[BACK]Return to fwtk.c CVS log [TXT] [DIR] Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo / plugins / sudoers / auth

Diff for /embedaddon/sudo/plugins/sudoers/auth/fwtk.c between versions 1.1.1.2 and 1.1.1.5

version 1.1.1.2, 2012/05/29 12:26:49 version 1.1.1.5, 2014/06/15 16:12:54
Line 1 Line 1
 /*  /*
 * Copyright (c) 1999-2005, 2008, 2010-2011 * Copyright (c) 1999-2005, 2008, 2010-2013
  *      Todd C. Miller <Todd.Miller@courtesan.com>   *      Todd C. Miller <Todd.Miller@courtesan.com>
  *   *
  * Permission to use, copy, modify, and distribute this software for any   * Permission to use, copy, modify, and distribute this software for any
Line 22 Line 22
 #include <config.h>  #include <config.h>
   
 #include <sys/types.h>  #include <sys/types.h>
 #include <sys/param.h>  
 #include <stdio.h>  #include <stdio.h>
 #ifdef STDC_HEADERS  #ifdef STDC_HEADERS
 # include <stdlib.h>  # include <stdlib.h>
Line 57  sudo_fwtk_init(struct passwd *pw, sudo_auth *auth) Line 56  sudo_fwtk_init(struct passwd *pw, sudo_auth *auth)
     debug_decl(sudo_fwtk_init, SUDO_DEBUG_AUTH)      debug_decl(sudo_fwtk_init, SUDO_DEBUG_AUTH)
   
     if ((confp = cfg_read("sudo")) == (Cfg *)-1) {      if ((confp = cfg_read("sudo")) == (Cfg *)-1) {
        warningx(_("unable to read fwtk config"));        warningx(U_("unable to read fwtk config"));
         debug_return_int(AUTH_FATAL);          debug_return_int(AUTH_FATAL);
     }      }
   
     if (auth_open(confp)) {      if (auth_open(confp)) {
        warningx(_("unable to connect to authentication server"));        warningx(U_("unable to connect to authentication server"));
         debug_return_int(AUTH_FATAL);          debug_return_int(AUTH_FATAL);
     }      }
   
     /* Get welcome message from auth server */      /* Get welcome message from auth server */
     if (auth_recv(resp, sizeof(resp))) {      if (auth_recv(resp, sizeof(resp))) {
        warningx(_("lost connection to authentication server"));        warningx(U_("lost connection to authentication server"));
         debug_return_int(AUTH_FATAL);          debug_return_int(AUTH_FATAL);
     }      }
     if (strncmp(resp, "Authsrv ready", 13) != 0) {      if (strncmp(resp, "Authsrv ready", 13) != 0) {
        warningx(_("authentication server error:\n%s"), resp);        warningx(U_("authentication server error:\n%s"), resp);
         debug_return_int(AUTH_FATAL);          debug_return_int(AUTH_FATAL);
     }      }
   
Line 83  int Line 82  int
 sudo_fwtk_verify(struct passwd *pw, char *prompt, sudo_auth *auth)  sudo_fwtk_verify(struct passwd *pw, char *prompt, sudo_auth *auth)
 {  {
     char *pass;                         /* Password from the user */      char *pass;                         /* Password from the user */
    char buf[SUDO_PASS_MAX + 12];     /* General prupose buffer */    char buf[SUDO_CONV_REPL_MAX + 12];     /* General prupose buffer */
     char resp[128];                     /* Response from the server */      char resp[128];                     /* Response from the server */
     int error;      int error;
     debug_decl(sudo_fwtk_verify, SUDO_DEBUG_AUTH)      debug_decl(sudo_fwtk_verify, SUDO_DEBUG_AUTH)
Line 92  sudo_fwtk_verify(struct passwd *pw, char *prompt, sudo Line 91  sudo_fwtk_verify(struct passwd *pw, char *prompt, sudo
     (void) snprintf(buf, sizeof(buf), "authorize %s 'sudo'", pw->pw_name);      (void) snprintf(buf, sizeof(buf), "authorize %s 'sudo'", pw->pw_name);
 restart:  restart:
     if (auth_send(buf) || auth_recv(resp, sizeof(resp))) {      if (auth_send(buf) || auth_recv(resp, sizeof(resp))) {
        warningx(_("lost connection to authentication server"));        warningx(U_("lost connection to authentication server"));
         debug_return_int(AUTH_FATAL);          debug_return_int(AUTH_FATAL);
     }      }
   
Line 125  restart: Line 124  restart:
     /* Send the user's response to the server */      /* Send the user's response to the server */
     (void) snprintf(buf, sizeof(buf), "response '%s'", pass);      (void) snprintf(buf, sizeof(buf), "response '%s'", pass);
     if (auth_send(buf) || auth_recv(resp, sizeof(resp))) {      if (auth_send(buf) || auth_recv(resp, sizeof(resp))) {
        warningx(_("lost connection to authentication server"));        warningx(U_("lost connection to authentication server"));
         error = AUTH_FATAL;          error = AUTH_FATAL;
         goto done;          goto done;
     }      }
Line 140  restart: Line 139  restart:
         warningx("%s", resp);          warningx("%s", resp);
     error = AUTH_FAILURE;      error = AUTH_FAILURE;
 done:  done:
    zero_bytes(pass, strlen(pass));    memset_s(pass, SUDO_PASS_MAX, 0, strlen(pass));
    zero_bytes(buf, strlen(buf));    memset_s(buf, sizeof(buf), 0, sizeof(buf));
     debug_return_int(error);      debug_return_int(error);
 }  }
   
Removed from v.1.1.1.2  
changed lines
  Added in v.1.1.1.5

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>