From: hno <> Date: Thu, 6 Nov 2003 01:06:34 +0000 (+0000) Subject: Almost.. the last change optimized the cleanup of persistent PAM connections X-Git-Tag: SQUID_3_0_PRE4~1169 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=93f71d65e294364e775c5713b2906378f3a27e75;p=thirdparty%2Fsquid.git Almost.. the last change optimized the cleanup of persistent PAM connections a little too much, causing passwords to fail if the length of the username differs between two requests in some PAM implementations. --- diff --git a/helpers/basic_auth/PAM/pam_auth.c b/helpers/basic_auth/PAM/pam_auth.c index 92c9326093..df7e67ae5b 100644 --- a/helpers/basic_auth/PAM/pam_auth.c +++ b/helpers/basic_auth/PAM/pam_auth.c @@ -1,5 +1,5 @@ /* - * $Id: pam_auth.c,v 1.13 2003/11/05 09:37:43 hno Exp $ + * $Id: pam_auth.c,v 1.14 2003/11/05 18:06:34 hno Exp $ * * PAM authenticator module for Squid. * Copyright (C) 1999,2002,2003 Henrik Nordstrom @@ -235,6 +235,8 @@ start: if (ttl != 0) { if (retval == PAM_SUCCESS) retval = pam_set_item(pamh, PAM_USER, user); + if (retval == PAM_SUCCESS) + retval = pam_set_item(pamh, PAM_CONV, &conv); } if (retval == PAM_SUCCESS) retval = pam_authenticate(pamh, 0); @@ -247,19 +249,17 @@ error: fprintf(stdout, "ERR\n"); } /* cleanup */ - if (ttl != 0) { - retval = pam_set_item(pamh, PAM_CONV, &conv); -#ifdef PAM_AUTHTOK - if (retval == PAM_SUCCESS) - retval = pam_set_item(pamh, PAM_AUTHTOK, NULL); -#endif - } if (ttl == 0 || retval != PAM_SUCCESS) { retval = pam_end(pamh, retval); if (retval != PAM_SUCCESS) { fprintf(stderr, "WARNING: failed to release PAM authenticator\n"); } pamh = NULL; +#ifdef PAM_AUTHTOK + } else if (ttl != 0) { + if (retval == PAM_SUCCESS) + retval = pam_set_item(pamh, PAM_AUTHTOK, NULL); +#endif } }