--- embedaddon/sudo/plugins/sudoers/auth/fwtk.c 2012/02/21 16:23:02 1.1.1.1 +++ embedaddon/sudo/plugins/sudoers/auth/fwtk.c 2014/06/15 16:12:54 1.1.1.5 @@ -1,5 +1,5 @@ /* - * Copyright (c) 1999-2005, 2008, 2010-2011 + * Copyright (c) 1999-2005, 2008, 2010-2013 * Todd C. Miller * * Permission to use, copy, modify, and distribute this software for any @@ -22,7 +22,6 @@ #include #include -#include #include #ifdef STDC_HEADERS # include @@ -50,48 +49,50 @@ #include "sudo_auth.h" int -fwtk_init(struct passwd *pw, sudo_auth *auth) +sudo_fwtk_init(struct passwd *pw, sudo_auth *auth) { static Cfg *confp; /* Configuration entry struct */ char resp[128]; /* Response from the server */ + debug_decl(sudo_fwtk_init, SUDO_DEBUG_AUTH) if ((confp = cfg_read("sudo")) == (Cfg *)-1) { - warningx(_("unable to read fwtk config")); - return AUTH_FATAL; + warningx(U_("unable to read fwtk config")); + debug_return_int(AUTH_FATAL); } if (auth_open(confp)) { - warningx(_("unable to connect to authentication server")); - return AUTH_FATAL; + warningx(U_("unable to connect to authentication server")); + debug_return_int(AUTH_FATAL); } /* Get welcome message from auth server */ if (auth_recv(resp, sizeof(resp))) { - warningx(_("lost connection to authentication server")); - return AUTH_FATAL; + warningx(U_("lost connection to authentication server")); + debug_return_int(AUTH_FATAL); } if (strncmp(resp, "Authsrv ready", 13) != 0) { - warningx(_("authentication server error:\n%s"), resp); - return AUTH_FATAL; + warningx(U_("authentication server error:\n%s"), resp); + debug_return_int(AUTH_FATAL); } - return AUTH_SUCCESS; + debug_return_int(AUTH_SUCCESS); } int -fwtk_verify(struct passwd *pw, char *prompt, sudo_auth *auth) +sudo_fwtk_verify(struct passwd *pw, char *prompt, sudo_auth *auth) { char *pass; /* Password from the user */ - char buf[SUDO_PASS_MAX + 12]; /* General prupose buffer */ + char buf[SUDO_CONV_REPL_MAX + 12]; /* General prupose buffer */ char resp[128]; /* Response from the server */ int error; + debug_decl(sudo_fwtk_verify, SUDO_DEBUG_AUTH) /* Send username to authentication server. */ (void) snprintf(buf, sizeof(buf), "authorize %s 'sudo'", pw->pw_name); restart: if (auth_send(buf) || auth_recv(resp, sizeof(resp))) { - warningx(_("lost connection to authentication server")); - return AUTH_FATAL; + warningx(U_("lost connection to authentication server")); + debug_return_int(AUTH_FATAL); } /* Get the password/response from the user. */ @@ -114,16 +115,16 @@ restart: goto restart; } else { warningx("%s", resp); - return AUTH_FATAL; + debug_return_int(AUTH_FATAL); } if (!pass) { /* ^C or error */ - return AUTH_INTR; + debug_return_int(AUTH_INTR); } /* Send the user's response to the server */ (void) snprintf(buf, sizeof(buf), "response '%s'", pass); if (auth_send(buf) || auth_recv(resp, sizeof(resp))) { - warningx(_("lost connection to authentication server")); + warningx(U_("lost connection to authentication server")); error = AUTH_FATAL; goto done; } @@ -138,15 +139,16 @@ restart: warningx("%s", resp); error = AUTH_FAILURE; done: - zero_bytes(pass, strlen(pass)); - zero_bytes(buf, strlen(buf)); - return error; + memset_s(pass, SUDO_PASS_MAX, 0, strlen(pass)); + memset_s(buf, sizeof(buf), 0, sizeof(buf)); + debug_return_int(error); } int -fwtk_cleanup(struct passwd *pw, sudo_auth *auth) +sudo_fwtk_cleanup(struct passwd *pw, sudo_auth *auth) { + debug_decl(sudo_fwtk_cleanup, SUDO_DEBUG_AUTH) auth_close(); - return AUTH_SUCCESS; + debug_return_int(AUTH_SUCCESS); }