Add new T_UINT type that most things use instead of T_INT

If timestamp_timeout is < 0 then treat the ticket as never expiring
(to be expired manually by the user).

diff --git a/check.c b/check.c
index b28cb524f3ba195a4c542dbe88451d52ffc6d274..fc68649216007ff97f3b83ae400cee2217663fbe 100644 (file)
--- a/check.c
+++ b/check.c
@@ -424,24 +424,29 @@ timestamp_status(timestampdir, timestampfile, user, make_dirs)
      * If the file/dir exists, check its mtime.
      */
     if (status == TS_OLD) {
-       now = time(NULL);
-       if (def_ival(I_TIMESTAMP_TIMEOUT) && 
-           now - sb.st_mtime < 60 * def_ival(I_TIMESTAMP_TIMEOUT)) {
-           /*
-            * Check for bogus time on the stampfile.  The clock may
-            * have been set back or someone could be trying to spoof us.
-            */
-           if (sb.st_mtime > now + 60 * def_ival(I_TIMESTAMP_TIMEOUT) * 2) {
-               log_error(NO_EXIT,
-                   "timestamp too far in the future: %20.20s",
-                   4 + ctime(&sb.st_mtime));
-               if (timestampfile)
-                   (void) unlink(timestampfile);
-               else
-                   (void) rmdir(timestampdir);
-               status = TS_MISSING;
-           } else
-               status = TS_CURRENT;
+       /* Negative timeouts only expire manually (sudo -k). */
+       if (def_ival(I_TS_TIMEOUT) < 0 && sb.st_mtime != 0)
+           status = TS_CURRENT;
+       else {
+           now = time(NULL);
+           if (def_ival(I_TIMESTAMP_TIMEOUT) && 
+               now - sb.st_mtime < 60 * def_ival(I_TIMESTAMP_TIMEOUT)) {
+               /*
+                * Check for bogus time on the stampfile.  The clock may
+                * have been set back or someone could be trying to spoof us.
+                */
+               if (sb.st_mtime > now + 60 * def_ival(I_TIMESTAMP_TIMEOUT) * 2) {
+                   log_error(NO_EXIT,
+                       "timestamp too far in the future: %20.20s",
+                       4 + ctime(&sb.st_mtime));
+                   if (timestampfile)
+                       (void) unlink(timestampfile);
+                   else
+                       (void) rmdir(timestampdir);
+                   status = TS_MISSING;
+               } else
+                   status = TS_CURRENT;
+           }
        }
     }
 

diff --git a/defaults.c b/defaults.c
index 30fd6040ca691909932df43c792ee2a3ad42f75f..7d2f6cace62875506e0153daa88b4624e7b6d26f 100644 (file)
--- a/defaults.c
+++ b/defaults.c
@@ -102,6 +102,7 @@ extern int sudolineno;
  * Local prototypes.
  */
 static int store_int __P((char *, struct sudo_defs_types *, int));
+static int store_uint __P((char *, struct sudo_defs_types *, int));
 static int store_str __P((char *, struct sudo_defs_types *, int));
 static int store_syslogfac __P((char *, struct sudo_defs_types *, int));
 static int store_syslogpri __P((char *, struct sudo_defs_types *, int));
@@ -137,6 +138,7 @@ dump_defaults()
                        putchar('\n');
                    }
                    break;
+               case T_UINT:
                case T_INT:
                    (void) printf(cur->desc, cur->sd_un.ival);
                    putchar('\n');
@@ -286,6 +288,23 @@ set_default(var, val, op)
                return(FALSE);
            }
            break;
+       case T_UINT:
+           if (!val) {
+               /* Check for bogus boolean usage or lack of a value. */
+               if (!(cur->type & T_BOOL) || op != FALSE) {
+                   (void) fprintf(stderr,
+                       "%s: no value specified for `%s' on line %d\n", Argv[0],
+                       var, sudolineno);
+                   return(FALSE);
+               }
+           }
+           if (!store_uint(val, cur, op)) {
+               (void) fprintf(stderr,
+                   "%s: value '%s' is invalid for option '%s'\n", Argv[0],
+                   val, var);
+               return(FALSE);
+           }
+           break;
        case T_MODE:
            if (!val) {
                /* Check for bogus boolean usage or lack of a value. */
@@ -467,6 +486,27 @@ store_int(val, def, op)
     char *endp;
     long l;
 
+    if (op == FALSE) {
+       def->sd_un.ival = 0;
+    } else {
+       l = strtol(val, &endp, 10);
+       if (*endp != '\0')
+           return(FALSE);
+       /* XXX - should check against INT_MAX */
+       def->sd_un.ival = (unsigned int)l;
+    }
+    return(TRUE);
+}
+
+static int
+store_uint(val, def, op)
+    char *val;
+    struct sudo_defs_types *def;
+    int op;
+{
+    char *endp;
+    long l;
+
     if (op == FALSE) {
        def->sd_un.ival = 0;
     } else {

diff --git a/defaults.h b/defaults.h
index 5fe0f6b7e18b9f14cb9d7989d64c913cee41cdb9..dbbe89a93b976375b9cc682b809ed2738813d1bc 100644 (file)
--- a/defaults.h
+++ b/defaults.h
@@ -46,8 +46,8 @@ struct sudo_defs_types {
     char *desc;
     union {
        int flag;
+       int ival;
        char *str;
-       unsigned int ival;
        mode_t mode;
     } sd_un;
 };
@@ -59,18 +59,20 @@ struct sudo_defs_types {
  */
 #undef T_INT
 #define T_INT          0x001
+#undef T_UINT
+#define T_UINT         0x002
 #undef T_STR
-#define T_STR          0x002
+#define T_STR          0x003
 #undef T_FLAG
-#define T_FLAG         0x003
+#define T_FLAG         0x004
 #undef T_MODE
-#define T_MODE         0x004
+#define T_MODE         0x005
 #undef T_LOGFAC
-#define T_LOGFAC       0x005
+#define T_LOGFAC       0x006
 #undef T_LOGPRI
-#define T_LOGPRI       0x006
+#define T_LOGPRI       0x007
 #undef T_PWFLAG
-#define T_PWFLAG       0x007
+#define T_PWFLAG       0x008
 #undef T_MASK
 #define T_MASK         0x0FF
 #undef T_BOOL