Add support for floating point timeout values (e.g. 2.5 minutes).

2025-08-22 01:49:11 +00:00 · 2009-12-08 21:49:53 +00:00 · 2009-12-08 21:49:53 +00:00 · 186d836ebc
commit 186d836ebc
parent d92b6c5d9e
7 changed files with 68 additions and 13 deletions
--- a/10
+++ b/10
@ -1,3 +1,13 @@
+What's new in Sudo 1.7.3?
+
+ * Support for logging a transcript of the command being run.
+   For more information, see the documentation for the "transcript"
+   Defaults option in the sudoers manual and the sudoreplay manual.
+
+ * The passwd_timeout and timestamp_timeout options may now be
+   specified as floating point numbers for more granular timeout
+   values.
+
 What's new in Sudo 1.7.2?

 * A new #includedir directive is available in sudoers.  This can be
--- a/def_data.c
+++ b/def_data.c
@ -155,12 +155,12 @@ struct sudo_defs_types sudo_defs_table[] = {
 	"Length at which to wrap log file lines (0 for no wrap): %d",
 	NULL,
    }, {
-	"timestamp_timeout", T_INT|T_BOOL,
-	"Authentication timestamp timeout: %d minutes",
+	"timestamp_timeout", T_FLOAT|T_BOOL,
+	"Authentication timestamp timeout: %.1f minutes",
 	NULL,
    }, {
-	"passwd_timeout", T_UINT|T_BOOL,
-	"Password prompt timeout: %d minutes",
+	"passwd_timeout", T_FLOAT|T_BOOL,
+	"Password prompt timeout: %.1f minutes",
 	NULL,
    }, {
 	"passwd_tries", T_UINT,
--- a/def_data.h
+++ b/def_data.h
@ -64,9 +64,9 @@
 #define I_PRESERVE_GROUPS       31
 #define def_loglinelen          (sudo_defs_table[32].sd_un.ival)
 #define I_LOGLINELEN            32
-#define def_timestamp_timeout   (sudo_defs_table[33].sd_un.ival)
+#define def_timestamp_timeout   (sudo_defs_table[33].sd_un.fval)
 #define I_TIMESTAMP_TIMEOUT     33
-#define def_passwd_timeout      (sudo_defs_table[34].sd_un.ival)
+#define def_passwd_timeout      (sudo_defs_table[34].sd_un.fval)
 #define I_PASSWD_TIMEOUT        34
 #define def_passwd_tries        (sudo_defs_table[35].sd_un.ival)
 #define I_PASSWD_TRIES          35
--- a/def_data.in
+++ b/def_data.in
@ -111,11 +111,11 @@ loglinelen
 	T_UINT|T_BOOL
 	"Length at which to wrap log file lines (0 for no wrap): %d"
 timestamp_timeout
-	T_INT|T_BOOL
-	"Authentication timestamp timeout: %d minutes"
+	T_FLOAT|T_BOOL
+	"Authentication timestamp timeout: %.1f minutes"
 passwd_timeout
-	T_UINT|T_BOOL
-	"Password prompt timeout: %d minutes"
+	T_FLOAT|T_BOOL
+	"Password prompt timeout: %.1f minutes"
 passwd_tries
 	T_UINT
 	"Number of tries to enter a password: %d"
--- a/defaults.c
+++ b/defaults.c
@ -104,6 +104,7 @@ static int store_syslogfac __P((char *, struct sudo_defs_types *, int));
 static int store_syslogpri __P((char *, struct sudo_defs_types *, int));
 static int store_tuple __P((char *, struct sudo_defs_types *, int));
 static int store_uint __P((char *, struct sudo_defs_types *, int));
+static int store_float __P((char *, struct sudo_defs_types *, int));
 static void list_op __P((char *, size_t, struct sudo_defs_types *, enum list_ops));
 static const char *logfac2str __P((int));
 static const char *logpri2str __P((int));
@ -153,6 +154,10 @@ dump_defaults()
 		    (void) printf(cur->desc, cur->sd_un.ival);
 		    putchar('\n');
 		    break;
+		case T_FLOAT:
+		    (void) printf(cur->desc, cur->sd_un.fval);
+		    putchar('\n');
+		    break;
 		case T_MODE:
 		    (void) printf(cur->desc, cur->sd_un.mode);
 		    putchar('\n');
@ -294,6 +299,19 @@ set_default(var, val, op)
 		return(FALSE);
 	    }
 	    break;
+	case T_FLOAT:
+	    if (!val) {
+		/* Check for bogus boolean usage or lack of a value. */
+		if (!ISSET(cur->type, T_BOOL) || op != FALSE) {
+		    warningx("no value specified for `%s'", var);
+		    return(FALSE);
+		}
+	    }
+	    if (!store_float(val, cur, op)) {
+		warningx("value `%s' is invalid for option `%s'", val, var);
+		return(FALSE);
+	    }
+	    break;
 	case T_MODE:
 	    if (!val) {
 		/* Check for bogus boolean usage or lack of a value. */
@ -549,7 +567,7 @@ store_int(val, def, op)
 	if (*endp != '\0')
 	    return(FALSE);
 	/* XXX - should check against INT_MAX */
-	def->sd_un.ival = (unsigned int)l;
+	def->sd_un.ival = (int)l;
    }
    if (def->callback)
 	return(def->callback(val));
@ -579,6 +597,29 @@ store_uint(val, def, op)
    return(TRUE);
 }

+static int
+store_float(val, def, op)
+    char *val;
+    struct sudo_defs_types *def;
+    int op;
+{
+    char *endp;
+    double d;
+
+    if (op == FALSE) {
+	def->sd_un.fval = 0.0;
+    } else {
+	d = strtod(val, &endp);
+	if (*endp != '\0')
+	    return(FALSE);
+	/* XXX - should check against HUGE_VAL */
+	def->sd_un.fval = d;
+    }
+    if (def->callback)
+	return(def->callback(val));
+    return(TRUE);
+}
+
 static int
 store_tuple(val, def, op)
    char *val;
--- a/defaults.h
+++ b/defaults.h
@ -54,6 +54,7 @@ struct sudo_defs_types {
    union {
 	int flag;
 	int ival;
+	double fval;
 	enum def_tupple tuple;
 	char *str;
 	mode_t mode;
@ -63,7 +64,7 @@ struct sudo_defs_types {

 /*
 * Four types of defaults: strings, integers, and flags.
- * Also, T_INT or T_STR may be ANDed with T_BOOL to indicate that
+ * Also, T_INT, T_FLOAT or T_STR may be ANDed with T_BOOL to indicate that
 * a value is not required.  Flags are boolean by nature...
 */
 #undef T_INT
@ -84,6 +85,8 @@ struct sudo_defs_types {
 #define T_LOGPRI	0x008
 #undef T_TUPLE
 #define T_TUPLE		0x009
+#undef T_FLOAT
+#define T_FLOAT		0x010
 #undef T_MASK
 #define T_MASK		0x0FF
 #undef T_BOOL
--- a/3
+++ b/3
@ -133,7 +133,8 @@ sub print_record {
 	elsif (/^T_LOGFAC/) { $v = "ival"; }
 	elsif (/^T_LOGPRI/) { $v = "ival"; }
 	elsif (/^T_TUPLE/)  { $v = "tuple"; }
-	else { die "$0: unknown defaults type: $type\n"; }
+	elsif (/^T_FLOAT/)  { $v = "fval"; }
+	else { die "$0: unknown defaults type: $_\n"; }
    }
    printf HEADER "#define %-23s (sudo_defs_table[$recnum].sd_un.${v})\n",
 	"def_$rec->[0]";