diff options
author | Brian Cameron <brian.cameron@sun.com> | 2007-05-08 09:50:01 +0000 |
---|---|---|
committer | Brian Cameron <bcameron@src.gnome.org> | 2007-05-08 09:50:01 +0000 |
commit | 547438f47af72c216ee62ca287cf7d4c69f1938a (patch) | |
tree | 0463f7c76be0907727e325bbaf791a2371212ecb | |
parent | f7ff577ee536111abdea10ccad97efa0975f653e (diff) | |
download | gdm-547438f47af72c216ee62ca287cf7d4c69f1938a.tar.gz |
When we receive PAM_AUTHINFO_UNAVAIL just display the default
2007-05-08 Brian Cameron <brian.cameron@sun.com>
* daemon/verify-pam.c: When we receive PAM_AUTHINFO_UNAVAIL
just display the default "authentication failed" message.
This ensures that the error message is the same for
invalid user and incorrect password, making it harder to
tell whether an account is a valid one or not.
svn path=/trunk/; revision=4893
-rw-r--r-- | ChangeLog | 8 | ||||
-rw-r--r-- | daemon/verify-pam.c | 10 |
2 files changed, 16 insertions, 2 deletions
@@ -1,5 +1,13 @@ 2007-05-08 Brian Cameron <brian.cameron@sun.com> + * daemon/verify-pam.c: When we receive PAM_AUTHINFO_UNAVAIL + just display the default "authentication failed" message. + This ensures that the error message is the same for + invalid user and incorrect password, making it harder to + tell whether an account is a valid one or not. + +2007-05-08 Brian Cameron <brian.cameron@sun.com> + * config/PostLogin: Change reference from $LOGIN to $LOGNAME in documentation comment. Fixes bug 436805. Patch by Loic Minier <lool+gnome@via.ecp.fr> diff --git a/daemon/verify-pam.c b/daemon/verify-pam.c index 14a4454a..2f3a615e 100644 --- a/daemon/verify-pam.c +++ b/daemon/verify-pam.c @@ -1170,9 +1170,15 @@ gdm_verify_user (GdmDisplay *d, * message from the PAM subsystem */ if ( ! error_msg_given && gdm_slave_action_pending ()) { - /* I'm not sure yet if I should display this message for any other issues - heeten */ + /* + * I'm not sure yet if I should display this message for any + * other issues - heeten + * Adding AUTHINFO_UNAVAIL to the list - its what an unknown + * user is. + */ if (pamerr == PAM_AUTH_ERR || - pamerr == PAM_USER_UNKNOWN) { + pamerr == PAM_USER_UNKNOWN || + pamerr == PAM_AUTHINFO_UNAVAIL) { gboolean is_capslock = FALSE; const char *basemsg; char *msg; |