ccname = pam_getenv(pamh, "KRB5CCNAME");
if (ccname == NULL) {
_pam_log_debug(ctrl, LOG_DEBUG, "user has no KRB5CCNAME environment");
- retval = PAM_SUCCESS;
- goto out;
}
strncpy(request.data.logoff.user, user,
sizeof(request.data.logoff.user) - 1);
- strncpy(request.data.logoff.krb5ccname, ccname,
- sizeof(request.data.logoff.krb5ccname) - 1);
+ if (ccname) {
+ strncpy(request.data.logoff.krb5ccname, ccname,
+ sizeof(request.data.logoff.krb5ccname) - 1);
+ }
pwd = getpwnam(user);
if (pwd == NULL) {
state->request.data.logoff.krb5ccname
[sizeof(state->request.data.logoff.krb5ccname)-1]='\0';
- parse_domain_user(state->request.data.logoff.user, name_domain, user);
-
- domain = find_auth_domain(state, name_domain);
+ if (!parse_domain_user(state->request.data.logoff.user, name_domain, user)) {
+ goto failed;
+ }
- if (domain == NULL) {
- set_auth_errors(&state->response, NT_STATUS_NO_SUCH_USER);
- DEBUG(5, ("Pam Logoff for %s returned %s "
- "(PAM: %d)\n",
- state->request.data.auth.user,
- state->response.data.auth.nt_status_string,
- state->response.data.auth.pam_error));
- request_error(state);
- return;
+ if ((domain = find_auth_domain(state, name_domain)) == NULL) {
+ goto failed;
}
sendto_domain(state, domain);
+ return;
+
+ failed:
+ set_auth_errors(&state->response, NT_STATUS_NO_SUCH_USER);
+ DEBUG(5, ("Pam Logoff for %s returned %s "
+ "(PAM: %d)\n",
+ state->request.data.auth.user,
+ state->response.data.auth.nt_status_string,
+ state->response.data.auth.pam_error));
+ request_error(state);
+ return;
}
enum winbindd_result winbindd_dual_pam_logoff(struct winbindd_domain *domain,
goto process_result;
}
+ if (state->request.data.logoff.krb5ccname[0] == '\0') {
+ result = NT_STATUS_OK;
+ goto process_result;
+ }
+
#ifdef HAVE_KRB5
if (state->request.data.logoff.uid < 0) {
projects / thirdparty / samba.git / commitdiff
