Fixes for proxy provider

- use the correct private data for each PAM task - make proxy_pam_target a mandatory option for auth, chpass and access
author: Sumit Bose <sbose@redhat.com> 2009-11-11 15:12:28 +0100
committer: Stephen Gallagher <sgallagh@redhat.com> 2009-11-12 11:00:49 -0500
commit: f87584a07661e1501904d6fb842c47888757f223 (patch)
tree: 39e62cf33e2e90221c2c061f5e6ba6c1c764889e /server/providers/proxy.c
parent: d1ee6b6cecfbbcf4eb84f0c9a7875a6f18d80fee (diff)
download: sssd-f87584a07661e1501904d6fb842c47888757f223.tar.gz
sssd-f87584a07661e1501904d6fb842c47888757f223.tar.xz
sssd-f87584a07661e1501904d6fb842c47888757f223.zip
1 files changed, 23 insertions, 6 deletions
diff --git a/server/providers/proxy.c b/server/providers/proxy.c
index aea2df307..0a3734484 100644
--- a/server/providers/proxy.c
+++ b/server/providers/proxy.c
@@ -129,9 +129,28 @@ static void proxy_pam_handler(struct be_req *req) {
     struct proxy_auth_ctx *ctx;;
     bool cache_auth_data = false;
 
-    ctx = talloc_get_type(req->be_ctx->bet_info[BET_AUTH].pvt_bet_data, struct proxy_auth_ctx);
     pd = talloc_get_type(req->req_data, struct pam_data);
 
+    switch (pd->cmd) {
+        case SSS_PAM_AUTHENTICATE:
+            ctx = talloc_get_type(req->be_ctx->bet_info[BET_AUTH].pvt_bet_data,
+                                  struct proxy_auth_ctx);
+            break;
+        case SSS_PAM_CHAUTHTOK:
+            ctx = talloc_get_type(req->be_ctx->bet_info[BET_CHPASS].pvt_bet_data,
+                                  struct proxy_auth_ctx);
+            break;
+        case SSS_PAM_ACCT_MGMT:
+            ctx = talloc_get_type(req->be_ctx->bet_info[BET_ACCESS].pvt_bet_data,
+                                  struct proxy_auth_ctx);
+            break;
+        default:
+            DEBUG(1, ("Unsupported PAM task.\n"));
+            pd->pam_status = PAM_SUCCESS;
+            proxy_reply(req, DP_ERR_OK, PAM_SUCCESS, NULL);
+            return;
+    }
+
     conv.conv=proxy_internal_conv;
     auth_data = talloc_zero(req, struct authtok_conv);
     conv.appdata_ptr=auth_data;
@@ -2355,11 +2374,9 @@ int sssm_proxy_auth_init(struct be_ctx *bectx,
                             &ctx->pam_target);
     if (ret != EOK) goto done;
     if (!ctx->pam_target) {
-        ctx->pam_target = talloc_strdup(ctx, "sssd_pam_proxy_default");
-        if (!ctx->pam_target) {
-            ret = ENOMEM;
-            goto done;
-        }
+        DEBUG(1, ("Missing option proxy_pam_target.\n"));
+        ret = EINVAL;
+        goto done;
     }
 
     *ops = &proxy_auth_ops;
author	Sumit Bose <sbose@redhat.com>	2009-11-11 15:12:28 +0100
committer	Stephen Gallagher <sgallagh@redhat.com>	2009-11-12 11:00:49 -0500
commit	f87584a07661e1501904d6fb842c47888757f223 (patch)
tree	39e62cf33e2e90221c2c061f5e6ba6c1c764889e /server/providers/proxy.c
parent	d1ee6b6cecfbbcf4eb84f0c9a7875a6f18d80fee (diff)
download	sssd-f87584a07661e1501904d6fb842c47888757f223.tar.gz sssd-f87584a07661e1501904d6fb842c47888757f223.tar.xz sssd-f87584a07661e1501904d6fb842c47888757f223.zip