No longer treat an empty password at the prompt as special. To
quit out of sudo you now need to hit ^C at the password prompt.
This commit is contained in:
Todd C. Miller
@@ -104,7 +104,6 @@ bsdauth_verify(pw, prompt, auth)
|
|||||||
int authok = 0;
|
int authok = 0;
|
||||||
sigaction_t sa, osa;
|
sigaction_t sa, osa;
|
||||||
auth_session_t *as = (auth_session_t *) auth->data;
|
auth_session_t *as = (auth_session_t *) auth->data;
|
||||||
extern int nil_pw;
|
|
||||||
|
|
||||||
/* save old signal handler */
|
/* save old signal handler */
|
||||||
sigemptyset(&sa.sa_mask);
|
sigemptyset(&sa.sa_mask);
|
||||||
@@ -142,9 +141,6 @@ bsdauth_verify(pw, prompt, auth)
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
if (!pass || *pass == '\0') /* ^C or empty password */
|
|
||||||
nil_pw = 1;
|
|
||||||
|
|
||||||
if (pass) {
|
if (pass) {
|
||||||
authok = auth_userresponse(as, pass, 1);
|
authok = auth_userresponse(as, pass, 1);
|
||||||
zero_bytes(pass, strlen(pass));
|
zero_bytes(pass, strlen(pass));
|
||||||
@@ -156,6 +152,9 @@ bsdauth_verify(pw, prompt, auth)
|
|||||||
if (authok)
|
if (authok)
|
||||||
return(AUTH_SUCCESS);
|
return(AUTH_SUCCESS);
|
||||||
|
|
||||||
|
if (!pass)
|
||||||
|
return(AUTH_INTR);
|
||||||
|
|
||||||
if ((s = auth_getvalue(as, "errormsg")) != NULL)
|
if ((s = auth_getvalue(as, "errormsg")) != NULL)
|
||||||
log_error(NO_EXIT|NO_MAIL, "%s", s);
|
log_error(NO_EXIT|NO_MAIL, "%s", s);
|
||||||
return(AUTH_FAILURE);
|
return(AUTH_FAILURE);
|
||||||
|
|||||||
@@ -95,7 +95,6 @@ fwtk_verify(pw, prompt, auth)
|
|||||||
char buf[SUDO_PASS_MAX + 12]; /* General prupose buffer */
|
char buf[SUDO_PASS_MAX + 12]; /* General prupose buffer */
|
||||||
char resp[128]; /* Response from the server */
|
char resp[128]; /* Response from the server */
|
||||||
int error;
|
int error;
|
||||||
extern int nil_pw;
|
|
||||||
|
|
||||||
/* Send username to authentication server. */
|
/* Send username to authentication server. */
|
||||||
(void) snprintf(buf, sizeof(buf), "authorize %s 'sudo'", pw->pw_name);
|
(void) snprintf(buf, sizeof(buf), "authorize %s 'sudo'", pw->pw_name);
|
||||||
@@ -127,10 +126,8 @@ restart:
|
|||||||
return(AUTH_FATAL);
|
return(AUTH_FATAL);
|
||||||
}
|
}
|
||||||
if (!pass) { /* ^C or error */
|
if (!pass) { /* ^C or error */
|
||||||
nil_pw = 1;
|
return(AUTH_INTR);
|
||||||
return(AUTH_FAILURE);
|
}
|
||||||
} else if (*pass == '\0') /* empty password */
|
|
||||||
nil_pw = 1;
|
|
||||||
|
|
||||||
/* Send the user's response to the server */
|
/* Send the user's response to the server */
|
||||||
(void) snprintf(buf, sizeof(buf), "response '%s'", pass);
|
(void) snprintf(buf, sizeof(buf), "response '%s'", pass);
|
||||||
|
|||||||
13
auth/pam.c
13
auth/pam.c
@@ -78,6 +78,7 @@ __unused static const char rcsid[] = "$Sudo$";
|
|||||||
static int sudo_conv __P((int, PAM_CONST struct pam_message **,
|
static int sudo_conv __P((int, PAM_CONST struct pam_message **,
|
||||||
struct pam_response **, void *));
|
struct pam_response **, void *));
|
||||||
static char *def_prompt;
|
static char *def_prompt;
|
||||||
|
static int gotintr;
|
||||||
|
|
||||||
#ifndef PAM_DATA_SILENT
|
#ifndef PAM_DATA_SILENT
|
||||||
#define PAM_DATA_SILENT 0
|
#define PAM_DATA_SILENT 0
|
||||||
@@ -162,6 +163,10 @@ pam_verify(pw, prompt, auth)
|
|||||||
}
|
}
|
||||||
/* FALLTHROUGH */
|
/* FALLTHROUGH */
|
||||||
case PAM_AUTH_ERR:
|
case PAM_AUTH_ERR:
|
||||||
|
if (gotintr) {
|
||||||
|
/* error or ^C from tgetpass() */
|
||||||
|
return(AUTH_INTR);
|
||||||
|
}
|
||||||
case PAM_MAXTRIES:
|
case PAM_MAXTRIES:
|
||||||
case PAM_PERM_DENIED:
|
case PAM_PERM_DENIED:
|
||||||
return(AUTH_FAILURE);
|
return(AUTH_FAILURE);
|
||||||
@@ -251,7 +256,6 @@ sudo_conv(num_msg, msg, response, appdata_ptr)
|
|||||||
const char *prompt;
|
const char *prompt;
|
||||||
char *pass;
|
char *pass;
|
||||||
int n, flags, std_prompt;
|
int n, flags, std_prompt;
|
||||||
extern int nil_pw;
|
|
||||||
|
|
||||||
if ((*response = malloc(num_msg * sizeof(struct pam_response))) == NULL)
|
if ((*response = malloc(num_msg * sizeof(struct pam_response))) == NULL)
|
||||||
return(PAM_CONV_ERR);
|
return(PAM_CONV_ERR);
|
||||||
@@ -286,14 +290,11 @@ sudo_conv(num_msg, msg, response, appdata_ptr)
|
|||||||
pass = tgetpass(prompt, def_passwd_timeout * 60, flags);
|
pass = tgetpass(prompt, def_passwd_timeout * 60, flags);
|
||||||
if (pass == NULL) {
|
if (pass == NULL) {
|
||||||
/* We got ^C instead of a password; abort quickly. */
|
/* We got ^C instead of a password; abort quickly. */
|
||||||
nil_pw = 1;
|
gotintr = 1;
|
||||||
goto err;
|
goto err;
|
||||||
}
|
}
|
||||||
pr->resp = estrdup(pass);
|
pr->resp = estrdup(pass);
|
||||||
if (*pr->resp == '\0')
|
zero_bytes(pass, strlen(pass));
|
||||||
nil_pw = 1; /* empty password */
|
|
||||||
else
|
|
||||||
zero_bytes(pass, strlen(pass));
|
|
||||||
break;
|
break;
|
||||||
case PAM_TEXT_INFO:
|
case PAM_TEXT_INFO:
|
||||||
if (pm->msg)
|
if (pm->msg)
|
||||||
|
|||||||
@@ -88,8 +88,6 @@ sudo_auth auth_switch[] = {
|
|||||||
AUTH_ENTRY(0, NULL, NULL, NULL, NULL, NULL)
|
AUTH_ENTRY(0, NULL, NULL, NULL, NULL, NULL)
|
||||||
};
|
};
|
||||||
|
|
||||||
int nil_pw; /* I hate resorting to globals like this... */
|
|
||||||
|
|
||||||
void
|
void
|
||||||
verify_user(pw, prompt)
|
verify_user(pw, prompt)
|
||||||
struct passwd *pw;
|
struct passwd *pw;
|
||||||
@@ -156,14 +154,11 @@ verify_user(pw, prompt)
|
|||||||
}
|
}
|
||||||
|
|
||||||
/* Get the password unless the auth function will do it for us */
|
/* Get the password unless the auth function will do it for us */
|
||||||
nil_pw = 0;
|
|
||||||
#ifdef AUTH_STANDALONE
|
#ifdef AUTH_STANDALONE
|
||||||
p = prompt;
|
p = prompt;
|
||||||
#else
|
#else
|
||||||
p = (char *) tgetpass(prompt, def_passwd_timeout * 60,
|
p = (char *) tgetpass(prompt, def_passwd_timeout * 60,
|
||||||
tgetpass_flags);
|
tgetpass_flags);
|
||||||
if (!p || *p == '\0')
|
|
||||||
nil_pw = 1;
|
|
||||||
#endif /* AUTH_STANDALONE */
|
#endif /* AUTH_STANDALONE */
|
||||||
|
|
||||||
/* Call authentication functions. */
|
/* Call authentication functions. */
|
||||||
@@ -186,15 +181,6 @@ verify_user(pw, prompt)
|
|||||||
if (p)
|
if (p)
|
||||||
zero_bytes(p, strlen(p));
|
zero_bytes(p, strlen(p));
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
/* Exit loop on nil password, but give it a chance to match first. */
|
|
||||||
if (nil_pw) {
|
|
||||||
if (counter == def_passwd_tries)
|
|
||||||
exit(1);
|
|
||||||
else
|
|
||||||
break;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (!ISSET(tgetpass_flags, TGP_ASKPASS))
|
if (!ISSET(tgetpass_flags, TGP_ASKPASS))
|
||||||
pass_warn(stderr);
|
pass_warn(stderr);
|
||||||
}
|
}
|
||||||
@@ -219,14 +205,18 @@ cleanup:
|
|||||||
case AUTH_SUCCESS:
|
case AUTH_SUCCESS:
|
||||||
(void) sigaction(SIGTSTP, &osa, NULL);
|
(void) sigaction(SIGTSTP, &osa, NULL);
|
||||||
return;
|
return;
|
||||||
|
case AUTH_INTR:
|
||||||
case AUTH_FAILURE:
|
case AUTH_FAILURE:
|
||||||
if (def_mail_badpass || def_mail_always)
|
if (counter != def_passwd_tries) {
|
||||||
flags = 0;
|
if (def_mail_badpass || def_mail_always)
|
||||||
else
|
flags = 0;
|
||||||
flags = NO_MAIL;
|
else
|
||||||
log_error(flags, "%d incorrect password attempt%s",
|
flags = NO_MAIL;
|
||||||
def_passwd_tries - counter,
|
log_error(flags, "%d incorrect password attempt%s",
|
||||||
(def_passwd_tries - counter == 1) ? "" : "s");
|
def_passwd_tries - counter,
|
||||||
|
(def_passwd_tries - counter == 1) ? "" : "s");
|
||||||
|
}
|
||||||
|
/* FALLTHROUGH */
|
||||||
case AUTH_FATAL:
|
case AUTH_FATAL:
|
||||||
exit(1);
|
exit(1);
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -22,7 +22,8 @@
|
|||||||
/* Auth function return values. */
|
/* Auth function return values. */
|
||||||
#define AUTH_SUCCESS 0
|
#define AUTH_SUCCESS 0
|
||||||
#define AUTH_FAILURE 1
|
#define AUTH_FAILURE 1
|
||||||
#define AUTH_FATAL 2
|
#define AUTH_INTR 2
|
||||||
|
#define AUTH_FATAL 3
|
||||||
|
|
||||||
typedef struct sudo_auth {
|
typedef struct sudo_auth {
|
||||||
short flags; /* various flags, see below */
|
short flags; /* various flags, see below */
|
||||||
|
|||||||
Reference in New Issue
Block a user