@ -272,24 +272,29 @@ static int authenticate (const char *uname)
{
{
pam_handle_t * pamh ;
pam_handle_t * pamh ;
int pam_err , count = 0 ;
int pam_err , count = 0 ;
do {
pam_err = pam_start ( " User Switcher " , uname , & conv , & pamh ) ;
pam_err = pam_start ( " User Switcher " , uname , & conv , & pamh ) ;
if ( pam_err ! = PAM_SUCCESS ) {
if ( pam_err ! = PAM_SUCCESS ) {
fprintf ( stderr , " pam_start: %s \n " , pam_strerror ( pamh , pam_err ) ) ;
fprintf ( stderr , " pam_start: %s \n " , pam_strerror ( pamh , pam_err ) ) ;
return pam_err ;
return pam_err ;
}
}
do {
pam_err = pam_authenticate ( pamh , 0 ) ;
pam_err = pam_authenticate ( pamh , 0 ) ;
if ( pam_err ! = PAM_SUCCESS )
if ( pam_err = = PAM_SUCCESS ) {
pam_err = pam_acct_mgmt ( pamh , 0 ) ;
}
if ( pam_err ! = PAM_SUCCESS ) {
printf ( " Auth failed: %s \n " , pam_strerror ( pamh , pam_err ) ) ;
printf ( " Auth failed: %s \n " , pam_strerror ( pamh , pam_err ) ) ;
// FIXME: count gets ignored because authentication service has
pam_end ( pamh , pam_err ) ;
// a set amount of retries giving an error:
}
// Have exhausted maximum number of retries for service
count + + ;
count + + ;
} while ( pam_err ! = PAM_SUCCESS & & count < 4 ) ;
} while ( pam_err ! = PAM_SUCCESS & & count < 3 ) ;
if ( pam_err ! = PAM_SUCCESS ) {
if ( pam_err ! = PAM_SUCCESS ) {
fprintf ( stderr , " better luck next time \n " ) ;
fprintf ( stderr , " better luck next time \n " ) ;
pam_end ( pamh , pam_err ) ;
return pam_err ;
return pam_err ;
}
}
// FIXME: check again for the validity of the login for more security
// FIXME: check again for the validity of the login for more security