No longer treat an empty password at the prompt as special. To
quit out of sudo you now need to hit ^C at the password prompt.
This commit is contained in:
Todd C. Miller
@@ -104,7 +104,6 @@ bsdauth_verify(pw, prompt, auth)
|
||||
int authok = 0;
|
||||
sigaction_t sa, osa;
|
||||
auth_session_t *as = (auth_session_t *) auth->data;
|
||||
extern int nil_pw;
|
||||
|
||||
/* save old signal handler */
|
||||
sigemptyset(&sa.sa_mask);
|
||||
@@ -142,9 +141,6 @@ bsdauth_verify(pw, prompt, auth)
|
||||
}
|
||||
}
|
||||
|
||||
if (!pass || *pass == '\0') /* ^C or empty password */
|
||||
nil_pw = 1;
|
||||
|
||||
if (pass) {
|
||||
authok = auth_userresponse(as, pass, 1);
|
||||
zero_bytes(pass, strlen(pass));
|
||||
@@ -156,6 +152,9 @@ bsdauth_verify(pw, prompt, auth)
|
||||
if (authok)
|
||||
return(AUTH_SUCCESS);
|
||||
|
||||
if (!pass)
|
||||
return(AUTH_INTR);
|
||||
|
||||
if ((s = auth_getvalue(as, "errormsg")) != NULL)
|
||||
log_error(NO_EXIT|NO_MAIL, "%s", s);
|
||||
return(AUTH_FAILURE);
|
||||
|
||||
@@ -95,7 +95,6 @@ fwtk_verify(pw, prompt, auth)
|
||||
char buf[SUDO_PASS_MAX + 12]; /* General prupose buffer */
|
||||
char resp[128]; /* Response from the server */
|
||||
int error;
|
||||
extern int nil_pw;
|
||||
|
||||
/* Send username to authentication server. */
|
||||
(void) snprintf(buf, sizeof(buf), "authorize %s 'sudo'", pw->pw_name);
|
||||
@@ -127,10 +126,8 @@ restart:
|
||||
return(AUTH_FATAL);
|
||||
}
|
||||
if (!pass) { /* ^C or error */
|
||||
nil_pw = 1;
|
||||
return(AUTH_FAILURE);
|
||||
} else if (*pass == '\0') /* empty password */
|
||||
nil_pw = 1;
|
||||
return(AUTH_INTR);
|
||||
}
|
||||
|
||||
/* Send the user's response to the server */
|
||||
(void) snprintf(buf, sizeof(buf), "response '%s'", pass);
|
||||
|
||||
13
auth/pam.c
13
auth/pam.c
@@ -78,6 +78,7 @@ __unused static const char rcsid[] = "$Sudo$";
|
||||
static int sudo_conv __P((int, PAM_CONST struct pam_message **,
|
||||
struct pam_response **, void *));
|
||||
static char *def_prompt;
|
||||
static int gotintr;
|
||||
|
||||
#ifndef PAM_DATA_SILENT
|
||||
#define PAM_DATA_SILENT 0
|
||||
@@ -162,6 +163,10 @@ pam_verify(pw, prompt, auth)
|
||||
}
|
||||
/* FALLTHROUGH */
|
||||
case PAM_AUTH_ERR:
|
||||
if (gotintr) {
|
||||
/* error or ^C from tgetpass() */
|
||||
return(AUTH_INTR);
|
||||
}
|
||||
case PAM_MAXTRIES:
|
||||
case PAM_PERM_DENIED:
|
||||
return(AUTH_FAILURE);
|
||||
@@ -251,7 +256,6 @@ sudo_conv(num_msg, msg, response, appdata_ptr)
|
||||
const char *prompt;
|
||||
char *pass;
|
||||
int n, flags, std_prompt;
|
||||
extern int nil_pw;
|
||||
|
||||
if ((*response = malloc(num_msg * sizeof(struct pam_response))) == NULL)
|
||||
return(PAM_CONV_ERR);
|
||||
@@ -286,14 +290,11 @@ sudo_conv(num_msg, msg, response, appdata_ptr)
|
||||
pass = tgetpass(prompt, def_passwd_timeout * 60, flags);
|
||||
if (pass == NULL) {
|
||||
/* We got ^C instead of a password; abort quickly. */
|
||||
nil_pw = 1;
|
||||
gotintr = 1;
|
||||
goto err;
|
||||
}
|
||||
pr->resp = estrdup(pass);
|
||||
if (*pr->resp == '\0')
|
||||
nil_pw = 1; /* empty password */
|
||||
else
|
||||
zero_bytes(pass, strlen(pass));
|
||||
zero_bytes(pass, strlen(pass));
|
||||
break;
|
||||
case PAM_TEXT_INFO:
|
||||
if (pm->msg)
|
||||
|
||||
@@ -88,8 +88,6 @@ sudo_auth auth_switch[] = {
|
||||
AUTH_ENTRY(0, NULL, NULL, NULL, NULL, NULL)
|
||||
};
|
||||
|
||||
int nil_pw; /* I hate resorting to globals like this... */
|
||||
|
||||
void
|
||||
verify_user(pw, prompt)
|
||||
struct passwd *pw;
|
||||
@@ -156,14 +154,11 @@ verify_user(pw, prompt)
|
||||
}
|
||||
|
||||
/* Get the password unless the auth function will do it for us */
|
||||
nil_pw = 0;
|
||||
#ifdef AUTH_STANDALONE
|
||||
p = prompt;
|
||||
#else
|
||||
p = (char *) tgetpass(prompt, def_passwd_timeout * 60,
|
||||
tgetpass_flags);
|
||||
if (!p || *p == '\0')
|
||||
nil_pw = 1;
|
||||
#endif /* AUTH_STANDALONE */
|
||||
|
||||
/* Call authentication functions. */
|
||||
@@ -186,15 +181,6 @@ verify_user(pw, prompt)
|
||||
if (p)
|
||||
zero_bytes(p, strlen(p));
|
||||
#endif
|
||||
|
||||
/* Exit loop on nil password, but give it a chance to match first. */
|
||||
if (nil_pw) {
|
||||
if (counter == def_passwd_tries)
|
||||
exit(1);
|
||||
else
|
||||
break;
|
||||
}
|
||||
|
||||
if (!ISSET(tgetpass_flags, TGP_ASKPASS))
|
||||
pass_warn(stderr);
|
||||
}
|
||||
@@ -219,14 +205,18 @@ cleanup:
|
||||
case AUTH_SUCCESS:
|
||||
(void) sigaction(SIGTSTP, &osa, NULL);
|
||||
return;
|
||||
case AUTH_INTR:
|
||||
case AUTH_FAILURE:
|
||||
if (def_mail_badpass || def_mail_always)
|
||||
flags = 0;
|
||||
else
|
||||
flags = NO_MAIL;
|
||||
log_error(flags, "%d incorrect password attempt%s",
|
||||
def_passwd_tries - counter,
|
||||
(def_passwd_tries - counter == 1) ? "" : "s");
|
||||
if (counter != def_passwd_tries) {
|
||||
if (def_mail_badpass || def_mail_always)
|
||||
flags = 0;
|
||||
else
|
||||
flags = NO_MAIL;
|
||||
log_error(flags, "%d incorrect password attempt%s",
|
||||
def_passwd_tries - counter,
|
||||
(def_passwd_tries - counter == 1) ? "" : "s");
|
||||
}
|
||||
/* FALLTHROUGH */
|
||||
case AUTH_FATAL:
|
||||
exit(1);
|
||||
}
|
||||
|
||||
@@ -22,7 +22,8 @@
|
||||
/* Auth function return values. */
|
||||
#define AUTH_SUCCESS 0
|
||||
#define AUTH_FAILURE 1
|
||||
#define AUTH_FATAL 2
|
||||
#define AUTH_INTR 2
|
||||
#define AUTH_FATAL 3
|
||||
|
||||
typedef struct sudo_auth {
|
||||
short flags; /* various flags, see below */
|
||||
|
||||
Reference in New Issue
Block a user