Allow configurable system password timeout

The default value is the same as the previously hard-coded value: 15 minutes.

Increase this value to prompt the sysop for the system password less frequently, decrease for more frequent.

This fixes issue #407.

src/sbbs3/con_hi.cpp

@@ -165,7 +165,7 @@ bool sbbs_t::chksyspass(const char* sys_pw)
 		logline(LOG_NOTICE,"S!","Remote sysop access disabled");
 		return(false);
 	}
-	if(time(NULL) - last_sysop_auth < 15*60)
+	if(time(NULL) - last_sysop_auth < cfg.sys_pass_timeout * 60)
 		return true;
 	if(sys_pw != NULL)
 		SAFECOPY(str, sys_pw);

src/sbbs3/scfg/scfgsys.c

@@ -74,12 +74,15 @@ void security_cfg(void)
 		i = 0;
 		sprintf(opt[i++],"%-33.33s%s","System Password", "*******");
 		if(cfg.sys_misc & SM_R_SYSOP) {
-			SAFECOPY(str, "Yes");
+			*str = '\0';
 			if(cfg.sys_misc & SM_SYSPASSLOGIN)
-				SAFECAT(str, ", SYSPASS required at login");
+				SAFECOPY(str, "At Login and ");
+			sprintf(str + strlen(str), "After %u minutes", cfg.sys_pass_timeout);
 		} else
-			SAFECOPY(str, "No");
-		sprintf(opt[i++],"%-33.33s%s","Allow Sysop Access", str);
+			SAFECOPY(str, "N/A");
+		sprintf(opt[i++],"%-33.33s%s","Prompt for System Password", str);
+		sprintf(opt[i++],"%-33.33s%s","Allow Sysop Access"
+			,(cfg.sys_misc & SM_R_SYSOP) ? "Yes" : "No");
 		sprintf(opt[i++],"%-33.33s%s","Allow Login by Real Name"
 			,(!(cfg.uq&UQ_ALIASES) || cfg.sys_login & LOGIN_REALNAME) ? "Yes" : "No");
 		sprintf(opt[i++],"%-33.33s%s","Allow Login by User Number"
@@ -152,6 +155,36 @@ void security_cfg(void)
 				;
 				uifc.input(WIN_MID|WIN_SAV,0,0,"System Password",cfg.sys_pass,sizeof(cfg.sys_pass)-1,K_EDIT|K_UPPER);
 				break;
+			case __COUNTER__:
+				if(!(cfg.sys_misc&SM_R_SYSOP))
+					break;
+				i=cfg.sys_misc&SM_SYSPASSLOGIN ? 0:1;
+				uifc.helpbuf=
+					"`Require System Password for Sysop Login:`\n"
+					"\n"
+					"If you want to require the correct system password to be provided during\n"
+					"system operator logins (in addition to the sysop's personal user account\n"
+					"password), set this option to `Yes`.\n"
+				;
+				i=uifc.list(WIN_MID|WIN_SAV,0,0,0,&i,0
+					,"Require System Password for Sysop Login",uifcYesNoOpts);
+				if(i == 1)
+					cfg.sys_misc &= ~SM_SYSPASSLOGIN;
+				else if(i == 0)
+					cfg.sys_misc |= SM_SYSPASSLOGIN;
+				else
+					break;
+				sprintf(str, "%u", cfg.sys_pass_timeout);
+				uifc.helpbuf=
+					"`System Password Timeout:`\n"
+					"\n"
+					"Set this value to the number of minutes after which the system password\n"
+					"will again have to be successfully entered to engage in system operator\n"
+					"activities.\n"
+				;
+				if(uifc.input(WIN_MID|WIN_SAV,0,0,"System Password Timeout (minutes)", str, 5, K_EDIT | K_NUMBER) > 0)
+					cfg.sys_pass_timeout = atoi(str);
+				break;
 			case __COUNTER__:
 				i=cfg.sys_misc&SM_R_SYSOP ? 0:1;
 				uifc.helpbuf=
@@ -162,26 +195,10 @@ void security_cfg(void)
 				;
 				i=uifc.list(WIN_MID|WIN_SAV,0,0,0,&i,0
 					,"Allow Sysop Access",uifcYesNoOpts);
-				if(i == 0) {
-					cfg.sys_misc|=SM_R_SYSOP;
-					i=cfg.sys_misc&SM_SYSPASSLOGIN ? 0:1;
-					uifc.helpbuf=
-						"`Require System Password for Sysop Login:`\n"
-						"\n"
-						"If you want to require the correct system password to be provided during\n"
-						"system operator logins (in addition to the sysop's personal user account\n"
-						"password), set this option to `Yes`.\n"
-					;
-					i=uifc.list(WIN_MID|WIN_SAV,0,0,0,&i,0
-						,"Require System Password for Sysop Login",uifcYesNoOpts);
-					if(i==1)
-						cfg.sys_misc &= ~SM_SYSPASSLOGIN;
-					else if(i==0)
-						cfg.sys_misc |= SM_SYSPASSLOGIN;
-				}
-				else if(i == 1) {
+				if(i == 0)
+					cfg.sys_misc |= SM_R_SYSOP;
+				else if(i == 1)
 					cfg.sys_misc &= ~SM_R_SYSOP;
-				}
 				break;
 			case __COUNTER__:
 				if(!(cfg.uq&UQ_ALIASES))

src/sbbs3/scfgdefs.h

@@ -473,6 +473,7 @@ typedef struct
 
 	uint32_t		sys_login;			// Login Settings (Bit-flags)
 	uint32_t 		sys_misc;			/* System Misc Settings */
+	uint32_t		sys_pass_timeout;	// Minutes between required SYSPASS entry
 	char 			sys_pass[41];		/* System Pass Word */
 	char 			sys_name[41];		/* System Name */
 	char 			sys_id[LEN_QWKID+1];/* System ID for QWK Packets */

src/sbbs3/scfglib1.c

@@ -101,6 +101,7 @@ BOOL read_main_cfg(scfg_t* cfg, char* error, size_t maxerrlen)
 	SAFECOPY(cfg->sys_name, iniGetString(ini, ROOT_SECTION, "name", "", value));
 	SAFECOPY(cfg->sys_op, iniGetString(ini, ROOT_SECTION, "operator", "", value));
 	SAFECOPY(cfg->sys_pass, iniGetString(ini, ROOT_SECTION, "password", "", value));
+	cfg->sys_pass_timeout = iniGetUInt32(ini, ROOT_SECTION, "password_timeout", 15 /* minutes */);
 	SAFECOPY(cfg->sys_id, iniGetString(ini, ROOT_SECTION, "qwk_id", "", value));
 	SAFECOPY(cfg->sys_guru, iniGetString(ini, ROOT_SECTION, "guru", "", value));
 	SAFECOPY(cfg->sys_location, iniGetString(ini, ROOT_SECTION, "location", "", value));

src/sbbs3/scfgsave.c

@@ -126,6 +126,7 @@ BOOL write_main_cfg(scfg_t* cfg, int backup_level)
 	iniSetString(&ini, ROOT_SECTION, "operator", cfg->sys_op, NULL);
 	iniSetString(&ini, ROOT_SECTION, "guru", cfg->sys_guru, NULL);
 	iniSetString(&ini, ROOT_SECTION, "password", cfg->sys_pass, NULL);
+	iniSetUInt32(&ini, ROOT_SECTION, "password_timeout", cfg->sys_pass_timeout, NULL);
 	iniSetShortInt(&ini, ROOT_SECTION, "timezone", cfg->sys_timezone, NULL);
 	iniSetHexInt(&ini, ROOT_SECTION, "settings", cfg->sys_misc, NULL);
 	iniSetHexInt(&ini, ROOT_SECTION, "login", cfg->sys_login, NULL);