From b4ae1f2b47f16b7f497493d8cbead04070ce1af0 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Mon, 12 Oct 2009 16:05:44 -0400 Subject: Fix offline authentication The way we were processing errors from the provider caused offline authentication to stop working. Previously the problem was masked by a bug in the data provider that always returned "Success" for any operation no matter what the actual return code was. when DP got removed the bug became evident. --- server/responder/pam/pamsrv_cmd.c | 19 +++---------------- 1 file changed, 3 insertions(+), 16 deletions(-) diff --git a/server/responder/pam/pamsrv_cmd.c b/server/responder/pam/pamsrv_cmd.c index 671dc0873..cfc973d99 100644 --- a/server/responder/pam/pamsrv_cmd.c +++ b/server/responder/pam/pamsrv_cmd.c @@ -557,30 +557,17 @@ static void pam_check_user_dp_callback(uint16_t err_maj, uint32_t err_min, const char *err_msg, void *ptr) { struct pam_auth_req *preq = talloc_get_type(ptr, struct pam_auth_req); - struct ldb_result *res = NULL; struct sysdb_ctx *sysdb; int ret; - if ((err_maj != DP_ERR_OK) && (err_maj != DP_ERR_OFFLINE)) { + if (err_maj) { DEBUG(2, ("Unable to get information from Data Provider\n" "Error: %u, %u, %s\n", (unsigned int)err_maj, (unsigned int)err_min, err_msg)); - ret = EFAULT; - goto done; - } - - if (err_maj == DP_ERR_OFFLINE) { - if (preq->data) res = talloc_get_type(preq->data, struct ldb_result); - if (!res) res = talloc_zero(preq, struct ldb_result); - if (!res) { - ret = EFAULT; - goto done; - } - - pam_check_user_callback(preq, LDB_SUCCESS, res); - return; } + /* always try to see if we have the user in cache even if the provider + * returned an error */ ret = sysdb_get_ctx_from_list(preq->cctx->rctx->db_list, preq->domain, &sysdb); if (ret != EOK) { -- cgit