lib/util/Makefile.in
lib/util/aix.c
lib/util/alloc.c
-lib/util/clock_gettime.c
lib/util/closefrom.c
lib/util/event.c
lib/util/event_poll.c
plugins/sudoers/getdate.c
plugins/sudoers/getdate.y
plugins/sudoers/getspwuid.c
+plugins/sudoers/gettime.c
plugins/sudoers/goodpath.c
plugins/sudoers/gram.c
plugins/sudoers/gram.h
SUDOERS_LIBS="${SUDOERS_LIBS} -lrt"
-else
-
- case " $LIBOBJS " in
- *" clock_gettime.$ac_objext "* ) ;;
- *) LIBOBJS="$LIBOBJS clock_gettime.$ac_objext"
- ;;
-esac
-
-
- for _sym in sudo_clock_gettime; do
- COMPAT_EXP="${COMPAT_EXP}${_sym}
-"
- done
-
-
fi
AC_CHECK_LIB(rt, clock_gettime, [
AC_DEFINE(HAVE_CLOCK_GETTIME)
SUDOERS_LIBS="${SUDOERS_LIBS} -lrt"
- ], [
- AC_LIBOBJ(clock_gettime)
- SUDO_APPEND_COMPAT_EXP(sudo_clock_gettime)
])
])
AC_CHECK_FUNCS([getopt_long], [], [
# undef sig2str
# define sig2str(_a, _b) sudo_sig2str((_a), (_b))
#endif /* HAVE_SIG2STR */
-#ifndef HAVE_CLOCK_GETTIME
-# if !defined(CLOCK_REALTIME)
-# define CLOCK_REALTIME 0
-# endif
-# if defined(__MACH__) && !defined(CLOCK_MONOTONIC)
-# define CLOCK_MONOTONIC 1
-# endif
-__dso_public int sudo_clock_gettime(clockid_t clock_id, struct timespec *tp);
-# undef clock_gettime
-# define clock_gettime(_a, _b) sudo_clock_gettime((_a), (_b))
-#endif /* HAVE_CLOCK_GETTIME */
#if !defined(HAVE_INET_NTOP) && defined(_SUDO_NET_IFS_C)
__dso_public char *sudo_inet_ntop(int af, const void *src, char *dst, socklen_t size);
# undef inet_ntop
$(incdir)/sudo_fatal.h $(incdir)/sudo_util.h \
$(top_builddir)/config.h
$(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/regress/atofoo/atofoo_test.c
-clock_gettime.lo: $(srcdir)/clock_gettime.c $(incdir)/compat/timespec.h \
- $(incdir)/sudo_compat.h $(top_builddir)/config.h
- $(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/clock_gettime.c
closefrom.lo: $(srcdir)/closefrom.c $(incdir)/sudo_compat.h \
$(top_builddir)/config.h
$(LIBTOOL) --mode=compile $(CC) -c -o $@ $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/closefrom.c
+++ /dev/null
-/*
- * Copyright (c) 2014 Todd C. Miller <Todd.Miller@courtesan.com>
- *
- * Permission to use, copy, modify, and distribute this software for any
- * purpose with or without fee is hereby granted, provided that the above
- * copyright notice and this permission notice appear in all copies.
- *
- * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
- * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
- * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
- * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
- * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
- * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
- * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
- */
-
-#include <config.h>
-
-#if !defined(HAVE_CLOCK_GETTIME)
-
-#include <sys/types.h>
-#include <sys/time.h>
-
-#include <errno.h>
-#include <stdio.h>
-#ifdef TIME_WITH_SYS_TIME
-# include <time.h>
-#endif
-#ifndef HAVE_STRUCT_TIMESPEC
-# include "compat/timespec.h"
-#endif
-
-#include "sudo_compat.h"
-
-#ifdef __MACH__
-# include <mach/mach.h>
-# include <mach/mach_time.h>
-# include <mach/clock.h>
-#endif
-
-/*
- * Trivial clock_gettime() that supports CLOCK_REALTIME
- * (and CLOCK_MONOTONIC on Mach).
- */
-int
-sudo_clock_gettime(clockid_t clock_id, struct timespec *ts)
-{
-
- switch (clock_id) {
-#ifdef __MACH__
- case CLOCK_MONOTONIC:
- {
- uint64_t abstime, nsec;
- static mach_timebase_info_data_t timebase_info;
-
- if (timebase_info.denom == 0)
- (void) mach_timebase_info(&timebase_info);
- abstime = mach_absolute_time();
- nsec = abstime * timebase_info.numer / timebase_info.denom;
- ts->tv_sec = nsec / 1000000000;
- ts->tv_nsec = nsec % 1000000000;
- return 0;
- }
-#endif
- case CLOCK_REALTIME:
- {
- struct timeval tv;
-
- gettimeofday(&tv, NULL);
- ts->tv_sec = tv.tv_sec;
- ts->tv_nsec = tv.tv_usec * 1000;
- return 0;
- }
- default:
- errno = EINVAL;
- return -1;
- }
-}
-
-#endif /* !HAVE_CLOCK_GETTIME */
$makefile =~ s:\@SUDOERS_OBJS\@:bsm_audit.lo linux_audit.lo ldap.lo solaris_audit.lo sssd.lo:;
# XXX - fill in AUTH_OBJS from contents of the auth dir instead
$makefile =~ s:\@AUTH_OBJS\@:afs.lo aix_auth.lo bsdauth.lo dce.lo fwtk.lo getspwuid.lo kerb5.lo pam.lo passwd.lo rfc1938.lo secureware.lo securid5.lo sia.lo:;
- $makefile =~ s:\@LTLIBOBJS\@:clock_gettime.lo closefrom.lo fnmatch.lo getaddrinfo.lo getcwd.lo getgrouplist.lo getline.lo getopt_long.lo glob.lo inet_ntop_lo inet_pton.lo isblank.lo memrchr.lo memset_s.lo mksiglist.lo mksigname.lo mktemp.lo pw_dup.lo sha2.lo sig2str.lo siglist.lo signame.lo snprintf.lo strlcat.lo strlcpy.lo strsignal.lo strtonum.lo utimes.lo:;
+ $makefile =~ s:\@LTLIBOBJS\@:closefrom.lo fnmatch.lo getaddrinfo.lo getcwd.lo getgrouplist.lo getline.lo getopt_long.lo glob.lo inet_ntop_lo inet_pton.lo isblank.lo memrchr.lo memset_s.lo mksiglist.lo mksigname.lo mktemp.lo pw_dup.lo sha2.lo sig2str.lo siglist.lo signame.lo snprintf.lo strlcat.lo strlcpy.lo strsignal.lo strtonum.lo utimes.lo:;
# Parse OBJS lines
my %objs;
toke_util.lo
SUDOERS_OBJS = $(AUTH_OBJS) boottime.lo check.lo env.lo find_path.lo \
- goodpath.lo group_plugin.lo interfaces.lo iolog.lo \
+ gettime.lo goodpath.lo group_plugin.lo interfaces.lo iolog.lo \
iolog_path.lo locale.lo logging.lo logwrap.lo parse.lo \
policy.lo prompt.lo set_perms.lo sudo_nss.lo sudoers.lo \
timestamp.lo @SUDOERS_OBJS@
$(srcdir)/sudoers.h $(srcdir)/sudoers_debug.h \
$(top_builddir)/config.h $(top_builddir)/pathnames.h
$(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/getspwuid.c
+gettime.lo: $(srcdir)/gettime.c $(incdir)/compat/stdbool.h \
+ $(incdir)/compat/timespec.h $(incdir)/sudo_compat.h \
+ $(incdir)/sudo_util.h $(top_builddir)/config.h
+ $(LIBTOOL) --mode=compile $(CC) -c $(CPPFLAGS) $(CFLAGS) $(PIE_CFLAGS) $(SSP_CFLAGS) $(DEFS) $(srcdir)/gettime.c
goodpath.lo: $(srcdir)/goodpath.c $(devdir)/def_data.h \
$(incdir)/compat/stdbool.h $(incdir)/sudo_alloc.h \
$(incdir)/sudo_compat.h $(incdir)/sudo_conf.h \
--- /dev/null
+/*
+ * Copyright (c) 2014-2015 Todd C. Miller <Todd.Miller@courtesan.com>
+ *
+ * Permission to use, copy, modify, and distribute this software for any
+ * purpose with or without fee is hereby granted, provided that the above
+ * copyright notice and this permission notice appear in all copies.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+ */
+
+#include <config.h>
+
+#include <sys/types.h>
+#include <sys/time.h>
+#include <stdio.h>
+#ifdef STDC_HEADERS
+# include <stdlib.h>
+# include <stddef.h>
+#else
+# ifdef HAVE_STDLIB_H
+# include <stdlib.h>
+# endif
+#endif /* STDC_HEADERS */
+#ifdef HAVE_UNISTD_H
+# include <unistd.h>
+#endif /* HAVE_UNISTD_H */
+#ifdef TIME_WITH_SYS_TIME
+# include <time.h>
+#endif
+#ifndef HAVE_STRUCT_TIMESPEC
+# include "compat/timespec.h"
+#endif
+#include <errno.h>
+
+#if defined(__MACH__) && !defined(HAVE_CLOCK_GETTIME)
+# include <mach/mach.h>
+# include <mach/mach_time.h>
+# include <mach/clock.h>
+#endif
+
+#include "sudoers.h"
+
+/* On Linux, CLOCK_MONOTONIC does not run while suspended. */
+#if defined(CLOCK_BOOTTIME)
+# define SUDO_CLOCK_MONOTONIC CLOCK_BOOTTIME
+#elif defined(CLOCK_MONOTONIC)
+# define SUDO_CLOCK_MONOTONIC CLOCK_MONOTONIC
+#endif
+
+#if defined(HAVE_CLOCK_GETTIME)
+int
+sudo_gettime_real(struct timespec *ts)
+{
+ debug_decl(sudo_gettime_real, SUDOERS_DEBUG_UTIL)
+
+ if (clock_gettime(CLOCK_REALTIME, ts) == -1) {
+ struct timeval tv;
+
+ sudo_debug_printf(SUDO_DEBUG_WARN|SUDO_DEBUG_ERRNO|SUDO_DEBUG_LINENO,
+ "clock_gettime(CLOCK_REALTIME) failed, trying gettimeofday()");
+ if (gettimeofday(&tv, NULL) == -1)
+ debug_return_int(-1);
+ TIMEVAL_TO_TIMESPEC(&tv, ts);
+ }
+ debug_return_int(0);
+}
+#else
+int
+sudo_gettime_real(struct timespec *ts)
+{
+ struct timeval tv;
+ debug_decl(sudo_gettime_real, SUDOERS_DEBUG_UTIL)
+
+ if (gettimeofday(&tv, NULL) == -1)
+ debug_return_int(-1);
+ TIMEVAL_TO_TIMESPEC(&tv, ts);
+ debug_return_int(0);
+}
+#endif
+
+#if defined(HAVE_CLOCK_GETTIME) && defined(SUDO_CLOCK_MONOTONIC)
+int
+sudo_gettime_mono(struct timespec *ts)
+{
+ static int has_monoclock = -1;
+ debug_decl(sudo_gettime_mono, SUDOERS_DEBUG_UTIL)
+
+ /* Check whether the kernel/libc actually supports CLOCK_MONOTONIC. */
+# ifdef _SC_MONOTONIC_CLOCK
+ if (has_monoclock == -1)
+ has_monoclock = sysconf(_SC_MONOTONIC_CLOCK) != -1;
+# endif
+ if (!has_monoclock)
+ debug_return_int(sudo_gettime_real(ts));
+ if (clock_gettime(SUDO_CLOCK_MONOTONIC, ts) == -1) {
+ sudo_debug_printf(SUDO_DEBUG_WARN|SUDO_DEBUG_ERRNO|SUDO_DEBUG_LINENO,
+ "clock_gettime(%d) failed, using wall clock", SUDO_CLOCK_MONOTONIC);
+ has_monoclock = 0;
+ debug_return_int(sudo_gettime_real(ts));
+ }
+ debug_return_int(0);
+}
+#elif defined(__MACH__)
+int
+sudo_gettime_mono(struct timespec *ts)
+{
+ uint64_t abstime, nsec;
+ static mach_timebase_info_data_t timebase_info;
+ debug_decl(sudo_gettime_mono, SUDOERS_DEBUG_UTIL)
+
+ if (timebase_info.denom == 0)
+ (void) mach_timebase_info(&timebase_info);
+ abstime = mach_absolute_time();
+ nsec = abstime * timebase_info.numer / timebase_info.denom;
+ ts->tv_sec = nsec / 1000000000;
+ ts->tv_nsec = nsec % 1000000000;
+ debug_return_int(0);
+}
+#else
+int
+sudo_gettime_mono(struct timespec *ts)
+{
+ /* No monotonic clock available, use wall clock. */
+ return sudo_gettime_real(ts);
+}
+#endif
#, fuzzy
msgid ""
msgstr ""
-"Project-Id-Version: sudo 1.8.12\n"
+"Project-Id-Version: sudo 1.8.13b2\n"
"Report-Msgid-Bugs-To: http://www.sudo.ws/bugs\n"
-"POT-Creation-Date: 2015-02-20 06:33-0700\n"
+"POT-Creation-Date: 2015-02-24 11:20-0700\n"
"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n"
"Last-Translator: FULL NAME <EMAIL@ADDRESS>\n"
"Language-Team: LANGUAGE <LL@li.org>\n"
msgid "%s: Cannot verify TGT! Possible attack!: %s"
msgstr ""
-#: plugins/sudoers/auth/pam.c:98
+#: plugins/sudoers/auth/pam.c:97
msgid "unable to initialize PAM"
msgstr ""
-#: plugins/sudoers/auth/pam.c:149
+#: plugins/sudoers/auth/pam.c:153
msgid "account validation failure, is your account locked?"
msgstr ""
-#: plugins/sudoers/auth/pam.c:153
+#: plugins/sudoers/auth/pam.c:157
msgid "Account or password is expired, reset your password and try again"
msgstr ""
-#: plugins/sudoers/auth/pam.c:161
+#: plugins/sudoers/auth/pam.c:165
#, c-format
msgid "unable to change expired password: %s"
msgstr ""
-#: plugins/sudoers/auth/pam.c:166
+#: plugins/sudoers/auth/pam.c:170
msgid "Password expired, contact your system administrator"
msgstr ""
-#: plugins/sudoers/auth/pam.c:170
+#: plugins/sudoers/auth/pam.c:174
msgid ""
"Account expired or PAM config lacks an \"account\" section for sudo, contact "
"your system administrator"
msgstr ""
-#: plugins/sudoers/auth/pam.c:187
+#: plugins/sudoers/auth/pam.c:186
#, c-format
msgid "PAM authentication error: %s"
msgstr ""
msgid "unable to initialize SIA session"
msgstr ""
-#: plugins/sudoers/auth/sudo_auth.c:115
+#: plugins/sudoers/auth/sudo_auth.c:135
msgid "invalid authentication methods"
msgstr ""
-#: plugins/sudoers/auth/sudo_auth.c:117
+#: plugins/sudoers/auth/sudo_auth.c:137
msgid ""
"Invalid authentication methods compiled into sudo! You may not mix "
"standalone and non-standalone authentication."
msgstr ""
-#: plugins/sudoers/auth/sudo_auth.c:203 plugins/sudoers/auth/sudo_auth.c:252
+#: plugins/sudoers/auth/sudo_auth.c:233 plugins/sudoers/auth/sudo_auth.c:282
msgid "no authentication methods"
msgstr ""
-#: plugins/sudoers/auth/sudo_auth.c:205
+#: plugins/sudoers/auth/sudo_auth.c:235
msgid ""
"There are no authentication methods compiled into sudo! If you want to turn "
"off authentication, use the --disable-authentication configure option."
msgstr ""
-#: plugins/sudoers/auth/sudo_auth.c:254
+#: plugins/sudoers/auth/sudo_auth.c:284
msgid "Unable to initialize authentication methods."
msgstr ""
-#: plugins/sudoers/auth/sudo_auth.c:412
+#: plugins/sudoers/auth/sudo_auth.c:442
msgid "Authentication methods:"
msgstr ""
msgstr ""
#: plugins/sudoers/iolog.c:101 plugins/sudoers/iolog.c:119
-#: plugins/sudoers/timestamp.c:233
+#: plugins/sudoers/timestamp.c:224
#, c-format
msgid "%s exists but is not a directory (0%o)"
msgstr ""
#: plugins/sudoers/iolog.c:112 plugins/sudoers/iolog.c:133
-#: plugins/sudoers/iolog.c:140 plugins/sudoers/timestamp.c:227
-#: plugins/sudoers/timestamp.c:248
+#: plugins/sudoers/iolog.c:140 plugins/sudoers/timestamp.c:218
+#: plugins/sudoers/timestamp.c:239
#, c-format
msgid "unable to mkdir %s"
msgstr ""
#: plugins/sudoers/iolog.c:209 plugins/sudoers/sudoers.c:765
#: plugins/sudoers/sudoreplay.c:330 plugins/sudoers/sudoreplay.c:793
-#: plugins/sudoers/sudoreplay.c:990 plugins/sudoers/timestamp.c:357
+#: plugins/sudoers/sudoreplay.c:990 plugins/sudoers/timestamp.c:351
#: plugins/sudoers/visudo.c:832 plugins/sudoers/visudo_json.c:1035
#: plugins/sudoers/visudo_json.c:1048
#, c-format
msgstr ""
#: plugins/sudoers/iolog.c:282 plugins/sudoers/sudoreplay.c:575
-#: plugins/sudoers/timestamp.c:186 plugins/sudoers/timestamp.c:189
+#: plugins/sudoers/timestamp.c:177 plugins/sudoers/timestamp.c:180
#, c-format
msgid "unable to write to %s"
msgstr ""
msgid "%s is not a regular file"
msgstr ""
-#: plugins/sudoers/sudoers.c:788 plugins/sudoers/timestamp.c:289 toke.l:955
+#: plugins/sudoers/sudoers.c:788 plugins/sudoers/timestamp.c:280 toke.l:955
#, c-format
msgid "%s is owned by uid %u, should be %u"
msgstr ""
"Command unmatched"
msgstr ""
-#: plugins/sudoers/timestamp.c:197
+#: plugins/sudoers/timestamp.c:188
#, c-format
msgid "unable to truncate time stamp file to %lld bytes"
msgstr ""
-#: plugins/sudoers/timestamp.c:297
+#: plugins/sudoers/timestamp.c:288
#, c-format
msgid "%s is group writable"
msgstr ""
-#: plugins/sudoers/timestamp.c:318
+#: plugins/sudoers/timestamp.c:309
#, c-format
msgid "timestamp path too long: %s/%s"
msgstr ""
-#: plugins/sudoers/timestamp.c:498
+#: plugins/sudoers/timestamp.c:340 plugins/sudoers/timestamp.c:425
+msgid "unable to read the clock"
+msgstr ""
+
+#: plugins/sudoers/timestamp.c:495
msgid "ignoring time stamp from the future"
msgstr ""
-#: plugins/sudoers/timestamp.c:510
+#: plugins/sudoers/timestamp.c:507
#, c-format
msgid "time stamp too far in the future: %20.20s"
msgstr ""
-#: plugins/sudoers/timestamp.c:613 plugins/sudoers/timestamp.c:634
+#: plugins/sudoers/timestamp.c:610 plugins/sudoers/timestamp.c:631
#, c-format
msgid "lecture status path too long: %s/%s"
msgstr ""
void remove_timestamp(bool);
bool set_lectured(void);
+/* gettime.c */
+int sudo_gettime_real(struct timespec *ts);
+int sudo_gettime_mono(struct timespec *ts);
+
/* sudo_auth.c */
bool sudo_auth_needs_end_session(void);
int verify_user(struct passwd *pw, char *prompt, int validated);
#include "sudoers.h"
#include "check.h"
-/* On Linux, CLOCK_MONOTONIC does not run while suspended. */
-#if defined(CLOCK_BOOTTIME)
-# define SUDO_CLOCK_MONOTONIC CLOCK_BOOTTIME
-#elif defined(CLOCK_MONOTONIC)
-# define SUDO_CLOCK_MONOTONIC CLOCK_MONOTONIC
-#else
-# define SUDO_CLOCK_MONOTONIC CLOCK_REALTIME
-#endif
-
static char timestamp_file[PATH_MAX];
static off_t timestamp_hint = (off_t)-1;
static struct timestamp_entry timestamp_key;
/* Fill in time stamp. */
memcpy(&entry, ×tamp_key, sizeof(struct timestamp_entry));
- if (clock_gettime(SUDO_CLOCK_MONOTONIC, &entry.ts) == -1) {
- log_warning(0, "clock_gettime(%d)", SUDO_CLOCK_MONOTONIC);
+ if (sudo_gettime_mono(&entry.ts) == -1) {
+ log_warning(0, N_("unable to read the clock"));
goto done;
}
timestamp_key.u.ppid = getppid();
}
}
- if (clock_gettime(SUDO_CLOCK_MONOTONIC, ×tamp_key.ts) == -1) {
- log_warning(0, "clock_gettime(%d)", SUDO_CLOCK_MONOTONIC);
+ if (sudo_gettime_mono(×tamp_key.ts) == -1) {
+ log_warning(0, N_("unable to read the clock"));
status = TS_ERROR;
}
projects / sudo / commitdiff