diff options
| author | Todd C. Miller <millert@cvs.openbsd.org> | 2002-01-03 03:49:17 +0000 |
|---|---|---|
| committer | Todd C. Miller <millert@cvs.openbsd.org> | 2002-01-03 03:49:17 +0000 |
| commit | a8c409b2b43635d095e5e8b5fd8fcd42fc4a539c (patch) | |
| tree | 69468cedd38b3d8eb953e6fdfbdc23e8500f93cc /usr.bin/sudo/check.c | |
| parent | 2e8dc04dc3a4b4d1e0664c16b572efd2c74466e5 (diff) | |
Update to sudo 1.6.4
Diffstat (limited to 'usr.bin/sudo/check.c')
| -rw-r--r-- | usr.bin/sudo/check.c | 79 |
1 files changed, 45 insertions, 34 deletions
diff --git a/usr.bin/sudo/check.c b/usr.bin/sudo/check.c index 927b1423b3f..95f17e40d3a 100644 --- a/usr.bin/sudo/check.c +++ b/usr.bin/sudo/check.c @@ -1,5 +1,5 @@ /* - * Copyright (c) 1994-1996,1998-1999 Todd C. Miller <Todd.Miller@courtesan.com> + * Copyright (c) 1993-1996,1998-2001 Todd C. Miller <Todd.Miller@courtesan.com> * All rights reserved. * * Redistribution and use in source and binary forms, with or without @@ -34,34 +34,40 @@ #include "config.h" +#include <sys/types.h> +#include <sys/param.h> +#include <sys/stat.h> +#include <sys/file.h> #include <stdio.h> #ifdef STDC_HEADERS -#include <stdlib.h> +# include <stdlib.h> +# include <stddef.h> +#else +# ifdef HAVE_STDLIB_H +# include <stdlib.h> +# endif #endif /* STDC_HEADERS */ -#ifdef HAVE_UNISTD_H -#include <unistd.h> -#endif /* HAVE_UNISTD_H */ #ifdef HAVE_STRING_H -#include <string.h> +# include <string.h> +#else +# ifdef HAVE_STRINGS_H +# include <strings.h> +# endif #endif /* HAVE_STRING_H */ -#ifdef HAVE_STRINGS_H -#include <strings.h> -#endif /* HAVE_STRINGS_H */ +#ifdef HAVE_UNISTD_H +# include <unistd.h> +#endif /* HAVE_UNISTD_H */ #include <errno.h> #include <fcntl.h> #include <signal.h> #include <time.h> -#include <sys/param.h> -#include <sys/types.h> -#include <sys/stat.h> -#include <sys/file.h> #include <pwd.h> #include <grp.h> #include "sudo.h" #ifndef lint -static const char rcsid[] = "$Sudo: check.c,v 1.194 2000/02/15 23:36:03 millert Exp $"; +static const char rcsid[] = "$Sudo: check.c,v 1.202 2001/12/14 19:52:47 millert Exp $"; #endif /* lint */ /* Status codes for timestamp_status() */ @@ -226,10 +232,10 @@ user_is_exempt() struct group *grp; char **gr_mem; - if (!def_str(I_EXEMPT_GRP)) + if (!def_str(I_EXEMPT_GROUP)) return(FALSE); - if (!(grp = getgrnam(def_str(I_EXEMPT_GRP)))) + if (!(grp = getgrnam(def_str(I_EXEMPT_GROUP)))) return(FALSE); if (user_gid == grp->gr_gid) @@ -424,24 +430,29 @@ timestamp_status(timestampdir, timestampfile, user, make_dirs) * If the file/dir exists, check its mtime. */ if (status == TS_OLD) { - now = time(NULL); - if (def_ival(I_TS_TIMEOUT) && - now - sb.st_mtime < 60 * def_ival(I_TS_TIMEOUT)) { - /* - * Check for bogus time on the stampfile. The clock may - * have been set back or someone could be trying to spoof us. - */ - if (sb.st_mtime > now + 60 * def_ival(I_TS_TIMEOUT) * 2) { - log_error(NO_EXIT, - "timestamp too far in the future: %20.20s", - 4 + ctime(&sb.st_mtime)); - if (timestampfile) - (void) unlink(timestampfile); - else - (void) rmdir(timestampdir); - status = TS_MISSING; - } else - status = TS_CURRENT; + /* Negative timeouts only expire manually (sudo -k). */ + if (def_ival(I_TIMESTAMP_TIMEOUT) < 0 && sb.st_mtime != 0) + status = TS_CURRENT; + else { + now = time(NULL); + if (def_ival(I_TIMESTAMP_TIMEOUT) && + now - sb.st_mtime < 60 * def_ival(I_TIMESTAMP_TIMEOUT)) { + /* + * Check for bogus time on the stampfile. The clock may + * have been set back or someone could be trying to spoof us. + */ + if (sb.st_mtime > now + 60 * def_ival(I_TIMESTAMP_TIMEOUT) * 2) { + log_error(NO_EXIT, + "timestamp too far in the future: %20.20s", + 4 + ctime(&sb.st_mtime)); + if (timestampfile) + (void) unlink(timestampfile); + else + (void) rmdir(timestampdir); + status = TS_MISSING; + } else + status = TS_CURRENT; + } } } |