[Pkg-shadow-commits] r2724 - in upstream/trunk: . src
Nicolas FRANÇOIS
nekral-guest at alioth.debian.org
Mon Apr 20 12:54:17 UTC 2009
Author: nekral-guest
Date: 2009-04-20 12:54:17 +0000 (Mon, 20 Apr 2009)
New Revision: 2724
Modified:
upstream/trunk/ChangeLog
upstream/trunk/src/login.c
Log:
* src/login.c: Open the PAM session before pam_setcred and before
initgroups. This is more consistent with rfc86.0.
Modified: upstream/trunk/ChangeLog
===================================================================
--- upstream/trunk/ChangeLog 2009-04-20 12:47:04 UTC (rev 2723)
+++ upstream/trunk/ChangeLog 2009-04-20 12:54:17 UTC (rev 2724)
@@ -1,5 +1,10 @@
2009-04-20 Nicolas François <nicolas.francois at centraliens.net>
+ * src/login.c: Open the PAM session before pam_setcred and before
+ initgroups. This is more consistent with rfc86.0.
+
+2009-04-20 Nicolas François <nicolas.francois at centraliens.net>
+
* src/login.c: Added helper functions get_pam_user() and
get_failent_user().
Modified: upstream/trunk/src/login.c
===================================================================
--- upstream/trunk/src/login.c 2009-04-20 12:47:04 UTC (rev 2723)
+++ upstream/trunk/src/login.c 2009-04-20 12:54:17 UTC (rev 2724)
@@ -849,6 +849,11 @@
}
PAM_FAIL_CHECK;
+ /* Open the PAM session */
+ get_pam_user (&pam_user);
+ retcode = pam_open_session (pamh, hushed (pam_user) ? PAM_SILENT : 0);
+ PAM_FAIL_CHECK;
+
/* Grab the user information out of the password file for future usage
* First get the username that we are actually using, though.
*
@@ -880,10 +885,10 @@
retcode = pam_setcred (pamh, PAM_ESTABLISH_CRED);
PAM_FAIL_CHECK;
+ /* NOTE: If pam_setcred changes PAM_USER, this will not be taken
+ * into account.
+ */
- retcode = pam_open_session (pamh, hushed (username) ? PAM_SILENT : 0);
- PAM_FAIL_CHECK;
-
#else /* ! USE_PAM */
while (true) { /* repeatedly get login/password pairs */
failed = false; /* haven't failed authentication yet */
More information about the Pkg-shadow-commits
mailing list