diff options
author | Brian Cameron <brian.cameron@sun.com> | 2009-01-06 00:23:21 +0000 |
---|---|---|
committer | Brian Cameron <bcameron@src.gnome.org> | 2009-01-06 00:23:21 +0000 |
commit | 4e7d75fae3210d524b1cce8b7fdc2174e6a27fe3 (patch) | |
tree | dfa36426eb598d3d3c1075d94b2a20121cb9cfaf | |
parent | afdb6ce1064c4bcb4412dcc6388baa6715af2e13 (diff) | |
download | gdm-4e7d75fae3210d524b1cce8b7fdc2174e6a27fe3.tar.gz |
Make sure that pwent gets set before calling audit_fail_login, otherwise
2008-01-05 Brian Cameron <brian.cameron@sun.com>
* daemon/verify-pam.c: Make sure that pwent gets set before
calling audit_fail_login, otherwise the audit record is not
set properly.
svn path=/branches/gnome-2-20/; revision=6650
-rw-r--r-- | ChangeLog | 6 | ||||
-rw-r--r-- | daemon/verify-pam.c | 26 |
2 files changed, 27 insertions, 5 deletions
@@ -1,3 +1,9 @@ +2008-01-05 Brian Cameron <brian.cameron@sun.com> + + * daemon/verify-pam.c: Make sure that pwent gets set before + calling audit_fail_login, otherwise the audit record is not + set properly. + 2008-12-10 Brian Cameron <brian.cameron@sun.com> * Release 2.20.9: diff --git a/daemon/verify-pam.c b/daemon/verify-pam.c index 3546ca8b..7c8ad4e2 100644 --- a/daemon/verify-pam.c +++ b/daemon/verify-pam.c @@ -1264,6 +1264,19 @@ gdm_verify_user (GdmDisplay *d, return login; pamerr: + /* + * Take care of situation where we get here before setting pwent. + * Since login can be passed in as NULL, get the actual value if + * possible. + */ + if ((pam_get_item (pamh, PAM_USER, &p)) == PAM_SUCCESS) { + g_free (login); + login = g_strdup ((const char *)p); + } + if (pwent == NULL && login != NULL) { + pwent = getpwnam (login); + } + #ifdef HAVE_ADT audit_fail_login (d, pw_change, pwent, pamerr); #endif /* HAVE_ADT */ @@ -1450,11 +1463,6 @@ gdm_verify_setup_user (GdmDisplay *d, const gchar *login, char **new_login) *new_login = g_strdup (after_login); } -#ifdef HAVE_ADT - /* to set up for same auditing calls as in gdm_verify_user */ - pwent = getpwnam (login); -#endif /* HAVE_ADT */ - /* Check if the user's account is healthy. */ pamerr = pam_acct_mgmt (pamh, null_tok); switch (pamerr) { @@ -1590,6 +1598,14 @@ gdm_verify_setup_user (GdmDisplay *d, const gchar *login, char **new_login) return TRUE; setup_pamerr: + /* + * Take care of situation where we get here before setting pwent. + * Note login is never NULL when this function is called. + */ + if (pwent == NULL) { + pwent = getpwnam (login); + } + #ifdef HAVE_ADT audit_fail_login (d, pw_change, pwent, pamerr); #endif /* HAVE_ADT */ |