isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

In sudo_pam_begin_session() and sudo_pam_end_session() return

Browse Source 
AUTH_FATAL on error, not AUTH_FAILURE.  In sudo_auth_begin_session()
treat anything other than AUTH_SUCCESS as a fatal error.
This commit is contained in:
Todd C. Miller
2015-08-10 20:17:02 -06:00
parent 13869d349c
commit 2b6085760c
2 changed files with 5 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
plugins/sudoers/auth/sudo_auth.c
View File

@@ -342,11 +342,11 @@ sudo_auth_begin_session(struct passwd *pw, char **user_env[])
for (auth = auth_switch; auth->name; auth++) {
if (auth->begin_session && !IS_DISABLED(auth)) {
status = (auth->begin_session)(pw, user_env, auth);
if (status == AUTH_FATAL)
if (status != AUTH_SUCCESS)
break; /* assume error msg already printed */
}
}
debug_return_int(status == AUTH_FATAL ? -1 : 1);
debug_return_int(status == AUTH_SUCCESS ? 1 : -1);
}
bool