diff options
author | Jake Chen <jakechentw@gmail.com> | 2020-06-17 15:25:39 +0800 |
---|---|---|
committer | Jan Pazdziora <jpazdziora@redhat.com> | 2020-07-08 23:20:09 +0200 |
commit | 622996a9a7d462cdb51cd2a2c5ecd3b00bb48b85 (patch) | |
tree | 14499fa48bc1ec4a0a2cc19eb71901240c8e1cb3 /mod_authnz_pam.c | |
parent | a9b23ffac32c9ac3b4fac1f60658d3b08b0c93e3 (diff) | |
download | mod_authnz_pam-622996a9a7d462cdb51cd2a2c5ecd3b00bb48b85.tar.gz mod_authnz_pam-622996a9a7d462cdb51cd2a2c5ecd3b00bb48b85.tar.xz mod_authnz_pam-622996a9a7d462cdb51cd2a2c5ecd3b00bb48b85.zip |
Store password to cache only after passing all PAM checks, including account.
Diffstat (limited to 'mod_authnz_pam.c')
-rw-r--r-- | mod_authnz_pam.c | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/mod_authnz_pam.c b/mod_authnz_pam.c index e16d408..7b4bb7a 100644 --- a/mod_authnz_pam.c +++ b/mod_authnz_pam.c @@ -197,11 +197,6 @@ static authn_status pam_authenticate_with_login_password(request_rec * r, const param = login; stage = "PAM authentication failed for user"; ret = pam_authenticate(pamh, PAM_SILENT | PAM_DISALLOW_NULL_AUTHTOK); -#if AP_MODULE_MAGIC_AT_LEAST(20100625,0) - if (ret == PAM_SUCCESS) { - store_password_to_cache(r, login, password); - } -#endif } if ((ret == PAM_SUCCESS) && (steps & _PAM_STEP_ACCOUNT)) { param = login; @@ -232,6 +227,11 @@ static authn_status pam_authenticate_with_login_password(request_rec * r, const r->user = apr_pstrdup(r->pool, login); ap_log_rerror(APLOG_MARK, APLOG_INFO, 0, r, SHOW_MODULE "PAM authentication passed for user %s", login); pam_end(pamh, ret); +#if AP_MODULE_MAGIC_AT_LEAST(20100625,0) + if (steps & _PAM_STEP_AUTH) { + store_password_to_cache(r, login, password); + } +#endif return AUTH_GRANTED; } |