From 3a4aa5e5006decc100a2d8f2db54c46b482afd7c Mon Sep 17 00:00:00 2001
From: Sumit Bose <sbose@redhat.com>
Date: Mon, 8 Feb 2010 09:25:53 +0100
Subject: Send a message to the user if the login is delayed

---
 server/responder/pam/pamsrv_cmd.c | 27 ++++++++++++++++++++++++---
 1 file changed, 24 insertions(+), 3 deletions(-)

(limited to 'server/responder/pam/pamsrv_cmd.c')

diff --git a/server/responder/pam/pamsrv_cmd.c b/server/responder/pam/pamsrv_cmd.c
index a4573e60d..3172a97dd 100644
--- a/server/responder/pam/pamsrv_cmd.c
+++ b/server/responder/pam/pamsrv_cmd.c
@@ -626,18 +626,22 @@ static void pam_cache_auth_done(struct tevent_req *req)
     int ret;
     struct pam_auth_req *preq = tevent_req_callback_data(req,
                                                          struct pam_auth_req);
-    const uint32_t resp_type = SSS_PAM_USER_INFO_OFFLINE_AUTH;
-    const size_t resp_len = sizeof(uint32_t) + sizeof(long long);
+    uint32_t resp_type;
+    size_t resp_len;
     uint8_t *resp;
     time_t expire_date = 0;
+    time_t delayed_until = -1;
     long long dummy;
 
-    ret = sysdb_cache_auth_recv(req, &expire_date);
+    ret = sysdb_cache_auth_recv(req, &expire_date, &delayed_until);
     talloc_zfree(req);
 
     switch (ret) {
         case EOK:
             preq->pd->pam_status = PAM_SUCCESS;
+
+            resp_type = SSS_PAM_USER_INFO_OFFLINE_AUTH;
+            resp_len = sizeof(uint32_t) + sizeof(long long);
             resp = talloc_size(preq->pd, resp_len);
             if (resp == NULL) {
                 DEBUG(1, ("talloc_size failed, cannot prepare user info.\n"));
@@ -660,6 +664,23 @@ static void pam_cache_auth_done(struct tevent_req *req)
             break;
         case EACCES:
             preq->pd->pam_status = PAM_PERM_DENIED;
+            if (delayed_until >= 0) {
+                resp_type = SSS_PAM_USER_INFO_OFFLINE_AUTH_DELAYED;
+                resp_len = sizeof(uint32_t) + sizeof(long long);
+                resp = talloc_size(preq->pd, resp_len);
+                if (resp == NULL) {
+                    DEBUG(1, ("talloc_size failed, cannot prepare user info.\n"));
+                } else {
+                    memcpy(resp, &resp_type, sizeof(uint32_t));
+                    dummy = (long long) delayed_until;
+                    memcpy(resp+sizeof(uint32_t), &dummy, sizeof(long long));
+                    ret = pam_add_response(preq->pd, SSS_PAM_USER_INFO, resp_len,
+                                           (const uint8_t *) resp);
+                    if (ret != EOK) {
+                        DEBUG(1, ("pam_add_response failed.\n"));
+                    }
+                }
+            }
             break;
         default:
             preq->pd->pam_status = PAM_SYSTEM_ERR;
-- 
cgit