Add a force flag to sudo_auth_cleanup() to force immediate cleanup.

This is used for PAM authentication to make sure pam_end() is called via sudo_auth_cleanup() when the user authenticates successfully but sudoers denies the command. Debian bug #669687
2020-04-01 14:41:38 -06:00
parent 5e95c24d81
commit ec3fdd3aa8
13 changed files with 26 additions and 25 deletions
--- a/plugins/sudoers/auth/bsdauth.c
+++ b/plugins/sudoers/auth/bsdauth.c
@@ -191,7 +191,7 @@ bsdauth_approval(struct passwd *pw, sudo_auth *auth, bool exempt)
 }

 int
-bsdauth_cleanup(struct passwd *pw, sudo_auth *auth)
+bsdauth_cleanup(struct passwd *pw, sudo_auth *auth, bool force)
 {
    struct bsdauth_state *state = auth->data;
    debug_decl(bsdauth_cleanup, SUDOERS_DEBUG_AUTH);