From b7444e0f830572ac8bd7c51cbafd6f77e9c5b56d Mon Sep 17 00:00:00 2001 From: "Todd C. Miller" Date: Sat, 27 Sep 2014 10:17:21 -0600 Subject: [PATCH] Simplify how we count the password tries --- plugins/sudoers/auth/sudo_auth.c | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/plugins/sudoers/auth/sudo_auth.c b/plugins/sudoers/auth/sudo_auth.c index 21e5c7d0b..2012e7ae6 100644 --- a/plugins/sudoers/auth/sudo_auth.c +++ b/plugins/sudoers/auth/sudo_auth.c @@ -190,9 +190,8 @@ user_interrupted(void) int verify_user(struct passwd *pw, char *prompt, int validated) { - unsigned int counter = def_passwd_tries + 1; - int success = AUTH_FAILURE; - int status, rval; + unsigned int ntries; + int rval, status, success = AUTH_FAILURE; char *p; sudo_auth *auth; sigset_t mask, omask; @@ -226,14 +225,14 @@ verify_user(struct passwd *pw, char *prompt, int validated) sigaddset(&mask, SIGQUIT); (void) sigprocmask(SIG_BLOCK, &mask, &omask); - while (--counter) { + for (ntries = 0; ntries < def_passwd_tries; ntries++) { int num_methods = 0; /* If user attempted to interrupt password verify, quit now. */ if (user_interrupted()) goto done; - if (counter != def_passwd_tries) + if (ntries != 0) pass_warn(); /* Do any per-method setup and unconfigure the method if needed */ @@ -293,9 +292,9 @@ done: break; case AUTH_INTR: case AUTH_FAILURE: - if (counter != def_passwd_tries) + if (ntries != 0) validated |= FLAG_BAD_PASSWORD; - log_auth_failure(validated, def_passwd_tries - counter); + log_auth_failure(validated, ntries); rval = false; break; case AUTH_FATAL: -- 2.50.1