summaryrefslogtreecommitdiff
path: root/server/providers/krb5
diff options
context:
space:
mode:
authorSumit Bose <sbose@redhat.com>2009-07-08 20:09:56 +0200
committerSimo Sorce <ssorce@redhat.com>2009-07-08 19:19:15 -0400
commit3c9c445cebf7f790f06180a46666304939d420d4 (patch)
tree265275f04fb565dace3bdb8c370379e8effa98d2 /server/providers/krb5
parent61192a25075742f7254ecb42031a58b2f38e31cd (diff)
downloadsssd-3c9c445cebf7f790f06180a46666304939d420d4.tar.gz
sssd-3c9c445cebf7f790f06180a46666304939d420d4.tar.bz2
sssd-3c9c445cebf7f790f06180a46666304939d420d4.zip
fix return code of krb5 child to indicate that the kdc is unavailable
Diffstat (limited to 'server/providers/krb5')
-rw-r--r--server/providers/krb5/tgt_req_child.c6
1 files changed, 5 insertions, 1 deletions
diff --git a/server/providers/krb5/tgt_req_child.c b/server/providers/krb5/tgt_req_child.c
index edb3d180..af9f52ff 100644
--- a/server/providers/krb5/tgt_req_child.c
+++ b/server/providers/krb5/tgt_req_child.c
@@ -66,6 +66,7 @@ void tgt_req_child(int fd, struct krb5_req *kr)
const char *cc_name;
char *env;
const char *krb5_error_msg;
+ int pam_status = PAM_SYSTEM_ERR;
ret = setgid(kr->pd->gr_gid);
if (ret == -1) {
@@ -103,6 +104,9 @@ void tgt_req_child(int fd, struct krb5_req *kr)
kr->options);
if (kerr != 0) {
KRB5_DEBUG(1, kerr);
+ if (kerr == KRB5_KDC_UNREACH) {
+ pam_status = PAM_AUTHINFO_UNAVAIL;
+ }
goto childfailed;
}
@@ -155,7 +159,7 @@ void tgt_req_child(int fd, struct krb5_req *kr)
childfailed:
if (kerr != 0 ) {
krb5_error_msg = krb5_get_error_message(krb5_error_ctx, kerr);
- size = pack_response_packet(buf, PAM_SYSTEM_ERR, PAM_USER_INFO,
+ size = pack_response_packet(buf, pam_status, PAM_USER_INFO,
krb5_error_msg);
if (size < 0) {
DEBUG(1, ("failed to create response message.\n"));