From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Sat, 13 Aug 2011 16:11:10 +0000 (-0400)
Subject: For AIX, keep calling authenticate() until reenter reaches 0.
X-Git-Tag: SUDO_1_7_7~27
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=fff422386958db6d336983e2f1fef311b68ccb98;p=sudo

For AIX, keep calling authenticate() until reenter reaches 0.

--HG--
branch : 1.7
---

diff --git a/auth/aix_auth.c b/auth/aix_auth.c
index fe65b0b66..0f6d4c6e9 100644
--- a/auth/aix_auth.c
+++ b/auth/aix_auth.c
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999-2005, 2007-2010 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1999-2005, 2007-2011 Todd C. Miller <Todd.Miller@courtesan.com>
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
@@ -56,19 +56,28 @@ aixauth_verify(pw, prompt, auth)
     char *prompt;
     sudo_auth *auth;
 {
-    char *pass;
-    char *message = NULL;
-    int reenter = 1;
-    int rval = AUTH_FAILURE;
+    char *pass, *message = NULL;
+    int result = 1, reenter = 0;
+    int rval = AUTH_SUCCESS;
 
-    pass = tgetpass(prompt, def_passwd_timeout * 60, tgetpass_flags);
-    if (pass) {
-	/* XXX - should probably print message on failure. */
-	if (authenticate(pw->pw_name, pass, &reenter, &message) == 0)
-	    rval = AUTH_SUCCESS;
-	free(message);
+    do {
+	pass = tgetpass(prompt, def_passwd_timeout * 60, tgetpass_flags);
+	if (pass == NULL)
+	    break;
+	efree(message);
+	message = NULL;
+	result = authenticate(pw->pw_name, pass, &reenter, &message);
 	zero_bytes(pass, strlen(pass));
+	prompt = message;
+    } while (reenter);
+
+    if (result != 0) {
+	/* Display error message, if any. */
+	if (message != NULL)
+	    fputs(message, stderr);
+	rval = pass ? AUTH_FAILURE : AUTH_INTR;
     }
+    efree(message);
     return rval;
 }