From cbf298bfc821fc5b0f538ad97aad6a67e1513eb0 Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@courtesan.com>
Date: Tue, 16 Mar 2010 07:13:57 -0400
Subject: [PATCH] Don't update ticket file if verify_user returns FALSE.

---
 plugins/sudoers/check.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/plugins/sudoers/check.c b/plugins/sudoers/check.c
index f6390d04b..e0f3d11c4 100644
--- a/plugins/sudoers/check.c
+++ b/plugins/sudoers/check.c
@@ -140,7 +140,8 @@ check_user(validated, mode)
 	rval = verify_user(auth_pw, prompt);
     }
     /* Only update timestamp if user was validated. */
-    if (ISSET(validated, VALIDATE_OK) && !ISSET(mode, MODE_IGNORE_TICKET) && status != TS_ERROR)
+    if (rval == TRUE && ISSET(validated, VALIDATE_OK) &&
+	!ISSET(mode, MODE_IGNORE_TICKET) && status != TS_ERROR)
 	update_timestamp(timestampdir, timestampfile);
     efree(timestampdir);
     efree(timestampfile);
-- 
2.50.1