For non-standalone auth methods, stop reading the password if the

author Todd C. Miller <Todd.Miller@courtesan.com>

Fri, 6 Aug 2010 21:16:57 +0000 (17:16 -0400)

committer Todd C. Miller <Todd.Miller@courtesan.com>

Fri, 6 Aug 2010 21:16:57 +0000 (17:16 -0400)
author Todd C. Miller <Todd.Miller@courtesan.com>
Fri, 6 Aug 2010 21:16:57 +0000 (17:16 -0400)
committer Todd C. Miller <Todd.Miller@courtesan.com>
Fri, 6 Aug 2010 21:16:57 +0000 (17:16 -0400)
diff --git a/plugins/sudoers/auth/sudo_auth.c b/plugins/sudoers/auth/sudo_auth.c

index 99cccecfd9ed8015130dccb2c343fb44170c757c..fc697165c72b01d94ce231a7dc17a3bea0bf08d8 100644 (file)
--- a/plugins/sudoers/auth/sudo_auth.c
+++ b/plugins/sudoers/auth/sudo_auth.c
@@ -180,13 +180,17 @@ verify_user(struct passwd *pw, char *prompt)
         }
  
         /* Get the password unless the auth function will do it for us */
-       if (standalone)
+       if (standalone) {
             p = prompt;
-       else
-           p = auth_getpass(prompt, def_passwd_timeout * 60, SUDO_CONV_PROMPT_ECHO_OFF);
+       } else {
+           p = auth_getpass(prompt, def_passwd_timeout * 60,
+               SUDO_CONV_PROMPT_ECHO_OFF);
+           if (p == NULL)
+               break;
+       }
  
         /* Call authentication functions. */
-       for (auth = auth_switch; p && auth->name; auth++) {
+       for (auth = auth_switch; auth->name; auth++) {
             if (IS_DISABLED(auth))
                 continue;
  
@@ -201,7 +205,7 @@ verify_user(struct passwd *pw, char *prompt)
             if (auth->status != AUTH_FAILURE)
                 goto cleanup;
         }
-       if (!standalone && p != NULL)
+       if (!standalone)
             zero_bytes(p, strlen(p));
         pass_warn();
      }
author	Todd C. Miller <Todd.Miller@courtesan.com>
	Fri, 6 Aug 2010 21:16:57 +0000 (17:16 -0400)
committer	Todd C. Miller <Todd.Miller@courtesan.com>
	Fri, 6 Aug 2010 21:16:57 +0000 (17:16 -0400)