]

	* doc/CONTRIBUTORS:
	Convert to last, first for easier sorting and use UTF8 (including a
	BOM).
	[8c30d221bd75]

	* plugins/sudoers/atoid.c:
	Add atoid() function to convert a string to an id_t (uid, gid or
	pid). We have to be careful to choose() either strtol() or strtoul()
	depending on whether the string appears to be signed or unsigned.
	Always using strtoul() is unsafe on 64-bit platforms since the uid
	might be represented as a negative number and (unsigned long)-1 on a
	64-bit system is 0xffffffffffffffff not 0xffffffff. Fixes a problem
	with uids larger than 0x7fffffff on 32-bit platforms.
	[5d818e399157]

	* MANIFEST, config.h.in, configure, configure.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.h:
	Add atoid() function to convert a string to an id_t (uid, gid or
	pid). We have to be careful to choose() either strtol() or strtoul()
	depending on whether the string appears to be signed or unsigned.
	Always using strtoul() is unsafe on 64-bit platforms since the uid
	might be represented as a negative number and (unsigned long)-1 on a
	64-bit system is 0xffffffffffffffff not 0xffffffff. Fixes a problem
	with uids larger than 0x7fffffff on 32-bit platforms.
	[cd92246a710f]

	* plugins/sudoers/sudoers.c:
	Avoid "perm stack underflow" error when logging the unknown uid
	error.
	[871514c713b7]

	* plugins/sudoers/set_perms.c:
	In rewind_perms() there is nothing to do if perm_stack_depth == 0.
	[98de335f47f0]

2013-08-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/auth/pam.c, plugins/sudoers/def_data.c,
	plugins/sudoers/def_data.h, plugins/sudoers/def_data.in:
	Add pam_setcred sudoers option to allow the user to control whether
	pam_setcred() is called on the user's behalf.
	[4260a8e43073]

	* configure, configure.in, doc/sudoers.cat, doc/sudoers.man.in,
	doc/sudoers.mdoc.in, plugins/sudoers/auth/pam.c,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/defaults.c:
	Add pam_service and pam_login_service sudoers settings to control
	the service name passed to pam_start.
	[5ea0e3588f3a]

	* mkpkg:
	Newer Xcode places the SDKs under Xcode.app
	[4b54379d5c45]

2013-08-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, common/Makefile.in, common/zero_bytes.c,
	compat/Makefile.in, compat/memset_s.c, config.h.in, configure,
	configure.in, doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, include/missing.h, include/sudo_plugin.h,
	mkdep.pl, plugins/sudoers/Makefile.in,
	plugins/sudoers/auth/aix_auth.c, plugins/sudoers/auth/bsdauth.c,
	plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/secureware.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/defaults.c,
	plugins/sudoers/logging.c, plugins/sudoers/sha2.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/tsgetgrpw.c, plugins/sudoers/visudo.c,
	src/Makefile.in, src/conversation.c, src/sudo.h, src/sudo_edit.c,
	src/tgetpass.c:
	Implement memset_s() and use it instead of zero_bytes(). A new
	constant, SUDO_CONV_REPL_MAX, is defined by the plugin API as the
	max conversation reply length. This constant can be used as a max
	value for memset_s() when clearing passwords filled in by the
	conversation function.
	[264ec146028e]

2013-08-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/system_group/Makefile.in:
	Do not try to install plugins when shared modules are disabled
	(sudoers already had the check).
	[3d582c042042]

	* plugins/sudoers/Makefile.in:
	Update dependencies to take into account compat/getopt.h and
	compat/dlfcn.h.
	[301fb31cd121]

	* src/Makefile.in:
	Update dependencies now that sudo_usage.h is always included from
	the build dir.
	[c1ff70ec9515]

2013-07-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	Add some warnings and debugging to sasl ccname handling.
	[467f415861f0]

	* plugins/sudoers/ldap.c:
	Fix write loop invariant in sudo_krb5_copy_cc_file()
	[6948cf6e9b9f]

2013-07-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	Strip off leading FILE: or WRFILE: prefix before trying to copy the
	user's credential cache.
	[56c16feab62f]

2013-07-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo.c:
	Instead of setting RLIMIT_NPROC to unlimited when sudo initializes,
	just save RLIMIT_NPROC in exec_setup() before the final setuid() and
	restore it immediately after. We don't need to modify RLIMIT_NPROC
	for simple euid changes, just for changing the real (and saved) uids
	before we exec. This also means we no longer need to worry about
	_SC_CHILD_MAX returning -1. Bug #565
	[1372f1909039]

2013-07-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c, src/preload.c:
	Now that the ldap code runs with the real and effective uid set to
	0, it is not possible for the gssapi libs to find the user's krb5
	credential cache file. To work around this, we make a temporary copy
	of the user's credential cache specified by KRB5CCNAME (opened with
	the user's effective uid) and point gssapi to it. To set the
	credential cache file name, we dynamically look up
	gss_krb5_ccache_name() and use it if available, otherwise fall back
	to setting KRB5CCNAME.
	[8b86c134541a]

2013-07-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.man.in, doc/sudoreplay.cat, doc/sudoreplay.man.in,
	doc/sudoreplay.mdoc.in, doc/visudo.cat, doc/visudo.man.in,
	doc/visudo.mdoc.in, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/visudo.c:
	Long option support for visudo and sudoreplay.
	[91427968be71]

2013-07-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in, src/Makefile.in,
	src/parse_args.c, src/sudo.c, src/sudo_usage.h.in:
	Add support for long options and fix inclusion of sudo_usage.h with
	modern gcc broken in 8597:1fcb7ba13018.
	[d13134819944]

	* src/Makefile.in:
	Add rule to rebuild sudo_usage.h when the .in file changes.
	[59a32899e251]

	* compat/Makefile.in, mkdep.pl, src/Makefile.in:
	Add make rules for building getopt_long.c
	[5f57593b3a8b]

	* src/parse_args.c:
	Make "-h hostname" work. Optional args in GNU getopt() only work
	when there is no space between the option flag and the argument.
	[b8258659cabb]

2013-07-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, compat/getopt.h, compat/getopt_long.c, config.h.in,
	configure, configure.in, doc/LICENSE, src/parse_args.c:
	Use getopt_long() so we can make the -h flag take an optional
	argument. Includes a version for those without it.
	[d1dd66c8a86b]

2013-07-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Document that the -h option can be used specify a host name for
	future plugins.
	[8470c74cf326]

	* include/sudo_plugin.h, src/parse_args.c, src/sudo_usage.h.in:
	Overload -h option to specify an optional hostname for remote
	access. This is future-proofing; no policy plugins currently support
	this.
	[0e01d8c3c623]

	* configure, configure.in:
	Bump version to 1.8.8
	[a1155bfaa28f]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in:
	Document the remote_host setting (-h host)
	[c737db906f5d]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	fix "the the"
	[0025464a3942]

	* src/parse_args.c, src/sudo.c, src/sudo.h:
	Do not error out if arg to -U option cannot be resolved, that is for
	the plugin to decide. There is no need for runas_user and
	runas_group to be global, make them local to parse_args() instead.
	[fb02a62a72ba]

	* MANIFEST, doc/CONTRIBUTORS, plugins/sudoers/po/pt_BR.mo,
	plugins/sudoers/po/pt_BR.po, src/po/es.mo, src/po/es.po,
	src/po/pt_BR.mo, src/po/pt_BR.po:
	Sync with translationproject.org
	[e8f4772d918a]

2013-07-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/TROUBLESHOOTING:
	Remove old bits about sudo setuid problems that should have been
	cleaned up in changeset 7917:fa4894896d8a. Also update the mode of
	sudo to 04755 to match current packaging.
	[1e3904cdc2de]

	* plugins/sudoers/auth/pam.c:
	Go back to ignoring the return value of pam_setcred() since with
	stacked PAM auth modules a failure from one module may override
	PAM_SUCCESS from another. If the first module in the stack fails,
	the others may be run (and succeed) but an error will be returned.
	This can cause a spurious warning on systems with non-local users
	(e.g. pam_ldap or pam_sss) where pam_unix is consulted first.
	[b6022e26135a]

	* src/net_ifs.c:
	Remove unused variable.
	[93dde7d82fde]

	* NEWS:
	Fix typo
	[5ef79671c2c7]

2013-07-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sssd.c:
	Fix pasto; sudo_sss_extract_digest() not sudo_ldap_extract_digest().
	From Dan Harnett.
	[4a0af6f12765]

2013-06-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Fix formatting typo; from Eric S. Raymond
	[058b533ba460]

2013-06-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg:
	Use -gxcoff on aix so dbx can be used to debug sudo.
	[4950e019ed2d]

2013-06-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in:
	Fix typo; bug 605
	[41f7b46a6e51]

2013-06-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/po/da.mo, src/po/eo.mo, src/po/es.mo, src/po/it.mo,
	src/po/tr.mo:
	Regen .mo files that were out of date.
	[9e25a254f9db]

2013-05-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, configure, configure.in:
	On Solaris 11 and higher, tag binaries for ASLR if supported by the
	linker.
	[a2a6cafa3e60]

	* mkpkg:
	No longer need to disable PIE on Solaris.
	[cf90019ae67e]

2013-05-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL, NEWS, configure, configure.in, doc/TROUBLESHOOTING:
	Restrict default creation of PIE binaries (-fPIE and -pie) to Linux.
	OpenBSD also supports PIE but enables it by default so we don't need
	to do anything. This fixes problems on systems with a version of GNU
	ld that accepts -pie but where the run-time linker doesn't actually
	support PIE. Also verify that a trivial PIE binary works unless PIE
	is explicitly enabled.
	[3c5f125efeb1]

2013-05-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* aclocal.m4, configure, configure.in:
	Attempt to detect PIE failure on Solaris 10 with GNU as and GNU ld
	where we can end up crashing due to malloc() failures. Sems OK when
	Using Sun as and ld.
	[b8ba412102ab]

	* NEWS:
	Update with final changes.
	[78ff6d2ed47a]

2013-05-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Add -fPIE to PIE_LDFLAGS as per gcc manual.
	[fe900cbb0780]

2013-05-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/Makefile.in, compat/Makefile.in:
	Add missing $(PIE_LDFLAGS) $(SSP_LDFLAGS) for test programs
	[f84bc7482b78]

	* MANIFEST, plugins/sudoers/alias.c, plugins/sudoers/match.c,
	plugins/sudoers/parse.c, plugins/sudoers/parse.h,
	plugins/sudoers/regress/visudo/test4.out.ok,
	plugins/sudoers/regress/visudo/test4.sh, plugins/sudoers/visudo.c:
	Replace sequence number-based cycle detection in visudo with a
	"used" flag in struct alias. The caller is required to call
	alias_put() when it is done with the alias. Inspired by a patch from
	Daniel Kopecek.
	[0bdbac1b3b39]

2013-05-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c:
	Eliminate a few relocations related to sudoers_io.
	[18e9e2cc3367]

	* plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po:
	Sync with translationproject.org
	[f38cc128a2ad]

2013-05-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/ttyname.c:
	Clarify a comment.
	[7a045ee06e95]

2013-05-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/ttyname.c:
	Handle d_type == DT_UNKNOWN when resolving the device to a name and
	sprinkle some more debugging.
	[8774133747d9]

2013-05-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/TROUBLESHOOTING:
	Add message about disabling PIE if sudo gets SIGSEGV.
	[c786af2a6751]

	* plugins/sudoers/check.h, plugins/sudoers/timestamp.c:
	No longer store the ctime of a devpts tty. The handling of ctime on
	devpts in Linux has been changed to conform to POSIX. As a result we
	can no longer assume that the ctime will stay unchanged throughout
	the life of the session. We store the session ID in the time stamp
	file so there is a much smaller chance of the time stamp file being
	reused by a new login. While here, store the uid/gid in the
	timestamp file too for good measure.
	[7028b21f7a9b]

	* configure, configure.in:
	PIE is broken on FreeBSD/arm
	[f232c60d6229]

	* mkpkg:
	Add explicit sendmail path for Linux since we may not have sendmail
	installed in the build chroot.
	[1ba2f84f4ff0]

2013-05-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/sudo_debug.c, plugins/sudoers/iolog.c,
	plugins/sudoers/set_perms.c, src/sudo.c, src/tgetpass.c:
	Quiet a few -Wunused-result compiler warnings.
	[ef12afb61423]

2013-04-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Mention what SHA-2 formats are supported.
	[bf298d0fdf8a]

	* doc/CONTRIBUTORS:
	List code and translations separately.
	[826547bc1295]

2013-04-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/po/de.mo, plugins/sudoers/po/de.po,
	plugins/sudoers/po/tr.mo, plugins/sudoers/po/tr.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po:
	Sync with translationproject.org
	[9499a6f438b8]

	* plugins/sudoers/po/sudoers.pot:
	regen
	[cce449e284a6]

	* Makefile.in:
	Fix c-format for fatal/fatalx
	[4ad81d3faaeb]

2013-04-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, plugins/sudoers/iolog.c, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/visudo.c, src/exec_pty.c, src/sudo.h:
	Change some error/errorx -> fatal/fatalx in comments and xgettext
	flags.
	[9d9b64fa2ec9]

	* NEWS:
	There is now a Turkish translation of sudoers.
	[701c5af6aa76]

	* MANIFEST, plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/tr.mo, plugins/sudoers/po/tr.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po:
	Updated translations from translationproject.org including new
	Turkish translation.
	[9cedbb50d90f]

2013-04-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document that sudoers will re-use existing I/O log paths unless they
	are mktemp-style with trailing X's.
	[4f43bd13d9e7]

	* NEWS, doc/sudoers.cat, doc/sudoers.ldap.cat,
	doc/sudoers.ldap.man.in, doc/sudoers.ldap.mdoc.in,
	doc/sudoers.man.in, doc/sudoers.mdoc.in, plugins/sudoers/ldap.c,
	plugins/sudoers/policy.c, plugins/sudoers/sudoers.h:
	Allow ldap_conf and ldap_secret to be specified as plugin arguments
	in sudo.conf
	[37c6c425b565]

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	sudoers_debug is now deprecated in favor of the sudo debugging
	framework.
	[1195be1ec254]

	* plugins/sudoers/ldap.c:
	Replace DPRINTF with DPRINTF1 and DPRINTF2 macros that use
	SUDO_DEBUG_DIAG and SUDO_DEBUG_INFO respectively for logging to the
	debug file with the ldap subsystem. The sudoers_debug setting in
	ldap.conf is still honored for now but will be removed in a future
	release.
	[cfa42b4b913e]

2013-04-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers2ldif:
	Add support for converting sudoers files with SHA-2 command digests.
	[dc0d03485946]

	* doc/fixman.sh, doc/fixmdoc.sh, mkdep.pl, mkpkg,
	plugins/sudoers/sudoers2ldif:
	Add copyright notice to scripts
	[5e8bd4e6083f]

	* MANIFEST, plugins/sudoers/regress/sudoers/test14.in,
	plugins/sudoers/regress/sudoers/test14.out.ok,
	plugins/sudoers/regress/sudoers/test14.toke.ok:
	Add regress for SHA-2 digests.
	[0b258c2a2a95]

	* compat/getgrouplist.c:
	Solaris maps negative gids to GID_NOBODY.
	[57050e5c750f]

	* plugins/sudoers/visudo.c:
	Clear up an llvm checker warning which appears to be a false
	positive and fix an old XXX while I'm at it.
	[9ee13133e596]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in, doc/sudoreplay.cat,
	doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in:
	Correct last change date
	[3bc1fa5b0f76]

	* plugins/sudoers/po/sudoers.pot, plugins/sudoers/sudoreplay.c:
	No need to translate this error message.
	[4d9941970a26]

	* doc/UPGRADE:
	Mention .sl vs. .so extension handling on HP-UX Mention group
	membership changes Fix typos
	[40ac0efbdb2b]

	* aclocal.m4, common/aix.c, common/alloc.c, common/atobool.c,
	common/error.c, common/fmt_string.c, common/lbuf.c, common/list.c,
	common/setgroups.c, common/term.c, common/ttysize.c,
	compat/Makefile.in, compat/dlopen.c, compat/endian.h,
	compat/getline.c, compat/getprogname.c, compat/isblank.c,
	compat/memrchr.c, compat/mksiglist.c, compat/mktemp.c,
	compat/nanosleep.c, compat/pw_dup.c, compat/sig2str.c,
	compat/snprintf.c, compat/strlcat.c, compat/strlcpy.c,
	compat/strsignal.c, compat/utimes.c, doc/Makefile.in,
	include/Makefile.in, include/alloc.h, include/fileops.h,
	include/gettext.h, include/lbuf.h, include/missing.h,
	include/sudo_plugin.h, pathnames.h.in,
	plugins/group_file/Makefile.in, plugins/sample/Makefile.in,
	plugins/sample/sample_plugin.c, plugins/sudoers/Makefile.in,
	plugins/sudoers/alias.c, plugins/sudoers/audit.c,
	plugins/sudoers/auth/afs.c, plugins/sudoers/auth/aix_auth.c,
	plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/dce.c,
	plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/kerb5.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/passwd.c,
	plugins/sudoers/auth/rfc1938.c, plugins/sudoers/auth/secureware.c,
	plugins/sudoers/auth/securid5.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/auth/sudo_auth.h, plugins/sudoers/bsm_audit.c,
	plugins/sudoers/bsm_audit.h, plugins/sudoers/defaults.c,
	plugins/sudoers/defaults.h, plugins/sudoers/env.c,
	plugins/sudoers/find_path.c, plugins/sudoers/getspwuid.c,
	plugins/sudoers/goodpath.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/group_plugin.c,
	plugins/sudoers/interfaces.c, plugins/sudoers/interfaces.h,
	plugins/sudoers/iolog_path.c, plugins/sudoers/linux_audit.c,
	plugins/sudoers/linux_audit.h, plugins/sudoers/locale.c,
	plugins/sudoers/logging.h, plugins/sudoers/match.c,
	plugins/sudoers/match_addr.c, plugins/sudoers/parse.c,
	plugins/sudoers/parse.h, plugins/sudoers/prompt.c,
	plugins/sudoers/pwutil.h, plugins/sudoers/redblack.c,
	plugins/sudoers/redblack.h,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/regress/parser/check_fill.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sudo_nss.c,
	plugins/sudoers/sudo_nss.h, plugins/sudoers/sudoers_version.h,
	plugins/sudoers/testsudoers.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.h, plugins/sudoers/toke.l,
	plugins/sudoers/toke_util.c, plugins/sudoers/tsgetgrpw.c,
	plugins/sudoers/visudo.c, plugins/system_group/Makefile.in,
	plugins/system_group/system_group.c, src/Makefile.in,
	src/conversation.c, src/exec.c, src/exec_common.c, src/get_pty.c,
	src/net_ifs.c, src/parse_args.c, src/preload.c, src/selinux.c,
	src/sesh.c, src/signal.c, src/sudo_edit.c, src/sudo_exec.h,
	src/sudo_noexec.c, src/sudo_plugin_int.h, src/tgetpass.c,
	src/utmp.c:
	Update copyright years.
	[5c6d72661bad]

	* plugins/sudoers/mon_systrace.h:
	Systrace support was removed long ago.
	[10a038a2da77]

2013-04-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/regress/sudoers/test10.toke.out.ok,
	plugins/sudoers/regress/sudoers/test9.toke.out.ok:
	Remove some files that were mistakenly added.
	[833502da26de]

	* common/sudo_debug.c, config.h.in, configure, configure.in,
	plugins/sudoers/boottime.c, plugins/sudoers/iolog.c,
	plugins/sudoers/ldap.c, plugins/sudoers/logging.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/timestamp.c:
	Use time(&now) instead of now = time(NULL) when storing the current
	time in a time_t (better compiler error checking). Better parsing
	and printing of 64-bit time_t on 32-bit platforms.
	[c227dc72c04e]

2013-04-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/ttyname.c:
	Don't check the tty of the parent process. Now that we get the
	controlling tty device number from the kernel there is no need. If
	the process has really disassociated from the tty then reporting
	"unknown" is appropriate.
	[62fb66e565db]

2013-04-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/error.c:
	Use EXIT_FAILURE instead of 1 as the fatal() exit value.
	[ed94c2c5e88a]

	* src/sesh.c:
	Change remaining errorx -> fatalx
	[3f6d70e19303]

2013-04-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/pwutil.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	Replace sudo_fakepwnamid() with sudo_mkpwent() and don't return an
	error if the entry already exists in the cache.
	[94d45970400a]

	* plugins/sudoers/bsm_audit.c, plugins/sudoers/po/sudoers.pot:
	Change "foo: failed" to just "foo" since we print the string form of
	errno. Gets rids of some useless translations.
	[476f37349dbc]

2013-04-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/match.c:
	Fix pasto in debug_decl
	[08650186a239]

	* plugins/sudoers/Makefile.in:
	regen
	[acf4c34fba2c]

	* plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/kerb5.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/logging.c,
	plugins/sudoers/logging.h, plugins/sudoers/parse.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/timestamp.c:
	Rename log_error() -> log_warning() for consistency with
	warning()/fatal()
	[474ed5a0e335]

	* plugins/sudoers/auth/API:
	The NO_EXIT flag was removed a while ago.
	[e0a4be270226]

	* common/aix.c, common/alloc.c, common/error.c, include/error.h,
	plugins/sudoers/bsm_audit.c, plugins/sudoers/env.c,
	plugins/sudoers/find_path.c, plugins/sudoers/hexchar.c,
	plugins/sudoers/iolog.c, plugins/sudoers/ldap.c,
	plugins/sudoers/linux_audit.c, plugins/sudoers/logging.c,
	plugins/sudoers/policy.c, plugins/sudoers/prompt.c,
	plugins/sudoers/pwutil.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/timestamp.c,
	plugins/sudoers/visudo.c, src/exec.c, src/exec_common.c,
	src/exec_pty.c, src/net_ifs.c, src/parse_args.c, src/selinux.c,
	src/signal.c, src/sudo.c, src/sudo_edit.c, src/tgetpass.c,
	src/utmp.c:
	Rename error/errorx -> fatal/fatalx and remove the exit value as it
	was always 1.
	[ea66f58c4da5]

	* NEWS:
	digests are supported in sudoers ldap too
	[77d6c25f7653]

	* plugins/sudoers/regress/check_symbols/check_symbols.c:
	Print test failures to stdout like the final count so the outputis
	not displayed out of order.
	[f541b78ecb93]

	* plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/eo.po, plugins/sudoers/po/hr.mo,
	plugins/sudoers/po/hr.po, plugins/sudoers/po/it.po, src/po/da.mo,
	src/po/da.po, src/po/eo.po, src/po/hr.mo, src/po/hr.po,
	src/po/it.po, src/po/tr.po:
	Sync with translationproject.org
	[cbd70678b99f]

	* Makefile.in:
	Check for any uncommitted changes in dist target and add force-dist
	target that omit check-dist.
	[78dc3f41e37e]

2013-04-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/regress/ttyname/check_ttyname.c:
	Fix logic bug when checking tty via ttyname().
	[279aee076194]

	* compat/endian.h:
	Fix check for _BIG_ENDIAN and _LITTLE_ENDIAN (Solaris) and
	__BIG_ENDIAN__ and __LITTLE_ENDIAN__ (HP-UX)
	[fe35e0b04502]

	* plugins/sudoers/po/sudoers.pot:
	regen
	[0ddebccd3045]

	* NEWS, doc/sample.sudoers, doc/sudoers.cat, doc/sudoers.ldap.cat,
	doc/sudoers.ldap.man.in, doc/sudoers.ldap.mdoc.in,
	doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document digest support.
	[d794c7b9a7bc]

	* MANIFEST, plugins/sudoers/Makefile.in,
	plugins/sudoers/regress/parser/check_base64.c:
	Simple bas64 decode unit test.
	[344b0df0fe50]

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/base64.c,
	plugins/sudoers/match.c, plugins/sudoers/parse.h:
	Move base64_decode into its own source file.
	[30497e7f88bc]

	* plugins/sudoers/getdate.c, plugins/sudoers/getdate.y:
	Only check year against 2038 if time_t is 32-bit.
	[9c1f2e3fc3ba]

2013-04-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c, plugins/sudoers/parse.h,
	plugins/sudoers/sssd.c:
	Add digest support for sudoers in ldap and sss.
	[314937b5e59e]

	* INSTALL, configure, configure.in:
	Error out in configure if the compiler doesn't support "long long".
	[d3645c1d50d1]

	* plugins/sudoers/match.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l:
	Include stdint.h or inttypes.h before sha2.h
	[20ad1c20313d]

	* common/lbuf.c:
	Simplify lbuf append functions by moving the realloc code into
	lbuf_expand(). We now expand as needed each time bytes need to be
	written to the lbuf. Also handle a NULL pointer being passed in for
	paranoia's sake.
	[6283ee562ef4]

	* plugins/sudoers/iolog.c:
	Zero out struct iolog_details early to avoid a potential (though
	unlikely) dereference of stack garbage if we hit a fatal error
	before iolog_deserialize_info() is called.
	[2eeca8be05fb]

2013-04-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Update copyright year.
	[b843c6a43238]

	* plugins/sudoers/sudoers_version.h:
	Bump SUDOERS_GRAMMAR_VERSION for new digest support.
	[188556fb8156]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.h,
	plugins/sudoers/gram.y, plugins/sudoers/match.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Sanity check digest in parser so visudo can catch errors. Add base64
	support
	[b8586d5cc7ed]

	* MANIFEST, compat/endian.h, config.h.in, configure, configure.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/sha2.c:
	For big endian architectures just use memcpy() instead of BE macros
	in a loop.
	[c71a0f4a8a8e]

2013-04-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, config.h.in, configure, configure.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/gram.c,
	plugins/sudoers/gram.h, plugins/sudoers/gram.y,
	plugins/sudoers/hexchar.c, plugins/sudoers/ldap.c,
	plugins/sudoers/match.c, plugins/sudoers/parse.h,
	plugins/sudoers/regress/parser/check_digest.c,
	plugins/sudoers/regress/parser/check_digest.out.ok,
	plugins/sudoers/sha2.h, plugins/sudoers/sssd.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/toke_util.c:
	Initial implementation of checksum support in sudoers. Currently
	supports SHA-224, SHA-256, SHA-384, SHA-512. TODO: checksum format
	validation in parser and base64 support. checksum support for ldap
	sudoers
	[b8f196346eca]

2013-04-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS, plugins/sudoers/sha2.c, plugins/sudoers/sha2.h:
	SHA-224, SHA-256, SHA-384 and SHA-512. Derived from the public
	domain SHA-1 and SHA-2 implementations by Steve Reid and Wei Dai
	respectively.
	[7511d07c0a83]

2013-04-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Add sudo 1.8.6p8
	[0666fd0321ae]

	* plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/po/sudoers.pot:
	Add missing "not" in error message when mixing standalone and non-
	standalone authentication methods.
	[7eba4439db73]

	* plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/secureware.c:
	Check for crypt() returning NULL. Traditionally, crypt() never
	returned NULL but newer versions of eglibc have a crypt() that does.
	Bug #598
	[887b9df243df]

	* plugins/sudoers/auth/pam.c:
	Better PAM error messages
	[fd7eda53cdd7]

	* plugins/sudoers/auth/kerb5.c:
	Better error messages
	[98142874a2f4]

	* plugins/sudoers/bsm_audit.c:
	Use same error message for getauid() failure.
	[07f0d88cb1df]

	* plugins/sudoers/sssd.c:
	Start warning with a lower case letter for consistency and to match
	existing translated strings.
	[b719ac52c9e3]

2013-04-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg:
	Disable PIE on Solaris where it is not really supported.
	[c36c84cdcc7a]

	* src/ttyname.c:
	AIX may have a 64-bit pr_ttydev that we need to convert to 32-bit
	before we try to match it against st_rdev.
	[5dab449fb962]

	* src/ttyname.c:
	Break out of the loop if sudo_ttyname_scan() returns non-NULL. Fixes
	a problem finding the tty name when it is not in /dev/pts.
	[6c205d087fa0]

	* compat/snprintf.c:
	Support %lld and %llu
	[feabfa06c954]

	* .hgignore, MANIFEST, src/Makefile.in,
	src/regress/ttyname/check_ttyname.c:
	Add ttyname test.
	[e987038f8c07]

2013-04-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/sl.mo, plugins/sudoers/po/sl.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po,
	src/po/de.mo, src/po/de.po, src/po/fi.mo, src/po/fi.po,
	src/po/pl.mo, src/po/pl.po, src/po/ru.mo, src/po/ru.po,
	src/po/sl.mo, src/po/sl.po, src/po/uk.mo, src/po/uk.po,
	src/po/vi.mo, src/po/vi.po, src/po/zh_CN.mo, src/po/zh_CN.po:
	Sync with translationproject.org
	[4d7b73b22079]

	* plugins/sudoers/timestamp.c:
	Log timestampfile to debug file.
	[e997281146c0]

	* plugins/sudoers/auth/pam.c, plugins/sudoers/po/sudoers.pot:
	Don't add the "Password: " string we look up in the PAM text domain
	to the sudoers.pot file.
	[771b52244abf]

2013-04-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot:
	Synce with regcomp() error message change.
	[fc6d3dfb8eb8]

	* plugins/sudoers/sudoreplay.c:
	Be consistent with error message when regcomp() fails.
	[de6c69ba04e4]

2013-04-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/regress/testsudoers/test5.out.ok,
	plugins/sudoers/regress/testsudoers/test5.sh:
	Use group -1 instead of 1 as the invalid group since the running
	user might have group 1 as their default group.
	[71404a9fa75d]

	* plugins/sudoers/Makefile.in:
	PWD may be a shell builtin, use CWD instead.
	[c443105c5091]

2013-04-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/check.c:
	Split up check_user().
	[ce7cc0767589]

2013-04-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure.in:
	Cosmetic fixes in the comments.
	[640abee43c14]

2013-04-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Use AC_LINK_IFELSE instead of AC_TRY_LINK Fix printing of status
	message for visibility checks when the test fails.
	[99665477ee55]

	* config.h.in:
	regen
	[00c22606719a]

	* configure, configure.in:
	We no longer use mbr_check_membership() and setrlimit64() is AIX-
	specific.
	[43caf685a1f1]

	* Makefile.in:
	The first (all) target must be by itself or some makes will choose
	the run the entire target list.
	[16cf3def49f5]

	* configure, configure.in:
	Do exec_prefix expansion when enable_shared even if noexec is not
	enabled.
	[7ed28cb32d8d]

	* compat/getgrouplist.c:
	Use free() not efree() since we don't include alloc.h here
	[1a008737be24]

	* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
	regen
	[b939f941346f]

	* plugins/sudoers/regress/testsudoers/test2.sh,
	plugins/sudoers/regress/testsudoers/test3.sh,
	plugins/sudoers/regress/testsudoers/test5.sh:
	Pass in expected gid to testsudoers in addition to the uid that
	matches the test sudoers files.
	[6a1710e8cac1]

2013-04-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/missing.h:
	Tru64 5.x does declare innetgr() and getdomainname().
	[c75598e69c7e]

	* plugins/sudoers/match.c:
	Fix compilation when getdomainame() is not present.
	[e831b017a962]

	* config.h.in, configure.in, include/missing.h:
	Move SET/CLR/ISSET from config.h.in to missing.h
	[3a3dd29fd7f0]

	* configure, configure.in:
	Fix getgrouplist() check.
	[12a2adf60e98]

	* MANIFEST:
	No more timestamp.h
	[5677e26afc0f]

	* plugins/sudoers/check.c:
	Neded sys/time.h for struct timeval in struct sudo_tty_info.
	[aceaadd8c400]

	* plugins/sudoers/Makefile.in:
	regen depends
	[21675a8b67e5]

	* NEWS:
	Mention libibmldap on HP-UX
	[75b4e4b22950]

	* NEWS, plugins/sudoers/match.c:
	Instead of checking the domain name explicitly for "(none)", just
	check for illegal characters.
	[ce35dda811db]

	* plugins/sudoers/visudo.c:
	Only warn once when we are unable to open the sudoers file.
	[9e27e3aa5b10]

	* plugins/sudoers/sudoers.c:
	Fall back to opening /dev/tty to determine whether there is a tty if
	the system doesn't have kernel support for determing the tty.
	[2775bcf9a9b5]

	* compat/getprogname.c:
	Update guard to take __progname into account
	[60eae3f20232]

	* compat/snprintf.c:
	Some older systems have inttypes.h but not stdint.h
	[ed1ef160015f]

	* compat/closefrom.c, compat/dlopen.c, compat/fnmatch.c,
	compat/getaddrinfo.c, compat/getcwd.c, compat/getgrouplist.c,
	compat/getline.c, compat/getprogname.c, compat/glob.c,
	compat/isblank.c, compat/memrchr.c, compat/mktemp.c,
	compat/nanosleep.c, compat/pw_dup.c, compat/sig2str.c,
	compat/snprintf.c, compat/strlcat.c, compat/strlcpy.c,
	compat/strsignal.c, compat/utimes.c:
	Add guards in compat source files. Not really needed since we only
	include them in the Makefile if they are needed but should not hurt
	either.
	[8cbd3b4595b9]

2013-03-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y:
	Don't include gram.h in gram.y, its contents are already included.
	Move sudoerserror to the end of gram.y so COMMENT is declared when
	we need to use it.
	[7d72ebdd7222]

2013-03-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure.in:
	Remove some pre-ANSI cruft.
	[6a95704b2116]

	* plugins/sudoers/match.c:
	Rename NAME_MATCH -> SUDOERS_NAME_MATCH and avoid pulling in glob.h
	when it is set.
	[da40c550ffed]

	* NEWS, plugins/sudoers/iolog_path.c:
	We still want to recognize %{seq} for the SUDOERS_NO_SEQ case but
	just leave it as-is.
	[9a22de140d28]

2013-03-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y:
	Add missing semicolon in rule.
	[817d3f1b2a21]

	* plugins/sudoers/sudoers.c:
	Now that we can determine the terminal even when file descriptors
	are redirected we can check user_ttypath rather than opening
	/dev/tty when enforcing requiretty.
	[56a28bc09041]

	* plugins/sudoers/policy.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	Stash umask in struct sudo_user so we don't need to look it up
	later.
	[9f85749199dc]

	* plugins/sudoers/sudoers.c:
	Minor cosmetic change
	[c373e106ed49]

	* plugins/sudoers/regress/parser/check_addr.c:
	No longer need to declare interfaces
	[d7ff7e579557]

	* plugins/sudoers/logging.c:
	Fix compilation in SUDOERS_NO_SEQ case
	[9a6db9247534]

	* plugins/sudoers/regress/parser/check_addr.c:
	No longer need to define sudo_printf
	[578ad13c3546]

	* plugins/sudoers/check.c, plugins/sudoers/check.h,
	plugins/sudoers/timestamp.c:
	Pass auth_pw to the timestamp functions.
	[f603649177d6]

	* plugins/sudoers/iolog_path.c:
	Fix SUDOERS_NO_SEQ
	[17881f9bcd68]

	* plugins/sudoers/locale.c:
	Don't need all of sudoers.h in here
	[c518150c6483]

	* plugins/sudoers/sudoers.c:
	Don't need to include sudoers_version.h here.
	[8abb31102119]

2013-03-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/check.c:
	DEFAULT_LECTURE is no longer used.
	[f565c00a68c1]

	* plugins/sudoers/policy.c, plugins/sudoers/sudoers.c:
	Move sudo_conv into policy.c
	[f699aee7136b]

	* plugins/sudoers/pwutil.c:
	cosmetic fixes
	[930e60389ca8]

	* plugins/sudoers/match.c:
	RHEL (and perhaps other Linux distros) use the string "(none)"
	instead of an empty string when there is no actual NIS-style domain
	name. Bug #596
	[11aec11489ac]

	* plugins/sudoers/match.c:
	Fix return values when NAME_MATCH is defined.
	[ce030be9ccef]

2013-03-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/pwutil.c, plugins/sudoers/pwutil.h:
	Update copyright year.
	[7e4b8d49addd]

	* plugins/sudoers/pwutil.c, plugins/sudoers/pwutil.h,
	plugins/sudoers/pwutil_impl.c, plugins/sudoers/sudoers.h:
	Add sudo_set_grlist(), currently unused by the back end.
	[b37ac1d0e8fc]

	* plugins/sudoers/pwutil.c:
	Remove unused macros, fix a debug_decl
	[6136fb4a0d3b]

	* include/missing.h:
	Tru64 Unix doesn't prototype innetgr() or getdomainname().
	[585ac1874dfe]

	* include/missing.h:
	Whitespace fixes
	[0bb28cd91d97]

	* common/error.c:
	Don't need to include setjmp.h here, error.h already includes it.
	[fd05ab00e186]

2013-03-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/Makefile.in, plugins/sudoers/Makefile.in:
	regen depends
	[57991f5e16b4]

	* plugins/sudoers/check.h:
	Rename guard define.
	[ccf4dba241d6]

	* plugins/sudoers/check.c, plugins/sudoers/check.h,
	plugins/sudoers/timestamp.c, plugins/sudoers/timestamp.h:
	Move contents of timestamp.h into check.h.
	[c139757a9283]

	* plugins/sudoers/sudoers.h:
	expand_prompt() is now in prompt.c sudo_printf extern is now in
	error.h
	[219bd74ca62b]

	* plugins/sudoers/bsm_audit.h, plugins/sudoers/defaults.h,
	plugins/sudoers/ins_2001.h, plugins/sudoers/ins_classic.h,
	plugins/sudoers/ins_csops.h, plugins/sudoers/ins_goons.h,
	plugins/sudoers/insults.h, plugins/sudoers/interfaces.h,
	plugins/sudoers/linux_audit.h, plugins/sudoers/logging.h,
	plugins/sudoers/parse.h, plugins/sudoers/pwutil.h,
	plugins/sudoers/redblack.h, plugins/sudoers/sudo_nss.h,
	plugins/sudoers/sudoers.h, plugins/sudoers/timestamp.h,
	plugins/sudoers/toke.h:
	Change multiple inclusion guards to be _SUDOERS_FOO_H
	[faace6d55e78]

2013-03-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/po/nl.mo, plugins/sudoers/po/nl.po,
	src/po/nl.mo, src/po/nl.po, src/po/tr.mo, src/po/tr.po:
	New Dutch translation for sudo and sudoers New Turkish translation
	for sudo From translationproject.org
	[bc918b7b23a4]

2013-03-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in:
	Fix a typo in a comment and make sure we don't mistakenly include
	_PATH_SUDO_ASKPASS and _PATH_SUDO_SESH in config.h.in
	[694d12ac70ec]

2013-03-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in:
	Don't build check_symbols if we are linking sudoers in statically.
	[f6602723bab7]

	* configure, configure.in:
	Use $host_os not $host when we only care about the os name and
	version.
	[05e4f4fcba06]

	* aclocal.m4, configure, configure.in:
	Suppress duplicate -L and -I flags.
	[228f2f581aed]

	* common/Makefile.in, compat/regress/fnmatch/fnm_test.c:
	Fix regress tests on non-OpenBSD platforms.
	[9d91bc859c50]

	* configure, configure.in:
	If we find sasl/sasl.h there's no need to check for sasl.h too
	[889efaa86012]

	* aclocal.m4, configure, configure.in:
	Add -R flags at the very end after configure link tests are done
	since we can only count on libtool to accept -R, the compiler front
	end may not. Also unify the libldap and libibmldap tests using
	AC_SEARCH_LIBS and check for -lCsup on HP-UX which is needed by
	libibmldap (but is not an explicit dependency).
	[ab1451894351]

2013-03-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Back out changes that broke detection of skey, opie and ldap
	libraries.
	[ffa82b8f8641]

	* plugins/sudoers/regress/testsudoers/test1.sh,
	plugins/sudoers/regress/testsudoers/test2.sh,
	plugins/sudoers/regress/testsudoers/test3.sh,
	plugins/sudoers/regress/testsudoers/test4.sh,
	plugins/sudoers/regress/testsudoers/test5.sh,
	plugins/sudoers/regress/visudo/test1.sh,
	plugins/sudoers/regress/visudo/test2.sh,
	plugins/sudoers/regress/visudo/test3.sh:
	Add explicit "exit 0" to prevent the check target from ending
	prematurely.
	[cca411b492bd]

	* plugins/sudoers/Makefile.in:
	Fix exit values in check target so we don't have to ignore errors.
	[cbc429c409e9]

	* plugins/sudoers/Makefile.in:
	Fail a test if there is unexpected stderr output.
	[4fc24d536bec]

	* MANIFEST:
	Fix path to sudo.conf manuals; remove non-existant test2.err.ok
	[6b8bcd60dd85]

	* src/load_plugins.c:
	Fix compilation in dynamic mode.
	[679856fa0774]

	* configure, configure.in:
	On HP-UX, libibmldap has a hidden dependency on libCsup
	[22994709d77c]

	* compat/dlopen.c:
	Pass BIND_VERBOSE to shl_load()
	[0060b9cfa9ab]

	* configure, configure.in:
	Only create static helper libs when --disable-shared is specified.
	[1fcdb1a437e0]

	* src/load_plugins.c:
	Ubreak static build.
	[4ac9f96be285]

	* INSTALL, aclocal.m4, configure, configure.in:
	Replace --with-rpath and --with-blibpath with --disable-rpath. Now
	that we use libtool for linking we can just use the -R flag and have
	libtool translate it to the proper linker flag.
	[09798fad6888]

2013-03-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	Bump I/O buffer size 32K
	[4ef793225309]

2013-03-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in, doc/sudo.conf.cat, doc/sudo.conf.man.in,
	doc/sudo.conf.mdoc.in:
	Document sesh Path setting.
	[34b0b903b4f8]

	* src/exec.c, src/exec_common.c:
	Move exec_cmnd to exec.c to fix a compilation issue with sesh.c
	[06aa1956f38d]

	* common/sudo_conf.c, configure, configure.in, include/sudo_conf.h,
	src/selinux.c:
	Make sesh path configurable in sudo.conf
	[91d331f273b7]

	* configure, configure.in:
	Use -fno-pie and -nopie if supported when --disable-pie is
	specified.
	[777138c04dcc]

2013-03-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Document direct execution of the command if the policy plugin has no
	close function.
	[6a14145c6e80]

2013-03-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/pam.c:
	Only delete creds if we actually established them. Print an error if
	pam_setcred() fails and we actually authenticated.
	[1e015314903b]

	* common/Makefile.in, plugins/group_file/Makefile.in:
	regen
	[dd8cee2a5e1b]

	* common/alloc.c, include/alloc.h:
	Convert efree() to a macro that just casts to void * and does
	free(). If the system free() can't handle free(NULL) this may crash
	but C89 was a long time ago.
	[efd0ff9270fb]

	* configure, configure.in:
	Define _REENTRANT for HP-UX when we add -lpthread to SUDO_LIBS.
	Fixes a problem with errno sometimes not being set on error on HP-
	UX.
	[54b419d58320]

	* common/sudo_debug.c:
	Fix debug logging from the plugin when there is no error number.
	This was broken in the big debugging reorg for 1.8.7.
	[2ea7e145e928]

2013-03-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in, plugins/group_file/Makefile.in,
	plugins/sample/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/system_group/Makefile.in, src/load_plugins.c:
	Always install plugins with a .so extension regardless of what
	extension the system uses for shared libraries. That way the
	group_plugin sudoers setting can be shared between heterogenous
	systems.
	[a7e6ecff6fdf]

	* plugins/sudoers/match.c:
	Mac OS X has netgroup functions in netdb.h.
	[243881a974aa]

	* plugins/sudoers/parse.h:
	Tags in struct cmndtag can be set to IMPLIED as well.
	[cb6926988cc8]

	* plugins/sudoers/parse.c:
	Quiet a compiler warning.
	[14e608c2001d]

	* plugins/sudoers/testsudoers.c:
	Quiet an llvm checker warning.
	[2eeb9f3d08f3]

	* plugins/sudoers/parse.c:
	Quiet gcc -Wuninitialized false positive
	[643ad987503d]

2013-03-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, doc/sudoers.cat, doc/sudoers.man.in,
	doc/sudoers.mdoc.in:
	Document group_file and system_group plugins.
	[b56511e79230]

	* NEWS:
	Sudo 1.8.7
	[e95183b8fa27]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Try to clarify that sudoedit in sudoers should not include a leading
	pathname.
	[7b2beac92a9c]

	* plugins/sudoers/pwutil_impl.c:
	Make sure groupname_len is at least 32 just to be on the safe side.
	It is better to allocate a little extra and not need it than to have
	to reallocate and start over.
	[6d3e1ba47de9]

	* include/alloc.h, include/missing.h:
	Add __malloc_like macro to apply __malloc__ attribute to emalloc,
	ecalloc and estrdup. It cannot be applied to realloc since that may
	return the same pointer.
	[8d70cb81d1f1]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Fix potential double free in an error path.
	[657573feb6a4]

	* src/exec_pty.c:
	When running the command in a pty, defer the call to exec_setup()
	until just before we exec the command. This is consistent with the
	non-pty path. As a side effect, the monitor process runs as root and
	not the runas user.
	[e2a7f8c7ee4c]

2013-03-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/closefrom.c:
	Update copyright year.
	[9b652af4dfc0]

2013-03-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/closefrom.c:
	Use pst_highestfd from pstat_getproc() on HP-UX.
	[09f3fea46a3d]

2013-02-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, common/Makefile.in, doc/Makefile.in,
	plugins/sudoers/Makefile.in:
	Clean up generated test files and other minor housekeeping.
	[f5f4fdd908e1]

	* plugins/sudoers/iolog.c:
	Add back gettimeofday() call inadvertantly removed in e1abb9810a83
	[675cce8401ae]

	* config.h.in, configure, configure.in, src/ttyname.c:
	Use pstat() on HP-UX to determine the tty device.
	[2884af22a9df]

	* plugins/sudoers/auth/pam.c:
	Fix PAM compilation: def_pam_session, not just pam_session.
	[5417d7acc6ea]

	* doc/fixmdoc.sh:
	Don't remove the -S option description when trimming out selinux.
	Bug #592
	[8a94f2cfa0a0]

2013-02-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Update for Sudo 1.8.6p7
	[0858a73e9c40]

2013-02-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Document when sudo may exec the command directly instead of forking.
	[da41951edc28]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in:
	Document that close and version be NULL for plugin API >= 1.3 and
	that sudo may execute the command directly if there is no close, or
	pty or timeout needed.
	[e5f929ddeaf8]

	* plugins/sudoers/auth/sudo_auth.c:
	Fix debug_decl for sudo_auth_begin_session and
	sudo_auth_end_session.
	[58243392c0df]

	* configure, configure.in, doc/sudoers.cat, doc/sudoers.man.in,
	doc/sudoers.mdoc.in, plugins/sudoers/auth/pam.c,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/defaults.c:
	Add pam_session sudoers option.
	[d994465db9f1]

	* plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.h:
	Dummy out close function if there is no end_session for the auth
	method and the front-end can handle a NULL close function. Avoids
	the extra sudo process when we don't actually need it.
	[74886d5b0fb6]

2013-02-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, aclocal.m4:
	Add m4/ to paths m4_include parameters so we don't need to use
	autoconf's -I flag.
	[4fd86e7a84f3]

	* src/exec.c, src/exec_common.c, src/exec_pty.c, src/sudo_exec.h,
	src/sudo_plugin_int.h:
	If the policy plugin does not provide a close function, there is no
	command timeout and no pty is required, skip the event loop and just
	exec the command directly.
	[ad532f107170]

	* src/sudo.c:
	Do not crash if the plugin close and version functions are not
	defined. If there is no policy close function, simply print a
	warning that the command was not found.
	[c789a9dd54e8]

2013-02-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/parse.c:
	Fix typos in selinux/solaris privs specific code.
	[9af3999361b4]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, src/parse_args.c:
	Pass the default plugin directory to the plugin via the settings
	list. Could be used by a stacking plugin.
	[688e771fc145]

	* plugins/sudoers/timestamp.c:
	Completely ignore time stamp file if it is set to the epoch,
	regardless of what gettimeofday() returns.
	[df58842af660]

	* doc/CONTRIBUTORS:
	Add Nikolai Kondrashov
	[df59791438f9]

	* plugins/sudoers/ldap.c, plugins/sudoers/sssd.c:
	Use userpw_matches() for username matching so #uid works for
	sudoRunAsUser.
	[a124062334df]

	* plugins/sudoers/sssd.c:
	Avoid calling realloc3() with a zero size parameter when all
	retrieved sssd rules fail. Otherwise we'll get a run-time error due
	to malloc(0) checking.
	[84dfcb73ebd7]

	* plugins/sudoers/sssd.c:
	Do not send error mail if a user is not found in SSSD. Local users
	can run sudo too. From Nikolai Kondrashov
	[3d2ae99ee468]

2013-02-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, common/regress/sudo_conf/test4.in,
	common/regress/sudo_conf/test4.out.ok:
	Test setting disable_coredump to illegal value.
	[3c71c6c49027]

	* common/sudo_conf.c:
	Fix atobool() usage.
	[d40c9f4d06b0]

	* common/regress/sudo_conf/conf_test.c:
	Remove unused variable.
	[328b524b365b]

	* plugins/sudoers/sudoers.c:
	Make "sudo -l non_existent_command" warn that non_existent_command
	doesn't exist, not the "list" pseudo-command.
	[9dc0388fc4f3]

	* plugins/sudoers/parse.c:
	Make sudoers file long list output better match the format used by
	ldap sudoers. Tags are now converted to options and there is a
	single command per line.
	[6e6dc3f20d84]

	* doc/sudo.conf.cat, doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in,
	doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Use the correct the sudoers policy symbol names and undo an editor
	goof committed when adding max_groups to sudo.conf.
	[2a6f7ddf5cc3]

	* plugins/sudoers/parse.c, plugins/sudoers/sudo_nss.c:
	For "sudo -l" start a new line if the runas list changes to make the
	output easier to read.
	[7dc3d724c924]

2013-02-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/parse.c, plugins/sudoers/sudo_nss.c:
	For "sudo -l" and "sudo -ll" only print the runas info for
	subsequent commands in a list if the runas info has changed. If we
	have new runas info, print out the tags again so as to be less
	confusing to the user. For "sudo -ll" set the line continuation
	indent to 8.
	[b5ec02fe7fc1]

2013-02-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, Makefile.in, configure, configure.in, doc/sudoers.cat,
	doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/group_file/Makefile.in, plugins/group_file/getgrent.c,
	plugins/group_file/group_file.c, plugins/group_file/group_file.exp,
	plugins/group_file/plugin_test.c, plugins/sample_group/Makefile.in,
	plugins/sample_group/getgrent.c, plugins/sample_group/plugin_test.c,
	plugins/sample_group/sample_group.c,
	plugins/sample_group/sample_group.exp:
	Rename sample_group plugin to group_file. Install group_file and
	system_group plugins by default.
	[951b3e446fae]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/iolog.c,
	plugins/sudoers/policy.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	Add maxseq sudoers option to limit the max number of I/O log files.
	[e1abb9810a83]

2013-02-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c:
	Log lines and columns in the iolog file.
	[03adb6230e05]

2013-02-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, common/Makefile.in, common/regress/sudo_conf/conf_test.c,
	common/regress/sudo_conf/test1.in,
	common/regress/sudo_conf/test1.out.ok,
	common/regress/sudo_conf/test2.in,
	common/regress/sudo_conf/test2.out.ok,
	common/regress/sudo_conf/test3.in,
	common/regress/sudo_conf/test3.out.ok, common/sudo_conf.c,
	include/sudo_conf.h, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c, src/sesh.c,
	src/sudo.c:
	Add simple regress tests for sudo.conf parsing.
	[3c36b61bf61c]

	* src/sudo.c:
	Always display the I/O plugin version as long as its open functions
	doesn't return an error. Previously it was only displayed if the
	plugin open returned 1.
	[4b0277db3f8c]

	* plugins/sudoers/pwutil_impl.c:
	Use sysconf(_SC_LOGIN_NAME_MAX) to find max username length instead
	of poking around in struct utmpx.
	[2c0cc5c42958]

	* plugins/sudoers/pwutil_impl.c, src/parse_args.c, src/sudo.c:
	#include "sudo_usage.h" not <sudo_usage.h> so we get the one in the
	build directory and not the src dir when using a separate build
	directory.
	[1fcb7ba13018]

2013-02-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/fileops.c:
	If a line was longer that 0x80000000 the bit hack to round to the
	next power of two would roll over to zero.
	[f4f729cf6f0f]

	* plugins/sudoers/policy.c, plugins/sudoers/pwutil_impl.c,
	plugins/sudoers/sudoers.h, src/sudo.c:
	Use max_groups in front-end and plugin.
	[bf1e74166831]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, src/parse_args.c:
	Pass max_groups to plugin in settings list.
	[d7d76e8651f4]

	* common/sudo_conf.c, doc/sudo.conf.cat, doc/sudo.conf.man.in,
	doc/sudo.conf.mdoc.in, include/sudo_conf.h:
	Add max_groups setting to sudo.conf (currently unused) and remove
	unused return value from setters.
	[f6494f71e1f0]

2013-02-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL:
	Reorganize configure options
	[23475de8039f]

2013-02-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Add Sudo 1.8.6p7
	[5192fc511cbe]

2013-02-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL.configure:
	Sync with autoconf 2.68
	[985e5c8efa4e]

	* INSTALL, README:
	Remove obsolete OS notes and move build requirements to INSTALL.
	[bf0dd53ca164]

2013-02-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in:
	Sort elements of the settings, user_info and command_info lists.
	[663062ada5b7]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Remove trailing white space
	[027916a6c8e7]

	* plugins/sudoers/policy.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/timestamp.c, plugins/sudoers/timestamp.h:
	Store the session ID in the tty ticket file too. A tty may only be
	in one session at a time so if the session ID doesn't match we
	ignore the ticket.
	[4eb2cb8df48b]

2013-02-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c, src/sudo.c:
	Move tzset() call from sudoers plugin to sudo front end.
	[3c058dad8772]

	* doc/sudo.conf.cat, doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in,
	doc/sudoers.cat, doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	Mention line continuation
	[399873f8c805]

	* MANIFEST, common/Makefile.in, common/fileops.c,
	common/regress/sudo_parseln/parseln_test.c,
	common/regress/sudo_parseln/test1.in,
	common/regress/sudo_parseln/test1.out.ok,
	common/regress/sudo_parseln/test2.in,
	common/regress/sudo_parseln/test2.out.ok,
	common/regress/sudo_parseln/test3.in,
	common/regress/sudo_parseln/test3.out.ok,
	common/regress/sudo_parseln/test4.in,
	common/regress/sudo_parseln/test4.out.ok,
	common/regress/sudo_parseln/test5.in,
	common/regress/sudo_parseln/test5.out.ok,
	common/regress/sudo_parseln/test6.in,
	common/regress/sudo_parseln/test6.out.ok, common/sudo_conf.c,
	include/fileops.h, plugins/sudoers/env.c, plugins/sudoers/ldap.c,
	plugins/sudoers/sudo_nss.c:
	Add line continuation support to sudo_parseln() and make it use
	getline() instead of fgets() internally.
	[d02bf3973fc5]

2013-02-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sample/sample_plugin.c:
	Fix memory leak in error path; found by llvm checker
	[d090c26a5b00]

	* plugins/sudoers/sudoreplay.c:
	Remove useless store detected by llvm checker.
	[12a4db91651a]

	* configure, configure.in, doc/UPGRADE, mkpkg, src/Makefile.in,
	src/load_plugins.c, sudo.pp:
	Sudo now stores its libexec files in a "sudo" subdirectory instead
	of in libexec itself. For backwards compatibility, if the plugin is
	not found in the default plugin directory, sudo will check the
	parent directory default directory ends in "/sudo".
	[5de67de76489]

	* plugins/sample/sample_plugin.c, plugins/sample_group/sample_group.c,
	plugins/system_group/system_group.c:
	Add missing __dso_public to plugin structs so they are exported.
	[dde703577621]

	* doc/sudo.conf.cat, doc/sudo.conf.man.in, doc/sudo.conf.mdoc.in:
	Mention that sudoers has its own plugins too.
	[0a6c6203b512]

2013-02-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/visudo.cat, doc/visudo.man.in, doc/visudo.mdoc.in:
	Correct last change date.
	[45894291d792]

	* doc/sudo.cat, doc/sudo.conf.cat, doc/sudo.conf.man.in,
	doc/sudo.conf.mdoc.in, doc/sudo.man.in, doc/sudo.mdoc.in,
	doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, doc/sudoers.cat, doc/sudoers.man.in,
	doc/sudoers.mdoc.in:
	Remove duplicated sudo.conf info in the sudo, sudoers and
	sudo_plugin manuals and cross-reference the new sudo.conf manual.
	[b808ba29cf3a]

	* doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in:
	Fix typos
	[0e70964150c6]

	* doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in:
	Fix some typos.
	[94ae045cfbc6]

	* MANIFEST, doc/Makefile.in, doc/sudo.conf.cat, doc/sudo.conf.man.in,
	doc/sudo.conf.mdoc.in:
	Add standalone sudo.conf manual page.
	[d64d949b700c]

	* doc/sample.sudo.conf:
	add group_source example
	[118c1ba1c014]

	* configure, configure.in, doc/sample.sudo.conf, doc/sudo.man.in,
	doc/sudo.mdoc.in, doc/sudo_plugin.man.in, doc/sudo_plugin.mdoc.in,
	doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Use PLUGINDIR in the manuals and fix a typo in the sample sudo.conf.
	[f5bd6006dc1c]

	* plugins/sudoers/po/it.mo, plugins/sudoers/po/it.po, src/po/it.mo,
	src/po/it.po:
	Sync with translationproject.org
	[a6f2b9aac371]

2013-02-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/vi.mo, plugins/sudoers/po/vi.po, src/po/fi.mo,
	src/po/fi.po, src/po/gl.mo, src/po/gl.po, src/po/vi.mo,
	src/po/vi.po:
	Sync with translationproject.org
	[ba546666969d]

2013-02-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/da.po, plugins/sudoers/po/eo.mo,
	plugins/sudoers/po/eo.po, src/po/da.po, src/po/eo.mo, src/po/eo.po,
	src/po/es.po, src/po/gl.po:
	Sync with translationproject.org
	[cdc454e34c03]

2013-01-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Clarify ttyname changes.
	[cbf2f80fe582]

	* NEWS:
	Add 1.8.6p6
	[3aa591e98b3b]

	* src/ttyname.c:
	Remove ttyname() fall back code on systems where we can query the
	kernel for the tty device via /proc or sysctl(). If there is no
	controlling tty, it is better to just treat the tty as unknown
	rather than to blindly use what is hooked up to std{in,out,err}.
	[b2bd3005d2e4]

2013-01-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/sudo_conf.c, include/sudo_conf.h, src/sudo.c:
	Add group_source setting in sudo.conf to allow the admin to specify
	how a user's groups are looked up. Legal values are static (just the
	kernel list from getgroups), dynamic (whatever the group database
	includes) and adaptive (only use group db if kernel group list is
	full).
	[87a5b02e22ad]

	* plugins/sudoers/policy.c:
	Pass back exec_background to front end if it is enabled in sudoers.
	[8230e1cd0bbd]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Mention that exec_background is for 1.8.7 and higher only.
	[fdf0d5a3e182]

2013-01-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST:
	Add missing test files.
	[1165389aa5e6]

	* plugins/sudoers/regress/visudo/test3.err.ok,
	plugins/sudoers/regress/visudo/test3.out.ok,
	plugins/sudoers/regress/visudo/test3.sh:
	Add regress test for bug 361
	[54c7fb61b82d]

	* plugins/sudoers/iolog.c:
	Add __dso_public to extern declaration of declaration to match
	actual definition.
	[4695ded501e6]

	* NEWS:
	Add 1.8.6p5
	[b07b28c5c4d7]

2013-01-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/regress/visudo/test2.err.ok,
	plugins/sudoers/regress/visudo/test2.out.ok,
	plugins/sudoers/regress/visudo/test2.sh:
	Add test for visudo cycle check core dump; test case from Daniel
	Kopecek
	[41074541147a]

	* plugins/sudoers/visudo.c:
	Fix potential stack overflow due to infinite recursion in alias
	cycle detection. From Daniel Kopecek.
	[d7e018a87434]

	* common/sudo_conf.c, include/sudo_conf.h, src/load_plugins.c:
	Ignore duplicate entries in sudo.conf and report the line number
	when there is an error. Warn, don't abort if there is more than one
	policy plugin.
	[dfcb5a698f0a]

	* plugins/sudoers/tsgetgrpw.c:
	Use strtoul() not atoi().
	[58a52cf9b6b8]

2013-01-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/Makefile.in:
	regen depends for to add compat/nss_dbdefs.h for getgrouplist.lo
	[9b44e9d26d16]

	* compat/nss_dbdefs.h:
	Fix typo that breaks the build on HP-UX.
	[b9ab6ba23485]

	* MANIFEST, compat/getgrouplist.c, compat/nss_dbdefs.h, config.h.in,
	configure, configure.in:
	Use nss_search() to implement getgrouplist() where available. Tested
	on Solaris and HP-UX. We need to include a compatibility header for
	HP-UX which uses the Solaris nsswitch implementation but doesn't
	ship nss_dbdefs.h.
	[d29dbc4dc06d]

2013-01-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c, src/exec_pty.c, src/signal.c, src/sudo.h:
	Remove extra flag to sudo_sigaction(). We want to trap the signal
	regardless of whether or not it is ignored by the underlying command
	since there's no way to know what signal handlers the command will
	install. Now we just use sudo_sigaction() to set a flag in
	saved_signals[] to indicate whether a signal needs to be restored
	before exec.
	[c042d52c7192]

2013-01-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/getgrouplist.c, config.h.in, configure, configure.in:
	Use _getgroupsbymember() on Solaris to get the groups list. Fixes
	performance problems with the getgroupslist() compat on Solaris
	systems with network-based group databases.
	[287d3ae2ce8d]

2013-01-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in:
	Document signal handler behavior in plugin API 1.3
	[20dc9d1c105f]

	* MANIFEST, include/sudo_plugin.h, src/Makefile.in, src/exec.c,
	src/exec_pty.c, src/signal.c, src/sudo.c, src/sudo.h:
	Move signal code into its own source file and add sudo_sigaction()
	wrapper that has an extra flag to check the saved_signals list to
	only install the handler if the signal is not already ignored. Bump
	plugin API version for the new front-end signal behavior.
	[5d2f27a1b404]

	* plugins/sudoers/sudoers.c, src/exec.c, src/sudo.c, src/sudo.h,
	src/sudo_exec.h:
	Catch SIGINT, SIGQUIT and SIGTSTP in the front end before we execute
	the command. If we get SIGINT or SIGQUIT, call the plugin close()
	functions as if the command was interrupted. If we get SIGTSTP,
	uninstall the handler and deliver SIGTSTP to ourselves.
	[332baf3a81b7]

	* src/exec.c, src/exec_pty.c:
	Rename handle_signals() to dispatch_signals(). Block other signals
	in handler() so we don't have to worry about the write() being
	interrupted.
	[666e95c9a0f1]

2013-01-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/tgetpass.c:
	Rename signal handler to avoid name clash with one in exec.c
	[8913101a29b6]

2013-01-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo.c:
	Add missing call to save_signals().
	[47d075d7326b]

2013-01-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
	Fill in the comment block at the top of the .pot files and preserve
	it when regenerating them.
	[6449497b76db]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, doc/sudoers.cat, doc/sudoers.man.in,
	doc/sudoers.mdoc.in, plugins/sudoers/def_data.c,
	plugins/sudoers/def_data.h, plugins/sudoers/def_data.in,
	plugins/sudoers/sudoers.c, src/exec_pty.c, src/sudo.c, src/sudo.h:
	Add exec_background option in plugin command info and a sudoers
	option to match. When set, commands are started in the background
	and automatically foregrounded as needed. There are issues with some
	ill-mannered programs (like Linux su) so this is not the default.
	[c0b32b0938f2]

	* common/Makefile.in:
	regen
	[2b2b220e7aea]

	* src/Makefile.in:
	Add SESH_OBJS variable for sesh object files.
	[d3e04ae8fd1f]

	* configure.in, doc/LICENSE, plugins/sudoers/redblack.c:
	Update copyright year.
	[61a0f0cedb13]

	* src/exec_pty.c:
	Always resume the command in the foreground if sudo itself is the
	foreground process. This helps work around poorly behaved programs
	that catch SIGTTOU/SIGTTIN but suspend themselves with SIGSTOP. At
	worst, sudo will go into the background but upon resume the command
	will be runnable. Otherwise, we can get into a situation where the
	command will immediately suspend itself.
	[c368ac3eb2e4]

	* configure, configure.in:
	Use -fstack-protector-all in preference to -fstack-protector where
	supported.
	[f930c95ceb51]

2013-01-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Only test for -fstack-protector and -fvisibility=hidden on GNU
	compatible compilers.
	[796f4696d863]

2013-01-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Add Sudo 1.8.6p4
	[8a928de8e717]

	* common/Makefile.in, compat/Makefile.in, configure, configure.in,
	plugins/sample/Makefile.in, plugins/sample_group/Makefile.in,
	plugins/sudoers/Makefile.in, plugins/system_group/Makefile.in,
	src/Makefile.in:
	Break out stack smashing protector options into SSP_CFLAGS and
	SSP_LDFLAGS so we can use it everywhere (unlike LT_LDFLAGS).
	[01be114fc9fb]

2013-01-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS, plugins/sudoers/redblack.c:
	In rbrepair(), make sure we never try to change the color of the
	sentinel node, which is the first entry, not the root. From Michael
	King
	[3fc4dc4004ec]

2012-12-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	No need to restore default signal handler for SIGSTOP as it is not
	catchable. Attempting to do so is harmless but sigaction() will fail
	and set errno to EINVAL which makes it looks like there is an error.
	[be7c0b759e9a]

	* src/exec.c:
	Print SIGCONT_FG and SIGCONT_BG properly in debug output.
	[93e59e301c8f]

2012-12-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Disable PIE on FreeBSD/ia64, otherwise sudo will segfault.
	[9ed48f696595]

2012-12-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/missing.h:
	Add howmany() macro since some systems have this in sys/param.h
	which we no longer include.
	[2c5efaa16c45]

2012-12-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/regress/sudoers/test11.toke.out.ok:
	Remove errant file.
	[a91699beffc6]

2012-12-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/regress/parser/check_fill.c:
	Remove obsolete sudoers_cleanup() stubs.
	[89153025a2ae]

	* common/alloc.c, common/atobool.c, common/fileops.c,
	common/fmt_string.c, common/lbuf.c, common/secure_path.c,
	common/sudo_conf.c, common/sudo_debug.c, common/term.c,
	compat/closefrom.c, compat/getcwd.c, compat/glob.c,
	compat/snprintf.c, include/missing.h,
	plugins/sample/sample_plugin.c, plugins/sample_group/getgrent.c,
	plugins/sample_group/plugin_test.c,
	plugins/sample_group/sample_group.c, plugins/sudoers/alias.c,
	plugins/sudoers/auth/afs.c, plugins/sudoers/auth/aix_auth.c,
	plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/dce.c,
	plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/kerb5.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/passwd.c,
	plugins/sudoers/auth/rfc1938.c, plugins/sudoers/auth/secureware.c,
	plugins/sudoers/auth/securid5.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/boottime.c,
	plugins/sudoers/check.c, plugins/sudoers/defaults.c,
	plugins/sudoers/env.c, plugins/sudoers/find_path.c,
	plugins/sudoers/getspwuid.c, plugins/sudoers/goodpath.c,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/group_plugin.c, plugins/sudoers/interfaces.c,
	plugins/sudoers/iolog.c, plugins/sudoers/ldap.c,
	plugins/sudoers/logging.c, plugins/sudoers/match.c,
	plugins/sudoers/match_addr.c, plugins/sudoers/parse.c,
	plugins/sudoers/policy.c, plugins/sudoers/prompt.c,
	plugins/sudoers/pwutil.c, plugins/sudoers/pwutil_impl.c,
	plugins/sudoers/redblack.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sssd.c,
	plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/timestamp.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, plugins/sudoers/toke_util.c,
	plugins/sudoers/tsgetgrpw.c, plugins/sudoers/visudo.c,
	plugins/system_group/system_group.c, src/conversation.c, src/exec.c,
	src/exec_common.c, src/exec_pty.c, src/get_pty.c,
	src/load_plugins.c, src/net_ifs.c, src/parse_args.c, src/sudo.c,
	src/sudo_edit.c, src/tgetpass.c, src/ttyname.c, src/utmp.c:
	Don't include <sys/param.h>. We only needed it for MAXPATHLEN,
	MAXHOSTNAMELEN and the MIN/MAX macros. We now use PATH_MAX and
	HOST_NAME_MAX throughout without falling back on MAXPATHLEN or
	MAXHOSTNAMELEN and define our own MIN/MAX macros as needed.
	[f4807d46f504]

	* include/missing.h, plugins/sudoers/match.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c, src/sudo.c:
	Use MAX_HOST_NAME+1 (limits.h) instead of MAXHOSTNAMELEN
	(sys/param.h or netdb.h).
	[2544f5e306dd]

2012-11-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/logging.c:
	Move debug_decl() in log_failure() to be after the variable
	declarations for C89.
	[f48d2035ab44]

2012-11-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/error.c, include/error.h, plugins/sudoers/iolog.c,
	plugins/sudoers/logging.c, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h:
	Cannot wrap sigsetjmp() or we end up returning to the wrong place.
	Use a macro instead.
	[749ee6acdad8]

2012-11-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/policy.c:
	Fix return in sudoers_policy_open that should be debug_return.
	[a78b795b6846]

2012-11-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/ttyname.c:
	Define sudo_ttyname_dev() for the HAVE_STRUCT_PSINFO_PR_TTYDEV case
	too.
	[acfa891c229e]

	* src/solaris.c:
	Quiet a gcc warning and add comment about needing to keep the handle
	open.
	[f954f228960f]

2012-11-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL:
	mention --disable-shared
	[6954d39e2d0f]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in:
	Add missing command_info argument in I/O plugin open() prototype.
	Bug #579
	[72beb07aba0e]

2012-11-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/gram.c:
	Regen for proper line numbers.
	[6cf6e132e764]

	* configure, configure.in:
	Add locale_stub.o to SUDO_OBJS, not locale_stub.lo.
	[d604dc8ca38a]

	* common/sudo_printf.c:
	Include missing.h for __printflike.
	[a33640600faf]

	* plugins/sudoers/iolog.c:
	Saner loop invariant in io_mkdirs (cosmetic only).
	[dc30274afe38]

	* MANIFEST, common/Makefile.in, common/error.c, common/sudo_printf.c,
	configure, configure.in, include/error.h, mkdep.pl,
	plugins/sudoers/Makefile.in, plugins/sudoers/locale.c,
	plugins/sudoers/logging.c, plugins/sudoers/plugin_error.c,
	plugins/sudoers/policy.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c,
	src/Makefile.in, src/error.c, src/exec_pty.c, src/locale_stub.c,
	src/sesh.c:
	Move warn/error into common and make static builds work.
	[4d3f374f4e4c]

	* MANIFEST, common/Makefile.in, common/sudo_debug.c,
	common/sudo_printf.c, include/error.h, plugins/sudoers/Makefile.in,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/iolog.c, plugins/sudoers/plugin_error.c,
	plugins/sudoers/policy.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/regress/parser/check_fill.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c,
	src/Makefile.in, src/conversation.c, src/sesh.c:
	Move _sudo_printf from src/conversation.c to common/sudo_printf.c.
	Add sudo_printf function pointer that is initialized to
	_sudo_printf() instead of requiring a sudo_conv function pointer
	everywhere. The plugin will reset sudo_printf to point to the
	version passed in via the plugin open function. Now plugin_error.c
	can just call sudo_printf in all cases. The sudoers binaries no
	longer need their own version of sudo_printf.
	[9b09d3f63790]

	* plugins/sudoers/iolog.c, plugins/sudoers/logging.c,
	plugins/sudoers/plugin_error.c, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h:
	Add plugin_setjmp() wrapper for siglongjmp(error_jmp, 1) so we don't
	need error_jmp to be extern. Also add plugin_clearjmp() that clears
	a flag so error()/errorx() knows when to call exit() vs. longjmp().
	[5a4617148e70]

	* plugins/sudoers/set_perms.c:
	Let warning() call gettext() for us.
	[ab8d502ba4ac]

	* include/error.h, plugins/sudoers/plugin_error.c, src/error.c:
	Do locale swapping in the warning()/error() macros themselves
	instead of in the underlying functions.
	[4cd205540e17]

	* common/alloc.c, common/list.c, include/error.h,
	plugins/sudoers/env.c, plugins/sudoers/plugin_error.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/visudo.c, src/error.c,
	src/hooks.c:
	Rename warning2()/error2() -> warning_nodebug()/error_nodebug().
	[48346393634d]

	* common/sudo_conf.c, plugins/sudoers/auth/fwtk.c,
	plugins/sudoers/auth/rfc1938.c, plugins/sudoers/auth/securid5.c,
	plugins/sudoers/defaults.c, plugins/sudoers/group_plugin.c,
	plugins/sudoers/ldap.c, plugins/sudoers/linux_audit.c,
	plugins/sudoers/logging.c, plugins/sudoers/plugin_error.c,
	plugins/sudoers/policy.c, plugins/sudoers/sssd.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/toke_util.c, plugins/sudoers/visudo.c, src/error.c,
	src/exec.c, src/exec_common.c, src/exec_pty.c, src/load_plugins.c,
	src/net_ifs.c, src/parse_args.c, src/selinux.c, src/sesh.c,
	src/solaris.c, src/sudo.c, src/sudo_edit.c, src/tgetpass.c:
	Call gettext() on parameters for warning()/warningx() instead of
	having warning() do it for us.
	[c71088bc9d3e]

	* Makefile.in, plugins/sudoers/alias.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, plugins/sudoers/toke_util.c:
	Call gettext() in sudoerserror() in the user's locale and pass the
	untranslated string to it.
	[cdbfc231b848]

	* plugins/sudoers/Makefile.in, plugins/sudoers/locale.c,
	plugins/sudoers/logging.h, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c:
	Allow sudoers programs (visudo, sudoreplay, visudo) to use
	plugin_error.c instead of the error.c from the front-end. This means
	sudoers_setlocale() needs to be independent of the sudo_user struct
	and the defaults table. The sudoers locale is now updated via a
	callback.
	[e356f5f8cd6a]

	* plugins/sudoers/iolog.c, plugins/sudoers/logging.c,
	plugins/sudoers/plugin_error.c, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h:
	Include setjmp.h in sudoers.h Move error_jmp into plugin_error.c
	Rename sudoers_plugin_cleanup sudoers_cleanup Make sudoers
	warning/error functions work when sudo_conv is NULL
	[7365ee24a779]

	* src/error.c:
	No need to change locale in front-end warning()/error().
	[23dc1df7f93b]

	* plugins/sudoers/tsgetgrpw.c:
	Ignore bad lines in passwd/group file instead if stopping processing
	when we hit one.
	[79b790559075]

	* plugins/sudoers/regress/testsudoers/test2.sh,
	plugins/sudoers/regress/testsudoers/test3.sh,
	plugins/sudoers/regress/testsudoers/test5.sh:
	Bash doesn't let you set UID to use MYUID instead.
	[5be56335f059]

	* plugins/sudoers/visudo.c:
	Avoid NULL deref for unknown Defaults in strict mode.
	[545c21c1e7d6]

	* common/sudo_conf.c, common/sudo_debug.c:
	See DEFAULT_TEXT_DOMAIN
	[3d723e1d27db]

2012-11-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* .hgignore:
	Add signame.c and mksigname.
	[d59bbf423f00]

	* plugins/sudoers/Makefile.in:
	Fold preinstall into install-plugin and pass the path to the plugin
	binary to the preinstall command.
	[2c2205af8bb7]

	* pp:
	sync with upstream
	[a4b7336b3256]

	* src/sudo.h:
	repair spacing
	[f5c1255ce514]

2012-11-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/sudo_debug.c:
	Set group on sudo_debug when creating it to gid 0 so systems without
	BSD group semantics don't get the invoking user's group.
	[7dda01196554]

	* plugins/sudoers/iolog.c:
	Rename mkdir_parents() io_mkdirs() and add a flag to specify whether
	path is a temporary, in which case the final component is created
	via mkdtemp() instead of mkdir().
	[79c0c4e7ed58]

	* plugins/sudoers/set_perms.c, plugins/sudoers/sudoers.h:
	For PERM_ROOT set egid to 0 so log files are not created with the
	gid of the user.
	[5b964ea43474]

	* plugins/sudoers/logging.c:
	Add calls to set_perms(PERM_ROOT) becore logging to a file. We
	should already be root but since we cache the current permission
	status it is basically free. That way, if more of sudoers runs as
	non-root in the future logging will still work correctly.
	[c591d4973f41]

	* common/sudo_conf.c, config.h.in, configure, configure.in,
	include/gettext.h, plugins/sudoers/locale.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c,
	src/error.c, src/exec.c, src/sesh.c, src/sudo.c:
	#unifdef HAVE_SETLOCALE, it is C89 so no need to check for it.
	[41f6bb4926f4]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in,
	doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in:
	Mention that sudo.conf is parsed in the C locale.
	[f711c416e30c]

	* common/sudo_conf.c:
	Parse sudo.conf in the "C" locale.
	[776658f651ea]

	* plugins/sudoers/locale.c, plugins/sudoers/logging.h,
	plugins/sudoers/sudoers.h:
	Fix compilation on systems w/o setlocale()
	[6940d1c1c1ce]

	* doc/TROUBLESHOOTING:
	Sudo now includes a workaround for the Solaris 11 locale issue.
	[ab93787a552c]

2012-11-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/gettext.h, plugins/sudoers/iolog_path.c,
	plugins/sudoers/locale.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c,
	src/error.c, src/exec.c, src/sesh.c, src/sudo.c, src/sudo.h:
	Always include locale.h from gettext.h so we no longer need to
	include locale.h from the .c files.
	[93d39182ccfa]

	* MANIFEST, config.h.in, configure, configure.in, mkdep.pl,
	plugins/sudoers/Makefile.in, src/Makefile.in, src/openbsd.c,
	src/solaris.c, src/sudo.c, src/sudo.h:
	Add os-specific initialization functions for solaris (workaround
	setuid locale problem in Solaris 11) and openbsd (set malloc_options
	if SUDO_DEVEL). Also move set_project() to solaris.c.
	[1d6581afbaf4]

2012-11-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/find_path.c, plugins/sudoers/group_plugin.c,
	plugins/sudoers/iolog.c, plugins/sudoers/policy.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/timestamp.c:
	Avoid strerror() when possible and just rely on warning/error to
	handle errno in the proper locale.
	[bf612caae97c]

	* plugins/sudoers/logging.c:
	Set sudoers locale in log_allowed()
	[2dd0ac704cae]

	* plugins/sudoers/check.c:
	Make the sudo lecture translatable.
	[3cdfc183d72d]

	* Makefile.in:
	Add the values of badpass_message, passprompt and mailsub to
	sudoers.pot so they can be translated.
	[51cbe8adcb94]

	* plugins/sudoers/logging.c:
	Expand the FMT_FIRST anf FMT_CONTD macros inline so they get picked
	up by xgettext.
	[c5b74115caf0]

2012-11-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/check.c, plugins/sudoers/prompt.c,
	plugins/sudoers/sudoers.h:
	Make expand_prompt() args const and free the prompt when we are done
	with it.
	[995ef8519fe6]

	* plugins/sudoers/policy.c:
	Fix cut and pasto
	[e002921c1d15]

	* plugins/sudoers/defaults.c, plugins/sudoers/logging.c:
	Expand def_mailsub in the sudoers locale, not the user's.
	[a4775f2fb385]

	* common/sudo_conf.c, plugins/sudoers/auth/fwtk.c,
	plugins/sudoers/auth/rfc1938.c, plugins/sudoers/auth/securid5.c,
	plugins/sudoers/defaults.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/group_plugin.c,
	plugins/sudoers/ldap.c, plugins/sudoers/linux_audit.c,
	plugins/sudoers/logging.c, plugins/sudoers/plugin_error.c,
	plugins/sudoers/policy.c, plugins/sudoers/sssd.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/visudo.c, src/error.c, src/exec.c,
	src/exec_common.c, src/exec_pty.c, src/load_plugins.c,
	src/net_ifs.c, src/parse_args.c, src/selinux.c, src/sesh.c,
	src/sudo.c, src/sudo_edit.c, src/tgetpass.c:
	Display warning/error messages in the user's locale.
	[00a04165c0cf]

	* plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/kerb5.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/check.c,
	plugins/sudoers/env.c, plugins/sudoers/iolog.c,
	plugins/sudoers/locale.c, plugins/sudoers/logging.c,
	plugins/sudoers/logging.h, plugins/sudoers/parse.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/timestamp.c:
	Call gettext inside log_error et al instead of having the caller do
	it. This way we can display any messages to the user in their own
	locale but log in the sudoers local.
	[286e0444f785]

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/env.c,
	plugins/sudoers/locale.c, plugins/sudoers/logging.h,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h:
	Add simple locale switching to make it easy to switch from the
	user's locale to the sudoers locale without making excessive
	setlocale() calls when we don't need to.
	[5c61582fdeee]

	* plugins/sudoers/iolog_path.c, plugins/sudoers/logging.c,
	plugins/sudoers/sudoers.c:
	Convert setlocale() to sudoers_setlocale() in the sudoers module.
	This only converts existing uses, there are more places where we
	need to sprinkle sudoers_setlocale() calls.
	[8ee0cbf0d0a9]

	* plugins/sudoers/audit.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/logging.c, plugins/sudoers/sudoers.c:
	audit_failure() now calls gettext itself using the sudoers locale.
	[d77f1d78799a]

	* common/sudo_debug.c, include/error.h, include/sudo_debug.h,
	plugins/sudoers/plugin_error.c, src/error.c:
	Add variants of warn/error and sudo_debug_printf that take a va_list
	instead of a variable number of args.
	[00392bdc063c]

	* INSTALL, doc/TROUBLESHOOTING:
	Document Solaris 11 locale issues and workarounds.
	[05f7d34af3ae]

	* Makefile.in, configure, configure.in:
	Solaris gettext() looks in lang.UTF-8, not just lang for UTF-8
	locales. Make links from localdir/lang -> localdir/lang.UTF-8
	[5ca9326480e2]

2012-11-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/audit.c, plugins/sudoers/logging.c,
	plugins/sudoers/logging.h, plugins/sudoers/sudoers.c:
	Do not inform the user that the command was not permitted by the
	policy if they do not successfully authenticate. This is a
	regression introduced in sudo 1.8.6.
	[c1279df08bfb]

	* plugins/sudoers/Makefile.in:
	Add preinstall target that runs SUDO_PREINSTALL_CMD. Used to fixup
	the rpath in HP-UX SOM shared libraries for the LDAP libs.
	[b07185657b42]

	* src/parse_args.c:
	The -a option should be #ifdef HAVE_BSD_AUTH_H, not -A.
	[22c73cbe3ff9]

2012-10-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL, configure, configure.in:
	Allow the user to specify and alternate libtool
	[c9d6fc9521fd]

2012-10-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS, plugins/sudoers/sudo_nss.c:
	Allow sudo to be build with sss support without also including ldap
	support. From Stephane Graber.
	[b992a80ebea1]

2012-10-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/iolog_path.c,
	plugins/sudoers/logging.c, plugins/sudoers/plugin_error.c,
	plugins/sudoers/policy.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/testsudoers.c,
	plugins/sudoers/visudo.c:
	Refactor policy plugin interface code from sudoers.c into policy.c
	[393e62910b8a]

	* plugins/sudoers/iolog.c, plugins/sudoers/sudoers.c:
	Refactor command_info setting into its own function.
	[a952b948324c]

	* plugins/sudoers/interfaces.c, plugins/sudoers/interfaces.h,
	plugins/sudoers/match_addr.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c:
	Make interfaces pointer private to interfaces.c and add
	get_interfaces() accessor.
	[b69b9334ed3c]

2012-10-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog_path.c, plugins/sudoers/logging.c,
	plugins/sudoers/sudoers.h:
	Make user_cwd const since it is either a string literal or passed in
	from the front-end.
	[90751b81e8bc]

	* configure, configure.in:
	sudo 1.8.7
	[bf727adb8af0]

	* plugins/sudoers/sudoers.c:
	Avoid nested strtok() calls.
	[9d9f22ab52a9]

2012-10-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/check.c,
	plugins/sudoers/prompt.c, plugins/sudoers/sudoers.h:
	Move expand_prompt() into its own source file for easier unit
	testing.
	[b419b48a436f]

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/check.c,
	plugins/sudoers/check.h, plugins/sudoers/sudoers.h,
	plugins/sudoers/timestamp.c, plugins/sudoers/timestamp.h:
	Make check.c independent of the underlying timestamp implementation.
	[895071bd6065]

	* plugins/sudoers/iolog_path.c:
	Add SUDOERS_NO_SEQ define to allow ${seq} to be disabled.
	[8ac38f02dd6d]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Use a list for the possible values of Tag_Spec with a minimal indent
	to improve readability. In the pod version, these were =head3. Also
	use .St -p1003.1 instead of just POSIX when talking about glob() and
	fnmatch().
	[361a6f7a5c44]

2012-10-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/ttyname.c:
	sudo_ttyname_dev() is unused if there is no /proc or sysctl().
	[6598dbf81e16]

	* compat/mksiglist.c, compat/mksigname.c,
	compat/regress/fnmatch/fnm_test.c, compat/regress/glob/globtest.c,
	plugins/sample_group/plugin_test.c,
	plugins/sudoers/regress/check_symbols/check_symbols.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/regress/parser/check_fill.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/visudo.c, src/sesh.c, src/sudo.c:
	Explicitly mark main() as public in executables to avoid an HP-UX ld
	warning.
	[72a40ce218be]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in:
	Remove grep from SEE ALSO section.
	[c7cafee1621f]

	* common/alloc.c:
	If vasprintf() fails, just use the errno it sets instead of assuming
	ENOMEM.
	[1be5bfdc0cab]

2012-09-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/TROUBLESHOOTING:
	Mention HP-UX pam.conf settings.
	[8b8e745b49fd]

2012-09-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/check.c,
	plugins/sudoers/defaults.c, plugins/sudoers/timestamp.c,
	plugins/sudoers/timestamp.h:
	Split off timestamp functions into their own source file.
	[d5833332511d]

2012-09-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Mention how !foo is not the same as ALL,!foo
	[51f8e470757d]

2012-09-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	Start commands in the background when I/O logging is enabled. We
	can't do this on Mac OS X due to a kernel bug in tc[gs]etattr(2)
	which returns EINTR on signal instead of restarting automatically.
	[83b1d59146f7]

	* src/exec_pty.c:
	Handle SIGCONT_FG and SIGCONT_BG when converting signal number to
	string in deliver_signal().
	[2cefea7a976e]

2012-09-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c:
	Fix running commands that need the terminal in the background when
	I/O logging is enabled. E.g. "sudo vi &". When the command is
	foregrounded, it will now resume properly.
	[0bc13a253429]

	* plugins/sudoers/match.c:
	Add rudimentary support for name-based matching as a compile-time
	option. This unsafe when used in conjunction with the '!' operator.
	[f93bc8e6db15]

2012-09-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/pwutil.c,
	plugins/sudoers/pwutil.h, plugins/sudoers/pwutil_impl.c:
	Split out implementation-specific back end code out of pwutil.c into
	pwutil_impl.c. This will allow the main pwutil code to be used for
	lookup methods other than getpw* and getgr*.
	[999c2dde60e4]

2012-09-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, configure, configure.in:
	sudo 1.8.6p3
	[97fef3d9ed65]

2012-09-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/fixman.sh:
	Don't use embedded newline when matching, use \n. This got expanded
	at some point. Bug #573
	[6652f834b8f5]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y:
	Rename yyerror() to sudoerserror() to match yacc prefix changes. Not
	really needed due to the #defines that yacc makes but it is less
	confusing this way as the lexer calls sudoerserror().
	[a0577be6527d]

	* common/alloc.c, plugins/sample_group/plugin_test.c,
	plugins/sudoers/env.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, plugins/sudoers/toke_util.c,
	src/exec_common.c, src/parse_args.c, src/sudo.c:
	No need to translate "unable to allocate memory" when we can just
	use the system translation via strerror().
	[377499e5827c]

	* plugins/sudoers/sudoreplay.c:
	Fall back on lstat(2) if d_type in struct dirent is DT_UNKNOWN. Not
	all file systems support d_type. Bug #572
	[8b861c62945f]

	* plugins/sudoers/sudoreplay.c:
	Avoid calling fclose(NULL) in the error path when we cannot open an
	I/O log file.
	[9401d5c4bb05]

2012-09-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, configure, configure.in:
	Sudo 1.8.6p2
	[6e32496280f2]

	* src/exec.c:
	When setting the signal handler for SIGTSTP to the default value in
	non-I/O log mode, store the old handler value for when we restore it
	after resume.
	[242628694e42]

	* plugins/sudoers/env.c:
	Replace the guts of sudo_setenv_nodebug() with our old setenv.c
	which supports non-standard BSD and glibc semantics. sudo_setenv()
	now simply calls sudo_setenv2().
	[57ffb6c9efaa]

2012-09-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.mdoc.in, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document non-Unix group support in LDAP sudoers.
	[33c89f3aeee6]

	* plugins/sudoers/ldap.c:
	Enable non-Unix group support for LDAP sudoers. We now check for
	non-Unix groups and netgroups with the same query in the second
	pass. Bug #571
	[eb98fdff54d9]

2012-09-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in, plugins/sudoers/gram.c,
	plugins/sudoers/gram.h, plugins/sudoers/parse.c,
	plugins/sudoers/regress/parser/check_fill.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/testsudoers.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.h,
	plugins/sudoers/toke.l, plugins/sudoers/toke_util.c,
	plugins/sudoers/visudo.c:
	Set yacc prefix to "sudoers" to avoid conflicts other yacc parsers.
	[cb6c0d93215e]

2012-09-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Mention support for SUCCESS=return in /etc/nsswitch.conf
	[ef1f35aa0863]

	* NEWS, configure, configure.in:
	sudo 1.8.6p1
	[73a5e1f004b3]

2012-09-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/env.c:
	Avoid setting LOGNAME, USER and USERNAME variables twice when
	set_logname is enabled.
	[0de4f5fbd1d4]

	* plugins/sudoers/env.c:
	Fix duplicate detection in sudo_putenv(), do not prune out the
	variable we just set when overwriting an existing instance. Fixes
	bug #570
	[854ee714c831]

	* plugins/sudoers/env.c:
	Add some debuggging
	[a25cd3305823]

2012-09-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudo_nss.c:
	Disable word wrap in list mode when stdout is a pipe to make "sudo
	-l | grep ..." more useful. Adapted from a diff by Daniel Kopecek.
	[65ade04511fd]

	* common/lbuf.c:
	Print a trailing newline in lbuf_print() when there is not enough
	space to do word wrapping and the lbuf does not end with a newline.
	[c0200e19cd09]

	* plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.c:
	Add support for [SUCCESS=return] in nsswitch.conf; from Daniel
	Kopecek
	[5c480316e3ce]

	* MANIFEST:
	Add sssd.c
	[9cadd014ef97]

2012-09-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/da.mo, plugins/sudoers/po/fi.mo,
	plugins/sudoers/po/hr.mo, plugins/sudoers/po/sl.mo,
	plugins/sudoers/po/uk.mo, src/po/fi.mo, src/po/hr.mo, src/po/it.mo,
	src/po/ru.mo, src/po/sl.mo, src/po/uk.mo, src/po/vi.mo:
	regen .po files
	[62423d4d143d]

	* MANIFEST, plugins/sudoers/po/vi.mo:
	Add Vietnamese sudoers translation from translationproject.org
	[33666a605525]

	* NEWS:
	mention PIE
	[05032e5304c6]

	* MANIFEST, plugins/sudoers/po/vi.po:
	Add Vietnamese sudoers translation from translationproject.org
	[015c2204bae2]

2012-08-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in, compat/Makefile.in, mkdep.pl:
	Add missing signame dependency
	[e493bfb01929]

	* src/exec.c, src/ttyname.c:
	Silence compiler warnings.
	[1c5374b66d9b]

	* MANIFEST, compat/Makefile.in, compat/sig2str.c, compat/strsigname.c,
	config.h.in, configure, configure.in, include/missing.h, mkdep.pl,
	src/exec.c, src/exec_pty.c:
	Replace strsigname() with sig2str(), emulating it as needed.
	[1e348cca1fa6]

	* config.h.in, configure, configure.in, src/utmp.c:
	Use fseeko() for legacy utmp handling if available.
	[b4bbd8d2c0e9]

2012-08-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/strsigname.c, config.h.in, configure, configure.in:
	Detect sys_sigabbrev[] and use it in place of sys_signame[] if
	present. For some reason glibc does not declare sys_sigabbrev so we
	must add an extern definition of our own.
	[b38f3fbd7078]

	* compat/strsignal.c, compat/strsigname.c:
	Handle NULL entries in sys_siglist and sys_signame.
	[a388959d9654]

	* compat/mksiglist.c, compat/mksiglist.h, compat/mksigname.c,
	compat/mksigname.h, compat/strsignal.c, compat/strsigname.c:
	Convert my_sys_sig{list,name} -> sudo_sys_sig{list,name}
	[711e41aba59a]

2012-08-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	sync
	[5a2522488754]

	* src/exec.c:
	Pass on SIGTSTP to the command if it was sent by a user process (not
	the kernel or the terminal) when we are not I/O logging and set the
	default SIGTSTP handler when we re-send the signal to ourself,
	restoring our handler after we resume.
	[4259c47e31c0]

	* src/exec.c:
	Shells typically change their process group when they start up so
	that they can implement job control. Most well-behaved shells change
	the pgrp back to its original value before suspending so we must not
	try to restore in that case, lest we race with the child upon
	resume, potentially stopping sudo with SIGTTOU while the command
	continues to run. Some shells, such as pdksh, just suspend the shell
	by sending SIGSTOP to themselves without restoring the pgrp. In this
	case we need to change the pgrp back for them. Should fix bug #568
	[6ac6751ffd17]

2012-08-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, compat/Makefile.in, compat/mksigname.c,
	compat/mksigname.h, compat/strsignal.c, compat/strsigname.c,
	config.h.in, configure, configure.in, include/missing.h, mkdep.pl,
	src/exec.c, src/exec_pty.c:
	Use strsigname() to print signal names in the debug output. If the
	system has no strsigname(), use our own.
	[0735f18906b9]

2012-08-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/regress/testsudoers/test5.inc,
	plugins/sudoers/regress/testsudoers/test5.sh:
	Remove generated file and change path for temporary include file.
	[4e9fa830c6b5]

	* plugins/sudoers/Makefile.in:
	When running regress tests, list pass/fail rate for each dir
	(testsudoers and visudo) instead of the total. Also prevent the
	result files from clobbering each other by keeping them in the
	relevant directories.
	[6aac53baff7d]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Don't print an error message in yyerror() if open_sudoers() fails,
	we've already printed an error message. Also restore the check for
	sudoers_warnings in yyerror().
	[aa6036df5fb2]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/toke.c, plugins/sudoers/toke.h,
	plugins/sudoers/toke.l:
	Avoid printing the >>> parse error <<< message for testsudoers when
	the -t flag is specified.
	[76f3433c8992]

2012-08-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/parse.c:
	Fix NULL deref when an entry has no Runas_Entry
	[4b14983ff6e7]

	* plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po,
	src/po/ja.mo, src/po/ja.po, src/po/pl.mo, src/po/pl.po,
	src/po/zh_CN.mo, src/po/zh_CN.po:
	sync with translationproject.org
	[440e9c9b37de]

	* NEWS:
	sync
	[3142ba2dce60]

	* plugins/sudoers/check.c:
	Correct the check_user() comment header.
	[73da30308fff]

	* plugins/sudoers/auth/sudo_auth.c:
	Change a log_fatal() into log_error() when no auth methods are
	configured. The caller already checks the return value.
	[05f5c39793a7]

	* plugins/sudoers/logging.c:
	Add missing debug_return
	[3a76bb7c2fe7]

2012-08-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in,
	doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, doc/sudoers.cat, doc/sudoers.ldap.cat,
	doc/sudoers.ldap.man.in, doc/sudoers.ldap.mdoc.in,
	doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Make the capitalization consistent for .Ss and .Sx
	[5c5735ee4b2f]

	* doc/Makefile.in, doc/fixman.sh, doc/fixmdoc.sh, doc/sudo.cat,
	doc/sudo.man.in, doc/sudo.mdoc.in:
	Add COMMAND EXECUTION section that describes how sudo runs the
	command, the extra sudo processes and signal handling.
	[dff2d88e984e]

2012-08-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in:
	Happy Easter
	[4b9d697c6b83]

2012-08-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/Makefile.in:
	Don't echo the awk command when building siglist.in
	[21daa72921e6]

	* doc/fixman.sh, doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in,
	doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Cosmetic changes.
	[19259528e9ad]

	* doc/Makefile.in:
	The HISTORY, LICENSE and CONTRIBUTORS files are not longer
	generated.
	[ea6ac9e981e6]

	* MANIFEST, plugins/sudoers/po/da.po, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/hr.po, plugins/sudoers/po/it.mo,
	plugins/sudoers/po/it.po, plugins/sudoers/po/sl.po,
	plugins/sudoers/po/uk.po, src/po/de.mo, src/po/de.po, src/po/fi.po,
	src/po/hr.po, src/po/it.po, src/po/ru.po, src/po/sl.po,
	src/po/uk.po, src/po/vi.po:
	Sync with translationproject.org and add Italian sudoers
	translation.
	[9276740aea59]

2012-08-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Expand description of fqdn to talk about systems where the hosts
	file is searched before DNS.
	[4ee812ca6116]

2012-08-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/Makefile.in:
	For cat pages there is nothing to make unless DEVEL is set.
	[fab4a5b68708]

	* configure, configure.in, doc/Makefile.in:
	Always use mandoc to format cat pages and remove now-extraneous
	nroff configure tests.
	[5747f4ed5762]

	* pp:
	sync polypkg from git
	[89ddf6ea3e3f]

	* plugins/sudoers/sudoers.c:
	Use AI_FQDN instead of AI_CANONNAME if available since "canonical"
	is not always the same as "fully qualified".
	[7c1d9c098386]

2012-08-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.mdoc.in:
	Fix some typos. Describe error messages not related to policy
	permissions.
	[f5ebf9030d85]

	* plugins/sudoers/defaults.c, plugins/sudoers/defaults.h,
	plugins/sudoers/visudo.c:
	Add new check_defaults() function to check (but not update) the
	Defaults entries. Visudo can now use this instead of update_defaults
	to check all the defaults regardless instead of just the global
	Defaults entries.
	[3fa879ce1b65]

2012-08-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Document sudoers log format.
	[08998a7061ab]

	* NEWS:
	Update for sudo 1.8.5p3
	[6e102a5d4e8d]

	* src/load_plugins.c:
	Add missing check for I/O plugin API version when checking for the
	presence of I/O plugin hooks.
	[ef05c7eeaf81]

	* src/hooks.c:
	Can't call debug code in the process_hooks_xxx functions() since
	ctime() may look up the timezone via the TZ environment variable.
	[2179fb26bd8e]

2012-08-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_common.c, src/sesh.c, src/utmp.c:
	Include signal.h before sudo_exec.h since it uses sigset_t * in the
	fork_pty prototype.
	[94fc0d859600]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in, doc/sudoreplay.cat,
	doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in, doc/visudo.cat,
	doc/visudo.man.in, doc/visudo.mdoc.in:
	Remove OPTIONS section; options now go inside DESCRIPTION
	[a619fc58a746]

	* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
	regen
	[44719d80bc06]

	* MANIFEST, NEWS, plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/hr.mo, plugins/sudoers/po/hr.po,
	plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/sl.mo, plugins/sudoers/po/sl.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po,
	src/po/da.mo, src/po/da.po, src/po/hr.mo, src/po/hr.po,
	src/po/sl.mo, src/po/sl.po, src/po/vi.mo, src/po/vi.po:
	Sync with translationproject.org and add new Slovenian translation.
	[34b4b966bbac]

	* common/alloc.c, plugins/sudoers/check.c, plugins/sudoers/env.c,
	plugins/sudoers/linux_audit.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/testsudoers.c:
	Reduce the number of "internal error, foo overflow" messages that
	need to be translated.
	[93ffa2b3d53f]

	* NEWS:
	Mention HP-UX reboot fix.
	[1e39b5aa32ac]

	* INSTALL, NEWS, common/sudo_debug.c, configure, configure.in,
	doc/CONTRIBUTORS, include/sudo_debug.h, mkdep.pl, pathnames.h.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/sssd.c,
	plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.c:
	Support for using SSSD (http://fedorahosted.org/sssd/) as a sudoers
	data source. From Daniel Kopecek and Pavel Brezina.
	[3f85e95d6928]

2012-08-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/sudo_conf.c, src/load_plugins.c:
	If sudo.conf contains an I/O plugin but no policy plugin, use
	sudoers for the policy plugin. If a policy plugin is specified
	without an I/O plugin, only the policy plugin will be loaded.
	[ea192df2439d]

	* doc/Makefile.in, doc/sudoers.man.in:
	Do not modify the .Os section when building the .man.in file from
	.mdoc.in.
	[a9f9628e147f]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Add a note about wildcards matching multiple words and include an
	example. Also mention that for sudoedit, a wildcard in command line
	args does not match a slash.
	[fcb9fbac14e0]

2012-08-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec_pty.c, src/sudo_exec.h:
	Fix a comment, update a variable name in a prototype; all cosmetic.
	[e89f10cbd6e1]

	* plugins/sudoers/iolog.c:
	Cast 2nd argument of lseek() to off_t if it is a constant for
	systems with 64-bit off_t but without a proper lseek() prototype.
	[d8779da135d0]

	* compat/getline.c, plugins/sudoers/check.c, plugins/sudoers/env.c,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/visudo.c:
	Fix some warnings from clang checker-267
	[1e44ef7860b5]

	* plugins/sample/sample_plugin.c:
	Fix memory leak found by clang checker-267
	[f8a43617fdfb]

2012-08-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c, src/exec_pty.c, src/sudo.h, src/sudo_exec.h:
	If we receive a signal from the command we executed, do not forward
	it back to the command. This fixes a problem with BSD-derived
	versions of the reboot command which send SIGTERM to all other
	processes, including the sudo process. Sudo would then deliver
	SIGTERM to reboot which would die before calling the reboot() system
	call, effectively leaving the system in single user mode.
	[4ffab9ab9e98]

2012-08-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/fixman.sh, doc/fixmdoc.sh:
	Remove section about Solaris 10 on other systems. Add missing
	sudoers.man.in bit to fixman.sh.
	[176559199ba7]

2012-08-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in:
	Expand section on Solaris privileges.
	[3a1bfa2f1743]

	* NEWS:
	Expand a bit on the Solaris priv set changes.
	[bffb78b4a520]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/parse.c, plugins/sudoers/parse.h,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c:
	The second argument to init_parser() is now bool.
	[fb727a4fb651]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y:
	Fix printing of parse error message to stderr.
	[dea6b420b84f]

	* plugins/sudoers/check.c, plugins/sudoers/defaults.c,
	plugins/sudoers/match.c, plugins/sudoers/parse.c,
	plugins/sudoers/parse.h, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/testsudoers.c:
	If a command matches using an empty Runas_List (i.e. Runas_List is
	present but empty) and the -u option was not specified, set runas_pw
	to user_pw instead of using runas_default. This is intended to be
	used in conjunction with the Solaris Privilege Set support for rules
	that grant privileges without changing the user.
	[e84a081f3c11]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.mdoc.in,
	plugins/sudoers/gram.c, plugins/sudoers/gram.h,
	plugins/sudoers/gram.y, plugins/sudoers/match.c,
	plugins/sudoers/parse.c, plugins/sudoers/sudoers_version.h:
	Add support for parsing an empty Runas_List, which only allows the
	command to be run as the invoking user. This can be used in
	conjunction with the Solaris Privilege Set support to grant
	privileges without changing the user.
	[dc34373792fc]

2012-08-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/fixman.sh:
	Fix HP-UX, just use ".TH name section" like the vendor manuals.
	[559738237c92]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Fix compilation on Solaris
	[2d310302207c]

	* .hgignore, MANIFEST, doc/Makefile.in, doc/fixman.sh, doc/fixmdoc.sh,
	doc/sudo.man.sh, doc/sudo.mdoc.sh, doc/sudoers.man.sh,
	doc/sudoers.mdoc.sh:
	Generate a sed script file when munging *.mdoc or *.man instead of
	passing sed expressions on the command line. Older seds do not
	support \n in a replacement so generate and run a sed script
	instead.
	[0bcce3f1ca18]

	* doc/Makefile.in, doc/sudo.man.in, doc/sudo_plugin.man.in,
	doc/sudoers.ldap.man.in, doc/sudoers.man.in, doc/sudoreplay.man.in,
	doc/visudo.man.in:
	Use "Sudo VERSION" as the 4th arg to .TH instead of just "VERSION"
	[fe0f10b63776]

2012-07-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c:
	When checking whether a signal is user-generated, compare si_code
	against SI_USER instead of <= 0 since on HP-UX, terminal-related
	signals get a code of 0.
	[4e9021243343]

	* src/sudo.c:
	SuSE Enterprise Linux uses RLIMIT_NPROC and _SC_CHILD_MAX
	interchangably. This causes problems when setting RLIMIT_NPROC to
	RLIM_INFINITY due to a bug in bash where bash tries to honor the
	value of _SC_CHILD_MAX but treats a value of -1 as an error, and
	uses a default value of 32 instead.

	Previously, we just checked RLIMIT_NPROC and, if it was unlimited,
	restored the previous value of RLIMIT_NPROC. However, that makes it
	impossible to set nproc to unlimited. We now only restore the nproc
	resource limit if sysconf(_SC_CHILD_MAX) is negative. In most cases,
	pam_limits will set RLIMIT_NPROC for us.
	[cb71cc8d0b08]

2012-07-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	Active Directory apparently requires that tenths of a second be
	present in a date so append .0 to the "now" value in the time
	filter. Also remove space for the global AND from TIMEFILTER_LENGTH
	since it was not being used consistently. Buffers of
	TIMEFILTER_LENGTH now need to account for the terminating NUL byte.
	[d28619ff6e45]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Fix SELinux build
	[cc0d1f4e851b]

2012-07-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST:
	Remove pod versinons of HISTORY, CONTRIBUTORS and LICENSE as they
	were not being kept in sync.
	[fc3ad1847cb1]

	* doc/HISTORY, doc/Makefile.in, doc/contributors.pod, doc/history.pod,
	doc/license.pod:
	Remove pod versinons of HISTORY, CONTRIBUTORS and LICENSE as they
	were not being kept in sync.
	[950363dffe3a]

2012-07-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/logging.c:
	Fix printing of the permission denied message to standard error when
	a user is not allowed to run a command. This got broken by the
	recent logging changes.
	[b7af63da3ca1]

	* plugins/sudoers/sudoers_version.h:
	Bump grammar version for Solaris privs.
	[2a2baf024477]

	* doc/schema.ActiveDirectory:
	Fix errors introduced when sudoNotBefore, sudoNotAfter and sudoOrder
	were added. From David Hicks.
	[3fc432a8edb4]

2012-07-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in:
	Remove lex.yy.c when building toke.c
	[72bb9e62b289]

	* doc/Makefile.in:
	Fix building docs in a build dir.
	[7a6f435af022]

	* doc/sudo.man.pl, doc/sudo.pod, doc/sudo_plugin.pod,
	doc/sudoers.ldap.pod, doc/sudoers.man.pl, doc/sudoers.pod,
	doc/sudoreplay.pod, doc/visudo.pod:
	Remove pod versions of the manual; we now use mdoc.
	[5c967d2dd5db]

	* MANIFEST, doc/Makefile.in, doc/sudo.man.sh, doc/sudo.mdoc.sh,
	doc/sudoers.man.sh, doc/sudoers.mdoc.sh:
	Add post-processing scripts to strip out login class, BSD auth,
	SELinux and privilege set bits when they are not supported.
	[d0d51f72f597]

	* NEWS, configure.in, doc/CONTRIBUTORS, doc/Makefile.in,
	doc/contributors.pod, doc/sudoers.cat, doc/sudoers.man.in,
	doc/sudoers.man.pl, doc/sudoers.mdoc.in, doc/sudoers.pod,
	plugins/sudoers/def_data.c, plugins/sudoers/def_data.h,
	plugins/sudoers/def_data.in, plugins/sudoers/gram.c,
	plugins/sudoers/gram.h, plugins/sudoers/gram.y,
	plugins/sudoers/parse.c, plugins/sudoers/parse.h,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/testsudoers.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, src/sudo.c, src/sudo.h:
	Merge in Solaris privilege support by Darren Moffat and John
	Zolnowsky
	[3aa0a64f2f5c]

2012-07-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/contributors.pod:
	Sync with CONTRIBUTORS file
	[9a0852306ad9]

	* doc/sudo.man.in, doc/sudo_plugin.man.in, doc/sudoers.ldap.man.in,
	doc/sudoers.man.in, doc/sudoreplay.man.in:
	Regen .man.in files with my private mandoc.
	[dc3c9fc449eb]

	* doc/Makefile.in:
	add MANDOC variable
	[35527e66afc5]

2012-07-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.man.in, doc/sudo_plugin.man.in, doc/sudoers.ldap.man.in,
	doc/sudoers.man.in, doc/sudoreplay.man.in, doc/visudo.man.in:
	Regen .man.in files with hacked mandoc to avoid issues with historic
	nroff.
	[d45cfa7d665f]

2012-07-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.mdoc.in, doc/sudoers.mdoc.in:
	Fix groff warnings.
	[111d522ca807]

	* doc/Makefile.in:
	Fix dependencies for .man.in files.
	[aefeffe1af2b]

	* .hgignore:
	Add doc/*.mdoc to ignore file
	[1e4de6ef2ad8]

	* INSTALL, MANIFEST, NEWS, configure, configure.in, doc/Makefile.in,
	doc/sudo.cat, doc/sudo.man.in, doc/sudo.mdoc.in,
	doc/sudo_plugin.cat, doc/sudo_plugin.man.in,
	doc/sudo_plugin.mdoc.in, doc/sudoers.cat, doc/sudoers.ldap.cat,
	doc/sudoers.ldap.man.in, doc/sudoers.ldap.mdoc.in,
	doc/sudoers.man.in, doc/sudoers.mdoc.in, doc/sudoreplay.cat,
	doc/sudoreplay.man.in, doc/sudoreplay.mdoc.in, doc/visudo.cat,
	doc/visudo.man.in, doc/visudo.mdoc.in:
	Build .man.in and .cat files from .mdoc.in files. Add new --with-man
	and --with-mdoc configure options.
	[c963fd7e8f80]

2012-07-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.mdoc.in, doc/sudo_plugin.mdoc.in, doc/sudoers.ldap.mdoc.in,
	doc/sudoers.mdoc.in, doc/sudoreplay.mdoc.in, doc/visudo.mdoc.in:
	Sudo manuals formatted in mdoc, to replace the pod versions.
	[e6dca4030451]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod,
	doc/sudoers.cat, doc/sudoers.ldap.cat, doc/sudoers.ldap.man.in,
	doc/sudoers.ldap.pod, doc/sudoers.man.in, doc/sudoers.pod,
	doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/sudoreplay.pod,
	doc/visudo.cat, doc/visudo.man.in, doc/visudo.pod:
	More minor costmetic fixes.
	[a7287a68385a]

2012-07-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo.pod:
	Minor cosmetic fixes.
	[9c48bdaf3946]

2012-07-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/logging.c, plugins/sudoers/po/sudoers.pot:
	Use "a password is required" instead of "password required" when the
	-n flag is used and we need to read a password.
	[a3c30fc41648]

2012-07-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Mention logging changes.
	[8238fd6e02e8]

	* plugins/sudoers/po/sudoers.pot:
	regen
	[e2cf634ba63b]

	* doc/sudoers.cat, doc/sudoers.man.in, doc/sudoers.pod:
	Document that other mail_* flags have precedence over mail_badpass.
	[9f4cc9188f40]

	* plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/check.c,
	plugins/sudoers/logging.c, plugins/sudoers/logging.h,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h:
	Move log_denial() calls and logic to log_failure(). Move
	authentication failure logging to log_auth_failure(). Both of these
	call audit_failure() for us.

	This subtly changes logging for commands that are denied by sudoers
	but where the user failed to enter the correct password. Previously,
	these would be logged as "N incorrect password attempts" but now are
	logged as "command not allowed". Fixes bug #563
	[cad35f0b3ad7]

2012-07-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/aix.c:
	Do not set a resource limit to zero when we are unable to fetch a
	value from /etc/security/limits.
	[62bfb0a7895e]

2012-07-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Add "Provides: sudo" to debian sudo-ldap package
	[beb8afa0beb2]

2012-07-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in, zlib/Makefile.in:
	Define NO_VIZ for zlib when gcc doesn't support symbol visibility
	attributes.
	[9fdcbf526386]

	* configure, configure.in:
	Use the autoconf cache when checking for symbol export control
	support.
	[03c2cce8711f]

	* INSTALL, common/Makefile.in, compat/Makefile.in, configure,
	configure.in, mkpkg, plugins/sample/Makefile.in,
	plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/system_group/Makefile.in, src/Makefile.in:
	Add configure check for building PIE executables instead of doing it
	in mkpkg.
	[02b5b78ef258]

	* sudo.pp:
	MacOS pp backend doesn't like modes longer than 4 characters.
	[01b49022bf01]

2012-07-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Add -Wc,-fstack-protector to LT_LDFLAGS instead of adding
	-fstack-protector to LDFLAGS so it doesn't get stripped out. Libtool
	will strip -fstack-protector from the linker flags and we always
	link with libtool.
	[0a0a0250ac2b]

2012-06-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo_plugin.cat,
	doc/sudo_plugin.man.in, doc/sudoers.cat, doc/sudoers.ldap.cat,
	doc/sudoers.ldap.man.in, doc/sudoers.man.in, doc/sudoreplay.cat,
	doc/sudoreplay.man.in, doc/visudo.cat, doc/visudo.man.in:
	Regen for sudo 1.8.6
	[1657ee28b496]

	* NEWS, doc/sudoers.ldap.pod:
	Document improved Tivoli Directory Server support.
	[fb411edf4687]

	* config.h.in, configure, configure.in, plugins/sudoers/ldap.c:
	Add support for ldaps using Tivoli LDAP libraries. Add ldap.conf
	option to specify Tivoli key db password. Allow TLS ciphers to be
	configured for Tivoli.
	[737e17c91e60]

2012-06-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	Tivoli Directory Server 6.3 libs always return a (bogus) error when
	setting LDAP_OPT_CONNECT_TIMEOUT.
	[504406637c38]

	* NEWS:
	Update
	[687a755604e8]

	* plugins/sudoers/ldap.c:
	Treat LDAP_OPT_CONNECT_TIMEOUT (Tivoli Directory Server 6.3) the
	same as LDAP_OPT_CONNECT_TIMEOUT (OpenSSH). Don't make failure to a
	set an ldap option fatal.
	[17cf93ae3304]

2012-06-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	Zero pointers in sudo_user struct after freeing, just in case.
	[8eff1f80b943]

	* plugins/sudoers/sudoers.c:
	Free user_gids in close function if it has not already been freed.
	[cbce28877f37]

	* plugins/sudoers/pwutil.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	Defer group ID to name resolution until we actually need it.
	[463e75b81e89]

	* src/sudo.c:
	It is safe to read in sudo.conf before calling user_info().
	[3290b6434e3c]

	* plugins/sudoers/env.c, plugins/sudoers/ldap.c:
	Use MAX_UID_T_LEN + 1 for uid/gid buffers, not MAX_UID_T_LEN to
	prevent potential truncation. Bug #562.
	[29d9fc4e0c4e]

2012-06-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	If installing with installp, error out if there is already an
	instance of the rpm package installed.
	[ec24c6faba22]

	* mkpkg:
	Add --disable-nls for AIX
	[192ac2f7d65e]

2012-06-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Debian sudo-ldap packages should now depend on libldap-2.4-2, not
	libldap2.
	[cbcec71e6b58]

2012-06-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Add Homepage and Bugs to debian control file.
	[0f19d7d14e66]

2012-06-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg:
	fix typo when setting aix_freeware
	[2fd6feb50195]

	* common/Makefile.in, compat/Makefile.in, configure, configure.in,
	doc/Makefile.in, include/Makefile.in, plugins/sample/Makefile.in,
	plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/system_group/Makefile.in, src/Makefile.in, zlib/Makefile.in:
	Don't run regress tests or sudoers sanity check (using the newly-
	built visudo) when cross compiling. Bug #560
	[0c4e3f68b2f5]

	* MANIFEST, configure, configure.in, plugins/sample/Makefile.in,
	plugins/sample/sample_plugin.exp, plugins/sample/sample_plugin.map,
	plugins/sample/sample_plugin.sym, plugins/sample_group/Makefile.in,
	plugins/sample_group/sample_group.exp,
	plugins/sample_group/sample_group.map,
	plugins/sample_group/sample_group.sym, plugins/sudoers/Makefile.in,
	plugins/sudoers/sudoers.exp, plugins/sudoers/sudoers.map,
	plugins/sudoers/sudoers.sym, plugins/system_group/Makefile.in,
	plugins/system_group/system_group.exp,
	plugins/system_group/system_group.map,
	plugins/system_group/system_group.sym:
	Rename foo.sym -> foo.exp Remove foo.map from the repo and generate
	it on demand Use a loader option file for HP-UX ld to explicitly
	export symbols
	[2402ff5302ab]

	* src/Makefile.in:
	Remove extraneous backslash
	[8ca054de138c]

	* plugins/sudoers/regress/check_symbols/check_symbols.c:
	Don't check for errorx as an exported symbols as it is now a macro.
	Check for user_in_group() instead.
	[7b02c8ecd3ea]

2012-06-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Adjust ld map file support to use an anonymous scope to match the
	updated .map files.
	[49be44282d9e]

2012-06-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in, include/gettext.h:
	Older versions of Solaris lack ngettext()
	[028af10dfa5f]

	* configure, configure.in:
	Move the check for -static-libgcc until after AC_LANG_WERROR has
	been called and use AX_CHECK_COMPILE_FLAG().
	[a7b09120e7ff]

	* include/gettext.h:
	Sudo defines HAVE_SETLOCALE not HAVE_LOCALE_H
	[3aa2780d4a4e]

	* include/error.h, include/sudo_debug.h:
	Fix gcc 2.x variant macro support.
	[8e71c2370997]

	* plugins/sudoers/logging.c, plugins/sudoers/sudoreplay.c:
	Fix compilation on gcc 2.95 and other compilers that only allow
	variable declarations at the beginning of a block.
	[9d80c802bb46]

	* configure, configure.in, plugins/sudoers/Makefile.in:
	Link check_symbols with SUDO_LIBS to make sure we link with the
	requisite libraries to successfully dlopen sudoers.so. This is
	needed on HP-UX where a program dlopen()ing a shared object that
	uses pthreads must also be linked with pthreads (and HP-UX LDAP uses
	pthreads).
	[b8961cd82337]

	* plugins/sudoers/regress/check_symbols/check_symbols.c:
	Add check for exported local symbols. This will cause a "make check"
	failure on systems where we don't support symbol hiding.
	[8aa549389bb1]

	* configure, configure.in:
	Additional ${foo} -> $(foo) Makefile tweaks.
	[046bbde18f52]

	* plugins/sample/sample_plugin.map,
	plugins/sample_group/sample_group.map, plugins/sudoers/sudoers.map,
	plugins/system_group/system_group.map:
	No need to provide a name for the scope in the map file since we
	don't use the it for versioning.
	[5ed4b997560d]

2012-06-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/Makefile.in,
	plugins/sudoers/regress/check_symbols/check_symbols.c:
	Add regress test for symbol visibility.
	[9adddd4e0518]

2012-06-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, configure, configure.in:
	sudo 1.8.6
	[57008a7afb77]

	* configure, configure.in, include/missing.h:
	Add support for controlling symbol visibility using the HP and
	Solaris C compilers.
	[46d5b468979e]

	* plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c,
	plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/sudoers.h:
	Use the expanded io log dir when updating the sequence number.
	Includes a workaround for older versions of sudo where the sequence
	number was stored in the unexpanded io log dir.
	[210797dab9a8]

2012-06-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/parse_args.c:
	Simplify "sudo -s" argv rewriting.
	[7be143dae7c5]

	* MANIFEST, configure, configure.in, plugins/sample/Makefile.in,
	plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/system_group/Makefile.in, src/Makefile.in,
	src/sudo_noexec.map:
	Don't use a map file for sudo_noexec.so since Solaris ld doesn't
	allow '*' in the global section. The libtool export flag is now
	added to LT_LDFLAGS instead of commenting/uncommenting lines.
	[38fc37a66b04]

2012-06-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in, include/missing.h:
	The visibility attribute was actually added in gcc 3.3.x, not 4.0.
	Just assume that if -fvisibility=hidden works that the attribute is
	usable.
	[d3904d6faf14]

	* plugins/sudoers/check.c, plugins/sudoers/iolog.c,
	plugins/sudoers/iolog_path.c, plugins/sudoers/ldap.c,
	plugins/sudoers/match.c, plugins/sudoers/pwutil.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/sudoers.map,
	plugins/sudoers/sudoers.sym, plugins/sudoers/testsudoers.c,
	plugins/system_group/system_group.c:
	Export group cache from sudoers.so for system_group.so to use.
	[16695d207fc5]

	* MANIFEST, configure, configure.in, include/missing.h,
	plugins/sample/Makefile.in, plugins/sample/sample_plugin.map,
	plugins/sample_group/Makefile.in,
	plugins/sample_group/sample_group.map, plugins/sudoers/Makefile.in,
	plugins/sudoers/iolog.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.map, plugins/system_group/Makefile.in,
	plugins/system_group/system_group.map, src/sudo_noexec.c,
	src/sudo_noexec.map:
	Use gcc's visibility attribute to specify when symbols are visible
	or hidden, if available. If not available, use an ELF version script
	if it is supported. If all else fails, fall back to using libtool's
	-export-symbols.
	[64e889921727]

2012-06-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Add mode for installed locale files but leave the directories with
	default mode and owner.
	[142237dbb31f]

2012-06-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg, sudo.pp:
	Install AIX packages under /opt/freeware with links in /usr/bin and
	/usr/sbin. This matches the layout of the sudo package from AIX
	freeware.
	[0b79d47bbe01]

	* Makefile.in, configure, configure.in, plugins/sample/Makefile.in,
	plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in,
	plugins/system_group/Makefile.in, src/Makefile.in, sudo.pp:
	Install shared objects with mode 0644 except on HP-UX which needs
	the executable bit set.
	[ae416af0ba6c]

	* Makefile.in, doc/Makefile.in, include/Makefile.in,
	plugins/sudoers/Makefile.in, src/Makefile.in:
	Make installed file modes consistent with the file modes in the sudo
	package.
	[307386373289]

2012-06-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.pod:
	Add "%:" prefix when talking about QAS non-Unix group support.
	[7cb25f6861f8]

	* pp, sudo.pp:
	Fix packaging of symbolic links on HP-UX when the link source
	already exists in the filesystem.
	[c9bb48031596]

	* mkpkg:
	Only specify prefix if we are overriding the default value. Fixes
	the man dir (/usr/local/man vs. /usr/local/share/man).
	[65351b6c1697]

	* sudo.pp:
	Fix setting of sudoedit_man variable.
	[9beed9ae5bba]

	* doc/Makefile.in:
	Echo the command when linking the sudoedit manual.
	[6c83b5657b55]

2012-06-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg, sudo.pp:
	Build .deb packages with selinux support.
	[3fd9cb1b4526]

2012-06-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Don't list paths for unstripped binaries in the lintial overrides.
	[4c8e16f1773b]

	* pp:
	Add support for Installed-Size header in control file, required by
	newer debian versions.
	[e97d76234bee]

	* pp:
	Fix extended description in .deb files.
	[d35e27ace146]

	* sudo.pp:
	Add Depends, Replaces and Conflicts headers for .deb packages.
	[76eb6c4b3278]

2012-06-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudo_nss.c:
	If there are no privs to print, write the message to the lbuf
	instead of printing it directly.
	[ecd56226abb7]

2012-05-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Set -e in %pos and %preun for debian to quiet a lintian warning.
	[8bb908514df9]

	* doc/Makefile.in, src/Makefile.in, sudo.pp:
	Install sudoedit and the sudoedit manual as symbolic links, not hard
	links and package them as such.
	[f317ff3cf3e7]

	* sudo.pp:
	Make sudo binary permissions 755 instead of 111 Add lintian
	overrides file for .deb files.
	[991cd7d7f0e1]

	* configure, configure.in, doc/Makefile.in, mkpkg:
	Replace out of date MAN_POSTINSTALL with MANCOMPRESS and
	MANCOMPRESSEXT which can be used to compress the installed manual
	pages. Compress the man pages for .deb files to appease lintian.
	[4e34083b41d2]

	* sudo.pp:
	Debian fixes:
	 * fix modes to be more in line with what Debian expects
	 * add section
	 * install LICENSE as copyright and ChangeLog as changelog
	 * create stub changelog.debian
	[7f6c5647f588]

	* pp:
	Fix find command to properly skip files in the DEBIAN dir when
	building md5sums.
	[8918bde941fa]

	* pp, sudo.pp:
	Use a debian-compliant package maintainer field.
	[fc51a94170eb]

2012-05-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoreplay.c:
	No need to loop over atomic_writev(), it guarantees to write all
	data or return an error.

	Fix handling of stdout/stderr that contains "\r\n" and handle a
	"\r\n" pair that spans a buffer.
	[8aaf02d90c45]

2012-05-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Update for sudo 1.8.5p2
	[d369d4d40a19]

	* plugins/sudoers/sudoreplay.c:
	Instead of doing extra write()s when replaying stdout, build up a
	vector for writev() instead. This results in far fewer system calls.
	[303d866c025c]

2012-05-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/env_hooks.c, src/sudo.h, src/tgetpass.c:
	Provide unhooked version of getenv() and use it when looking up
	DISPLAY and SUDO_ASKPASS in the environment.
	[04dbdccf4a14]

2012-05-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoreplay.c:
	When replaying a log of stdout or stderr, do newline to carriage
	return + linefeed conversion. We cannot have termios do this for us
	since we've disabled output postprocessing (POST) when setting raw
	mode.
	[61352a7d996f]

2012-05-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	When checking for -fstack-protector, treat warnings as fatal errors.
	[4124cd12d511]

2012-05-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Fix test for -z relro
	[548bdb6f5c4a]

	* MANIFEST:
	Add m4/ax_check_compile_flag.m4 and m4/ax_check_link_flag.m4
	[ed063264a2a1]

	* INSTALL, aclocal.m4, configure, configure.in,
	m4/ax_check_compile_flag.m4, m4/ax_check_link_flag.m4:
	Build with -fstack-protector and link with -zrelo where supported.
	Added --disable-hardening option to disable hardening options.
	[0b6c1a1ceb03]

2012-05-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in,
	plugins/sudoers/regress/testsudoers/test1.sh,
	plugins/sudoers/regress/testsudoers/test2.sh,
	plugins/sudoers/regress/testsudoers/test3.sh,
	plugins/sudoers/regress/testsudoers/test4.out.ok,
	plugins/sudoers/regress/testsudoers/test4.sh,
	plugins/sudoers/regress/testsudoers/test5.inc,
	plugins/sudoers/regress/testsudoers/test5.out.ok,
	plugins/sudoers/regress/testsudoers/test5.sh,
	plugins/sudoers/testsudoers.c:
	Add tests for sudoers mode, owner and group checks.
	[a7607443aba0]

	* plugins/sudoers/set_perms.c, plugins/sudoers/sudoers.c:
	If sudoers_mode is group-readable but the actual sudoers file is
	not, open the file as uid 0, not uid 1. This fixes a problem when
	sudoers has a more restrictive mode than what sudo expects to find.
	In older versions, sudo would silently chmod the file to add the
	group-readable bit.
	[c056b6003e6f]

	* INSTALL, common/secure_path.c, config.h.in, configure, configure.in:
	No longer throw an error if sudoers is a symbolic link. Deprecated
	the --with-stow option as that is now (effectively) the default.
	[8ce783e54886]

2012-05-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in,
	plugins/sudoers/regress/testsudoers/test2.inc,
	plugins/sudoers/regress/testsudoers/test2.out.ok,
	plugins/sudoers/regress/testsudoers/test2.sh,
	plugins/sudoers/regress/testsudoers/test3.d/root,
	plugins/sudoers/regress/testsudoers/test3.out.ok,
	plugins/sudoers/regress/testsudoers/test3.sh:
	Add basic tests for #include and #includedir
	[b303e4218951]

	* plugins/sudoers/testsudoers.c:
	Add -U sudoers_uid option to testsudoers.
	[3f8ed13501ba]

2012-05-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, configure, configure.in:
	Update for 1.8.5p1
	[c33c49bf5b4b]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Fix #includedir; from Mike Frysinger
	[d4833d4e39a0]

	* plugins/sudoers/check.c:
	Don't prompt for a password if the user is in the exempt group, is
	root, or is running the command as themselves even if the -k option
	was specified. This makes "sudo -k command" consistent with the
	behavior one would get if the user ran "sudo -k" immediately before
	running the command.
	[632b3961df00]

2012-05-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL:
	Fix capitalization
	[7258aa977caf]

	* mkpkg:
	Build PIE executable on Mac OS X 10.5 and above.
	[2a5c7ef92182]

2012-05-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Update for sudo 1.8.4p5
	[21164f508b68]

	* plugins/sudoers/match_addr.c:
	Add missing break between AF_INET and AF_INET6 in
	addr_matches_if_netmask()
	[672a4793931a]

	* plugins/sudoers/mon_systrace.c:
	Move systrace monitor code to the attic
	[d6faf4754e9c]

2012-05-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c:
	The pointer to the siginfo_t struct in a signal handler may be NULL.
	[41a4ee934b53]

2012-05-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/pwutil.c:
	Fix an alignment problem on NetBSD systems with a 64-bit time_t and
	strict alignment. Based on a patch from Martin Husemann.
	[1e5ba3c18f17]

	* include/missing.h:
	Add offsetof macro for those without it.
	[e44cb51d2587]

	* MANIFEST:
	add system_group plugin
	[6169793b510c]

2012-05-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/dlopen.c:
	Implement RTLD_NEXT and fix RTLD_DEFAULT for HP-UX.
	[85bd03bc5d94]

2012-05-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Mention system_group plugin
	[05393dd4bdb8]

	* Makefile.in, plugins/sudoers/Makefile.in,
	plugins/system_group/Makefile.in:
	update depends
	[6feb0b824fc4]

	* plugins/system_group/system_group.c:
	Only call gr_delref() when use sudo's password caching functions.
	[1103442e21fa]

	* plugins/sample_group/Makefile.in, plugins/system_group/Makefile.in:
	Add missing dependency on libreplace.la
	[05bfd9d4657f]

	* compat/dlopen.c:
	Emulate RTLD_DEFAULT and RTLD_SELF w/ shl_findsym() using NULL and
	PROG_HANDLE.
	[2382d0693acc]

	* Makefile.in, configure, configure.in,
	plugins/system_group/Makefile.in,
	plugins/system_group/system_group.c,
	plugins/system_group/system_group.sym:
	Add group plugin that does lookups by name using the system group
	database.
	[2ddbb604112f]

	* plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po, src/po/pl.mo,
	src/po/pl.po:
	sync with translationproject.org
	[4ef05df4226d]

2012-05-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po,
	src/po/de.mo, src/po/de.po, src/po/eo.mo, src/po/eo.po,
	src/po/fi.mo, src/po/fi.po, src/po/ja.mo, src/po/ja.po,
	src/po/ru.mo, src/po/ru.po, src/po/sr.mo, src/po/sr.po,
	src/po/uk.mo, src/po/uk.po, src/po/vi.mo, src/po/vi.po,
	src/po/zh_CN.mo, src/po/zh_CN.po:
	sync with translationproject.org
	[115c3f828fc5]

2012-05-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Add mode for docdir and use '-' (default) for localedir mode. Fixes
	a problem on Linux when building in a directory with the setgid bit
	set.
	[582279c8bcb1]

2012-04-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* pp:
	Match CentOS 6.0
	[1e99ef210f98]

2012-04-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Update with recent changes
	[c5fc220ba696]

	* pp:
	Fix version check on AIX
	[d272e39112f4]

	* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
	regen
	[72b23509465a]

	* plugins/sudoers/ldap.c:
	Need to call ldapssl_clientauth_init() for start_tls on Mozilla LDAP
	SDK.
	[87b685e70b9a]

	* plugins/sudoers/ldap.c:
	Fix printing of invalid uri
	[645aa53acdde]

	* plugins/sudoers/auth/pam.c:
	Pass PAM_SILENT when deleting creds to remove an annoying warning
	message on Solaris.
	[1dd0301ef293]

2012-04-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/utmp.c:
	Fix the setutxent and endutxent compatibility defines (this time
	correctly) when only setutent and endutent are available.
	[d136d2867db9]

	* plugins/sudoers/ldap.c:
	sudo_ldap_set_options_global() should not take an LDAP handle as an
	argument since the options affect the global settings.
	[1dc39b9d20f2]

	* mkpkg:
	Debian sudo has not been built with --with-exempt=sudo since 1.6.8.
	[c7716291a856]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod,
	plugins/sudoers/auth/pam.c, src/exec.c, src/exec_pty.c, src/sudo.c,
	src/sudo.h:
	Call the policy's init_session() function before we fork the child.
	That way, the session is created and destroyed in the same process,
	which is needed by some modules, such as pam_mount.
	[ece552ba002e]

	* doc/TROUBLESHOOTING:
	Add entry for SSL LDAP errors on Mozilla SDKs when the cert dir is
	not specified.
	[bd293e100b28]

	* plugins/sudoers/auth/pam.c:
	Delete creds after closing the PAM session.
	[5158d726d6a5]

	* plugins/sudoers/ldap.c:
	Provide a more useful error message if using a Mozilla-style LDAP
	SDK and you forgot to specify TLS_CERT in ldap.conf.
	[7cb78feb899c]

	* src/exec_pty.c:
	Add missing initialization of a sigaction structure when I/O
	logging. Fixes a potential problem when suspending the command.
	[f4480f2ba816]

	* plugins/sudoers/ldap.c:
	Split global and per-connection LDAP options into separate arrays.
	Set global LDAP options before calling ldap_initialize() or
	ldap_init(). After we have an LDAP handle, set the per-connection
	options. Fixes a problem with OpenLDAP using the nss crypto backend;
	bug #342
	[265c9d2dc12b]

	* plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po,
	src/po/de.mo, src/po/de.po, src/po/hr.mo, src/po/hr.po,
	src/po/vi.mo, src/po/vi.po, src/po/zh_CN.mo, src/po/zh_CN.po:
	sync with translationproject.org
	[6d7fe44be21e]

2012-04-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo.c, src/sudo.h:
	Move struct passwd pointer into struct command details.
	[d6fb1eff2065]

2012-04-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* pp:
	Sync with upstream for Mac OS X (and other) fixes.
	[c2f4998d01b0]

	* mkpkg:
	Only built Mac intel universal binary on an intel machine.
	[0009e0b7e5a8]

	* src/Makefile.in:
	Do not pass libtool the -static-libtool-libs option when building
	sudo and sesh. Otherwise, libtool may prefer a static version of an
	installed library over a dynamic one when linking.
	[6fbac9adc885]

2012-04-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, NEWS, doc/CONTRIBUTORS, plugins/sudoers/po/hr.mo,
	plugins/sudoers/po/hr.po, src/po/de.mo, src/po/de.po:
	Add German translation for sudo Add Croatian translation for sudoers
	[fa4da1a6530c]

	* plugins/sudoers/iolog.c:
	typo fix in comment
	[abd721d1288e]

2012-04-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Update with recent changes
	[6fa11e8448b9]

	* Makefile.in, plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
	Sort xgettext output by file name.
	[f650841810f0]

	* doc/sudoreplay.cat, doc/sudoreplay.man.in, doc/sudoreplay.pod:
	Clarify what "sudoreplay -l" displays and mention that it is sorted.
	[84031c117bd6]

	* config.h.in, configure, configure.in, src/ttyname.c:
	Use AC_HEADER_MAJOR to determine where major/minor are defined.
	[3c949650a223]

	* config.h.in, configure, configure.in, src/ttyname.c:
	Include sys/mkdev.h if present instead of sys/sysmacros.h for
	minor(). This is needed on Solaris (at least) where the makedev
	macros in sysmacros.h are obsolete and library functions should be
	used instead.
	[343928acf81e]

	* mkpkg:
	When building on Mac OS X, only set SDK_FLAGS if specified osversion
	doesn't match host.
	[d84c6efac872]

2012-04-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/ttyname.c:
	Add back buf and tty variables for _ttyname() case that were
	inadvertantly removed.
	[a4a820b22a44]

2012-04-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot:
	regen
	[5446b12c1250]

	* configure, configure.in:
	Remove b8 from version number.
	[5adc4dcec061]

	* src/ttyname.c:
	remove some XXX
	[187579a5f593]

	* src/ttyname.c:
	When looking for a device match, do a breadth-first search instead
	of depth-first. We already special case /dev/pts/ so chances are
	good that if it is not a pseudo-tty it is in the base of /dev/. Also
	avoid a stat(2) when possible if struct dirent has d_type.
	[0183f8a1b278]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod,
	src/sudo.c, src/sudo.h:
	Pass pid, ppid, sid, pgid and tcpgid to plugin in user_info list.
	[f0574d878491]

	* src/po/eo.mo, src/po/es.mo, src/po/es.po, src/po/fi.mo,
	src/po/ja.mo, src/po/pl.mo, src/po/ru.mo, src/po/uk.mo,
	src/po/vi.mo:
	sync with translationproject.org
	[4527ea78fbd5]

	* MANIFEST, NEWS, doc/CONTRIBUTORS, src/po/gl.mo, src/po/gl.po,
	src/po/hr.mo, src/po/hr.po:
	New Croatian and Galician translations from translationproject.org
	[ad4bd924b4de]

	* src/ttyname.c:
	Add depth-first traversal of /dev/ for the /proc case when not
	/dev/pts/N
	[499bd3456774]

	* config.h.in, configure, configure.in, plugins/sudoers/sudoreplay.c:
	If struct dirent has d_type, use it to avoid an extra stat().
	[741dabbe4bcd]

	* plugins/sudoers/sudoreplay.c:
	Sort output of "sudoreplay -l"
	[c0615795bd4b]

2012-04-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoreplay.c:
	Fix duplicate free introduced in last rev
	[efdaabe69d75]

2012-04-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/auth/pam.c:
	Instead of treating ^C from tgetpass() specially, always return
	AUTH_INTR if tgetpass() returned NULL. Treat PAM_AUTHINFO_UNAVAIL
	like PAM_AUTH_ERR which Mac OS X returns this when there is no tty.
	[a3b17298d4d0]

	* config.h.in, configure, configure.in, src/ttyname.c:
	Rototill code to determine the tty. For Linux, we now look up the
	tty device in /proc/pid/stat instead of trying to open
	/proc/pid/fd/[0-2]. The sudo_ttyname_dev() function maps the given
	device number to a string. On BSD, we can use devname(). On Solaris,
	_ttyname_dev() does what we want. TODO: write /dev/ traversal code
	for the generic sudo_ttyname_dev().
	[6b22be4d09f0]

2012-04-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/ttyname.c:
	Define PRNODEV for those w/o it.
	[f17290e64559]

	* config.h.in, configure, configure.in, src/ttyname.c:
	Check for SVR4-style struct psinfo.pr_ttydev and use that to
	determine the tty if std{in,out,err} are not ttys.
	[76ad33a91f4b]

	* src/ttyname.c:
	Better support for SVR4-style /proc entries where we can't use
	ttyname() on the /proc/pid/fd/[0-2] entries. We can, however,
	attempt to map the device number back to the correct pseudo-tty
	slave device.
	[4f9f48cc79eb]

	* src/ttyname.c:
	When trying to determine the tty name, check parent's stderr in
	addition to its stdin and stdout.
	[604644056c7d]

	* src/exec_pty.c:
	Treat a tty read failure like EOF as it usually means the pty has
	gone away. Handle write() on the tty returning EIO.
	[16957f4a706f]

	* src/exec.c, src/exec_pty.c:
	Linux select() may return ENOMEM if there is a kernel resource
	shortage. Older Solaris select() may return EIO instead of EBADF
	when the tty goes away. If we get an unhandled select() failure,
	kill the child and exit cleanly.
	[d93940a311ab]

	* src/ttyname.c:
	Open /proc/pid/fd/[0-2] in non-blocking mode just in case we might
	block in open.
	[a9f809d09d52]

2012-04-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/set_perms.c:
	Fix restoration of AIX permissions.
	[30c717115988]

	* src/parse_args.c:
	Allow the -k flag to be used along with the -i and -s flags.
	[0653b17c97f1]

	* plugins/sudoers/sudoreplay.c:
	Plug memory leak in parse_logfile() in the error path.
	[9cce86fa833b]

	* plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po,
	src/po/da.mo, src/po/da.po, src/po/eo.po, src/po/es.po,
	src/po/fi.po, src/po/it.mo, src/po/it.po, src/po/ja.po,
	src/po/pl.po, src/po/ru.po, src/po/uk.po, src/po/vi.po,
	src/po/zh_CN.mo, src/po/zh_CN.po:
	sync with translationproject.org
	[14af43d0b170]

2012-04-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/regress/glob/globtest.c, config.h.in, configure,
	configure.in, plugins/sudoers/match.c:
	Do not use GLOB_BRACE or GLOB_TILDE flags to glob()--we want the
	glob() and fnmatch() results to be consistent.
	[4226750d73c2]

2012-04-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, common/Makefile.in, common/ttysize.c, src/Makefile.in,
	src/ttysize.c:
	Move ttysize.c to common so sudoreplay can use it.
	[b4a0aa514cd4]

	* plugins/sudoers/sudoreplay.c:
	If I/O log file includes rows + cols, warn if the user's tty is not
	big enough.
	[b980ef89efff]

	* plugins/sudoers/sudoreplay.c:
	Fix printing of TSID in "sudoreplay -l"
	[4221e3e108b4]

	* common/sudo_debug.c, include/sudo_debug.h,
	plugins/sudoers/logging.c, plugins/sudoers/visudo.c, src/exec.c,
	src/exec_pty.c:
	Log the process id in the debug file output. Since we don't want to
	keep calling getpid(), stash the value at init time and when we
	fork().
	[2782d30c024d]

	* src/exec_pty.c:
	Ignore SIGTTIN and SIGTTOU in main sudo process when I/O logging. It
	is better to receive EIO from read()/write() than to be suspended
	when we don't expect it. Fixes a problem when our terminal is
	revoked which can happen when, e.g. our sshd is killed
	unceremoniously. Also, only change the value of "alive" from true to
	false, never from false to true. It is possible for us to receive
	notification of the child having stopped after it is already dead.
	This does not mean it has risen from the grave.
	[26c9fe8ce0f9]

	* src/exec_pty.c:
	Distinguish between signals we received from the parent vs. those
	delivered explicitly to the monitor process in debugging info.
	[40716cb180e5]

2012-04-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/check.c:
	In Solaris 11, /dev/pts under the "dev" filesystem, not "devices".
	Update tty_is_devpts() to match so we can determine when the tty has
	been reused.
	[2689665df027]

	* common/sudo_debug.c, include/error.h, include/sudo_debug.h:
	Always pass __func__, __FILE__ and __LINE__ in sudo_debug_printf()
	and use a new flag, SUDO_DEBUG_FILENO to specify when to use it.
	This allows consumers of sudo_debug_printf() to log that data
	without having to specify it manually.
	[7c94c4879208]

	* src/exec_pty.c:
	Make this compile after last change.
	[ee09034f3266]

	* src/exec_pty.c:
	Don't try to restore the terminal if we are not the foreground
	process. Otherwise, we may be stopped by SIGTTOU when we try to
	update the terminal settings when cleaning up.
	[c48b24335456]

	* src/exec.c:
	If select() return EBADF in the main event loop, one of the ttys
	must have gone away so perform any I/O we can and close the bad fds.
	[3bc8678c03ce]

	* common/sudo_debug.c, include/error.h, include/sudo_debug.h,
	plugins/sudoers/toke.c, plugins/sudoers/toke.h,
	plugins/sudoers/toke.l:
	Log warning() at SUDO_DEBUG_WARN not SUDO_DEBUG_ERROR. Log the
	function, file and line number in the debug log for warning() and
	error().
	[894cd131f11d]

2012-04-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/sudo_debug.c, include/error.h, include/sudo_debug.h,
	src/conversation.c:
	Add SUDO_DEBUG_ERRNO flag to debug functions so we can log errno.
	Use this flag when wrapping error() and warning() so the debug
	output includes the error string.
	[1e2c67adaf1f]

2012-03-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Update for sudo 1.8.5
	[7d2b62b823fe]

	* plugins/sudoers/po/sudoers.pot:
	regen
	[718ad9de92cd]

	* doc/CONTRIBUTORS:
	sync
	[f48013aea641]

	* plugins/sudoers/pwutil.c:
	Use ecalloc()
	[fabd23c1f271]

	* src/exec_pty.c:
	Don't need zero_bytes() after ecalloc()
	[1a9d95cd10ef]

	* config.h.in, configure, configure.in, src/sudo_noexec.c:
	Add execvpe(), exect(), posix_spawn() and posix_spawnp() wrappers to
	sudo_noexec.c.
	[cbaa1d4b0f8a]

	* src/utmp.c:
	Fix compat setutxent and endutxent macros for systems with
	setutent() but not setutxent(). From Gustavo Zacarias
	[d7ce622fc5f2]

2012-03-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure.in:
	Add ignore_result definition to AH_BOTTOM
	[8d4096838a98]

	* common/sudo_debug.c, config.h.in, plugins/sample/sample_plugin.c,
	plugins/sudoers/iolog.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, plugins/sudoers/visudo.c, src/env_hooks.c,
	src/exec.c, src/exec_pty.c, src/tgetpass.c:
	Fix compiler warnings on some platforms and provide a better method
	of defeating gcc's warn_unused_result attribute.
	[9a8f804fcc75]

	* configure, configure.in:
	Fix building the builtin zlib from a build dir. When a zlib dir was
	specified, prepend its include path instead of appending so we get
	the right zlib headers.
	[5f61d591b186]

	* doc/LICENSE, zlib/adler32.c, zlib/crc32.c, zlib/crc32.h,
	zlib/deflate.c, zlib/deflate.h, zlib/gzguts.h, zlib/gzlib.c,
	zlib/gzread.c, zlib/gzwrite.c, zlib/infback.c, zlib/inffixed.h,
	zlib/inflate.c, zlib/inftrees.c, zlib/trees.c, zlib/zconf.h.in,
	zlib/zlib.h, zlib/zutil.c, zlib/zutil.h:
	Update zlib to version 1.2.6
	[173c4bc4d4fc]

2012-03-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* include/missing.h:
	g/c __unused which is no longer used
	[7ef3f23edcd6]

	* src/env_hooks.c:
	Fix compilation if RTLD_NEXT is not defined.
	[d5605f468b71]

	* src/po/sr.mo, src/po/sr.po:
	sync with translationproject.org
	[27d559f7985d]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudoers.cat,
	doc/sudoers.man.in:
	regen
	[f9f63ce478b6]

	* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
	regen
	[59035d82d15a]

	* Makefile.in:
	Ignore Project-Id-Version when comparing pot files.
	[22feb9ede46b]

	* plugins/sudoers/bsm_audit.c:
	Use error() instead of log_fatal()
	[54130bda4b50]

	* plugins/sudoers/env.c:
	Fix signedness of didvar in env_update_didvar()
	[77048a80b3e4]

	* plugins/sudoers/iolog.c:
	Quiet a compiler warning on some platforms.
	[8fdcaece0400]

	* compat/fnmatch.c:
	cast ctype(3) function/macro arguments from char to unsigned char to
	avoid potential negative subscripting.
	[bdcf7eef21ef]

	* common/setgroups.c:
	Quiet a warning on systems where the gids array in setgroups() is
	not prototyped as being const, even though it really is.
	[fdd758c6302d]

	* src/env_hooks.c:
	Quiet a compiler warning on systems where the argument to putenv(3)
	is const.
	[51bae2193b53]

	* plugins/sudoers/sudoreplay.c:
	Undo an incorrect int -> bool conversion.
	[b9a4ce320f14]

	* MANIFEST, NEWS, plugins/sudoers/po/sv.mo, plugins/sudoers/po/sv.po,
	src/po/sv.mo, src/po/sv.po:
	Add Swedish sudo and sudoers translations from
	translationproject.org
	[f7ce1de9073f]

	* plugins/sudoers/env.c:
	No need to preserve ODMDIR on AIX now that we always read
	/etc/environment.
	[4aa04b2f0125]

2012-03-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.pod, plugins/sudoers/env.c:
	When initializing the environment for env_reset, start out with the
	contents of /etc/environment on AIX and login.conf on BSD.
	[5717bdc321e2]

	* doc/TROUBLESHOOTING, src/sudo.c:
	If we are not running with an effective uid of 0, try to give the
	user enough information to debug the problem.
	[fa4894896d8a]

	* plugins/sudoers/getdate.c, plugins/sudoers/gram.c:
	Quiet a clang-analyzer false positive.
	[c4c0c1b9c8b0]

	* src/tgetpass.c:
	If there is nothing to read from the askpass program, set errno to
	EINTR. This makes the cancel button behave like the user entered ^C
	at the password prompt when PAM is used.
	[594302cb9caf]

	* src/sudo.h, src/tgetpass.c:
	Fetch the value of "askpass" from the sudo conf struct.
	[4593ee8f1bd3]

	* common/sudo_conf.c:
	Fix matching of "Path askpass" and "Path noexec"
	[4df28d62afb9]

2012-03-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo.c:
	Quiet a clang-analyzer dead store warning.
	[dd90bf385a3f]

	* plugins/sudoers/sudoers.c:
	If the "timestampowner" user cannot be resolved, use ROOT_UID
	instead of exiting with a fatal error.
	[8d62aae99715]

	* plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/kerb5.c,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/bsm_audit.c,
	plugins/sudoers/check.c, plugins/sudoers/env.c,
	plugins/sudoers/iolog.c, plugins/sudoers/logging.c,
	plugins/sudoers/logging.h, plugins/sudoers/parse.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sudoers.c:
	Remove the NO_EXIT flag to log_error() and add a log_fatal()
	function that exits and is marked no_return. Fixes false positives
	from static analyzers and is easier for humans to read too.
	[a0fe785c2a3d]

2012-03-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po, src/po/eo.mo,
	src/po/eo.po:
	sync with translationproject.org
	[df5e8777de13]

2012-03-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/po/da.mo, src/po/da.po:
	sync with translationproject.org
	[629d99548b78]

	* plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po:
	sync with translationproject.org
	[9d122a2860d6]

2012-03-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/po/it.mo, src/po/it.po:
	sync with translationproject.org
	[6397593b15cf]

	* common/sudo_conf.c, plugins/sudoers/alias.c,
	plugins/sudoers/defaults.c, plugins/sudoers/env.c,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/interfaces.c, plugins/sudoers/ldap.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/visudo.c, src/exec.c, src/exec_pty.c, src/hooks.c,
	src/load_plugins.c:
	Use ecalloc() when allocating structs.
	[8b5888868db2]

	* common/alloc.c, include/alloc.h:
	Add ecalloc() and commented out recalloc(). Use inline strnlen()
	instead of strlen() in estrndup().
	[7fb9aa46c1e0]

2012-03-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po,
	src/po/fi.mo, src/po/fi.po, src/po/ja.mo, src/po/ja.po,
	src/po/pl.mo, src/po/pl.po, src/po/ru.mo, src/po/ru.po,
	src/po/uk.mo, src/po/uk.po, src/po/vi.mo, src/po/vi.po,
	src/po/zh_CN.mo, src/po/zh_CN.po:
	sync with translationproject.org
	[45a032c37334]

2012-03-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/set_perms.c:
	Remove unused label
	[2660bb0c1313]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in, doc/sudo_plugin.pod:
	Document what changed in each plugin API revision
	[59b30a6fc4d1]

	* plugins/sudoers/set_perms.c:
	Remove bogus optimization that could lead to a double free of the
	group list.
	[b0bfbd2a83a8]

2012-03-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/TROUBLESHOOTING:
	Expand AIX /etc/security/privcmds entry.
	[9f3f072e034e]

	* NEWS:
	Update for sudo 1.8.5
	[086049011f25]

	* common/sudo_conf.c, doc/sample.sudo.conf, doc/sudo.cat,
	doc/sudo.man.in, doc/sudo.pod, doc/sudo_plugin.cat,
	doc/sudo_plugin.man.in, doc/sudo_plugin.pod, doc/sudoers.cat,
	doc/sudoers.man.in, doc/sudoers.pod, include/sudo_conf.h,
	include/sudo_plugin.h, src/load_plugins.c, src/sudo.c,
	src/sudo_plugin_int.h:
	Rename plugin "args" to "options"
	[f25624951bd2]

	* doc/CONTRIBUTORS:
	Add Lithuanian and Vietnamese translators
	[2b4c075b69e3]

	* Makefile.in:
	Ignore comments when comparing new and old pot files.
	[f872999347b3]

	* src/Makefile.in:
	regen
	[c8193b1b11c7]

	* doc/sudo_plugin.cat, doc/sudo_plugin.man.in:
	regen
	[15e3c17e8a3a]

	* doc/sudo_plugin.pod, include/sudo_plugin.h,
	plugins/sudoers/auth/pam.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/auth/sudo_auth.h, plugins/sudoers/env.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h, src/hooks.c,
	src/sudo.c, src/sudo.h:
	Pass a pointer to user_env in to the init_session policy plugin
	function so session setup can modify the user environment as needed.
	For PAM authentication, merge the PAM environment with the user
	environment at init_session time. We no longer need to swap in the
	user_env for environ during session init, nor do we need to disable
	the env hooks at init_session time.
	[3f5277b359d8]

	* plugins/sample/sample_plugin.c:
	Add explicit NULL entries for init_session, register_hooks and
	deregister_hooks with appropriate comments.
	[727a57978b40]

	* compat/pw_dup.c:
	Quiet a gcc "used uninitialized in this function" false positive.
	[f14b68379ce9]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	We should always call warning() with a format string or a string
	literal. In this case, the argument (path) is not user-controlled.
	[e9ef51224024]

2012-03-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/selinux.c:
	Include sudo_exec.h for the sudo_execve() prototype.
	[769e58065edc]

	* config.h.in, configure, configure.in:
	Add check for pam_getenvlist()
	[36bde3f26c60]

	* common/sudo_conf.c:
	Set args to NULL in default plugin info struct when there is no
	Plugin line in sudo.conf.
	[93ec67708f01]

	* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
	regen
	[a9287677795c]

	* doc/sudo.cat, doc/sudo.man.in, doc/sudo_plugin.cat,
	doc/sudo_plugin.man.in, doc/sudoers.cat, doc/sudoers.ldap.cat,
	doc/sudoers.ldap.man.in, doc/sudoers.man.in, doc/sudoreplay.cat,
	doc/sudoreplay.man.in, doc/visudo.cat, doc/visudo.man.in:
	regen
	[a242769d7962]

	* configure, configure.in:
	Bump version to 1.8.5
	[e8618f0c2505]

	* doc/sudo_plugin.pod:
	Document hooks API
	[e6ad07d27958]

2012-03-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Make sudoersdir relative to PKG_INSTALL_ROOT for Solaris.
	[fd72340042d3]

	* include/sudo_plugin.h:
	Use sudo_hook_fn_t in struct sudo_hook.
	[938f93112d6e]

	* doc/TROUBLESHOOTING:
	If cross compiling, --host must include the OS in the tuple. E.g.
	--host powerpc-unknown-linux
	[b8c010070c1e]

2012-03-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/parse.c:
	Fix bogus int -> bool conversion; tags can have a value of -1.
	[e63d6434a303]

	* plugins/sudoers/env.c:
	Add env_should_keep() and env_should_delete() wrapper functions to
	simplify things a bit and hide the fact that matches_env_check() is
	not bool.
	[7a03d7a12b50]

	* sudo.pp:
	Fix application of debian-specific sudoers mods when building
	packages as non-root.
	[34bf4c52c425]

	* plugins/sudoers/env.c:
	matches_env_check() returns int, not boolean
	[0ad915b8d5cb]

	* src/sudo_edit.c:
	Fix compilation when seteuid() is not available.
	[8a722f998000]

	* src/ttyname.c:
	Simply move the free of ki_proc outside the realloc() loop.
	[217b786da760]

	* src/ttyname.c:
	Bring back the erealloc() for the ENOMEM loop and just zero the
	pointer after we free it.
	[29a016e45127]

	* src/ttyname.c:
	Don't try to erealloc() a potentially freed pointer; Mateusz Guzik
	[266e08844065]

2012-03-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/set_perms.c:
	Use normal error path if unable to set sudoers gid.
	[01c816918c99]

	* plugins/sudoers/set_perms.c:
	Make this work again on systems w/o seteuid().
	[2e67f7421e97]

2012-03-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/set_perms.c:
	Fix compilation if no seteuid/setreuid/setresuid available.
	[d0b3c1f88eb4]

	* plugins/sudoers/set_perms.c:
	Better error messages, and added debugging throughout. Fixed
	seteuid() version of set_perms()/restore_perms(). Fixed logic bug in
	AIX version of restore_perms(). Added checks to avoid changing
	uid/gid when we don't have to. Never set gid/uid state to -1, use
	the old value instead.
	[29188d469b5c]

	* src/exec_pty.c, src/ttyname.c:
	Fix format string warning on Solaris with gcc 3.4.3.
	[d1eeb6e1dd0f]

	* src/sudo.c:
	Always declare environ now that we swap it around unilaterally.
	[aaa3e92e7d0d]

	* src/Makefile.in:
	Honor LDFLAGS when linking sesh; from Vita Cizek
	[498b41438f6e]

	* src/sesh.c:
	Include alloc.h for estrdup() prototype; from Vita Cizek
	[93203655a320]

2012-03-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	Don't read /etc/environment on Linux when using PAM, PAM should set
	the environment variables as needed via pam_env.
	[b1ef62cb2d40]

	* INSTALL:
	Fix editor goof.
	[0c3dd3bb8b57]

	* src/hooks.c, src/sudo.c, src/sudo.h:
	Disable environment hooks after we get user_env back to make sure a
	plugin can't to modify user_env after we "own" it. This is kind of a
	hack but we don't want the init_session plugin function to modify
	user_env.
	[8e6d119452a5]

	* src/hooks.c, src/sudo.c:
	Add support for deregistering hooks. If an I/O log plugin fails to
	initialize, deregister its hooks (if any).
	[ac00c93900c5]

2012-03-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c, src/sudo.c:
	Move LOGIN_PATH and LOGIN_SETENV handling to plugin now that we hook
	setenv.
	[e75469dd9908]

	* MANIFEST, aclocal.m4, common/sudo_debug.c, compat/Makefile.in,
	compat/setenv.c, compat/unsetenv.c, config.h.in, configure,
	configure.in, include/sudo_debug.h, include/sudo_plugin.h, mkdep.pl,
	plugins/sudoers/auth/aix_auth.c, plugins/sudoers/env.c,
	plugins/sudoers/ldap.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, src/Makefile.in, src/env_hooks.c,
	src/hooks.c, src/load_plugins.c, src/sudo.c, src/sudo.h,
	src/sudo_plugin_int.h:
	Initial cut at a hooks implementation. The plugin can register hooks
	for getenv, putenv, setenv and unsetenv. This makes it possible for
	the plugin to trap changes to the environment made by authentication
	methods such as PAM or BSD auth so that such changes are reflected
	in the environment passed back to sudo for execve().
	[61cffa06f863]

2012-03-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, src/po/vi.mo, src/po/vi.po:
	Add Vietnamese sudo translation from translationproject.org
	[96df426790d5]

2012-03-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sample.sudo.conf, doc/sudo.pod, doc/sudo_plugin.pod,
	doc/sudoers.pod:
	List sudo_noexec.so not noexec.so in the sample sudo.conf
	[53844e190ec5]

	* common/sudo_conf.c, doc/sample.sudo.conf, doc/sudo.pod,
	doc/sudo_plugin.pod, doc/sudoers.pod, include/sudo_conf.h,
	include/sudo_plugin.h, plugins/sample/sample_plugin.c,
	plugins/sudoers/iolog.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/toke.l, src/load_plugins.c, src/sudo.c,
	src/sudo_plugin_int.h:
	Add support for plugin args at the end of a Plugin line in
	sudo.conf. Bump the minor number accordingly and update the
	documentation. A plugin must check the sudo front end's version
	before using the plugin_args parameter since it is only supported
	for API version 1.2 and higher.
	[587f1f819536]

2012-03-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in:
	update depends
	[6d2da44e11e5]

	* MANIFEST:
	secure_path.c is in common, not compat
	[619c4a663dde]

	* configure, configure.in:
	Add check for variadic macro support in cpp.
	[756854caf675]

2012-02-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/secure_path.c, common/sudo_conf.c, include/secure_path.h,
	plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Add type param to sudo_secure_path() and add sudo_secure_file() and
	sudo_secure_dir() wrappers which get by #includedir in sudoers.
	[2ec2d3d8df04]

2012-02-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/visudo.pod, plugins/sudoers/visudo.c:
	Check the owner and mode in -c (check) mode unless the -f option is
	specified. Previously, the owner and mode were checked on the main
	sudoers file when the -s (strict) option was given, but this was not
	documented.
	[b2d6ee1e547a]

	* config.h.in, configure, configure.in, src/ttyname.c:
	Prefer KERN_PROC2 over KERN_PROC. Fixes compilation on some versions
	of OpenBSD versions that have KERN_PROC2 but not KERN_PROC.
	[159f6a50456a]

2012-02-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS:
	Add Eric Lakin for patch in bug #538
	[490c29c234c6]

	* src/exec_pty.c:
	Fix typo in safe_close() made while converting to debug framework
	that prevented it from actually closing anything.
	[a66422a62afd]

	* src/exec_pty.c:
	Add some more debugging.
	[b5667947dda9]

	* common/Makefile.in, compat/Makefile.in, doc/Makefile.in,
	include/Makefile.in:
	We need sysconfdir in compat/Makfile to get the proper sudo.conf
	path. Add standard prefix and foodir expansion in all Makefiles to
	avoid this problem in the future.
	[62b6ce4ecae9]

2012-02-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/po/lt.mo, plugins/sudoers/po/lt.po:
	New Lithuanian sudoers translation from translationproject.org
	[10436b649035]

	* plugins/sudoers/po/ja.po:
	Update from translationproject.org
	[acb8db5f8ef1]

2012-02-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	When adding gids to the LDAP filter, only add the primary gid once.
	This is consistent with the space computation/allocation. From Eric
	Lakin
	[35d9d99c92c6]

	* doc/TROUBLESHOOTING:
	Add entry for AIX enhanced RBAC config.
	[5e10b6f8def7]

	* mkpkg:
	Target Mac OS X 10.5 when building packages.
	[06fce9bbebee]

2012-02-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, common/Makefile.in, common/secure_path.c,
	common/sudo_conf.c, include/secure_path.h,
	plugins/sudoers/Makefile.in, plugins/sudoers/sudoers.c:
	Relax the user/group/mode checks on sudoers files. As long as the
	file is owned by the right user, not world-writable and not writable
	by a group other than the one specified at configure time (gid 0 by
	default), the file is considered OK. Note that visudo will still set
	the mode to the value specified at configure time.
	[241174babfcc]

2012-02-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/set_perms.c:
	Add AIX-specific version of permission setting code to make sure
	that the saved uid gets restored properly.
	[9a6f5d22c301]

	* config.h.in, configure, configure.in, src/exec_common.c:
	Check for LD_PRELOAD variants in configure instead of checkign cpp
	symbols. In disable_execute(), compute the length of the new envp
	and allocate it once instead of reallocating on demand. Also append
	old value of LD_PRELOAD (if any) to the new value.
	[680266346917]

	* plugins/sudoers/def_data.c, plugins/sudoers/def_data.in:
	Fix the description of noexec.
	[6a6d142f3c80]

	* plugins/sudoers/defaults.c, plugins/sudoers/defaults.h:
	The "op" parameter to set_default() must be int, not bool since it
	is set to '+' or '-' for list add and subtract.
	[8da5b137bea2]

	* sudo.pp:
	Make sure sudoers is writable before calling ed script.
	[95352ab6336b]

2012-02-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/CONTRIBUTORS, doc/contributors.pod:
	Update contributors. Now includes translators and authors of compat
	code.
	[4fb5b616b50a]

2012-02-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/po/sudo.pot:
	regen
	[2c86e2c328fe]

	* pp, sudo.pp:
	Build flat packages, not package bundles, on Mac OS X.
	[57bda3cd5520]

2012-02-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Move macos section to be with the other OS-specific sections.
	[51423bb2973a]

	* plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/zh_CN.mo, plugins/sudoers/po/zh_CN.po:
	Sync with translationproject.org
	[8ce41cbb8da0]

	* configure, configure.in:
	Don't permanently add -D_FORTIFY_SOURCE=2 to CPPFLAGS
	[fa979aa6fe7d]

	* sudo.pp:
	Add Mac OS X support, printing the latest chunk of the NEWS file and
	the license text in the installer.
	[ffeab72387c0]

	* sudo.pp:
	Add explicit file modes that match those used by "make install"
	[7eb37242c920]

	* pp:
	Sync with upstream for Mac OS X fixes.
	[97cba179041e]

	* plugins/sudoers/Makefile.in, src/Makefile.in:
	Got back to using "install-sh -M" for files installed as non-
	readable by owner. This fixes "make install" as non-root for package
	building.
	[967804ee77d6]

2012-02-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po,
	plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po:
	Sync with translationproject.org
	[0e53db12039a]

	* Makefile.in, doc/Makefile.in, include/Makefile.in,
	plugins/sample/Makefile.in, plugins/sample_group/Makefile.in,
	plugins/sudoers/Makefile.in, src/Makefile.in:
	Use -m not -M for install-sh for everything except setuid. Install
	locale .mo files mode 0444, not 0644. If timedir parent doesn't
	exist, use default dir mode, not 0700.
	[8b6f64c92090]

2012-02-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* pp:
	Re-sync with upstream; no longer need a local patch.
	[97a2c7be5e59]

	* mkpkg:
	Add support for building Mac OS X packages.
	[94d49ac223a4]

	* pp:
	Sync with upstream
	[1c97654fc841]

	* src/Makefile.in:
	No longer need to define _PATH_SUDO_CONF here.
	[2560905b7482]

	* src/exec_common.c:
	Fix noexec for Mac OS X.
	[b7a744bca2c0]

2012-02-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/Makefile.in:
	Move _PATH_SUDO_CONF override to common to match sudo_debug.c
	[f0788972a63a]

	* plugins/sudoers/set_perms.c:
	More complete fix for LDR_PRELOAD on AIX. The addition of
	set_perm(PERM_ROOT) before calling the nss open functions (needed to
	avoid a GNU TLS bug) also broke LDR_PRELOAD. Setting the effective
	and then real uid to 0 for PERM_ROOT works around the issue.
	[5888eda051af]

	* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
	regen
	[997fe403e219]

	* src/sudo.c:
	Set real uid to root before calling sudo_edit() or run_command() so
	that the monitor process is owned by root and not by the user.
	Otherwise, on AIX at least, the monitor process shows up in ps as
	belonging to the user (and can be killed by the user).
	[d4772d7d2fc5]

	* plugins/sudoers/set_perms.c:
	For PERM_ROOT when using setreuid(), only set the euid to 0 prior to
	the call to setuid(0) if the current euid is non-zero. This
	effectively restores the state of things prior to rev 7bfeb629fccb.
	Fixes a problem on AIX where LDR_PRELOAD was not being honored for
	the command being executed.
	[b9b40325b4dc]

	* MANIFEST, compat/pw_dup.c, config.h.in, configure, configure.in,
	include/missing.h, src/sudo.c:
	Make a copy of the struct passwd in exec_setup() to make sure
	nothing in the policy init modifies it.
	[b721261c921f]

2012-02-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.pod:
	update copyright
	[f9d229d1f65e]

	* common/sudo_debug.c, include/sudo_debug.h:
	g/c now-unused debug subsystems
	[8f21726e698f]

	* doc/sudo.pod, doc/sudoers.pod:
	Enumerate the debug subsystems used by sudo and sudoers.
	[ac4f84293d14]

2012-02-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS, common/sudo_conf.c, doc/sample.sudo.conf, doc/sudo.pod,
	include/sudo_conf.h, src/sudo.c:
	Normally, sudo disables core dumps while it is running. This
	behavior can now be modified at run time with a line in sudo.conf
	like "Set disable_coredumps false"
	[ad14e0508b0d]

	* NEWS:
	Mention Spanish translation
	[600f3205bd6e]

	* common/sudo_debug.c:
	Make sure we don't try to fall back to using the conversation
	function for debugging in the main sudo process if we are unable to
	open the debug file.
	[ffa329aa908c]

	* MANIFEST, src/po/es.mo, src/po/es.po:
	Add sudo Spanish translation from translationproject.org
	[c1906654e740]

2012-02-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog.c:
	Better debug subsystem usage
	[1a31f115743c]

	* src/sudo.c:
	Remove duplicate function prototypes
	[ae04b00532eb]

2012-02-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Error out if user specified --with-pam but we can't find the headers
	or library. Also throw an error if the headers are present but the
	library is not and vice versa.
	[d6bf3e3d0aae]

2012-01-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	Fix the sudoers permission check when the expected sudoers mode is
	owner-writable.
	[8b0b7e770a22]

2012-01-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Verify that we can link executables built with -D_FORTIFY_SOURCE
	before using it.
	[7578215d1a95]

	* src/exec_common.c:
	Fix potential off-by-one when making a copy of the environment for
	LD_PRELOAD insertion. Fixes bug #534
	[cc699cd551b6]

	* configure, configure.in:
	Add rudimentary check for _FORTIFY_SOURCE support by checking for
	__sprintf_chk, one of the functions used by gcc to support it.
	[a992673d2ef8]

	* compat/stdbool.h, config.h.in, configure, configure.in:
	Use AC_HEADER_STDBOOL instead of checking for stdbool.h ourselves.
	[8ba1370884b3]

2012-01-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
	regen
	[1e0b38397705]

2012-01-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c, src/sudo.c:
	The change in 818e82ecbbfc that caused to exit when the monitor dies
	created a race condition between the monitor exiting and the status
	being read. All we really want to do is make sure that select()
	notifies us that there is a status change when the monitor dies
	unexpectedly so shutdown the socketpair connected to the monitor for
	writing when it dies. That way we can still read the status that is
	pending on the socket and select() on Linux will tell us that the fd
	is ready.
	[7fb5b30ea48d]

	* MANIFEST, src/Makefile.in, src/exec.c, src/exec_common.c,
	src/exec_pty.c, src/selinux.c, src/sesh.c, src/sudo.c, src/sudo.h,
	src/sudo_exec.h:
	Refactor disable_execute() and my_execve() into exec_common.c for
	use by sesh.c. This fixes NOEXEC when SELinux is used. Instead of
	disabling exec in exec_setup(), disable it immediately before
	executing the command. Adapted from a diff by Arno Schuring.
	[ec4d8b53db6b]

2012-01-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* aclocal.m4, configure, configure.in:
	Add custom version of AC_CHECK_LIB that uses the extra libs in the
	cache value name. With this we no longer need to rely on a modified
	version of autoconf.
	[1c3b1d482d6c]

2012-01-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Better handling of network functions that need -lsocket -lnsl
	[cc386342ec2b]

	* src/sudo.c:
	When setting up the execution environment, set groups before
	gid/egid like sudo 1.7 did.
	[928e1c5fa6c1]

	* configure, configure.in:
	Remove "WARNING: unable to find foo() trying -lsocket -lnsl"
	[84b23cdf138f]

	* plugins/sudoers/sudoers.c:
	For "sudo -g" prepend the specified group ID to the beginning of the
	groups list. This matches BSD convention where the effective gid is
	the first entry in the group list. This is required on newer FreeBSD
	where the effective gid is not tracked separately and thus
	setgroups() changes the egid if this convention is not followed.
	Fixes bug #532
	[782d6909108b]

2012-01-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Fix sh warning; use "test" instead of "["
	[c6ee3407f65e]

	* src/exec.c:
	When not logging I/O, use a signal handler that only forwards
	SIGINT, SIGQUIT and SIGHUP when they are user-generated signals.
	Fixes a race in the non-I/O logging path where the command may
	receive two keyboard-generated signals; one from the kernel and one
	from the sudo process.
	[9638684e786a]

	* src/exec.c:
	Back out change that put the command in its own pgrp when not
	logging I/O. It causes problems with pipelines.
	[4fc9c6e1e770]

2012-01-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/Makefile.in, configure, configure.in:
	Only run compat regress tests on compat objects we actually build.
	Fixes "make check" in the compat dir for systems that don't
	implement character classes in fnmatch() or glob(). Bug #531
	[a7addc305e83]

2012-01-14  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po:
	Update po files from translationproject.org
	[5ea066af1356]

2012-01-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* sudo.pp:
	Include parent directories in case they don't already exist. This
	fixes a directory permissions problem with the AIX package when the
	/usr/local directories don't already exist.
	[a14f783dc827]

	* pp:
	sync with git version
	[2f79d0543661]

	* common/Makefile.in, plugins/sudoers/Makefile.in, src/Makefile.in:
	regen dependencies
	[24c92ca6c64d]

	* MANIFEST, src/Makefile.in, src/sudo.c, src/sudo.h, src/ttyname.c:
	Move tty name lookup code to its own file.
	[58faf072cbf4]

2012-01-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Update with latest sudo 1.8.4 changes.
	[a4ffe4f42528]

	* config.h.in, configure, configure.in:
	Remove obsolete template for HAVE_TIMESPEC
	[75709007c906]

	* src/sudo.c:
	Add a check for devname() returning a fully-qualified pathname. None
	of the devname() implementations do this today but you never know
	when this might change.
	[16813ace38f9]

2012-01-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo.c:
	For "visudo -c" also list include files that were checked when
	everything is OK.
	[ad6f85b35c9c]

	* src/sudo.c:
	The device name returned by devname() does not include the /dev/
	prefix so we need to add it ourselves.
	[b55285abb7ed]

	* src/sudo.c:
	Add debug warning if KERN_PROC sysctl fails or devname() can't
	resolve the tty device to a name.
	[b5a23916ba3a]

	* common/sudo_debug.c:
	The result of writev() is never checked so just cast to NULL.
	[4be4e9b58d5b]

	* plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po:
	Update Esperanto, Finnish, Polish and Ukrainian translations from
	translationproject.org.
	[bb91bc6ad7e9]

2012-01-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in, src/sudo.c:
	Add support for determining tty via sysctl on other BSD variants.
	[fd15f63f719a]

	* configure, configure.in:
	Only check for struct kinfo_proc.ki_tdev on systems that support
	sysctl.
	[109b3f07a39d]

	* src/sudo.c:
	For FreeBSD, try the KERN_PROC_PID sysctl() first, falling back on
	ttyname() of std{in,out,err}.
	[95969b70bd68]

2012-01-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in, src/sudo.c:
	On newer FreeBSD we can get the parent's tty name via sysctl().
	[3207290501ee]

	* plugins/sudoers/testsudoers.c:
	Include locale.h
	[a602cd0b8c2d]

	* src/sudo.c:
	Silence a gcc warning.
	[8c6d0e3cd534]

	* plugins/sudoers/bsm_audit.c:
	Need to include gettext.h and sudo_debug.h; from John Hein
	[447912aa7300]

	* plugins/sudoers/iolog.c:
	Initialize the debug framework from the I/O plugin too.
	[ce1bf44d96d2]

2012-01-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/testsudoers.c:
	Enable debugging via sudo.conf.
	[d85669c749d0]

2012-01-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo.c:
	Use SUDO_DEBUG_ALIAS for alias checking functions.
	[fb84af30dc76]

	* configure, configure.in:
	More complete test for getaddrinfo() that doesn't rely on the
	network libraries already being added to LIBS.
	[cbaf2369f4f0]

2012-01-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/aix.c:
	Add debug support.
	[def1bdf24485]

	* configure, configure.in:
	Need -lsocket -lnsl for getaddrinfo(3) on Solaris at least.
	[a2ea1c2eac61]

	* compat/getaddrinfo.c:
	Include errno.h and missing.h
	[7d15e17cc2f2]

	* .hgignore:
	ignore doc/varsub
	[417f9fc3231b]

	* configure.in, doc/visudo.pod, plugins/sudoers/Makefile.in,
	plugins/sudoers/gram.y, plugins/sudoers/match.c,
	plugins/sudoers/parse.c, plugins/sudoers/testsudoers.c, src/exec.c,
	src/parse_args.c, src/sudo.c, src/sudo.h:
	Update copyright year.
	[5d0ffc7dd567]

	* NEWS:
	Update for sudo 1.8.4
	[841e3eff9844]

	* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
	regen pot files
	[c509cb45b66a]

	* plugins/sudoers/sudoreplay.c:
	Enable debugging via sudo.conf.
	[5087aaee8484]

	* plugins/sudoers/visudo.c:
	Enable debugging via sudo.conf.
	[04b067c16ed3]

	* plugins/sudoers/visudo.c:
	Allow "visudo -c" to work when we only have read-only access to the
	sudoers include files.
	[d8c6713fe5c1]

	* doc/sudo.pod, doc/visudo.pod:
	Mention the CONTRIBUTORS file, not HISTORY in AUTHOR section. Add
	HISTORY section in sudo that points to HISTORY file.
	[d1f1bcb051c5]

	* doc/sudo.pod, doc/sudo_plugin.pod:
	Document Debug setting in sudo.conf and debug_flags in plugin.
	[acfc505aa4a9]

2012-01-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/match.c:
	Do not include GLOB_MARK in the flags we pass to glob(3). Fixes a
	bug where a pattern like "/usr/*" include /usr/bin/ in the results,
	which would be incorrectly be interpreted as if the sudoers file had
	specified a directory. From Vitezslav Cizek.
	[0cdb6252188c]

	* INSTALL, config.h.in, configure, configure.in,
	plugins/sudoers/auth/kerb5.c:
	Add --enable-kerb5-instance configure option to allow people using
	Kerberos V authentication to use a custom instance. Adapted from a
	diff by Michael E Burr.
	[e83af8bb7aa7]

	* doc/sudo.pod, src/parse_args.c, src/sudo.c, src/sudo.h:
	Remove -D debug_level option.
	[cbcd05094347]

	* doc/LICENSE:
	Update copyright year.
	[9f43dd7aa852]

2012-01-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/parse.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/visudo.c:
	parse_error is now bool, not int
	[5ea7fb6fda38]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/parse.c:
	Print a more sensible error if yyparse() returns non-zero but
	yyerror() was not called.
	[d44ec88f1183]

	* plugins/sudoers/Makefile.in, plugins/sudoers/getdate.c,
	plugins/sudoers/gram.c:
	Replace y.tab.c with the correct filename in #line directives.
	[3c84fcb7e959]

2012-01-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo.c:
	When trying to determine the tty, fall back on /proc/ppid/fd/{0,1,2}
	if the main process's fds 0-2 are not hooked up to a tty. Adapted
	from a diff by Zdenek Behan.
	[b9dfce12af85]

	* src/exec.c:
	When not logging I/O, put command in its own pgrp and make that the
	controlling pgrp if the command is in the foreground. Fixes a race
	in the non-I/O logging path where the command may receive two
	keyboard-generated signals; one from the kernel and one from the
	sudo process.
	[d0e263ce496c]

2011-12-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/sudo_edit.c:
	Quiet a bogus gcc warning.
	[2009669e0608]

	* src/parse_args.c, src/sudo.h:
	Fix warnings related to sudo.conf accessors.
	[08ddc29ba50b]

	* common/sudo_conf.c, include/sudo_conf.h:
	Separate sudo.conf parsing from plugin loading and move the parse
	functions into the common lib so that visudo, etc. can use them.
	[f1fc659a8079]

	* MANIFEST, common/Makefile.in, src/Makefile.in, src/load_plugins.c,
	src/parse_args.c, src/sudo.c, src/sudo_plugin_int.h:
	Separate sudo.conf parsing from plugin loading and move the parse
	functions into the common lib so that visudo, etc. can use them.
	[e1f2cf6bd57a]

	* doc/sudoers.pod, plugins/sudoers/def_data.c,
	plugins/sudoers/def_data.h, plugins/sudoers/def_data.in,
	plugins/sudoers/sudoers.c, src/sudo.c:
	Remove support for noexec_file in sudoers and the plugin API
	[3e2fd58879b5]

	* plugins/sudoers/sudoers.c:
	Don't dump interfaces if there are none.
	[9081bb4d3e9e]

	* plugins/sudoers/def_data.c, plugins/sudoers/def_data.in:
	Add missing %s printf escape to the group_plugin, iolog_dir and
	iolog_file descriptions.
	[7db03f2b737e]

2011-12-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/def_data.c, plugins/sudoers/def_data.in, src/exec.c:
	Fix typo in visiblepw description; from Joel Pickett
	[2fb4b26d5c2c]

2011-12-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, configure, configure.in, mkdep.pl,
	plugins/sudoers/Makefile.in, plugins/sudoers/env.c,
	plugins/sudoers/login_class.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, src/sudo.c:
	When running a login shell with a login_class specified, use
	LOGIN_SETENV instead of rolling our own login.conf setenv support
	since FreeBSD's login.conf has more than just setenv capabilities.
	This requires us to swap the plugin-provided envp for the global
	environ before calling setusercontext() and then stash the resulting
	environ pointer back into the command details, which is kind of a
	hack.
	[ad4f1190143b]

	* plugins/sudoers/Makefile.in:
	If srcdir is "." just use the basename of the yacc/lex file when
	generating the C version. This matches the generated files currently
	in the repo.
	[0b11c3df87a8]

	* doc/Makefile.in, plugins/sudoers/Makefile.in:
	Clean up the DEVEL noise
	[9de2afe457fd]

	* src/exec.c:
	Handle different Unix domain socket (actually socketpair) semantics
	in BSD vs. Linux. In BSD if one end of the socketpair goes away
	select() returns the fd as readable and the read will fail with
	ECONNRESET. This doesn't appear to happen on Linux so if we notice
	that the monitor process has died when I/O logging is enabled,
	behave like the command has exited. This means we log the wait
	status of the monitor, not the command, but there is nothing else we
	can do at that point. This should only be an issue if SIGKILL is
	sent to the monitor process.
	[818e82ecbbfc]

	* src/exec_pty.c:
	Catch common signals in the monitor process so they get passed to
	the command. Fixes a problem when the entire login session is killed
	when ssh is disconnected or the terminal window is closed.
	Previously, the monitor would exit and plugin's close method would
	not be called.
	[0e4658263138]

	* INSTALL, configure, configure.in:
	Mention how to configure pam_hpsec on HP-UX to play nicely with
	sudo.
	[a7294cd8ce98]

2011-12-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/ldap.c:
	Escape values in the search expression as per RFC 4515.
	[c2adbc5db92b]

	* doc/Makefile.in, include/Makefile.in, plugins/sample/Makefile.in,
	plugins/sample_group/Makefile.in, plugins/sudoers/Makefile.in,
	src/Makefile.in:
	No need for install target to depend explicitly on install-dirs, the
	install-foo targets all depend on it.
	[62a36ed98279]

2011-12-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* .hgignore:
	ignore src/sesh
	[463d492f6782]

	* MANIFEST, common/Makefile.in, configure, configure.in, mkdep.pl,
	plugins/sample/Makefile.in, plugins/sample_group/Makefile.in,
	plugins/sudoers/Makefile.in, plugins/sudoers/env.c,
	plugins/sudoers/login_class.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, src/Makefile.in:
	Add support for setenv entries in login.conf. We can't use
	LOGIN_SETENV since the plugin sets up the envp the command is
	executed with. Also regen the Makefile.in files while here. Fixes
	bug #527
	[088d507926e2]

2011-12-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, aclocal.m4, compat/getaddrinfo.c, compat/getaddrinfo.h,
	config.h.in, configure, configure.in, plugins/sudoers/sudoers.c,
	src/net_ifs.c:
	Add getaddrinfo() for those without it, written by Russ Allbery
	[4cf9ac831222]

	* doc/Makefile.in:
	Restore PACKAGE_TARNAME, it is used in docdir
	[9d65e893edb1]

	* MANIFEST, compat/stdbool.h:
	SunPro C Compiler also has a _Bool builtin. Also add stdbool.h to
	the MANIFEST
	[e67700dc5621]

	* common/atobool.c, common/term.c, src/exec.c:
	Remove duplicate return statements.
	[48a20d5215fd]

	* plugins/sudoers/auth/bsdauth.c:
	Remove inaccurate comment
	[e7f0265cf657]

	* plugins/sudoers/auth/bsdauth.c, plugins/sudoers/sudoers.c:
	Fetch the login class for the user we authenticate specifically when
	using BSD authentication. That user may have a different login class
	than what we will use to run the command. When setting the login
	class for the command, use the target user's struct passwd, not the
	invoking user's. Fixes bug 526
	[21bf0af892f7]

	* compat/Makefile.in, configure, configure.in, doc/Makefile.in,
	plugins/sudoers/Makefile.in:
	Replace @DEV@ prefix with DEVEL variable so we can do "make DEVEL=1"
	[8ee6e0891f27]

	* plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/regress/parser/check_fill.c:
	Fix "make check" fallout from the sudo_conv changes in sudo_debug.
	[b0aaa63c9081]

	* common/fileops.c, common/sudo_debug.c, configure, configure.in,
	include/fileops.h, plugins/sample/Makefile.in,
	plugins/sample/sample_plugin.c, plugins/sample_group/Makefile.in,
	plugins/sample_group/sample_group.c, plugins/sudoers/alias.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/check.c,
	plugins/sudoers/defaults.c, plugins/sudoers/defaults.h,
	plugins/sudoers/env.c, plugins/sudoers/find_path.c,
	plugins/sudoers/goodpath.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/group_plugin.c,
	plugins/sudoers/iolog.c, plugins/sudoers/iolog_path.c,
	plugins/sudoers/ldap.c, plugins/sudoers/match.c,
	plugins/sudoers/match_addr.c, plugins/sudoers/parse.c,
	plugins/sudoers/parse.h, plugins/sudoers/pwutil.c,
	plugins/sudoers/sudo_nss.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, plugins/sudoers/testsudoers.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.h,
	plugins/sudoers/toke.l, plugins/sudoers/toke_util.c,
	plugins/sudoers/visudo.c, src/exec.c, src/exec_pty.c,
	src/load_plugins.c, src/sudo.c, src/sudo.h, src/sudo_exec.h,
	src/sudo_plugin_int.h, src/utmp.c:
	Use stdbool.h instead of rolling our own TRUE/FALSE macros.
	[dcb0bbc42fc9]

2011-12-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/stdbool.h, config.h.in, configure, configure.in:
	Add stdbool.h for systems without it.
	[18bd9dda1dcd]

	* aclocal.m4, config.h.in, configure, configure.in:
	No longer need SUDO_CHECK_TYPE and SUDO_TYPE_* now that the default
	includes have unistd.h in them. Add check for socklen_t for upcoming
	getaddrinfo compat.
	[d705465bef69]

	* common/fileops.c, compat/nanosleep.c, config.h.in, configure,
	configure.in, plugins/sudoers/interfaces.c,
	plugins/sudoers/interfaces.h, plugins/sudoers/match_addr.c,
	plugins/sudoers/sudoreplay.c, src/net_ifs.c:
	Use HAVE_STRUCT_TIMESPEC and HAVE_STRUCT_IN6_ADDR instead of
	HAVE_TIMESPEC and HAVE_IN6_ADDR respectively.
	[fa187c9bd2be]

	* src/sudo_noexec.c:
	No longer need to include time.h here as missing.h does not use
	time_t.
	[fa3a089bf5b1]

2011-11-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo.c:
	Fix mode on sudoers as needed when the -f option is not specified.
	[7a1c40b0dc03]

	* MANIFEST, src/po/sr.mo, src/po/sr.po:
	Add Serbian translation for sudo from translationproject.org
	[9a0c25e25cba]

	* common/sudo_debug.c, plugins/sudoers/sudoers.c, src/load_plugins.c,
	src/parse_args.c:
	No longer pass debug_file to plugin, plugins must now use
	CONV_DEBUG_MSG
	[810cda1abb0b]

	* mkpkg:
	Build PIE executables for newer Debian and Ubuntu
	[1c5f25f8904a]

	* common/sudo_debug.c:
	Include time.h for ctime() prototype.
	[10090cf3bca1]

2011-11-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/sudo_debug.c, include/sudo_debug.h, src/exec.c,
	src/exec_pty.c:
	Do not close error pipe or debug fd via closefrom() as we need them
	to report an exec error should one occur.
	[732f6587fafa]

	* doc/sudoers.ldap.pod:
	Document that a sudoUser may now be a group ID.
	[2fef46b9d3d3]

	* plugins/sudoers/ldap.c:
	Add support for permitting access by group ID in addition to group
	name.
	[b9450fdf1f69]

	* plugins/sudoers/ldap.c:
	Older Netscape LDAP SDKs don't prototype ldapssl_set_strength()
	[d62a1e7cff4f]

	* compat/fnmatch.c, compat/fnmatch.h, doc/LICENSE:
	Replace UCB fnmatch.c with a non-recursive version written by
	William A. Rowe Jr.
	[354d3384adb8]

	* plugins/sudoers/auth/pam.c:
	Fix typo, return_debug vs. debug_return
	[1b522efcbb0d]

2011-11-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po:
	Update Japanese sudoers translation from translationproject.org
	[ec0f2beaad36]

	* doc/sudoers.pod:
	Make the env_reset descriptions consistent.
	[41c056f02688]

2011-11-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Do multiple expansion when expanding paths to the noexec file, sesh
	and the plugin directory. Adapted from a diff by Mike Frysinger
	[d7e16c876c66]

	* common/Makefile.in:
	regen
	[9d729e09c186]

2011-11-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* .hgignore:
	Add ignore file; from Mike Frysinger
	[1fa8d52425f8]

	* mkdep.pl:
	no longer save old Makefile.in to .old
	[378dd2395545]

	* plugins/sudoers/Makefile.in, src/Makefile.in:
	regen
	[769faf517720]

	* config.guess, config.sub, configure, ltmain.sh, m4/libtool.m4,
	m4/ltoptions.m4, m4/ltversion.m4:
	Update to libtool 2.4.2
	[9dac78d84b4f]

2011-11-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers_version.h:
	Bump grammar version for #include and #includedir relative path
	support.
	[82a4f7cd8f71]

2011-11-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.pod, plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Add support for relative paths in #include and #includedir
	[4d6e3bd0c24f]

	* plugins/sudoers/Makefile.in:
	Fix install-plugin when shared objects are unsupported or disabled.
	[cbdd770a7a1b]

	* plugins/sudoers/goodpath.c:
	Don't write to sbp if it is NULL
	[fc438f8e8570]

2011-11-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in:
	Remove all sudo/sudoers .mo files on uninstall If LINGUAS is set,
	only install matching .mo files
	[c1dc30ab4ebc]

2011-11-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/group_plugin.c, plugins/sudoers/plugin_error.c,
	plugins/sudoers/sudoers.c, src/conversation.c:
	Fix non-dynamic (no dlopen) sudo build.
	[b0bd3fa925a3]

	* configure, configure.in:
	Don't error out if the user specified --disable-shared
	[cf035dd1e5cc]

	* common/sudo_debug.c, plugins/sudoers/sudoreplay.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/visudo.c,
	src/conversation.c:
	Use SUDO_CONV_DEBUG_MSG in the plugin instead of writing directly to
	the debug file.
	[640c62f83251]

	* plugins/sudoers/find_path.c, plugins/sudoers/goodpath.c,
	plugins/sudoers/sudoers.h:
	Make sudo_goodpath() return value bolean
	[fea2d59a6e55]

	* INSTALL, MANIFEST, configure, configure.in, mkdep.pl,
	plugins/sudoers/Makefile.in, plugins/sudoers/auth/securid.c:
	Remove obsolete securid auth method.
	[4e54f860214b]

	* plugins/sudoers/auth/afs.c, plugins/sudoers/auth/aix_auth.c,
	plugins/sudoers/auth/dce.c, plugins/sudoers/auth/fwtk.c,
	plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/rfc1938.c,
	plugins/sudoers/auth/secureware.c, plugins/sudoers/auth/securid5.c,
	plugins/sudoers/auth/sia.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/auth/sudo_auth.h:
	Prefix authentication functions with a "sudo_" prefix to avoid
	namespace problems.
	[581d74063ea1]

	* INSTALL, MANIFEST, config.h.in, configure, configure.in,
	doc/TROUBLESHOOTING, mkdep.pl, plugins/sudoers/Makefile.in,
	plugins/sudoers/auth/kerb4.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/auth/sudo_auth.h, plugins/sudoers/env.c:
	Remove the old Kerberos IV support
	[2e4b4a44209d]

2011-11-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/check.c:
	Don't print garbage at the end of the custom lecture.
	[44bb788fafaa]

	* plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Add lexer tracing as debug@parser
	[d850f3f9d414]

	* plugins/sudoers/alias.c, plugins/sudoers/defaults.c,
	plugins/sudoers/defaults.h, plugins/sudoers/gram.c,
	plugins/sudoers/match.c, plugins/sudoers/parse.c,
	plugins/sudoers/regress/parser/check_fill.c,
	plugins/sudoers/testsudoers.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l, plugins/sudoers/toke_util.c,
	plugins/sudoers/visudo.c:
	Revert 003bdb078a15. We need to #include <gram.h> not "gram.h" and
	<def_data.h> and not "def_data.h" when generating the parser in a
	build dir.
	[7da701def753]

2011-11-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkdep.pl, plugins/sudoers/Makefile.in:
	Better devdir support in mkdep.pl
	[7dcec57bd155]

	* plugins/sudoers/Makefile.in:
	Add devdir before srcdir in include path and fix up dependecies
	accordingly.
	[6e9958eca485]

	* plugins/sudoers/alias.c, plugins/sudoers/defaults.c,
	plugins/sudoers/defaults.h, plugins/sudoers/match.c,
	plugins/sudoers/parse.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l,
	plugins/sudoers/toke_util.c, plugins/sudoers/visudo.c:
	#include "gram.h" not <gram.h> and "def_data.h" and not
	<def_data.h>.
	[003bdb078a15]

	* sudo.pp:
	Mark libexec files as optional. If we build without shared object
	support, libexec is not used.
	[4bffcf482219]

	* src/load_plugins.c:
	Change Debug sudo.conf setting to take a program name as the first
	argument. In the future, this will allow visudo and sudoreplay to
	use their own Debug entries.
	[cfb8f7e4867c]

	* src/sudo.c:
	fix sudo_debug_printf priority
	[dcb67e965609]

	* plugins/sudoers/sudoers.c:
	add missing debug_return_int
	[d88ec450c592]

2011-11-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/sudo_debug.c, include/error.h, include/sudo_debug.h,
	plugins/sudoers/logging.c, src/exec.c, src/exec_pty.c:
	Fold SUDO_DEBUG_PROGERR and SUDO_DEBUG_SYSERR into SUDO_DEBUG_ERROR
	[dcee8efc294f]

	* doc/UPGRADE:
	Add missing word in HOME security note.
	[fd844fdcc1ac]

	* plugins/sudoers/testsudoers.c:
	Prevent "testsudoers -d username" from trying to malloc(0).
	[839126e56e8c]

2011-11-06  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/regress/sudoers/test10.in,
	plugins/sudoers/regress/sudoers/test10.out.ok,
	plugins/sudoers/regress/sudoers/test10.toke.ok,
	plugins/sudoers/regress/sudoers/test10.toke.out.ok,
	plugins/sudoers/regress/sudoers/test11.in,
	plugins/sudoers/regress/sudoers/test11.out.ok,
	plugins/sudoers/regress/sudoers/test11.toke.ok,
	plugins/sudoers/regress/sudoers/test11.toke.out.ok,
	plugins/sudoers/regress/sudoers/test12.in,
	plugins/sudoers/regress/sudoers/test12.out.ok,
	plugins/sudoers/regress/sudoers/test12.toke.ok,
	plugins/sudoers/regress/sudoers/test13.in,
	plugins/sudoers/regress/sudoers/test13.out.ok,
	plugins/sudoers/regress/sudoers/test13.toke.ok,
	plugins/sudoers/regress/sudoers/test9.in,
	plugins/sudoers/regress/sudoers/test9.out.ok,
	plugins/sudoers/regress/sudoers/test9.toke.ok,
	plugins/sudoers/regress/sudoers/test9.toke.out.ok:
	Tests for empty sudoers (should parse OK) and syntax errors within a
	line (should report correct line number) both with and without the
	trailing newline.
	[d57c879c4718]

	* plugins/sudoers/regress/sudoers/test4.out.ok,
	plugins/sudoers/regress/sudoers/test5.out.ok,
	plugins/sudoers/regress/sudoers/test7.out.ok,
	plugins/sudoers/regress/sudoers/test8.out.ok,
	plugins/sudoers/testsudoers.c:
	Print line number when there is a parser error.
	[5444ef6ac6dc]

2011-11-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y,
	plugins/sudoers/toke.c, plugins/sudoers/toke.l:
	Keep track of the last token returned. On error, if the last token
	was COMMENT, decrement sudolineno since the error most likely
	occurred on the preceding line. Previously we always uses
	sudolineno-1 which will give the wrong line number for errors within
	a line.
	[d661a03a64da]

2011-11-03  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	update with sudo 1.8.3p1 info
	[0f79ff31f602]

	* plugins/sudoers/sudoers.c:
	Fix crash when "sudo -g group -i" is run. Fixes bug 521
	[a3087ae337c4]

2011-10-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/visudo.c:
	Make alias_remove_recursive() return TRUE/FALSE as its callers
	expect and remove two unused arguments. Fixes bug 519.
	[2ee3b2882844]

	* plugins/sudoers/regress/visudo/test1.out.ok,
	plugins/sudoers/regress/visudo/test1.sh:
	Add regress test for bugzilla 519
	[48000ebedf97]

	* plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/regress/parser/check_fill.c:
	Disable warning/error wrapping in regress tests.
	[373c589ba561]

2011-10-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in:
	Do compile-po as part of sync-po so that the .mo files get rebuild
	automatically when we sync with translationproject.org
	[83f3cbfc2f33]

	* plugins/sudoers/Makefile.in:
	check_addr needs to link with the network libraries on Solaris
	[322bd70e316e]

	* plugins/sudoers/match.c:
	When matching a RunasAlias for a runas group, pass the alias in as
	the group_list, not the user_list. From Daniel Kopecek.
	[766545edf141]

	* plugins/sudoers/check.c, plugins/sudoers/sudoers.c:
	We need to init the auth system regardless of whether we need a
	password since we will be closing the PAM session in the monitor
	process. Fixes a crash in the monitor on Solaris; bugzilla #518
	[e82809f86fb3]

2011-10-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/exec.c:
	Get rid of done: label. If the child exits we still need to close
	the pty, update utmp and restore the SELinux tty context.
	[cc127bf48405]

2011-10-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/Makefile.in, common/atobool.c, common/fileops.c,
	common/fmt_string.c, common/lbuf.c, common/list.c,
	common/setgroups.c, common/term.c, plugins/sudoers/Makefile.in,
	plugins/sudoers/alias.c, plugins/sudoers/audit.c,
	plugins/sudoers/auth/afs.c, plugins/sudoers/auth/aix_auth.c,
	plugins/sudoers/auth/bsdauth.c, plugins/sudoers/auth/dce.c,
	plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/kerb4.c,
	plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/rfc1938.c,
	plugins/sudoers/auth/secureware.c, plugins/sudoers/auth/securid.c,
	plugins/sudoers/auth/securid5.c, plugins/sudoers/auth/sia.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/boottime.c,
	plugins/sudoers/bsm_audit.c, plugins/sudoers/check.c,
	plugins/sudoers/defaults.c, plugins/sudoers/env.c,
	plugins/sudoers/find_path.c, plugins/sudoers/getspwuid.c,
	plugins/sudoers/goodpath.c, plugins/sudoers/gram.c,
	plugins/sudoers/gram.y, plugins/sudoers/group_plugin.c,
	plugins/sudoers/interfaces.c, plugins/sudoers/iolog.c,
	plugins/sudoers/iolog_path.c, plugins/sudoers/ldap.c,
	plugins/sudoers/linux_audit.c, plugins/sudoers/logging.c,
	plugins/sudoers/logwrap.c, plugins/sudoers/match.c,
	plugins/sudoers/match_addr.c, plugins/sudoers/parse.c,
	plugins/sudoers/pwutil.c, plugins/sudoers/redblack.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sudo_nss.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h,
	plugins/sudoers/toke.c, plugins/sudoers/toke.h,
	plugins/sudoers/toke.l, plugins/sudoers/toke_util.c,
	src/Makefile.in, src/conversation.c, src/exec.c, src/exec_pty.c,
	src/get_pty.c, src/load_plugins.c, src/net_ifs.c, src/parse_args.c,
	src/selinux.c, src/sudo.c, src/sudo.h, src/sudo_edit.c,
	src/tgetpass.c, src/ttysize.c, src/utmp.c:
	Add debug_decl/debug_return (almost) everywhere. Remove old
	sudo_debug() and convert users to sudo_debug_printf().
	[8f3bbf907b67]

	* common/alloc.c, include/error.h, plugins/sudoers/plugin_error.c,
	plugins/sudoers/sudoreplay.c, plugins/sudoers/testsudoers.c,
	plugins/sudoers/visudo.c, src/error.c:
	Wrap error/errorx and warning/warningx functions with debug
	statements. Disable wrapping for standalone sudoers programs as well
	as memory allocation functions (to avoid infinite recursion).
	[562ed7b5ae8d]

	* README, config.h.in, configure, configure.in:
	Add checks for __func__ and __FUNCTION__ and mention that we now
	require a cpp that supports variadic macros.
	[314cfe4c5d23]

	* MANIFEST, common/Makefile.in, common/sudo_debug.c,
	include/sudo_debug.h, include/sudo_plugin.h, src/conversation.c,
	src/load_plugins.c, src/parse_args.c, src/sudo.c,
	src/sudo_plugin_int.h:
	New debug framework for sudo and plugins using /etc/sudo.conf that
	also supports function call tracing.
	[cded741e9f10]

2011-10-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po:
	Update Japanese sudoers translation from translationproject.org
	[c24725775e32]

2011-10-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Override and ignore the --disable-static option. Sudo already runs
	libtool with -tag=disable-static where applicable and we need non-
	PIC objects to build the executables.
	[aff1227b853a]

2011-10-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* NEWS:
	Add sudoedit fix
	[74655c7ccad1]

	* plugins/sudoers/po/sudoers.pot:
	regen pot files
	[28d89a831ed3]

	* plugins/sudoers/env.c:
	Ignore set_logname (which is now the default) for sudoedit since we
	want the LOGNAME, USER and USERNAME environment variables to refer
	to the calling user since that is who the editor runs as. This
	allows the editor to find the user's startup files. Fixes bugzilla
	#515
	[6c5dddf5ff05]

	* plugins/sudoers/pwutil.c:
	Instead of trying to grow the buffer in make_grlist_item(), simply
	increase the total length, free the old buffer and allocate a new
	one. This is less error prone and saves us from having to adjust all
	the pointers in the buffer. This code path is only taken when there
	are groups longer than the length of the user field in struct utmp
	or utmpx, which should be quite rare.
	[5587dc8cffaf]

	* src/po/it.mo:
	Add Italian translation for sudo from translationproject.org
	[1b3dd886e7e3]

	* MANIFEST, NEWS, plugins/sudoers/po/ja.mo, plugins/sudoers/po/ja.po,
	src/po/ja.mo, src/po/ja.po:
	Japanese translation for sudo and sudoers from
	translationproject.org
	[c06dd866be6e]

2011-10-07  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/Makefile.in:
	sudoreplay depends on timestr.lo too; from Mike Frysinger
	[b9e73214b2f1]

2011-10-04  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot:
	Regen sudoers pot file.
	[019588bafdb3]

	* NEWS:
	Update with latest sudo 1.8.3 news
	[6868042a88e9]

	* plugins/sudoers/sudoers.c:
	It appears that LDAP or NSS may modify the euid so we need to be
	root for the open(). We restore the old perms at the end of
	sudoers_policy_open().
	[2da67a5497ef]

	* plugins/sudoers/set_perms.c:
	Better warning message on setuid() failure for the setreuid()
	version of set_perms().
	[07abcfe7bd9a]

2011-09-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/check.c:
	Delref auth_pw at the end of check_user() instead of getting a ref
	twice.
	[cb665f55e6a5]

	* plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/check.c:
	Make sudo_auth_{init,cleanup} return TRUE on success and check for
	sudo_auth_init() return value in check_user().
	[92631c919356]

	* plugins/sudoers/auth/sudo_auth.c:
	Do not return without restoring permissions.
	[59ef40b6696a]

	* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
	regen pot files
	[9f320a340b7c]

	* plugins/sudoers/auth/API, plugins/sudoers/auth/bsdauth.c,
	plugins/sudoers/auth/fwtk.c, plugins/sudoers/auth/kerb4.c,
	plugins/sudoers/auth/kerb5.c, plugins/sudoers/auth/pam.c,
	plugins/sudoers/auth/passwd.c, plugins/sudoers/auth/secureware.c,
	plugins/sudoers/auth/securid.c, plugins/sudoers/auth/securid5.c,
	plugins/sudoers/auth/sudo_auth.c, plugins/sudoers/auth/sudo_auth.h,
	plugins/sudoers/check.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	Modify the authentication API such that the init and cleanup
	functions are always called, regardless of whether or not we are
	going to verify a password. This is needed for proper PAM session
	support.
	[19a53f3fb596]

	* compat/Makefile.in, mkdep.pl, plugins/sudoers/Makefile.in:
	Add missing dependency for getspwuid.lo and regen other depends.
	[f7f70eae819a]

	* plugins/sudoers/auth/pam.c, plugins/sudoers/auth/sudo_auth.c,
	plugins/sudoers/auth/sudo_auth.h, plugins/sudoers/sudoers.c:
	Fix a PAM_USER mismatch in session open/close. We update PAM_USER to
	the target user immediately before setting resource limits, which is
	after the monitor process has forked (so it has the old value).
	Also, if the user did not authenticate, there is no pamh in the
	monitor so we need to init pam here too. This means we end up
	calling pam_start() twice, which should be fixed, but at least the
	session is always properly closed now.
	[fbc063a2a872]

	* src/utmp.c:
	Add check for old being NULL in utmp_setid(); from Steven McDonald
	[e87126442f2e]

2011-09-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/pwutil.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h:
	If the invoking user cannot be resolved by uid fake the struct
	passwd and store it in the cache so we can delref it on exit.
	[a27e2f8b9f5e]

2011-09-24  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	Don't error out if the group plugin cannot be loaded, just warn.
	[0fbfcd381e33]

2011-09-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	Quiet a false positive found by several static analysis tools. These
	tools don't know that log_error() does not return (it longjmps to
	error_jmp which returns to the sudo front-end).
	[33d0469df21b]

2011-09-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/po/da.mo, plugins/sudoers/po/eo.mo,
	plugins/sudoers/po/fi.mo, plugins/sudoers/po/pl.mo,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/zh_CN.mo, src/po/it.po:
	Add Italian translation for sudo from translationproject.org Regen
	.mo files
	[c3c888a82be6]

2011-09-21  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/TROUBLESHOOTING:
	Update to current reality and add bit about ssh auth
	[184a1e7c2eeb]

	* plugins/sudoers/gram.c, plugins/sudoers/gram.y:
	Make "verbose" static; fixes a namespace clash with
	pam_ssh_agent_auth (and it doesn't need to be extern these days).
	[cc38d2eb2f4c]

	* config.h.in, configure, configure.in, src/get_pty.c:
	FreeBSD has libutil.h not util.h
	[dab4c94b6d4f]

	* configure, configure.in:
	Define _BSD_SOURCE on FreeBSD, OpenBSD and DragonflyBSD
	[41c362f0a92a]

2011-09-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/da.po, plugins/sudoers/po/eo.po,
	plugins/sudoers/po/fi.po, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/uk.po, plugins/sudoers/po/zh_CN.po:
	Update po files from translationproject.org
	[1e99e147c7fa]

2011-09-16  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.ldap.pod, plugins/sudoers/ldap.c:
	Add support for DEREF in ldap.conf.
	[3c1937a98547]

	* Makefile.in:
	install target should depend on ChangeLog too, not just install-doc
	[1a7c83941175]

	* doc/sudoers.pod:
	Only iolog_file (not iolog_dir) supports mktemp-style suffixes.
	[0eca47d60a2c]

	* NEWS:
	Sync with 1.8 branch for sudo 1.8.2 and 1.8.3 changes.
	[0501415cc5ff]

	* doc/UPGRADE:
	Document group lookup change and possible side effects.
	[585743e1ebf7]

	* configure, configure.in:
	Fix some square brackets in case statements that needed to be
	doubled up. While here, use $OSMAJOR when it makes sense.
	[8973343f4696]

	* plugins/sudoers/pwutil.c:
	Fix a crash in make_grlist_item() on 64-bit machines with strict
	alignment.
	[c89508c73c46]

	* plugins/sudoers/defaults.c, plugins/sudoers/defaults.h:
	Remove list_options() function that is no longer used now that "sudo
	-L" is gone.
	[fcc6a776c135]

	* configure, configure.in:
	Error message if user tries --with-CC
	[ec5b478f813a]

	* configure, configure.in:
	Check for -libmldap too when looking for ldap libs, which is the
	Tivoli Directory Server client library.
	[bb3007a97206]

2011-09-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/parse.c:
	Honor NOPASSWD tag for denied commands too.
	[8dd92656db92]

2011-09-08  Todd C. Miller  <Todd.Miller@courtesan.com>

	* INSTALL, configure, configure.in:
	Remove --with-CC option; it doesn't work correctly now that we use
	libtool. Users can get the same effect by setting the CC environment
	variable when running configure.
	[ec22bd1a55e0]

2011-08-31  Todd C. Miller  <Todd.Miller@courtesan.com>

	* config.h.in, configure, configure.in, plugins/sudoers/visudo.c,
	src/sudo_edit.c:
	Assume all modern systems support fstat(2).
	[6a5a8985f6a0]

2011-08-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* compat/regress/glob/globtest.c, config.h.in, configure,
	configure.in, include/missing.h, plugins/sudoers/sudoers.h,
	src/sudo.h, src/sudo_noexec.c:
	Add configure test for missing errno declaration and only declare it
	ourselves if it is missing.
	[456e76c809a2]

	* plugins/sudoers/alias.c:
	Include errno.h before sudo.h to avoid conflicting with the system
	definition of errno.
	[d0b97e392512]

2011-08-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/regress/parser/check_addr.c:
	Only print individual check status when there is a failure.
	[2ac704c91441]

	* plugins/sudoers/regress/iolog_path/check_iolog_path.c,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/parser/check_addr.c:
	Add calls to setprogname() for test programs.
	[a8d9b420e826]

	* configure, configure.in:
	Add -Wall and -Werror after all tests so they don't cause failures.
	[2661188ff3fa]

	* plugins/sudoers/Makefile.in:
	Actually run check_addr in the check target
	[0b2778bc86bf]

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/match.c,
	plugins/sudoers/match_addr.c,
	plugins/sudoers/regress/parser/check_addr.c,
	plugins/sudoers/regress/parser/check_addr.in:
	Split out address matching into its own file and add regression
	tests for it.
	[12b9a2bf8dba]

2011-08-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/match.c:
	When matching an address with a netmask in sudoers, AND the mask and
	addr before checking against the local addresses.
	[9747bb6d7b1c]

2011-08-26  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/match.c:
	Fix netmask matching.
	[a3c8f8cc1464]

	* plugins/sudoers/visudo.c:
	Don't assume all editors support the +linenumber command line
	argument, use a whitelist of known good editors.
	[21d43a91fd10]

2011-08-23  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/set_perms.c, plugins/sudoers/visudo.c, src/exec.c,
	src/exec_pty.c, src/sudo.c:
	Silence compiler warnings on Solaris with gcc 3.4.3
	[da620bae6fdb]

	* mkpkg:
	Fix building on RHEL 3
	[f3227fb2a252]

	* INSTALL, configure, configure.in:
	Add --enable-werror configure option.
	[fec2cdb95543]

	* common/setgroups.c:
	setgroups() proto lives in grp.h on RHEL4, perhaps others.
	[de91c0de5a98]

	* configure, configure.in:
	Use PAM by default on AIX 6 and higher.
	[e16493208e5f]

2011-08-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/po/eo.mo, plugins/sudoers/po/eo.po,
	src/po/eo.mo, src/po/eo.po:
	Add new Esperanto translation from translationproject.org
	[0d9a59e04c64]

2011-08-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog_path.c:
	Quiet an innocuous valgrind warning.
	[0582b6027161]

2011-08-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/iolog_path.c,
	plugins/sudoers/regress/iolog_path/data:
	Fix expansion of strftime() escapes in log_dir and add a regress
	test that exhibited the problem.
	[a5c7c1c4c589]

	* plugins/sudoers/Makefile.in:
	Fix "make check" return value.
	[33b58e175230]

2011-08-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
	Regen pot files
	[063841aac19b]

	* Makefile.in:
	Fix logic inversion in pot file up to date check.
	[f6a8ca8654df]

2011-08-15  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	Add caching for gettext() checks.
	[01b7200f6105]

	* configure, configure.in:
	Better handling of libintl header and library mismatch.
	[9a49b1d4db69]

2011-08-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	Also check sudoers gid if sudoers is group writable.
	[23ef96ca0d33]

2011-08-12  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure, configure.in:
	If dlopen is present but libtool doesn't find it, error out since it
	probably means that libtool doesn't support the system.
	[a9da0a5f7941]

	* mkpkg:
	configure args on the command line should override builtin defaults.
	Disable NLS for non-Linux/Solaris unless explicitly enabled.
	[b2fb05614504]

	* plugins/sudoers/auth/aix_auth.c:
	Fix loop that calls authenticate(). If there was an error message
	from authenticate(), display it.
	[063a0c4f0b9a]

2011-08-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* m4/libtool.m4, m4/ltversion.m4:
	Update to autoconf 2.68 and libtool 2.4
	[5a912a6eb67b]

	* config.guess, config.sub, configure, configure.in, ltmain.sh:
	Update to autoconf 2.68 and libtool 2.4
	[931ab56aecf6]

	* doc/sudoers.pod:
	Fix typo; OPT should be OTP
	[e97bd2e46544]

	* plugins/sudoers/Makefile.in:
	Rename libsudoers convenience library to libparsesudoers to avoid
	libtool confusion.
	[2a89a613f537]

2011-08-10  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/po/da.mo, plugins/sudoers/po/da.po:
	Add Danish sudoers translation from translationproject.org
	[27b96e85eb13]

	* plugins/sudoers/sudoers.c, plugins/sudoers/testsudoers.c:
	Add dedicated callback function for runas_default sudoers setting
	that only sets runas_pw if no runas user or group was specified by
	the user.
	[b8382d8eea34]

2011-08-09  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/fi.mo, plugins/sudoers/po/fi.po,
	plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po,
	plugins/sudoers/po/uk.mo, plugins/sudoers/po/uk.po, src/po/ru.mo,
	src/po/ru.po:
	Update Finish, Polish, Russian and Ukrainian translations from
	translationproject.org.
	[f9339aff664e]

	* plugins/sudoers/defaults.h, plugins/sudoers/sudoers.c,
	plugins/sudoers/testsudoers.c:
	Go back to using a callback for runas_default to keep runas_pw in
	sync. This is needed to make per-entry runas_default settings work
	with LDAP-based sudoers. Instead of declaring it a callback in
	def_data.in, sudo and testsudoers poke sudo_defs_table[] which is a
	bit naughty, but avoids requiring stub functions in visudo and the
	tests.
	[9aaefb908415]

2011-08-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* Makefile.in:
	Add check for out of date message catalogs when doing "make dist".
	[e45a29b612f4]

2011-08-02  Todd C. Miller  <Todd.Miller@courtesan.com>

	* configure:
	regen
	[d6f9ad26774a]

	* configure.in:
	Make sure compiler supports static-libgcc before using it.
	[b01bd9566e50]

2011-08-01  Todd C. Miller  <Todd.Miller@courtesan.com>

	* src/Makefile.in:
	Link libsudo_noexec.la with LDLDFLAGS for -static-libgcc
	[c99c7ab3edef]

2011-07-30  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/po/fi.mo, plugins/sudoers/po/pl.mo,
	plugins/sudoers/po/pl.po, plugins/sudoers/po/uk.mo,
	plugins/sudoers/po/zh_CN.mo, src/po/ru.mo, src/po/ru.po,
	src/po/zh_CN.mo:
	Add new Russian sudo translation from translationproject.org and
	rebuild the other translation files.
	[e20015459056]

2011-07-29  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/fi.po, plugins/sudoers/po/pl.po:
	Update Finish and Polish translations from translationproject.org
	[4e3dbba4a1de]

	* plugins/sudoers/sudoers.c, src/parse_args.c, src/sudo.c:
	Go back to escaping the command args for "sudo -i" and "sudo -s"
	before calling the plugin. Otherwise, spaces in the command args are
	not treated properly. The sudoers plugin will unescape non- spaces
	to make matching easier.
	[dfa2c4636f33]

2011-07-28  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/check.c, plugins/sudoers/group_plugin.c,
	plugins/sudoers/ldap.c, plugins/sudoers/parse.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/toke.c,
	plugins/sudoers/toke.l:
	Fix some potential problems found by the clang static analyzer, none
	serious.
	[ff64aa74aae6]

	* plugins/sudoers/po/uk.po, plugins/sudoers/po/zh_CN.po,
	src/po/zh_CN.po:
	Updated Ukranian and Chinese (simplified) po files from
	translationproject.org
	[ec792becb48e]

2011-07-27  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/po/pl.po:
	Updated Polish translation from translationproject.org
	[a3af53cb649c]

	* plugins/sudoers/po/sudoers.pot, src/po/sudo.pot:
	Rebuild pot files
	[c650524c0f0a]

	* plugins/sudoers/audit.c, plugins/sudoers/sudoers.c:
	Don't try to audit failure if the runas user does not exist. We
	don't have the user's command at this point so there is nothing to
	audit. Add a NULL check in audit_success() and audit_failure() just
	to be on the safe side.
	[2a0007c2022f]

	* mkpkg:
	Add -g to CFLAG for PIE builds.
	[32a0a9693c9c]

2011-07-25  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/pwutil.c, plugins/sudoers/sudoers.c,
	plugins/sudoers/sudoers.h, src/sudo.c:
	Remove fallback to per-group lookup when matching groups in sudoers.
	The sudo front-end will now use getgrouplist() to get the user's
	list of groups if getgroups() fails or returns zero groups so we
	always have a list of the user's groups. For systems with
	mbr_check_membership() which support more that NGROUPS_MAX groups
	(Mac OS X), skip the call to getgroups() and use getgrouplist() so
	we get all the groups.
	[51b3ed8c600b]

2011-07-22  Todd C. Miller  <Todd.Miller@courtesan.com>

	* common/setgroups.c:
	Fix setgroups() fallback code on EINVAL.
	[2b6faecd56a4]

	* plugins/sudoers/set_perms.c:
	Fix two PERM_INITIAL cases that were still using user_gids.
	[9680bab0acc6]

	* MANIFEST:
	Add Polish sudo message catalog
	[8bb40c3ba576]

	* plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h:
	user_group is no longer used, remove it
	[9acede0fe6c5]

2011-07-20  Todd C. Miller  <Todd.Miller@courtesan.com>

	* MANIFEST, plugins/sudoers/po/pl.mo, plugins/sudoers/po/pl.po:
	Add Polish translation from translationproject.org
	[afac5c638573]

	* MANIFEST, common/Makefile.in, common/setgroups.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sudoers.h, src/sudo.c,
	src/sudo.h, src/sudo_edit.c:
	Add a wrapper for setgroups() that trims off extra groups and
	retries if setgroups() fails. Also add some missing addrefs for
	PERM_USER and PERM_FULL_USER.
	[224dfd8aae5c]

	* MANIFEST, compat/Makefile.in, compat/getgrouplist.c, config.h.in,
	configure, configure.in, include/missing.h, mkdep.pl,
	plugins/sudoers/ldap.c, plugins/sudoers/pwutil.c,
	plugins/sudoers/set_perms.c, plugins/sudoers/sudo_nss.c,
	plugins/sudoers/sudoers.c, plugins/sudoers/sudoers.h, src/sudo.c:
	Instead of keeping separate groups and gids arrays, create struct
	group_info and use it to store both, along with a count for each.
	Cache group info on a per-user basis using getgrouplist() to get the
	groups. We no longer need special to special case the user or list
	user for user_in_group() and thus no longer need to reset the groups
	list when listing another user.
	[0ad849a8b2d5]

	* src/preload.c:
	Don't rely on NULL since we don't include a header for it.
	[b40937f1890c]

2011-07-19  Todd C. Miller  <Todd.Miller@courtesan.com>

	* doc/sudoers.pod:
	Fix typo
	[c1035360e169]

2011-07-18  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	Do not shadow global sudo_mode with a local variable in set_cmnd()
	[0c72969503ad]

2011-07-17  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/sudoers.c:
	bash 2.x doesd not support the -l flag and exits with an error if it
	is specified so use --login instead. This causes an error with bash
	1.x (which uses -login instead) but this version is hopefully less
	used than 2.x.
	[5c4c296e30e6]

	* src/po/pl.mo, src/po/pl.po:
	Add Polish translation from translationproject.org
	[48592dd6edcf]

2011-07-13  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/set_perms.c:
	Make error strings translatable.
	[414c5c484768]

	* mkpkg:
	Only run configure with --with-pam-login for RHEL 5 and above.
	[6c16e4de4026]

	* sudo.pp:
	Fix typo in summary
	[9ac618c9a749]

2011-07-11  Todd C. Miller  <Todd.Miller@courtesan.com>

	* plugins/sudoers/logwrap.c:
	Add missing logwrap.c
	[c12a413ecc1d]

	* MANIFEST, plugins/sudoers/Makefile.in, plugins/sudoers/logging.c,
	plugins/sudoers/logging.h,
	plugins/sudoers/regress/logging/check_wrap.c,
	plugins/sudoers/regress/logging/check_wrap.in,
	plugins/sudoers/regress/logging/check_wrap.out.ok:
	Split out log file word wrap code into its own file and add unit
	tests. Fixes an off-by one in the word wrap when the log line length
	matches loglinelen.
	[52ed277f6690]

2011-07-05  Todd C. Miller  <Todd.Miller@courtesan.com>

	* mkpkg:
	For SuSE, only use /usr/lib64 as libexec if generating 64-bit
	binaries.
	[645ab903cf77]

	* src/load_plugins.c, src/sudo.c:
	Fix build error when --without-noexec configure option is used.
	[b994f7b