From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Tue, 16 Mar 2010 11:13:57 +0000 (-0400)
Subject: Don't update ticket file if verify_user returns FALSE.
X-Git-Tag: SUDO_1_8_0~805
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=cbf298bfc821fc5b0f538ad97aad6a67e1513eb0;p=sudo

Don't update ticket file if verify_user returns FALSE.
---

diff --git a/plugins/sudoers/check.c b/plugins/sudoers/check.c
index f6390d04b..e0f3d11c4 100644
--- a/plugins/sudoers/check.c
+++ b/plugins/sudoers/check.c
@@ -140,7 +140,8 @@ check_user(validated, mode)
 	rval = verify_user(auth_pw, prompt);
     }
     /* Only update timestamp if user was validated. */
-    if (ISSET(validated, VALIDATE_OK) && !ISSET(mode, MODE_IGNORE_TICKET) && status != TS_ERROR)
+    if (rval == TRUE && ISSET(validated, VALIDATE_OK) &&
+	!ISSET(mode, MODE_IGNORE_TICKET) && status != TS_ERROR)
 	update_timestamp(timestampdir, timestampfile);
     efree(timestampdir);
     efree(timestampfile);