diff options
| author | Arthur de Jong <arthur@arthurdejong.org> | 2011-04-30 23:26:41 +0200 |
|---|---|---|
| committer | Arthur de Jong <arthur@arthurdejong.org> | 2011-04-30 23:26:41 +0200 |
| commit | 9798073e767026ae86e32022e9995a008a688f7e (patch) | |
| tree | 5c803419b56603a9c9996c930b367d086949a63b /nslcd/pam.c | |
| parent | 6d3228178006d5e9ca06df6acb1fcb26c633006d (diff) | |
close the nslcd connection to signal LDAP server unavailable to PAM module
git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1449 ef36b2f9-881f-0410-afb5-c4e39611909c
Diffstat (limited to 'nslcd/pam.c')
| -rw-r--r-- | nslcd/pam.c | 24 |
1 files changed, 8 insertions, 16 deletions
diff --git a/nslcd/pam.c b/nslcd/pam.c index 3fc592d..77322ca 100644 --- a/nslcd/pam.c +++ b/nslcd/pam.c @@ -277,16 +277,10 @@ int nslcd_pam_authc(TFILE *fp,MYLDAP_SESSION *session,uid_t calleruid) if (entry==NULL) { /* for user not found we just say no result */ - if (rc!=LDAP_NO_SUCH_OBJECT) + if (rc==LDAP_NO_SUCH_OBJECT) { - WRITE_INT32(fp,NSLCD_RESULT_BEGIN); - WRITE_STRING(fp,username); - WRITE_STRING(fp,""); - WRITE_INT32(fp,NSLCD_PAM_AUTHINFO_UNAVAIL); /* authc */ - WRITE_INT32(fp,NSLCD_PAM_SUCCESS); /* authz */ - WRITE_STRING(fp,"LDAP server unavaiable"); /* authzmsg */ + WRITE_INT32(fp,NSLCD_RESULT_END); } - WRITE_INT32(fp,NSLCD_RESULT_END); return -1; } userdn=myldap_get_dn(entry); @@ -464,16 +458,10 @@ int nslcd_pam_authz(TFILE *fp,MYLDAP_SESSION *session) if (entry==NULL) { /* for user not found we just say no result */ - if (rc!=LDAP_NO_SUCH_OBJECT) + if (rc==LDAP_NO_SUCH_OBJECT) { - WRITE_INT32(fp,NSLCD_RESULT_BEGIN); - WRITE_STRING(fp,username); - WRITE_STRING(fp,""); - WRITE_INT32(fp,NSLCD_PAM_PERM_DENIED); - WRITE_STRING(fp,ldap_err2string(rc)); WRITE_INT32(fp,NSLCD_RESULT_END); } - WRITE_INT32(fp,NSLCD_RESULT_END); return -1; } /* check authorisation search */ @@ -625,7 +613,11 @@ int nslcd_pam_pwmod(TFILE *fp,MYLDAP_SESSION *session,uid_t calleruid) entry=validate_user(session,username,&rc); if (entry==NULL) { - WRITE_INT32(fp,NSLCD_RESULT_END); + /* for user not found we just say no result */ + if (rc==LDAP_NO_SUCH_OBJECT) + { + WRITE_INT32(fp,NSLCD_RESULT_END); + } return -1; } /* check if the the user passed the rootpwmoddn */ |