|
 |
b2d430 |
From 86f099e6ca0e09dd5fe44816238a4323c63f9ee7 Mon Sep 17 00:00:00 2001
|
|
|
b2d430 |
From: Jakub Hrozek <jhrozek@redhat.com>
|
|
|
b2d430 |
Date: Wed, 3 Aug 2016 17:43:14 +0200
|
|
|
b2d430 |
Subject: [PATCH 75/82] PAM: Do not act on ldb_message in case of a failure
|
|
|
b2d430 |
MIME-Version: 1.0
|
|
|
b2d430 |
Content-Type: text/plain; charset=UTF-8
|
|
|
b2d430 |
Content-Transfer-Encoding: 8bit
|
|
|
b2d430 |
|
|
|
b2d430 |
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
|
|
|
b2d430 |
---
|
|
|
b2d430 |
src/responder/pam/pamsrv_cmd.c | 33 ++++++++++++++++++---------------
|
|
|
b2d430 |
1 file changed, 18 insertions(+), 15 deletions(-)
|
|
|
b2d430 |
|
|
|
b2d430 |
diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c
|
|
|
b2d430 |
index 66564f5d301a53dcdb5967f43ef4afdb897e9974..be54fbf9b627d0ec1c3b0416401885245794cf9f 100644
|
|
|
b2d430 |
--- a/src/responder/pam/pamsrv_cmd.c
|
|
|
b2d430 |
+++ b/src/responder/pam/pamsrv_cmd.c
|
|
|
b2d430 |
@@ -1534,21 +1534,24 @@ static int pam_check_user_search(struct pam_auth_req *preq)
|
|
|
b2d430 |
|
|
|
b2d430 |
if (preq->pd->name_is_upn) {
|
|
|
b2d430 |
ret = sysdb_search_user_by_upn(preq, dom, name, user_attrs, &msg;;
|
|
|
b2d430 |
-
|
|
|
b2d430 |
- /* Since sysdb_search_user_by_upn() searches the whole cache we
|
|
|
b2d430 |
- * have to set the domain so that it matches the result. */
|
|
|
b2d430 |
- sysdb_name = ldb_msg_find_attr_as_string(msg, SYSDB_NAME, NULL);
|
|
|
b2d430 |
- if (sysdb_name == NULL) {
|
|
|
b2d430 |
- DEBUG(SSSDBG_CRIT_FAILURE, "Cached entry has no name.\n");
|
|
|
b2d430 |
- return EINVAL;
|
|
|
b2d430 |
- }
|
|
|
b2d430 |
- preq->domain = find_domain_by_object_name(get_domains_head(dom),
|
|
|
b2d430 |
- sysdb_name);
|
|
|
b2d430 |
- if (preq->domain == NULL) {
|
|
|
b2d430 |
- DEBUG(SSSDBG_CRIT_FAILURE,
|
|
|
b2d430 |
- "Cannot find matching domain for [%s].\n",
|
|
|
b2d430 |
- sysdb_name);
|
|
|
b2d430 |
- return EINVAL;
|
|
|
b2d430 |
+ if (ret == EOK) {
|
|
|
b2d430 |
+ /* Since sysdb_search_user_by_upn() searches the whole cache we
|
|
|
b2d430 |
+ * have to set the domain so that it matches the result. */
|
|
|
b2d430 |
+ sysdb_name = ldb_msg_find_attr_as_string(msg,
|
|
|
b2d430 |
+ SYSDB_NAME, NULL);
|
|
|
b2d430 |
+ if (sysdb_name == NULL) {
|
|
|
b2d430 |
+ DEBUG(SSSDBG_CRIT_FAILURE, "Cached entry has no name.\n");
|
|
|
b2d430 |
+ return EINVAL;
|
|
|
b2d430 |
+ }
|
|
|
b2d430 |
+ preq->domain = find_domain_by_object_name(
|
|
|
b2d430 |
+ get_domains_head(dom),
|
|
|
b2d430 |
+ sysdb_name);
|
|
|
b2d430 |
+ if (preq->domain == NULL) {
|
|
|
b2d430 |
+ DEBUG(SSSDBG_CRIT_FAILURE,
|
|
|
b2d430 |
+ "Cannot find matching domain for [%s].\n",
|
|
|
b2d430 |
+ sysdb_name);
|
|
|
b2d430 |
+ return EINVAL;
|
|
|
b2d430 |
+ }
|
|
|
b2d430 |
}
|
|
|
b2d430 |
} else {
|
|
|
b2d430 |
ret = sysdb_getpwnam_with_views(preq, dom, name, &res;;
|
|
|
b2d430 |
--
|
|
|
b2d430 |
2.4.11
|
|
|
b2d430 |
|