[BACK]Return to sudo_auth.c CVS log [TXT] [DIR] Up to [ELWIX - Embedded LightWeight unIX -] / embedaddon / sudo / plugins / sudoers / auth

Diff for /embedaddon/sudo/plugins/sudoers/auth/sudo_auth.c between versions 1.1.1.3 and 1.1.1.5

version 1.1.1.3, 2012/10/09 09:29:52 version 1.1.1.5, 2013/10/14 07:56:35
Line 1 Line 1
 /*  /*
 * Copyright (c) 1999-2005, 2008-2010 Todd C. Miller <Todd.Miller@courtesan.com> * Copyright (c) 1999-2005, 2008-2013 Todd C. Miller <Todd.Miller@courtesan.com>
  *   *
  * Permission to use, copy, modify, and distribute this software for any   * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above   * purpose with or without fee is hereby granted, provided that the above
Line 21 Line 21
 #include <config.h>  #include <config.h>
   
 #include <sys/types.h>  #include <sys/types.h>
 #include <sys/param.h>  
 #include <stdio.h>  #include <stdio.h>
 #ifdef STDC_HEADERS  #ifdef STDC_HEADERS
 # include <stdlib.h>  # include <stdlib.h>
Line 117  sudo_auth_init(struct passwd *pw) Line 116  sudo_auth_init(struct passwd *pw)
     /* Make sure we haven't mixed standalone and shared auth methods. */      /* Make sure we haven't mixed standalone and shared auth methods. */
     standalone = IS_STANDALONE(&auth_switch[0]);      standalone = IS_STANDALONE(&auth_switch[0]);
     if (standalone && auth_switch[1].name != NULL) {      if (standalone && auth_switch[1].name != NULL) {
        audit_failure(NewArgv, "invalid authentication methods");        audit_failure(NewArgv, N_("invalid authentication methods"));
        log_fatal(0, _("Invalid authentication methods compiled into sudo!  "        log_fatal(0, N_("Invalid authentication methods compiled into sudo!  "
            "You may mix standalone and non-standalone authentication."));            "You may not mix standalone and non-standalone authentication."));
         debug_return_int(-1);          debug_return_int(-1);
     }      }
   
Line 201  verify_user(struct passwd *pw, char *prompt, int valid Line 200  verify_user(struct passwd *pw, char *prompt, int valid
     /* Make sure we have at least one auth method. */      /* Make sure we have at least one auth method. */
     /* XXX - check FLAG_DISABLED too */      /* XXX - check FLAG_DISABLED too */
     if (auth_switch[0].name == NULL) {      if (auth_switch[0].name == NULL) {
        audit_failure(NewArgv, "no authentication methods");        audit_failure(NewArgv, N_("no authentication methods"));
        log_error(0,        log_warning(0,
            _("There are no authentication methods compiled into sudo!  "            N_("There are no authentication methods compiled into sudo!  "
             "If you want to turn off authentication, use the "              "If you want to turn off authentication, use the "
             "--disable-authentication configure option."));              "--disable-authentication configure option."));
         debug_return_int(-1);          debug_return_int(-1);
Line 255  verify_user(struct passwd *pw, char *prompt, int valid Line 254  verify_user(struct passwd *pw, char *prompt, int valid
                 goto done;                  goto done;
         }          }
         if (!standalone)          if (!standalone)
            zero_bytes(p, strlen(p));            memset_s(p, SUDO_CONV_REPL_MAX, 0, strlen(p));
         pass_warn();          pass_warn();
     }      }
   
Line 291  sudo_auth_begin_session(struct passwd *pw, char **user Line 290  sudo_auth_begin_session(struct passwd *pw, char **user
 {  {
     sudo_auth *auth;      sudo_auth *auth;
     int status = AUTH_SUCCESS;      int status = AUTH_SUCCESS;
    debug_decl(auth_begin_session, SUDO_DEBUG_AUTH)    debug_decl(sudo_auth_begin_session, SUDO_DEBUG_AUTH)
   
     for (auth = auth_switch; auth->name; auth++) {      for (auth = auth_switch; auth->name; auth++) {
         if (auth->begin_session && !IS_DISABLED(auth)) {          if (auth->begin_session && !IS_DISABLED(auth)) {
Line 303  sudo_auth_begin_session(struct passwd *pw, char **user Line 302  sudo_auth_begin_session(struct passwd *pw, char **user
     debug_return_int(status == AUTH_FATAL ? -1 : 1);      debug_return_int(status == AUTH_FATAL ? -1 : 1);
 }  }
   
   bool
   sudo_auth_needs_end_session(void)
   {
       sudo_auth *auth;
       bool needed = false;
       debug_decl(sudo_auth_needs_end_session, SUDO_DEBUG_AUTH)
   
       for (auth = auth_switch; auth->name; auth++) {
           if (auth->end_session && !IS_DISABLED(auth)) {
               needed = true;
               break;
           }
       }
       debug_return_bool(needed);
   }
   
 /*  /*
  * Call authentication method end session hooks.   * Call authentication method end session hooks.
  * Returns 1 on success and -1 on error.   * Returns 1 on success and -1 on error.
Line 312  sudo_auth_end_session(struct passwd *pw) Line 327  sudo_auth_end_session(struct passwd *pw)
 {  {
     sudo_auth *auth;      sudo_auth *auth;
     int status = AUTH_SUCCESS;      int status = AUTH_SUCCESS;
    debug_decl(auth_end_session, SUDO_DEBUG_AUTH)    debug_decl(sudo_auth_end_session, SUDO_DEBUG_AUTH)
   
     for (auth = auth_switch; auth->name; auth++) {      for (auth = auth_switch; auth->name; auth++) {
         if (auth->end_session && !IS_DISABLED(auth)) {          if (auth->end_session && !IS_DISABLED(auth)) {
Removed from v.1.1.1.3  
changed lines
  Added in v.1.1.1.5

FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>