From d8a7b3477f660316e69dcf3c0cbc93cf71c9a3d0 Mon Sep 17 00:00:00 2001 From: David Nugent Date: Mon, 24 Mar 1997 21:22:12 +0000 Subject: [PATCH] strdup() value of term to correctly preserve contents. Rearrange validation logic so that it works correctly when compiled with kerberos support. Closes PR#3056. --- usr.bin/login/login.c | 20 +++++++++----------- 1 file changed, 9 insertions(+), 11 deletions(-) diff --git a/usr.bin/login/login.c b/usr.bin/login/login.c index f771c418a613..747643159c0e 100644 --- a/usr.bin/login/login.c +++ b/usr.bin/login/login.c @@ -482,19 +482,16 @@ main(argc, argv) * If trying to log in as root without Kerberos, * but with insecure terminal, refuse the login attempt. */ + if (pwd && !rval) { #if defined(KERBEROS) || defined(LOGIN_CAP_AUTH) - if (authok == 0) + if (authok == 0 && rootlogin && !rootok) +#else + if (rootlogin && !rootok) #endif - if (pwd && !rval && rootlogin && !rootok) { - /* use same message as for authentication failure */ - /* (void)fprintf(stderr, "%s login refused on this terminal.\n", pwd->pw_name); */ - refused(NULL, "NOROOT", 0); - /* preserve backoff behaviour even for failed root */ - /* continue; */ + refused(NULL, "NOROOT", 0); + else /* valid password & authenticated */ + break; } - /* valid password & authenticated */ - else if (pwd && !rval) - break; (void)printf("Login incorrect\n"); failures++; @@ -651,7 +648,8 @@ main(argc, argv) /* * Preserve TERM if it happens to be already set. */ - term = getenv("TERM"); + if ((term = getenv("TERM")) != NULL) + term = strdup(term); /* * Exclude cons/vt/ptys only, assume dialup otherwise