diff options
| author | Jasper St. Pierre <jstpierre@mecheye.net> | 2014-09-04 17:00:59 -0700 |
|---|---|---|
| committer | Jasper St. Pierre <jstpierre@mecheye.net> | 2014-09-04 17:11:22 -0700 |
| commit | febfe504f96f12c7a0e8c6a7484ee28fb6c84b9f (patch) | |
| tree | f723fe65a8e9ac41c4e28090c3981799d7866880 | |
| parent | 3f98e6cb4c0cdf86460bdfe9930bacea007d7bab (diff) | |
| download | gnome-keyring-wip/empty.tar.gz | |
gkr-pam-module: Don't use password to determine whether this is a loginwip/empty
NULL or empty passwords are also valid passwords, so add a separate flag
to determine whether to pass --login.
https://bugzilla.gnome.org/show_bug.cgi?id=736085
| -rw-r--r-- | pam/gkr-pam-module.c | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/pam/gkr-pam-module.c b/pam/gkr-pam-module.c index a124c2b2..686a948a 100644 --- a/pam/gkr-pam-module.c +++ b/pam/gkr-pam-module.c @@ -45,6 +45,7 @@ #include <fcntl.h> #include <pwd.h> #include <signal.h> +#include <stdbool.h> #include <stdint.h> #include <stdio.h> #include <stdlib.h> @@ -471,6 +472,7 @@ setup_environment (char *line, void *arg) static int start_daemon (pam_handle_t *ph, struct passwd *pwd, + bool is_user_login, const char *password) { struct sigaction defsact, oldsact, ignpipe, oldpipe; @@ -521,7 +523,7 @@ start_daemon (pam_handle_t *ph, /* This is the child */ case 0: setup_child (inp, outp, errp, ph, pwd, - password ? "--login" : NULL); + is_user_login ? "--login" : NULL); /* Should never be reached */ break; @@ -836,7 +838,7 @@ pam_sm_authenticate (pam_handle_t *ph, int unused, int argc, const char **argv) if (ret != PAM_SUCCESS && need_daemon) { /* If we started the daemon, its already unlocked, since we passed the password */ if (args & ARG_AUTO_START) - ret = start_daemon (ph, pwd, password); + ret = start_daemon (ph, pwd, true, password); /* Otherwise start later in open session, store password */ else @@ -889,7 +891,7 @@ pam_sm_open_session (pam_handle_t *ph, int flags, int argc, const char **argv) if (args & ARG_AUTO_START || password) { ret = unlock_keyring (ph, pwd, password, &need_daemon); if (ret != PAM_SUCCESS && need_daemon && (args & ARG_AUTO_START)) - ret = start_daemon (ph, pwd, password); + ret = start_daemon (ph, pwd, true, password); } return PAM_SUCCESS; @@ -977,7 +979,7 @@ pam_chauthtok_update (pam_handle_t *ph, struct passwd *pwd, uint args) * * Note that we don't pass in an unlock password, that happens below. */ - ret = start_daemon (ph, pwd, NULL); + ret = start_daemon (ph, pwd, false, NULL); if (ret == PAM_SUCCESS) { ret = change_keyring_password (ph, pwd, password, original, NULL); |