From aaf6fff736ea90491259e6a166328d845d4aa96a Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@courtesan.com>
Date: Tue, 29 Nov 2016 19:46:25 -0700
Subject: [PATCH] Fix the "all" setting for verifypw and listpw; nopass would
 never be true even if all the user's entries had the NOPASSWD tag. Regression
 introduce in sudo 1.8.17.  Bug #762

---
 plugins/sudoers/sudoers.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/plugins/sudoers/sudoers.c b/plugins/sudoers/sudoers.c
index f691798ba..80c4b4595 100644
--- a/plugins/sudoers/sudoers.c
+++ b/plugins/sudoers/sudoers.c
@@ -227,7 +227,7 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
     char *iolog_path = NULL;
     mode_t cmnd_umask = ACCESSPERMS;
     struct sudo_nss *nss;
-    bool nopass = false;
+    int nopass = -1;
     int cmnd_status = -1, oldlocale, validated;
     int ret = -1;
     debug_decl(sudoers_policy_main, SUDOERS_DEBUG_PLUGIN)
@@ -321,6 +321,8 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
 	    case all:
 		if (!ISSET(validated, FLAG_NOPASSWD))
 		    nopass = false;
+		else if (nopass == -1)
+		    nopass = true;
 		break;
 	    case any:
 		if (ISSET(validated, FLAG_NOPASSWD))
@@ -350,7 +352,7 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
 		break;
 	}
     }
-    if (pwflag && nopass)
+    if (pwflag && nopass == true)
 	def_authenticate = false;
 
     /* Restore user's locale. */
-- 
2.40.0