From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Fri, 21 Jul 2017 15:07:00 +0000 (-0600)
Subject: Don't set passprompt_override when SUDO_PROMPT is present.
X-Git-Tag: SUDO_1_8_21^2~25
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=879ba688790ef145822863657c5e19a2c4584a1f;p=sudo

Don't set passprompt_override when SUDO_PROMPT is present.
This effectively reverts ed77d255f383.

We treat the SUDO_PROMPT environment variable similar to passprompt
in sudoers: it will only override a PAM prompt if the PAM prompt
is either "Password:" or "username's Password:".
---

diff --git a/plugins/sudoers/sudoers.c b/plugins/sudoers/sudoers.c
index dd187398a..132113672 100644
--- a/plugins/sudoers/sudoers.c
+++ b/plugins/sudoers/sudoers.c
@@ -695,12 +695,14 @@ init_vars(char * const envp[])
 		    user_path = *ep + sizeof("PATH=") - 1;
 		break;
 	    case 'S':
-		if (!user_prompt && MATCHES(*ep, "SUDO_PROMPT=")) {
-		    user_prompt = *ep + sizeof("SUDO_PROMPT=") - 1;
-		    def_passprompt_override = true;
-		} else if (MATCHES(*ep, "SUDO_USER=")) {
-		    prev_user = *ep + sizeof("SUDO_USER=") - 1;
+		if (MATCHES(*ep, "SUDO_PROMPT=")) {
+		    /* Don't override "sudo -p prompt" */
+		    if (user_prompt == NULL)
+			user_prompt = *ep + sizeof("SUDO_PROMPT=") - 1;
+		    break;
 		}
+		if (MATCHES(*ep, "SUDO_USER="))
+		    prev_user = *ep + sizeof("SUDO_USER=") - 1;
 		break;
 	    }
     }