aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTomas Mraz <tm@t8m.info>2005-01-07 15:31:26 +0000
committerTomas Mraz <tm@t8m.info>2005-01-07 15:31:26 +0000
commit8371672714bbe3a7c171143a657083271cad7c71 (patch)
tree926b7b38b7c0ce98dcfe15c58296cf7fe15f774c
parentc75c3ff9f2c3d221aabe89b8d0779f041e71e30c (diff)
downloadpam-8371672714bbe3a7c171143a657083271cad7c71.tar.gz
pam-8371672714bbe3a7c171143a657083271cad7c71.tar.bz2
pam-8371672714bbe3a7c171143a657083271cad7c71.zip
Relevant BUGIDs: 629251, Red Hat bz 143750
Purpose of commit: bugfix Commit summary: --------------- libpam: don't return PAM_IGNORE if the impression is positive and using cached chain pam_nologin: don't overwrite return value with return from pam_get_item
Diffstat
-rw-r--r--CHANGELOG4
-rw-r--r--libpam/pam_dispatch.c14
-rw-r--r--libpam/pam_strerror.c4
-rw-r--r--modules/pam_nologin/pam_nologin.c5
4 files changed, 18 insertions, 9 deletions
diff --git a/CHANGELOG b/CHANGELOG
index bb78fde9..9d0d6a3c 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -71,6 +71,10 @@ BerliOS Bugs are marked with (BerliOS #XXXX).
* pam_limits: support for new Linux kernel 2.6 limits (from toby cabot
- t8m)
* pam_tally: major rewrite of the module (t8m)
+* libpam: don't return PAM_IGNORE for OK or JUMP actions if using
+ cached chain (Bug 629251 - t8m)
+* pam_nologin: don't overwrite return value with return from
+ pam_get_item (t8m)
0.78: Do Nov 18 14:48:36 CET 2004
diff --git a/libpam/pam_dispatch.c b/libpam/pam_dispatch.c
index c6fcd5f8..1daf0c9f 100644
--- a/libpam/pam_dispatch.c
+++ b/libpam/pam_dispatch.c
@@ -184,8 +184,12 @@ static int _pam_dispatch_aux(pam_handle_t *pamh, int flags, struct handler *h,
if ( impression == _PAM_UNDEF
|| (impression == _PAM_POSITIVE && status == PAM_SUCCESS) ) {
- impression = _PAM_POSITIVE;
- status = retval;
+ /* in case of using cached chain
+ we could get here with PAM_IGNORE - don't return it */
+ if ( retval != PAM_IGNORE || cached_retval == retval ) {
+ impression = _PAM_POSITIVE;
+ status = retval;
+ }
}
if ( impression == _PAM_POSITIVE && action == _PAM_ACTION_DONE ) {
goto decision_made;
@@ -227,8 +231,10 @@ static int _pam_dispatch_aux(pam_handle_t *pamh, int flags, struct handler *h,
if (impression == _PAM_UNDEF
|| (impression == _PAM_POSITIVE
&& status == PAM_SUCCESS) ) {
- impression = _PAM_POSITIVE;
- status = retval;
+ if ( retval != PAM_IGNORE || cached_retval == retval ) {
+ impression = _PAM_POSITIVE;
+ status = retval;
+ }
}
}
diff --git a/libpam/pam_strerror.c b/libpam/pam_strerror.c
index de857fd8..b2c6775a 100644
--- a/libpam/pam_strerror.c
+++ b/libpam/pam_strerror.c
@@ -48,7 +48,7 @@ const char *pam_strerror(pam_handle_t *pamh, int errnum)
case PAM_USER_UNKNOWN:
return "User not known to the underlying authentication module";
case PAM_MAXTRIES:
- return "Have exhasted maximum number of retries for service.";
+ return "Have exhausted maximum number of retries for service.";
case PAM_NEW_AUTHTOK_REQD:
return "Authentication token is no longer valid; new one required.";
case PAM_ACCT_EXPIRED:
@@ -78,7 +78,7 @@ const char *pam_strerror(pam_handle_t *pamh, int errnum)
case PAM_TRY_AGAIN:
return "Failed preliminary check by password service";
case PAM_IGNORE:
- return "Please ignore underlying account module";
+ return "The return value should be ignored by PAM dispatch";
case PAM_MODULE_UNKNOWN:
return "Module is unknown";
case PAM_AUTHTOK_EXPIRED:
diff --git a/modules/pam_nologin/pam_nologin.c b/modules/pam_nologin/pam_nologin.c
index 433d2e11..bfd17753 100644
--- a/modules/pam_nologin/pam_nologin.c
+++ b/modules/pam_nologin/pam_nologin.c
@@ -125,9 +125,8 @@ static int perform_check(pam_handle_t *pamh, struct opt_s *opts)
* of /etc/nologin
*/
- retval = pam_get_item(pamh, PAM_CONV,
- (const void **)&conversation);
- if ((retval == PAM_SUCCESS) && (conversation)) {
+ if (pam_get_item(pamh, PAM_CONV, (const void **)&conversation)
+ == PAM_SUCCESS && conversation && conversation->conv) {
(void) conversation->conv(1,
(const struct pam_message **)&pmessage,
&resp, conversation->appdata_ptr);
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-18 00:23:26 +0000