From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Thu, 1 Dec 2016 17:52:05 +0000 (-0700)
Subject: Ignore a boot time that is in the future, which can happen when the
X-Git-Tag: SUDO_1_8_19^2~9
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=852ffa5938d984c93e1bacf941d05ddbe6b8ecae;p=sudo

Ignore a boot time that is in the future, which can happen when the
clock is corrected down after boot.  Otherwise, the timestamp file
will be unlinked each time sudo is run and a password is always
required.
---

diff --git a/plugins/sudoers/timestamp.c b/plugins/sudoers/timestamp.c
index 588695346..a3b32383c 100644
--- a/plugins/sudoers/timestamp.c
+++ b/plugins/sudoers/timestamp.c
@@ -389,15 +389,23 @@ timestamp_open(const char *user, pid_t sid)
 
 	/* Remove time stamp file if its mtime predates boot time. */
 	if (tries == 1 && fstat(fd, &sb) == 0) {
-	    struct timespec boottime, mtime;
-
-	    mtim_get(&sb, mtime);
-	    if (get_boottime(&boottime)) {
-		if (sudo_timespeccmp(&mtime, &boottime, <)) {
-		    /* Time stamp file too old, remove it. */
-		    close(fd);
-		    unlink(fname);
-		    continue;
+	    struct timespec boottime, mtime, now;
+
+	    if (sudo_gettime_real(&now) == 0 && get_boottime(&boottime)) {
+		/* Ignore a boot time that is in the future. */
+		if (sudo_timespeccmp(&now, &boottime, <)) {
+		    sudo_debug_printf(SUDO_DEBUG_WARN|SUDO_DEBUG_LINENO,
+			"ignoring boot time that is in the future");
+		} else {
+		    mtim_get(&sb, mtime);
+		    if (sudo_timespeccmp(&mtime, &boottime, <)) {
+			/* Time stamp file too old, remove it. */
+			sudo_debug_printf(SUDO_DEBUG_WARN|SUDO_DEBUG_LINENO,
+			    "removing time stamp file that predates boot time");
+			close(fd);
+			unlink(fname);
+			continue;
+		    }
 		}
 	    }
 	}