From 3bb5648041fa5e237ab450e4f58e685ec063b8c7 Mon Sep 17 00:00:00 2001
From: bjorn3 <17426603+bjorn3@users.noreply.github.com>
Date: Tue, 3 Dec 2024 16:27:07 +0100
Subject: [PATCH] Treat conversation error as authentication failure

On FreeBSD PAM returns a conversation error when there is nowhere to
read the password from.
---
 src/sudo/pam.rs | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/sudo/pam.rs b/src/sudo/pam.rs
index d8e1f190f..42edb4421 100644
--- a/src/sudo/pam.rs
+++ b/src/sudo/pam.rs
@@ -150,7 +150,7 @@ pub fn attempt_authenticate<C: Converser>(
             }
 
             // there was an authentication error, we can retry
-            Err(PamError::Pam(PamErrorType::AuthError, _)) => {
+            Err(PamError::Pam(PamErrorType::AuthError | PamErrorType::ConversationError, _)) => {
                 max_tries -= 1;
                 if max_tries == 0 {
                     return Err(Error::MaxAuthAttempts(current_try));