From 9798073e767026ae86e32022e9995a008a688f7e Mon Sep 17 00:00:00 2001
From: Arthur de Jong <arthur@arthurdejong.org>
Date: Sat, 30 Apr 2011 21:26:41 +0000
Subject: close the nslcd connection to signal LDAP server unavailable to PAM
 module

git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1449 ef36b2f9-881f-0410-afb5-c4e39611909c
---
 nslcd/pam.c | 24 ++++++++----------------
 1 file changed, 8 insertions(+), 16 deletions(-)

(limited to 'nslcd/pam.c')

diff --git a/nslcd/pam.c b/nslcd/pam.c
index 3fc592d..77322ca 100644
--- a/nslcd/pam.c
+++ b/nslcd/pam.c
@@ -277,16 +277,10 @@ int nslcd_pam_authc(TFILE *fp,MYLDAP_SESSION *session,uid_t calleruid)
     if (entry==NULL)
     {
       /* for user not found we just say no result */
-      if (rc!=LDAP_NO_SUCH_OBJECT)
+      if (rc==LDAP_NO_SUCH_OBJECT)
       {
-        WRITE_INT32(fp,NSLCD_RESULT_BEGIN);
-        WRITE_STRING(fp,username);
-        WRITE_STRING(fp,"");
-        WRITE_INT32(fp,NSLCD_PAM_AUTHINFO_UNAVAIL); /* authc */
-        WRITE_INT32(fp,NSLCD_PAM_SUCCESS);          /* authz */
-        WRITE_STRING(fp,"LDAP server unavaiable");  /* authzmsg */
+        WRITE_INT32(fp,NSLCD_RESULT_END);
       }
-      WRITE_INT32(fp,NSLCD_RESULT_END);
       return -1;
     }
     userdn=myldap_get_dn(entry);
@@ -464,16 +458,10 @@ int nslcd_pam_authz(TFILE *fp,MYLDAP_SESSION *session)
   if (entry==NULL)
   {
     /* for user not found we just say no result */
-    if (rc!=LDAP_NO_SUCH_OBJECT)
+    if (rc==LDAP_NO_SUCH_OBJECT)
     {
-      WRITE_INT32(fp,NSLCD_RESULT_BEGIN);
-      WRITE_STRING(fp,username);
-      WRITE_STRING(fp,"");
-      WRITE_INT32(fp,NSLCD_PAM_PERM_DENIED);
-      WRITE_STRING(fp,ldap_err2string(rc));
       WRITE_INT32(fp,NSLCD_RESULT_END);
     }
-    WRITE_INT32(fp,NSLCD_RESULT_END);
     return -1;
   }
   /* check authorisation search */
@@ -625,7 +613,11 @@ int nslcd_pam_pwmod(TFILE *fp,MYLDAP_SESSION *session,uid_t calleruid)
   entry=validate_user(session,username,&rc);
   if (entry==NULL)
   {
-    WRITE_INT32(fp,NSLCD_RESULT_END);
+    /* for user not found we just say no result */
+    if (rc==LDAP_NO_SUCH_OBJECT)
+    {
+      WRITE_INT32(fp,NSLCD_RESULT_END);
+    }
     return -1;
   }
   /* check if the the user passed the rootpwmoddn */
-- 
cgit v1.2.3