From 43499ea5ea61ffe25a8f25ed2e561019cf15630f Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@courtesan.com>
Date: Thu, 22 Jul 1999 12:24:42 +0000
Subject: [PATCH] o BSD-style copyright o Use new log functiongs o Use
 asprintf() and snprintf() where sensible.

---
 auth/kerb5.c | 64 ++++++++++++++++++++++++++++------------------------
 1 file changed, 34 insertions(+), 30 deletions(-)

diff --git a/auth/kerb5.c b/auth/kerb5.c
index 1666ecd80..e057800c7 100644
--- a/auth/kerb5.c
+++ b/auth/kerb5.c
@@ -1,25 +1,31 @@
 /*
- *  CU sudo version 1.6
- *  Copyright (c) 1999 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1999 Todd C. Miller <Todd.Miller@courtesan.com>
+ * All rights reserved.
  *
- *  This program is free software; you can redistribute it and/or modify
- *  it under the terms of the GNU General Public License as published by
- *  the Free Software Foundation; either version 1, or (at your option)
- *  any later version.
+ * This code is derived from software contributed by Frank Cusack
+ * <fcusack@iconnet.net>.
  *
- *  This program is distributed in the hope that it will be useful,
- *  but WITHOUT ANY WARRANTY; without even the implied warranty of
- *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
- *  GNU General Public License for more details.
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote products
+ *    derived from this software without specific prior written permission.
  *
- *  You should have received a copy of the GNU General Public License
- *  along with this program; if not, write to the Free Software
- *  Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
- *
- *  Please send bugs, changes, problems to sudo-bugs@courtesan.com
- *
- *  This code is derived from software contributed by Frank Cusack
- *  <fcusack@iconnet.net>.
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES,
+ * INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY
+ * AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL
+ * THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS;
+ * OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,
+ * WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR
+ * OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF
+ * ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  */
 
 #include "config.h"
@@ -61,7 +67,7 @@ kerb5_setup(pw, promptp, data)
     char **promptp;
     void **data;
 {
-    char *p, *lrealm;
+    char *lrealm;
     krb5_error_code retval;
     extern int arg_prompt;
 
@@ -70,9 +76,9 @@ kerb5_setup(pw, promptp, data)
 
     /* XXX - make these errors non-fatal for better fallback? */
     if (retval = krb5_init_context(&sudo_context)) {
-	set_perms(PERM_USER, 0);
-	log_error(GLOBAL_KRB5_INIT_ERR);
-	inform_user(GLOBAL_KRB5_INIT_ERR);
+	/* XXX - how to map retval to error string? */
+	log_error(NO_EXIT|NO_MAIL, 
+	    "unable to initialize Kerberos V context");
 	return(AUTH_FATAL);
     }
     *data = (void *) &sudo_context;	/* save a pointer to the context */
@@ -81,8 +87,8 @@ kerb5_setup(pw, promptp, data)
 
     if (retval = krb5_get_default_realm(sudo_context, &lrealm)) {
 	set_perms(PERM_USER, 0);
-	log_error(GLOBAL_KRB5_INIT_ERR);
-	inform_user(GLOBAL_KRB5_INIT_ERR);
+	log_error(NO_EXIT|NO_MAIL, 
+	    "unable to get default Kerberos V realm");
 	return(AUTH_FATAL);
     }
 
@@ -94,11 +100,8 @@ kerb5_setup(pw, promptp, data)
 	realm = lrealm;
 
     /* Only rewrite prompt if user didn't specify their own. */
-    if (!strcmp(prompt, PASSPROMPT)) {
-	p = emalloc(strlen(pw->pw_name) + strlen(realm) + 17);
-	sprintf(p, "Password for %s@%s: ", pw->pw_name, realm);
-	*promptp = p;
-    }
+    if (!strcmp(prompt, PASSPROMPT))
+	asprintf(promptp, "Password for %s@%s: ", pw->pw_name, realm);
     return(AUTH_SUCCESS);
 }
 
@@ -126,7 +129,8 @@ kerb5_verify(pw, pass, data)
 
     /* Set the ticket file to be in /tmp so we don't need to change perms. */
     /* XXX - potential /tmp race */
-    (void) sprintf(cache_name, "FILE:/tmp/sudocc_%ld", getpid());
+    (void) snprintf(cache_name, sizeof(cache_name), "FILE:/tmp/sudocc_%ld",
+	(long) getpid());
     if (krb5_cc_resolve(sudo_context, cache_name, &ccache)
 	return(AUTH_FAILURE);
 
-- 
2.40.0