Bug 423

Summary: sudoreplay don't work under freebsd 8.X
Product: Sudo Reporter: Igor <igor.goncharenko>
Component: SudoreplayAssignee: Todd C. Miller <Todd.Miller>
Status: RESOLVED FIXED    
Severity: normal    
Priority: low    
Version: 1.7.3   
Hardware: PC   
OS: FreeBSD   
Attachments: Use C locale when logging timing info but accept either "." or locale-dependent decimal point in sudoreplay

Description Igor 2010-07-27 02:56:12 MDT 
With enabled log_input, log_output in sudoers i have successfully recorded sudo session:

$sudoreplay -l
{skip}
Jul 27 09:51:03 2010 : igor : TTY=pts/1 ; CWD=/usr/home/igor ; USER=test ; TSID=00000A ; COMMAND=/bin/sh

but when i tried to replay this session i got error:

$sudoreplay 00000A
Replaying sudo session: /bin/sh
sudoreplay: invalid timing file line: 4 0,181042 131
: Unknown error: 0

PS. Affected freebsd 8.0/8.1 with sudo 1.7.3/1.7.4b5.
Comment 1 Todd C. Miller 2010-07-27 07:54:33 MDT 
Appears to be a locale issue.  Sudoreplay needs to either use decimal_point from localeconv() or just use the C locale while logging.
Comment 2 Igor 2010-07-27 08:33:07 MDT 
On freebsd 7.2:
vm#locale
LANG=ru_RU.KOI8-R
LC_CTYPE="ru_RU.KOI8-R"
LC_COLLATE="ru_RU.KOI8-R"
LC_TIME="ru_RU.KOI8-R"
LC_NUMERIC="ru_RU.KOI8-R"
LC_MONETARY="ru_RU.KOI8-R"
LC_MESSAGES="ru_RU.KOI8-R"
LC_ALL=

vm# sudoreplay 000017
Replaying sudo session: /usr/local/bin/bash
To see the MAC addresses of the NICs on your system, type
...
{started normal replay}
...

On freebsd 8.1:
vm2#locale
LANG=ru_RU.KOI8-R
LC_CTYPE="ru_RU.KOI8-R"
LC_COLLATE="ru_RU.KOI8-R"
LC_TIME="ru_RU.KOI8-R"
LC_NUMERIC="ru_RU.KOI8-R"
LC_MONETARY="ru_RU.KOI8-R"
LC_MESSAGES="ru_RU.KOI8-R"
LC_ALL=

vm2#sudoreplay 00000A
Replaying sudo session: /bin/sh
sudoreplay: invalid timing file line: 4 0,181042 131
: Unknown error: 0
Comment 3 Igor 2010-07-27 08:52:46 MDT 
Clear, when LOGGIN. ok.
Comment 4 Todd C. Miller 2010-07-27 09:37:24 MDT 
Created attachment 283 [details]
Use C locale when logging timing info but accept either "." or locale-dependent decimal point in sudoreplay

The following patch should fix this.  You should only really need to sudoreplay.c portion change.
Comment 5 Todd C. Miller 2010-07-27 11:33:24 MDT 
I've verified the problem and the fix on FreeBSD 8.0.  The fix is in ftp://ftp.sudo.ws/pub/sudo/beta/sudo-1.7.4rc1.tar.gz
Comment 6 Igor 2010-07-28 02:39:48 MDT 
Confirmed. Fixed in rc1. Tnx!
Comment 7 Todd C. Miller 2010-08-02 14:59:42 MDT 
Closing, sudo 1.7.4 is out now.