isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

The sudoers plugin now defines its own list of debugging subsystem names

Browse Source 
and defines.
This commit is contained in:
Todd C. Miller
2014-10-22 13:30:52 -06:00
parent 866cfc4fc3
commit e9914a91b1
62 changed files with 641 additions and 558 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
plugins/sudoers/auth/afs.c
View File

@@ -53,7 +53,7 @@ sudo_afs_verify(struct passwd *pw, char *pass, sudo_auth *auth)
{
struct ktc_encryptionKey afs_key;
struct ktc_token afs_token;
debug_decl(sudo_afs_verify, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_afs_verify, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
/* Try to just check the password */
ka_StringToKey(pass, NULL, &afs_key);

4
plugins/sudoers/auth/aix_auth.c
View File

@@ -55,7 +55,7 @@ sudo_aix_verify(struct passwd *pw, char *prompt, sudo_auth *auth)
char *pass, *message = NULL;
int result = 1, reenter = 0;
int rval = AUTH_SUCCESS;
debug_decl(sudo_aix_verify, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_aix_verify, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
do {
pass = auth_getpass(prompt, def_passwd_timeout * 60,
@@ -90,7 +90,7 @@ sudo_aix_verify(struct passwd *pw, char *prompt, sudo_auth *auth)
int
sudo_aix_cleanup(struct passwd *pw, sudo_auth *auth)
{
debug_decl(sudo_aix_cleanup, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_aix_cleanup, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
/* Unset AUTHSTATE as it may not be correct for the runas user. */
if (sudo_unsetenv("AUTHSTATE") == -1)

6
plugins/sudoers/auth/bsdauth.c
View File

@@ -63,7 +63,7 @@ int
bsdauth_init(struct passwd *pw, sudo_auth *auth)
{
static struct bsdauth_state state;
debug_decl(bsdauth_init, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(bsdauth_init, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
/* Get login class based on auth user, which may not be invoking user. */
if (pw->pw_class && *pw->pw_class)
@@ -113,7 +113,7 @@ bsdauth_verify(struct passwd *pw, char *prompt, sudo_auth *auth)
int authok = 0;
sigaction_t sa, osa;
auth_session_t *as = ((struct bsdauth_state *) auth->data)->as;
debug_decl(bsdauth_verify, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(bsdauth_verify, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
/* save old signal handler */
sigemptyset(&sa.sa_mask);
@@ -174,7 +174,7 @@ int
bsdauth_cleanup(struct passwd *pw, sudo_auth *auth)
{
struct bsdauth_state *state = auth->data;
debug_decl(bsdauth_cleanup, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(bsdauth_cleanup, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
if (state != NULL) {
auth_close(state->as);

4
plugins/sudoers/auth/dce.c
View File

@@ -74,7 +74,7 @@ sudo_dce_verify(struct passwd *pw, char *plain_pw, sudo_auth *auth)
boolean32 reset_passwd;
sec_login_auth_src_t auth_src;
error_status_t status;
debug_decl(sudo_dce_verify, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_dce_verify, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
/*
* Create the local context of the DCE principal necessary
@@ -188,7 +188,7 @@ check_dce_status(error_status_t input_status, char *comment)
{
int error_stat;
unsigned char error_string[dce_c_error_string_len];
debug_decl(check_dce_status, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(check_dce_status, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
if (input_status == rpc_s_ok)
debug_return_bool(0);

6
plugins/sudoers/auth/fwtk.c
View File

@@ -53,7 +53,7 @@ sudo_fwtk_init(struct passwd *pw, sudo_auth *auth)
{
static Cfg *confp; /* Configuration entry struct */
char resp[128]; /* Response from the server */
debug_decl(sudo_fwtk_init, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_fwtk_init, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
if ((confp = cfg_read("sudo")) == (Cfg *)-1) {
sudo_warnx(U_("unable to read fwtk config"));
@@ -85,7 +85,7 @@ sudo_fwtk_verify(struct passwd *pw, char *prompt, sudo_auth *auth)
char buf[SUDO_CONV_REPL_MAX + 12]; /* General prupose buffer */
char resp[128]; /* Response from the server */
int error;
debug_decl(sudo_fwtk_verify, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_fwtk_verify, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
/* Send username to authentication server. */
(void) snprintf(buf, sizeof(buf), "authorize %s 'sudo'", pw->pw_name);
@@ -147,7 +147,7 @@ done:
int
sudo_fwtk_cleanup(struct passwd *pw, sudo_auth *auth)
{
debug_decl(sudo_fwtk_cleanup, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_fwtk_cleanup, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
auth_close();
debug_return_int(AUTH_SUCCESS);

12
plugins/sudoers/auth/kerb5.c
View File

@@ -96,7 +96,7 @@ int
sudo_krb5_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
{
static char *krb5_prompt;
debug_decl(sudo_krb5_init, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_krb5_init, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
if (krb5_prompt == NULL) {
krb5_context sudo_context;
@@ -135,7 +135,7 @@ sudo_krb5_init(struct passwd *pw, sudo_auth *auth)
krb5_context sudo_context;
krb5_error_code error;
char cache_name[64], *pname = pw->pw_name;
debug_decl(sudo_krb5_init, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_krb5_init, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
auth->data = (void *) &sudo_krb5_data; /* Stash all our data here */
@@ -183,7 +183,7 @@ sudo_krb5_verify(struct passwd *pw, char *pass, sudo_auth *auth)
krb5_principal princ;
krb5_ccache ccache;
krb5_error_code error;
debug_decl(sudo_krb5_verify, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_krb5_verify, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
sudo_context = ((sudo_krb5_datap) auth->data)->sudo_context;
princ = ((sudo_krb5_datap) auth->data)->princ;
@@ -202,7 +202,7 @@ sudo_krb5_verify(struct passwd *pw, char *pass, sudo_auth *auth)
krb5_ccache ccache;
krb5_error_code error;
krb5_get_init_creds_opt *opts = NULL;
debug_decl(sudo_krb5_verify, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_krb5_verify, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
sudo_context = ((sudo_krb5_datap) auth->data)->sudo_context;
princ = ((sudo_krb5_datap) auth->data)->princ;
@@ -266,7 +266,7 @@ sudo_krb5_cleanup(struct passwd *pw, sudo_auth *auth)
krb5_context sudo_context;
krb5_principal princ;
krb5_ccache ccache;
debug_decl(sudo_krb5_cleanup, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_krb5_cleanup, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
sudo_context = ((sudo_krb5_datap) auth->data)->sudo_context;
princ = ((sudo_krb5_datap) auth->data)->princ;
@@ -298,7 +298,7 @@ verify_krb_v5_tgt(krb5_context sudo_context, krb5_creds *cred, char *auth_name)
krb5_error_code error;
krb5_principal server;
krb5_verify_init_creds_opt vopt;
debug_decl(verify_krb_v5_tgt, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(verify_krb_v5_tgt, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
/*
* Get the server principal for the local host.

12
plugins/sudoers/auth/pam.c
View File

@@ -87,7 +87,7 @@ sudo_pam_init(struct passwd *pw, sudo_auth *auth)
{
static struct pam_conv pam_conv;
static int pam_status;
debug_decl(sudo_pam_init, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_pam_init, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
/* Initial PAM setup */
auth->data = (void *) &pam_status;
@@ -133,7 +133,7 @@ sudo_pam_verify(struct passwd *pw, char *prompt, sudo_auth *auth)
{
const char *s;
int *pam_status = (int *) auth->data;
debug_decl(sudo_pam_verify, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_pam_verify, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
def_prompt = prompt; /* for converse */
@@ -193,7 +193,7 @@ int
sudo_pam_cleanup(struct passwd *pw, sudo_auth *auth)
{
int *pam_status = (int *) auth->data;
debug_decl(sudo_pam_cleanup, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_pam_cleanup, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
/* If successful, we can't close the session until sudo_pam_end_session() */
if (*pam_status != PAM_SUCCESS || auth->end_session == NULL) {
@@ -208,7 +208,7 @@ sudo_pam_begin_session(struct passwd *pw, char **user_envp[], sudo_auth *auth)
{
int status = AUTH_SUCCESS;
int *pam_status = (int *) auth->data;
debug_decl(sudo_pam_begin_session, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_pam_begin_session, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
/*
* If there is no valid user we cannot open a PAM session.
@@ -279,7 +279,7 @@ int
sudo_pam_end_session(struct passwd *pw, sudo_auth *auth)
{
int status = AUTH_SUCCESS;
debug_decl(sudo_pam_end_session, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_pam_end_session, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
if (pamh != NULL) {
/*
@@ -326,7 +326,7 @@ converse(int num_msg, PAM_CONST struct pam_message **msg,
char *pass;
int n, type;
int ret = PAM_AUTH_ERR;
debug_decl(converse, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(converse, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
if ((*response = calloc(num_msg, sizeof(struct pam_response))) == NULL)
debug_return_int(PAM_SYSTEM_ERR);

6
plugins/sudoers/auth/passwd.c
View File

@@ -50,7 +50,7 @@
int
sudo_passwd_init(struct passwd *pw, sudo_auth *auth)
{
debug_decl(sudo_passwd_init, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_passwd_init, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
#ifdef HAVE_SKEYACCESS
if (skeyaccess(pw, user_tty, NULL, NULL) == 0)
@@ -69,7 +69,7 @@ sudo_passwd_verify(struct passwd *pw, char *pass, sudo_auth *auth)
char *pw_epasswd = auth->data;
size_t pw_len;
int matched = 0;
debug_decl(sudo_passwd_verify, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_passwd_verify, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
pw_len = strlen(pw_epasswd);
@@ -111,7 +111,7 @@ sudo_passwd_cleanup(pw, auth)
sudo_auth *auth;
{
char *pw_epasswd = auth->data;
debug_decl(sudo_passwd_cleanup, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_passwd_cleanup, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
if (pw_epasswd != NULL) {
memset_s(pw_epasswd, SUDO_CONV_REPL_MAX, 0, strlen(pw_epasswd));

4
plugins/sudoers/auth/rfc1938.c
View File

@@ -68,7 +68,7 @@ sudo_rfc1938_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
static char *orig_prompt = NULL, *new_prompt = NULL;
static int op_len, np_size;
static struct RFC1938 rfc1938;
debug_decl(sudo_rfc1938_setup, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_rfc1938_setup, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
/* Stash a pointer to the rfc1938 struct if we have not initialized */
if (!auth->data)
@@ -126,7 +126,7 @@ sudo_rfc1938_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
int
sudo_rfc1938_verify(struct passwd *pw, char *pass, sudo_auth *auth)
{
debug_decl(sudo_rfc1938_verify, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_rfc1938_verify, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
if (rfc1938verify((struct RFC1938 *) auth->data, pass) == 0)
debug_return_int(AUTH_SUCCESS);

8
plugins/sudoers/auth/secureware.c
View File

@@ -56,12 +56,12 @@ sudo_secureware_init(struct passwd *pw, sudo_auth *auth)
{
#ifdef __alpha
extern int crypt_type;
debug_decl(sudo_secureware_init, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_secureware_init, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
if (crypt_type == INT_MAX)
debug_return_int(AUTH_FAILURE); /* no shadow */
#else
debug_decl(secureware_init, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(secureware_init, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
#endif
sudo_setspent();
auth->data = sudo_getepw(pw);
@@ -74,7 +74,7 @@ sudo_secureware_verify(struct passwd *pw, char *pass, sudo_auth *auth)
{
char *pw_epasswd = auth->data;
char *epass = NULL;
debug_decl(sudo_secureware_verify, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_secureware_verify, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
#ifdef __alpha
{
extern int crypt_type;
@@ -103,7 +103,7 @@ sudo_secureware_cleanup(pw, auth)
sudo_auth *auth;
{
char *pw_epasswd = auth->data;
debug_decl(sudo_secureware_cleanup, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_secureware_cleanup, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
if (pw_epasswd != NULL) {
memset_s(pw_epasswd, SUDO_CONV_REPL_MAX, 0, strlen(pw_epasswd));

6
plugins/sudoers/auth/securid5.c
View File

@@ -69,7 +69,7 @@ int
sudo_securid_init(struct passwd *pw, sudo_auth *auth)
{
static SDI_HANDLE sd_dat; /* SecurID handle */
debug_decl(sudo_securid_init, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_securid_init, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
auth->data = (void *) &sd_dat; /* For method-specific data */
@@ -99,7 +99,7 @@ sudo_securid_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
{
SDI_HANDLE *sd = (SDI_HANDLE *) auth->data;
int retval;
debug_decl(sudo_securid_setup, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_securid_setup, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
/* Re-initialize SecurID every time. */
if (SD_Init(sd) != ACM_OK) {
@@ -150,7 +150,7 @@ sudo_securid_verify(struct passwd *pw, char *pass, sudo_auth *auth)
{
SDI_HANDLE *sd = (SDI_HANDLE *) auth->data;
int rval;
debug_decl(sudo_securid_verify, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_securid_verify, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
pass = auth_getpass("Enter your PASSCODE: ",
def_passwd_timeout * 60, SUDO_CONV_PROMPT_ECHO_OFF);

8
plugins/sudoers/auth/sia.c
View File

@@ -69,7 +69,7 @@ sudo_collect(int timeout, int rendition, uchar_t *title, int nprompts,
{
int rval;
sigset_t mask, omask;
debug_decl(sudo_collect, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_collect, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
switch (rendition) {
case SIAFORM:
@@ -108,7 +108,7 @@ sudo_sia_setup(struct passwd *pw, char **promptp, sudo_auth *auth)
{
SIAENTITY *siah = NULL;
int i;
debug_decl(sudo_sia_setup, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_sia_setup, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
/* Rebuild argv for sia_ses_init() */
sudo_argc = NewArgc + 1;
@@ -132,7 +132,7 @@ int
sudo_sia_verify(struct passwd *pw, char *prompt, sudo_auth *auth)
{
SIAENTITY *siah = (SIAENTITY *) auth->data;
debug_decl(sudo_sia_verify, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_sia_verify, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
def_prompt = prompt; /* for sudo_collect */
@@ -147,7 +147,7 @@ int
sudo_sia_cleanup(struct passwd *pw, sudo_auth *auth)
{
SIAENTITY *siah = (SIAENTITY *) auth->data;
debug_decl(sudo_sia_cleanup, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_sia_cleanup, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
(void) sia_ses_release(&siah);
sudo_efree(sudo_argv);

18
plugins/sudoers/auth/sudo_auth.c
View File

@@ -104,7 +104,7 @@ sudo_auth_init(struct passwd *pw)
{
sudo_auth *auth;
int status = AUTH_SUCCESS;
debug_decl(sudo_auth_init, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_auth_init, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
if (auth_switch[0].name == NULL)
debug_return_int(0);
@@ -146,7 +146,7 @@ sudo_auth_cleanup(struct passwd *pw)
{
sudo_auth *auth;
int status = AUTH_SUCCESS;
debug_decl(sudo_auth_cleanup, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_auth_cleanup, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
/* Call cleanup routines. */
for (auth = auth_switch; auth->name; auth++) {
@@ -163,7 +163,7 @@ static void
pass_warn(void)
{
const char *warning = def_badpass_message;
debug_decl(pass_warn, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(pass_warn, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
#ifdef INSULT
if (def_insults)
@@ -196,7 +196,7 @@ verify_user(struct passwd *pw, char *prompt, int validated)
sudo_auth *auth;
sigset_t mask, omask;
sigaction_t sa, saved_sigtstp;
debug_decl(verify_user, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(verify_user, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
/* Make sure we have at least one auth method. */
if (auth_switch[0].name == NULL) {
@@ -316,7 +316,7 @@ sudo_auth_begin_session(struct passwd *pw, char **user_env[])
{
sudo_auth *auth;
int status = AUTH_SUCCESS;
debug_decl(sudo_auth_begin_session, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_auth_begin_session, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
for (auth = auth_switch; auth->name; auth++) {
if (auth->begin_session && !IS_DISABLED(auth)) {
@@ -333,7 +333,7 @@ sudo_auth_needs_end_session(void)
{
sudo_auth *auth;
bool needed = false;
debug_decl(sudo_auth_needs_end_session, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_auth_needs_end_session, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
for (auth = auth_switch; auth->name; auth++) {
if (auth->end_session && !IS_DISABLED(auth)) {
@@ -353,7 +353,7 @@ sudo_auth_end_session(struct passwd *pw)
{
sudo_auth *auth;
int status = AUTH_SUCCESS;
debug_decl(sudo_auth_end_session, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(sudo_auth_end_session, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
for (auth = auth_switch; auth->name; auth++) {
if (auth->end_session && !IS_DISABLED(auth)) {
@@ -371,7 +371,7 @@ auth_getpass(const char *prompt, int timeout, int type)
struct sudo_conv_message msg;
struct sudo_conv_reply repl;
sigset_t mask, omask;
debug_decl(auth_getpass, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(auth_getpass, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
/* Mask user input if pwfeedback set and echo is off. */
if (type == SUDO_CONV_PROMPT_ECHO_OFF && def_pwfeedback)
@@ -407,7 +407,7 @@ void
dump_auth_methods(void)
{
sudo_auth *auth;
debug_decl(dump_auth_methods, SUDO_DEBUG_AUTH, sudoers_debug_instance)
debug_decl(dump_auth_methods, SUDOERS_DEBUG_AUTH, sudoers_debug_instance)
sudo_printf(SUDO_CONV_INFO_MSG, _("Authentication methods:"));
for (auth = auth_switch; auth->name; auth++)