--- embedaddon/sudo/plugins/sudoers/auth/bsdauth.c	2012/05/29 12:26:49	1.1.1.2
+++ embedaddon/sudo/plugins/sudoers/auth/bsdauth.c	2014/06/15 16:12:54	1.1.1.5
@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 2000-2005, 2007-2008, 2010-2011
+ * Copyright (c) 2000-2005, 2007-2008, 2010-2013
  *	Todd C. Miller <Todd.Miller@courtesan.com>
  *
  * Permission to use, copy, modify, and distribute this software for any
@@ -22,7 +22,6 @@
 #include <config.h>
 
 #include <sys/types.h>
-#include <sys/param.h>
 #include <stdio.h>
 #ifdef STDC_HEADERS
 # include <stdlib.h>
@@ -55,8 +54,6 @@
 #  define LOGIN_DEFROOTCLASS	"daemon"
 # endif
 
-extern char *login_style;		/* from sudoers.c */
-
 struct bsdauth_state {
     auth_session_t *as;
     login_cap_t *lc;
@@ -74,14 +71,14 @@ bsdauth_init(struct passwd *pw, sudo_auth *auth)
     else
 	state.lc = login_getclass(pw->pw_uid ? LOGIN_DEFCLASS : LOGIN_DEFROOTCLASS);
     if (state.lc == NULL) {
-	log_error(USE_ERRNO|NO_MAIL,
-	    _("unable to get login class for user %s"), pw->pw_name);
+	log_warning(USE_ERRNO|NO_MAIL,
+	    N_("unable to get login class for user %s"), pw->pw_name);
 	debug_return_int(AUTH_FATAL);
     }
 
     if ((state.as = auth_open()) == NULL) {
-	log_error(USE_ERRNO|NO_MAIL,
-	    _("unable to begin bsd authentication"));
+	log_warning(USE_ERRNO|NO_MAIL,
+	    N_("unable to begin bsd authentication"));
 	login_close(state.lc);
 	debug_return_int(AUTH_FATAL);
     }
@@ -89,7 +86,7 @@ bsdauth_init(struct passwd *pw, sudo_auth *auth)
     /* XXX - maybe sanity check the auth style earlier? */
     login_style = login_getstyle(state.lc, login_style, "auth-sudo");
     if (login_style == NULL) {
-	log_error(NO_MAIL, _("invalid authentication type"));
+	log_warning(NO_MAIL, N_("invalid authentication type"));
 	auth_close(state.as);
 	login_close(state.lc);
 	debug_return_int(AUTH_FATAL);
@@ -98,7 +95,7 @@ bsdauth_init(struct passwd *pw, sudo_auth *auth)
      if (auth_setitem(state.as, AUTHV_STYLE, login_style) < 0 ||
 	auth_setitem(state.as, AUTHV_NAME, pw->pw_name) < 0 ||
 	auth_setitem(state.as, AUTHV_CLASS, login_class) < 0) {
-	log_error(NO_MAIL, _("unable to setup authentication"));
+	log_warning(NO_MAIL, N_("unable to initialize BSD authentication"));
 	auth_close(state.as);
 	login_close(state.lc);
 	debug_return_int(AUTH_FATAL);
@@ -157,7 +154,7 @@ bsdauth_verify(struct passwd *pw, char *prompt, sudo_a
 
     if (pass) {
 	authok = auth_userresponse(as, pass, 1);
-	zero_bytes(pass, strlen(pass));
+	memset_s(pass, SUDO_CONV_REPL_MAX, 0, strlen(pass));
     }
 
     /* restore old signal handler */
@@ -170,7 +167,7 @@ bsdauth_verify(struct passwd *pw, char *prompt, sudo_a
 	debug_return_int(AUTH_INTR);
 
     if ((s = auth_getvalue(as, "errormsg")) != NULL)
-	log_error(NO_MAIL, "%s", s);
+	log_warning(NO_MAIL, "%s", s);
     debug_return_int(AUTH_FAILURE);
 }