From 7247ffbe65e4bf3f8555ce8699ecdda006cde515 Mon Sep 17 00:00:00 2001
From: Lukas Braun <lukas.braun@fau.de>
Date: Tue, 7 Feb 2017 14:46:08 +0100
Subject: [PATCH] pam: make sure we really send the complete buffers

---
 pam_goatherd.c | 22 ++++++++++++++++++----
 1 file changed, 18 insertions(+), 4 deletions(-)

diff --git a/pam_goatherd.c b/pam_goatherd.c
index b4d3e18..edf426c 100644
--- a/pam_goatherd.c
+++ b/pam_goatherd.c
@@ -66,6 +66,20 @@ static int verify_cb(gnutls_session_t session) {
     return 0;
 }
 
+static int send_full(gnutls_session_t session, const void *data, size_t len)
+{
+    ssize_t sent;
+    while (len > 0 && (sent = gnutls_record_send(session, data, len)) > 0) {
+        data += sent;
+        len -= (size_t)sent;
+    }
+    if (sent < 0)
+        return (int)sent;
+
+    return 0;
+}
+
+
 static int check_hotp(struct cfg cfg, const char *user, const char *hotp)
 {
     int err;
@@ -169,10 +183,10 @@ static int check_hotp(struct cfg cfg, const char *user, const char *hotp)
     // talk
     dbgp("authenticating");
     char ln = '\n';
-    if ((err = gnutls_record_send(session, user, strlen(user))) < 0
-            || (err = gnutls_record_send(session, &ln, 1)) < 0
-            || (err = gnutls_record_send(session, hotp, strlen(hotp))) < 0
-            || (err = gnutls_record_send(session, &ln, 1)) < 0)
+    if ((err = send_full(session, user, strlen(user))) < 0
+            || (err = send_full(session, &ln, 1)) < 0
+            || (err = send_full(session, hotp, strlen(hotp))) < 0
+            || (err = send_full(session, &ln, 1)) < 0)
     {
         dbgp2("error in send:", gnutls_strerror(err));
         err = PAM_AUTHINFO_UNAVAIL;
-- 
GitLab