diff options
author | John Terpstra <jht@samba.org> | 2003-04-08 04:44:26 +0000 |
---|---|---|
committer | John Terpstra <jht@samba.org> | 2003-04-08 04:44:26 +0000 |
commit | b610c18bd9eba4d67d37f054775168f6d4c13f5c (patch) | |
tree | f493eb20b17791cae0a0ce89f3739174aa3d81e3 /source3/pam_smbpass/pam_smb_auth.c | |
parent | 09e9e5a2fd510e01262a733384b23d0e1a1bf541 (diff) | |
download | samba-b610c18bd9eba4d67d37f054775168f6d4c13f5c.tar.gz samba-b610c18bd9eba4d67d37f054775168f6d4c13f5c.tar.bz2 samba-b610c18bd9eba4d67d37f054775168f6d4c13f5c.zip |
Patch from Steve Langasek <corlon@netexpress.net>
fix up two issues in
pam_smbpass. The first, more important issue is adding support for the
(apparently new) LOCAL_SET_PASSWORD flag to local_password_change(),
without which pam_smbpass is a complete and utter no-op. The second,
lesser issue is that with the advent of ldapsam, it's possible for
pam_smbpass to generate a SIGPIPE that isn't handled by the calling
application. The most basic signal wrapping is put in place to prevent
this.
Beyond that, the only thing in the patch is a bit of reformatting to
make pam_smb_passwd.c look a bit more like the rest of the code in CVS.
(This used to be commit 7cb5af35273097f913bff6894fe03050a18e1def)
Diffstat (limited to 'source3/pam_smbpass/pam_smb_auth.c')
-rw-r--r-- | source3/pam_smbpass/pam_smb_auth.c | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/source3/pam_smbpass/pam_smb_auth.c b/source3/pam_smbpass/pam_smb_auth.c index e5cc12e2f6..f4cbb59af3 100644 --- a/source3/pam_smbpass/pam_smb_auth.c +++ b/source3/pam_smbpass/pam_smb_auth.c @@ -36,6 +36,8 @@ #define AUTH_RETURN \ do { \ + /* Restore application signal handler */ \ + CatchSignal(SIGPIPE, SIGNAL_CAST oldsig_handler); \ if(ret_data) { \ *ret_data = retval; \ pam_set_data( pamh, "smb_setcred_return" \ @@ -65,6 +67,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, SAM_ACCOUNT *sampass = NULL; extern BOOL in_client; const char *name; + void (*oldsig_handler)(int); BOOL found; /* Points to memory managed by the PAM library. Do not free. */ @@ -93,6 +96,10 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, _log_err( LOG_DEBUG, "username [%s] obtained", name ); } + /* Getting into places that might use LDAP -- protect the app + from a SIGPIPE it's not expecting */ + oldsig_handler = CatchSignal(SIGPIPE, SIGNAL_CAST SIG_IGN); + if (!initialize_password_db(True)) { _log_err( LOG_ALERT, "Cannot access samba password database" ); retval = PAM_AUTHINFO_UNAVAIL; |