diff options
Diffstat (limited to 'source3/pam_smbpass/pam_smb_acct.c')
-rw-r--r-- | source3/pam_smbpass/pam_smb_acct.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/source3/pam_smbpass/pam_smb_acct.c b/source3/pam_smbpass/pam_smb_acct.c index 60acd3c1ca5..bd4615f646e 100644 --- a/source3/pam_smbpass/pam_smb_acct.c +++ b/source3/pam_smbpass/pam_smb_acct.c @@ -55,6 +55,7 @@ int pam_sm_acct_mgmt( pam_handle_t *pamh, int flags, const char *name; struct samu *sampass = NULL; void (*oldsig_handler)(int); + TALLOC_CTX *frame = talloc_stackframe(); /* Samba initialization. */ load_case_tables_library(); @@ -68,6 +69,7 @@ int pam_sm_acct_mgmt( pam_handle_t *pamh, int flags, if (on( SMB_DEBUG, ctrl )) { _log_err(pamh, LOG_DEBUG, "acct: could not identify user" ); } + TALLOC_FREE(frame); return retval; } if (on( SMB_DEBUG, ctrl )) { @@ -76,6 +78,7 @@ int pam_sm_acct_mgmt( pam_handle_t *pamh, int flags, if (geteuid() != 0) { _log_err(pamh, LOG_DEBUG, "Cannot access samba password database, not running as root."); + TALLOC_FREE(frame); return PAM_AUTHINFO_UNAVAIL; } @@ -85,6 +88,7 @@ int pam_sm_acct_mgmt( pam_handle_t *pamh, int flags, if (!initialize_password_db(True, NULL)) { _log_err(pamh, LOG_ALERT, "Cannot access samba password database" ); CatchSignal(SIGPIPE, oldsig_handler); + TALLOC_FREE(frame); return PAM_AUTHINFO_UNAVAIL; } @@ -93,18 +97,21 @@ int pam_sm_acct_mgmt( pam_handle_t *pamh, int flags, if (!(sampass = samu_new( NULL ))) { CatchSignal(SIGPIPE, oldsig_handler); /* malloc fail. */ + TALLOC_FREE(frame); return nt_status_to_pam(NT_STATUS_NO_MEMORY); } if (!pdb_getsampwnam(sampass, name )) { _log_err(pamh, LOG_DEBUG, "acct: could not identify user"); CatchSignal(SIGPIPE, oldsig_handler); + TALLOC_FREE(frame); return PAM_USER_UNKNOWN; } /* check for lookup failure */ if (!strlen(pdb_get_username(sampass)) ) { CatchSignal(SIGPIPE, oldsig_handler); + TALLOC_FREE(frame); return PAM_USER_UNKNOWN; } @@ -118,12 +125,14 @@ int pam_sm_acct_mgmt( pam_handle_t *pamh, int flags, "please see your system administrator." ); CatchSignal(SIGPIPE, oldsig_handler); + TALLOC_FREE(frame); return PAM_ACCT_EXPIRED; } /* TODO: support for expired passwords. */ CatchSignal(SIGPIPE, oldsig_handler); + TALLOC_FREE(frame); return PAM_SUCCESS; } |