diff options
author | Simo Sorce <ssorce@redhat.com> | 2009-10-12 16:05:44 -0400 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2009-10-15 07:44:45 -0400 |
commit | b4ae1f2b47f16b7f497493d8cbead04070ce1af0 (patch) | |
tree | 5d1676e927baddd2fa4b98396022fd1a5b5d6e5c | |
parent | 91f92358f790ddd2cf60b0b950d1d7fb586528f7 (diff) | |
download | sssd-b4ae1f2b47f16b7f497493d8cbead04070ce1af0.tar.gz sssd-b4ae1f2b47f16b7f497493d8cbead04070ce1af0.tar.xz sssd-b4ae1f2b47f16b7f497493d8cbead04070ce1af0.zip |
Fix offline authentication
The way we were processing errors from the provider caused offline
authentication to stop working. Previously the problem was masked
by a bug in the data provider that always returned "Success" for any
operation no matter what the actual return code was. when DP got
removed the bug became evident.
-rw-r--r-- | server/responder/pam/pamsrv_cmd.c | 19 |
1 files changed, 3 insertions, 16 deletions
diff --git a/server/responder/pam/pamsrv_cmd.c b/server/responder/pam/pamsrv_cmd.c index 671dc0873..cfc973d99 100644 --- a/server/responder/pam/pamsrv_cmd.c +++ b/server/responder/pam/pamsrv_cmd.c @@ -557,30 +557,17 @@ static void pam_check_user_dp_callback(uint16_t err_maj, uint32_t err_min, const char *err_msg, void *ptr) { struct pam_auth_req *preq = talloc_get_type(ptr, struct pam_auth_req); - struct ldb_result *res = NULL; struct sysdb_ctx *sysdb; int ret; - if ((err_maj != DP_ERR_OK) && (err_maj != DP_ERR_OFFLINE)) { + if (err_maj) { DEBUG(2, ("Unable to get information from Data Provider\n" "Error: %u, %u, %s\n", (unsigned int)err_maj, (unsigned int)err_min, err_msg)); - ret = EFAULT; - goto done; - } - - if (err_maj == DP_ERR_OFFLINE) { - if (preq->data) res = talloc_get_type(preq->data, struct ldb_result); - if (!res) res = talloc_zero(preq, struct ldb_result); - if (!res) { - ret = EFAULT; - goto done; - } - - pam_check_user_callback(preq, LDB_SUCCESS, res); - return; } + /* always try to see if we have the user in cache even if the provider + * returned an error */ ret = sysdb_get_ctx_from_list(preq->cctx->rctx->db_list, preq->domain, &sysdb); if (ret != EOK) { |