diff options
Diffstat (limited to 'nslcd/db_pam.c')
-rw-r--r-- | nslcd/db_pam.c | 25 |
1 files changed, 13 insertions, 12 deletions
diff --git a/nslcd/db_pam.c b/nslcd/db_pam.c index 99edf40..e93a04d 100644 --- a/nslcd/db_pam.c +++ b/nslcd/db_pam.c @@ -32,6 +32,7 @@ #include <stdint.h> #endif /* HAVE_STDINT_H */ #include <time.h> +#include <stdbool.h> #include "common.h" #include "log.h" @@ -62,7 +63,7 @@ static int check_password(const char *password, const char *hash) static int check_password_age(struct session *session, const char *username, char *authzmsg, size_t authzmsgsz, - int check_maxdays, int check_mindays) + bool check_maxdays, bool check_mindays) { /* hackers.git doesn't use aging features */ return NSLCD_PAM_SUCCESS; @@ -118,11 +119,13 @@ NSLCD_HANDLE_UID(PAM, AUTHC ? NSLCD_PAM_SUCCESS : NSLCD_PAM_AUTH_ERR; entry->authz_rc = entry->authc_rc; - /*myldap_get_policy_response(session, &(entry->authz_rc), &(entry->authz_msg))*/ - /* perform shadow attribute checks */ - if (entry->authz_rc == NSLCD_PAM_SUCCESS) - entry->authz_rc = check_password_age(session, username, entry->authz_msg, sizeof(entry->authz_msg), 1, 0); + if (entry->authz_rc == NSLCD_PAM_SUCCESS) { + /* perform shadow attribute checks */ + entry->authz_rc = check_password_age(session, username, + entry->authz_msg, sizeof(entry->authz_msg), + true, false); + } return entry; ,/* write */ @@ -172,19 +175,17 @@ NSLCD_HANDLE(PAM, AUTHZ if (user == NULL) return NULL; - /* check authorisation search */ - /* TODO */ - /*int rc = LDAP_SUCCESS; - if (rc != LDAP_SUCCESS)*/ + /* Parabola doesn't have any weird reasons for authorization to + suddenly fail */ if (0) { entry->authz_rc = NSLCD_PAM_PERM_DENIED; - strcpy(entry->authz_msg, "LDAP authorisation check failed"); + strcpy(entry->authz_msg, "hackers.git authorization check failed"); } else { /* perform shadow attribute checks */ entry->authz_rc = check_password_age(session, username, - entry->authz_msg, sizeof(entry->authz_msg), - 0, 0); + entry->authz_msg, sizeof(entry->authz_msg), + false, false); } return entry; |