mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-29 13:28:10 +00:00
Code Issues Releases Wiki Activity

log_server_open: always pass in awake time, not wallclock time.

Browse Source 
The timespec passed to log_server_open() should be from
sudo_gettime_awake() since it is used to build the command run time.
This commit is contained in:
Todd C. Miller 2023-11-23 09:08:04 -05:00
parent 6965e1b0aa
commit 432b085558
5 changed files with 17 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
plugins/sudoers/audit.c
View File

@ -251,7 +251,7 @@ audit_to_eventlog(const struct sudoers_context *ctx, struct eventlog *evlog,
static bool static bool
log_server_accept(const struct sudoers_context *ctx, struct eventlog *evlog) log_server_accept(const struct sudoers_context *ctx, struct eventlog *evlog)
{ {
struct timespec now; struct timespec start_time;
bool ret = false; bool ret = false;
debug_decl(log_server_accept, SUDOERS_DEBUG_PLUGIN); debug_decl(log_server_accept, SUDOERS_DEBUG_PLUGIN);
@ -268,7 +268,7 @@ log_server_accept(const struct sudoers_context *ctx, struct eventlog *evlog)
debug_return_bool(true); debug_return_bool(true);
} }
if (sudo_gettime_real(&now) == -1) { if (sudo_gettime_awake(&start_time) == -1) {
sudo_warn("%s", U_("unable to get time of day")); sudo_warn("%s", U_("unable to get time of day"));
goto done; goto done;
} }
@ -288,7 +288,7 @@ log_server_accept(const struct sudoers_context *ctx, struct eventlog *evlog)
goto done; goto done;
/* Open connection to log server, send hello and accept messages. */ /* Open connection to log server, send hello and accept messages. */
client_closure = log_server_open(&audit_details, &now, false, client_closure = log_server_open(&audit_details, &start_time, false,
SEND_ACCEPT, NULL); SEND_ACCEPT, NULL);
if (client_closure != NULL) if (client_closure != NULL)
ret = true; ret = true;

10
plugins/sudoers/iolog.c
View File

@ -57,7 +57,7 @@ static struct iolog_file iolog_files[] = {
}; };
static struct sudoers_io_operations { static struct sudoers_io_operations {
int (*open)(struct timespec *now); int (*open)(struct timespec *start_time);
void (*close)(int exit_status, int error, const char **errstr); void (*close)(int exit_status, int error, const char **errstr);
int (*log)(int event, const char *buf, unsigned int len, int (*log)(int event, const char *buf, unsigned int len,
struct timespec *delay, const char **errstr); struct timespec *delay, const char **errstr);
@ -685,7 +685,7 @@ oom:
} }
static int static int
sudoers_io_open_local(struct timespec *now) sudoers_io_open_local(struct timespec *start_time)
{ {
const struct sudoers_context *ctx = sudoers_get_context(); const struct sudoers_context *ctx = sudoers_get_context();
struct eventlog *evlog = iolog_details.evlog; struct eventlog *evlog = iolog_details.evlog;
@ -756,13 +756,13 @@ done:
#ifdef SUDOERS_LOG_CLIENT #ifdef SUDOERS_LOG_CLIENT
static int static int
sudoers_io_open_remote(struct timespec *now) sudoers_io_open_remote(struct timespec *start_time)
{ {
debug_decl(sudoers_io_open_remote, SUDOERS_DEBUG_PLUGIN); debug_decl(sudoers_io_open_remote, SUDOERS_DEBUG_PLUGIN);
/* Open connection to log server, send hello and accept messages. */ /* Open connection to log server, send hello and accept messages. */
client_closure = log_server_open(&iolog_details, now, true, SEND_ACCEPT, client_closure = log_server_open(&iolog_details, start_time, true,
NULL); SEND_ACCEPT, NULL);
if (client_closure != NULL) if (client_closure != NULL)
debug_return_int(1); debug_return_int(1);

12
plugins/sudoers/log_client.c
View File

@ -1962,7 +1962,7 @@ bad:
* Allocate and initialize a new client closure * Allocate and initialize a new client closure
*/ */
static struct client_closure * static struct client_closure *
client_closure_alloc(struct log_details *details, struct timespec *now, client_closure_alloc(struct log_details *details, struct timespec *start_time,
bool log_io, enum client_state initial_state, const char *reason) bool log_io, enum client_state initial_state, const char *reason)
{ {
struct client_closure *closure; struct client_closure *closure;
@ -1983,9 +1983,9 @@ client_closure_alloc(struct log_details *details, struct timespec *now,
closure->state = RECV_HELLO; closure->state = RECV_HELLO;
closure->initial_state = initial_state; closure->initial_state = initial_state;
if (now != NULL) { if (start_time != NULL) {
closure->start_time.tv_sec = now->tv_sec; closure->start_time.tv_sec = start_time->tv_sec;
closure->start_time.tv_nsec = now->tv_nsec; closure->start_time.tv_nsec = start_time->tv_nsec;
} }
TAILQ_INIT(&closure->write_bufs); TAILQ_INIT(&closure->write_bufs);
@ -2012,14 +2012,14 @@ oom:
} }
struct client_closure * struct client_closure *
log_server_open(struct log_details *details, struct timespec *now, log_server_open(struct log_details *details, struct timespec *start_time,
bool log_io, enum client_state initial_state, const char *reason) bool log_io, enum client_state initial_state, const char *reason)
{ {
struct client_closure *closure; struct client_closure *closure;
static bool warned = false; static bool warned = false;
debug_decl(log_server_open, SUDOERS_DEBUG_UTIL); debug_decl(log_server_open, SUDOERS_DEBUG_UTIL);
closure = client_closure_alloc(details, now, log_io, initial_state, closure = client_closure_alloc(details, start_time, log_io, initial_state,
reason); reason);
if (closure == NULL) if (closure == NULL)
goto bad; goto bad;

2
plugins/sudoers/log_client.h
View File

@ -107,7 +107,7 @@ struct client_closure {
}; };
/* iolog_client.c */ /* iolog_client.c */
struct client_closure *log_server_open(struct log_details *details, struct timespec *now, bool log_io, enum client_state initial_state, const char *reason); struct client_closure *log_server_open(struct log_details *details, struct timespec *start_time, bool log_io, enum client_state initial_state, const char *reason);
bool log_server_close(struct client_closure *closure, int exit_status, int error); bool log_server_close(struct client_closure *closure, int exit_status, int error);
bool fmt_client_message(struct client_closure *closure, ClientMessage *msg); bool fmt_client_message(struct client_closure *closure, ClientMessage *msg);
bool fmt_accept_message(struct client_closure *closure, struct eventlog *evlog); bool fmt_accept_message(struct client_closure *closure, struct eventlog *evlog);

4
plugins/sudoers/logging.c
View File

@ -157,8 +157,8 @@ log_server_reject(const struct sudoers_context *ctx, struct eventlog *evlog,
debug_return_bool(false); debug_return_bool(false);
/* Open connection to log server, send hello and reject messages. */ /* Open connection to log server, send hello and reject messages. */
client_closure = log_server_open(&details, &evlog->submit_time, client_closure = log_server_open(&details, NULL, false,
false, SEND_REJECT, message); SEND_REJECT, message);
if (client_closure != NULL) { if (client_closure != NULL) {
client_closure_free(client_closure); client_closure_free(client_closure);
client_closure = NULL; client_closure = NULL;