diff options
| author | rcritten <> | 2007-01-10 20:56:00 +0000 |
|---|---|---|
| committer | rcritten <> | 2007-01-10 20:56:00 +0000 |
| commit | c6f1107dac6935dae497c08f3afbdaf503d693f5 (patch) | |
| tree | cdeaedf72766c7a6efd2c65b7991e05d91295d96 | |
| parent | ff38e91d0bfa650b5ab77378f583243cabcddf0d (diff) | |
| download | mod_nss-c6f1107dac6935dae497c08f3afbdaf503d693f5.tar.gz mod_nss-c6f1107dac6935dae497c08f3afbdaf503d693f5.tar.xz mod_nss-c6f1107dac6935dae497c08f3afbdaf503d693f5.zip | |
222173
Stop processing tokens when a login fails so we can correctly report
the failure.
Fix an off-by-one error in nss_pcache that prevented 1 character
passwords (not a huge problem but a bug none-the-less).
| -rw-r--r-- | nss_engine_pphrase.c | 13 | ||||
| -rw-r--r-- | nss_pcache.c | 6 |
2 files changed, 14 insertions, 5 deletions
diff --git a/nss_engine_pphrase.c b/nss_engine_pphrase.c index 981ebff..6badfe8 100644 --- a/nss_engine_pphrase.c +++ b/nss_engine_pphrase.c @@ -85,8 +85,15 @@ SECStatus nss_Init_Tokens(server_rec *s) ret = PK11_Authenticate(slot, PR_TRUE, parg); if (SECSuccess != ret) { - status = SECFailure; - break; + ap_log_error(APLOG_MARK, APLOG_ERR, 0, s, + "Password for slot %s is incorrect.", PK11_GetTokenName(slot)); + PK11_FreeSlot(slot); + /* We return here rather than breaking because: + 1. All tokens must be logged for the server to work. + 2. We'll get a bogus error message from nss_engine_init, -8053, + instead of -8177. + */ + return SECFailure; } parg->retryCount = 0; /* reset counter to 0 for the next token */ PK11_FreeSlot(slot); @@ -153,7 +160,7 @@ static char * nss_password_prompt(PK11SlotInfo *slot, PRBool retry, void *arg) if (rv != APR_SUCCESS || (res != PIN_SUCCESS && res != PIN_INCORRECTPW)) { ap_log_error(APLOG_MARK, APLOG_ERR, 0, NULL, - "Unable to read from pin store for slot: %s APR err: %d", PK11_GetTokenName(slot), rv); + "Unable to read from pin store for slot: %s APR err: %d pcache: %d", PK11_GetTokenName(slot), rv, res); nss_die(); } } diff --git a/nss_pcache.c b/nss_pcache.c index 65a7a02..8e0f70f 100644 --- a/nss_pcache.c +++ b/nss_pcache.c @@ -445,12 +445,13 @@ char * getstr(const char * cmd, int el) { work = strdup(cmd); s = t = work; + r = NULL; peek = s; if (peek) peek++; while (*s) { - if (*s == '\t' || *peek == '\0') { + if (*s == '\t' || *s == '\0') { if (i == el) { if (*peek != '\0') *s = '\0'; @@ -468,8 +469,9 @@ char * getstr(const char * cmd, int el) { peek++; } + if (t) r = strdup(t); free(work); - return NULL; + return r; } /* |