fix a warning on redhat and spew an error if pam_authenticate() returns an error other than AUTH_SUCCESS or PAM_PERM_DENIED
This commit is contained in:
Todd C. Miller
12
auth/pam.c
12
auth/pam.c
@@ -90,14 +90,20 @@ pam_verify(pw, prompt, auth)
|
|||||||
char *prompt;
|
char *prompt;
|
||||||
sudo_auth *auth;
|
sudo_auth *auth;
|
||||||
{
|
{
|
||||||
|
int error;
|
||||||
|
const char *s;
|
||||||
pam_handle_t *pamh = (pam_handle_t *) auth->data;
|
pam_handle_t *pamh = (pam_handle_t *) auth->data;
|
||||||
|
|
||||||
def_prompt = prompt; /* for sudo_conv */
|
def_prompt = prompt; /* for sudo_conv */
|
||||||
|
|
||||||
/* PAM_SILENT prevents error messages from going to syslog(3) */
|
/* PAM_SILENT prevents error messages from going to syslog(3) */
|
||||||
if (pam_authenticate(pamh, PAM_SILENT) == PAM_SUCCESS)
|
if ((error = pam_authenticate(pamh, PAM_SILENT)) == PAM_SUCCESS)
|
||||||
return(AUTH_SUCCESS);
|
return(AUTH_SUCCESS);
|
||||||
else
|
|
||||||
|
if (error != PAM_PERM_DENIED) {
|
||||||
|
if ((s = pam_strerror(pamh, error)))
|
||||||
|
log_error(NO_EXIT|NO_MAIL, "pam_authenticate: %s\n", s);
|
||||||
|
}
|
||||||
return(AUTH_FAILURE);
|
return(AUTH_FAILURE);
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -125,7 +131,7 @@ sudo_conv(num_msg, msg, response, appdata_ptr)
|
|||||||
VOID *appdata_ptr;
|
VOID *appdata_ptr;
|
||||||
{
|
{
|
||||||
struct pam_response *pr;
|
struct pam_response *pr;
|
||||||
struct pam_message *pm;
|
PAM_CONST struct pam_message *pm;
|
||||||
char *p = def_prompt;
|
char *p = def_prompt;
|
||||||
int echo = 0;
|
int echo = 0;
|
||||||
extern int nil_pw;
|
extern int nil_pw;
|
||||||
|
|||||||
Reference in New Issue
Block a user