Bug#597020: libgksu: sudo mode: no second attempt and no feedback when wrong password entered

Martin Pitt martin.pitt at ubuntu.com
Wed Sep 15 23:02:38 UTC 2010 

Package: libgksu
Version: 2.0.13~pre1-1
Tags: patch
User: ubuntu-devel at lists.ubuntu.com
Usertags: origin-ubuntu ubuntu-patch maverick

Hello,

we got a lot of bug reports in Ubuntu (which uses sudo by default)
about the password dialog that is presented only allowing one attempt.
If the wrong password is entered, the dialog simply disappears, and
nothing else happens. (https://launchpad.net/bugs/298217)

I debugged this, and the problem is in this part:

          /* ignore the first newline that comes right after sudo receives
             the password */
          fgets (buffer, 255, infile);
          /* this is the status we are interessted in */
          fgets (buffer, 255, infile);
          [...]
          if (!strcmp (buffer, "Sorry, try again.\n"))

So what happens with sudo 1.7.2p7 at least (but presumably with a lot
of older versions, given how old the Ubuntu bug is), that the first
fgets() gets "Sorry, try again.", the message we are really interested
in. The second gets "GNOME_SUDO_PASSSorry, try again.".

One possible solution is to just drop the first fgets, so that the
strcmp() will match on the correct string.  Now, I suppose ignoring
the first line made sense at some point with some version of sudo, so
I left the structure as it is, and instead made the string comparison
cover this case as well. This should provide full backwards
compatibility, and fixes this bug.

Thanks for considering!

Martin

-- 
Martin Pitt                        | http://www.piware.de
Ubuntu Developer (www.ubuntu.com)  | Debian Developer  (www.debian.org)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 23_sudo_wrong_pwd_check.patch
Type: text/x-diff
Size: 706 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnome-maintainers/attachments/20100916/b9b8a6e6/attachment.patch>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnome-maintainers/attachments/20100916/b9b8a6e6/attachment.pgp>

More information about the pkg-gnome-maintainers mailing list