security/sudo: sync with upstream

Taken from: HardenedBSD
2017-08-14 15:17:11 +02:00 · 2017-08-14 15:17:11 +02:00 · e7e47296c6
commit e7e47296c6
parent 639cd7b1a1
2 changed files with 27 additions and 1 deletions
--- a/security/sudo/Makefile
+++ b/security/sudo/Makefile
@ -3,7 +3,7 @@

 PORTNAME=	sudo
 PORTVERSION=	1.8.20p2
-PORTREVISION=	2
+PORTREVISION=	3
 CATEGORIES=	security
 MASTER_SITES=	SUDO

--- a/security/sudo/files/patch-src_exec__nopty.c
+++ b/security/sudo/files/patch-src_exec__nopty.c
@ -0,0 +1,26 @@
+--- src/exec_nopty.c.orig	2017-08-09 17:20:41 UTC
+++ src/exec_nopty.c
+@@ -201,7 +201,7 @@ exec_nopty(struct command_details *details, struct com
+ 	sudo_warn(U_("unable to set handler for signal %d"), SIGCHLD);
+     if (sudo_sigaction(SIGCONT, &sa, NULL) != 0)
+ 	sudo_warn(U_("unable to set handler for signal %d"), SIGCONT);
+-#ifdef SIGINFO
+#if defined(SIGINFO) && !defined(__FreeBSD__)
+     if (sudo_sigaction(SIGINFO, &sa, NULL) != 0)
+ 	sudo_warn(U_("unable to set handler for signal %d"), SIGINFO);
+ #endif
+@@ -222,6 +222,14 @@ exec_nopty(struct command_details *details, struct com
+ 	sudo_warn(U_("unable to set handler for signal %d"), SIGQUIT);
+     if (sudo_sigaction(SIGTSTP, &sa, NULL) != 0)
+ 	sudo_warn(U_("unable to set handler for signal %d"), SIGTSTP);
+#if defined(SIGINFO) && defined(__FreeBSD__)
+    /*
+     * FreeBSD's ^T will generate a SIGINFO to the controlling terminal's
+     * process group.
+     */
+    if (sudo_sigaction(SIGINFO, &sa, NULL) != 0)
+	sudo_warn(U_("unable to set handler for signal %d"), SIGINFO);
+#endif
+ 
+     /*
+      * The policy plugin's session init must be run before we fork