From 9c9b487b0c40dd9c2248dd0acf60492e4302588a Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@courtesan.com>
Date: Wed, 2 Dec 2015 10:43:41 -0700
Subject: [PATCH] In list mode, we always want to clear FLAG_NO_USER and
 FLAG_NO_HOST regardless of whether or not there was an actual match. 
 Otherwise, warning mail may be sent which is not what we want in list mode.
 This is consistent with what the sudoers file backend does.

---
 plugins/sudoers/ldap.c | 4 ++--
 plugins/sudoers/sssd.c | 6 +++---
 2 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/plugins/sudoers/ldap.c b/plugins/sudoers/ldap.c
index 751044ed1..9549dc932 100644
--- a/plugins/sudoers/ldap.c
+++ b/plugins/sudoers/ldap.c
@@ -3227,9 +3227,9 @@ done:
 	if (pwflag && list_pw == NULL)
 	    SET(ret, FLAG_NO_CHECK);
     }
-    if (lres->user_matches)
+    if (pwflag || lres->user_matches)
 	CLR(ret, FLAG_NO_USER);
-    if (lres->host_matches)
+    if (pwflag || lres->host_matches)
 	CLR(ret, FLAG_NO_HOST);
     DPRINTF1("sudo_ldap_lookup(%d)=0x%02x", pwflag, ret);
 
diff --git a/plugins/sudoers/sssd.c b/plugins/sudoers/sssd.c
index f297192e8..5bdc4d5af 100644
--- a/plugins/sudoers/sssd.c
+++ b/plugins/sudoers/sssd.c
@@ -1202,13 +1202,13 @@ done:
 	    SET(ret, FLAG_NO_CHECK);
     }
 
-    if (state & SUDO_SSS_STATE_USERMATCH)
+    if (pwflag || ISSET(state, SUDO_SSS_STATE_USERMATCH))
 	CLR(ret, FLAG_NO_USER);
-    if (state & SUDO_SSS_STATE_HOSTMATCH)
+    if (pwflag || ISSET(state, SUDO_SSS_STATE_HOSTMATCH))
 	CLR(ret, FLAG_NO_HOST);
 
     sudo_debug_printf(SUDO_DEBUG_DEBUG, "sudo_sss_lookup(%d)=0x%02x",
-     pwflag, ret);
+	pwflag, ret);
 
     debug_return_int(ret);
 }
-- 
2.40.0