handle other pam calls when offline

author: Sumit Bose <sbose@redhat.com> 2009-04-28 10:17:38 +0200
committer: Simo Sorce <ssorce@redhat.com> 2009-04-28 11:57:08 -0400
commit: 6207b76613168e6aa386b7b71b492b66b14fff57 (patch)
tree: 021170f663e3d9a3cddb276c17d394d766be2cc8 /server/responder/pam
parent: 22396d0ce1d761cd214b1f0f278459b1b9f19241 (diff)
download: sssd-6207b76613168e6aa386b7b71b492b66b14fff57.tar.gz
sssd-6207b76613168e6aa386b7b71b492b66b14fff57.tar.bz2
sssd-6207b76613168e6aa386b7b71b492b66b14fff57.zip
1 files changed, 10 insertions, 0 deletions
diff --git a/server/responder/pam/pamsrv_cmd.c b/server/responder/pam/pamsrv_cmd.c
index 4c7bf1f6..6d3f8991 100644
--- a/server/responder/pam/pamsrv_cmd.c
+++ b/server/responder/pam/pamsrv_cmd.c
@@ -172,6 +172,16 @@ static void pam_reply(struct pam_auth_req *preq)
         }
     }
 
+/* TODO: we need the pam session cookie here to make sure that cached
+ * authentication was successful */
+    if ((pd->cmd == SSS_PAM_SETCRED || pd->cmd == SSS_PAM_ACCT_MGMT ||
+         pd->cmd == SSS_PAM_OPEN_SESSION || pd->cmd == SSS_PAM_CLOSE_SESSION) &&
+        pd->pam_status == PAM_AUTHINFO_UNAVAIL) {
+        DEBUG(2, ("Assuming offline authentication "
+                  "setting status for pam call %d to PAM_SUCCESS.\n", pd->cmd));
+        pd->pam_status = PAM_SUCCESS;
+    }
+
     cctx = preq->cctx;
 
     if (pd->response_delay > 0) {
author	Sumit Bose <sbose@redhat.com>	2009-04-28 10:17:38 +0200
committer	Simo Sorce <ssorce@redhat.com>	2009-04-28 11:57:08 -0400
commit	6207b76613168e6aa386b7b71b492b66b14fff57 (patch)
tree	021170f663e3d9a3cddb276c17d394d766be2cc8 /server/responder/pam
parent	22396d0ce1d761cd214b1f0f278459b1b9f19241 (diff)
download	sssd-6207b76613168e6aa386b7b71b492b66b14fff57.tar.gz sssd-6207b76613168e6aa386b7b71b492b66b14fff57.tar.bz2 sssd-6207b76613168e6aa386b7b71b492b66b14fff57.zip