diff options
-rw-r--r-- | patchsets/pam_skey/1.1.5/04_all_haskey_error.patch | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/patchsets/pam_skey/1.1.5/04_all_haskey_error.patch b/patchsets/pam_skey/1.1.5/04_all_haskey_error.patch new file mode 100644 index 0000000..365b5c7 --- /dev/null +++ b/patchsets/pam_skey/1.1.5/04_all_haskey_error.patch @@ -0,0 +1,18 @@ +skey_haskey returns 0 if the user exists, 1 if the user doesn't exist, +and -1 on file error. Distinguish between these conditions. + +--- pam_skey-1.1.5/pam_skey.c ++++ pam_skey/pam_skey.c +@@ -96,7 +96,11 @@ + } + + /* Check whether or not this user has an S/Key */ +- if (skey_haskey(username) != 0) { ++ status = skey_haskey(username); ++ if (status == -1) { ++ syslog(LOG_ERR, "error accessing S/Key database for user [%s]", username); ++ return PAM_AUTHINFO_UNAVAIL; ++ } else if (status != 0) { + LOGDEBUG((LOG_DEBUG, "user [%s] has no S/Key entry", username)); + return PAM_IGNORE; + } |