alema/us
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

fixed auth tries

Browse Source 
open and close the pam context between each authentication attempt to prevent
errors with consecutive authentications, this is a hack but I don't know a
better way.
This commit is contained in:
Alessandro Mauri 2021-04-15 14:56:28 +02:00
parent c21ca28ae9
commit 6c929ad26d
1 changed files with 16 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
us.c
View File

@ -272,24 +272,29 @@ static int authenticate (const char *uname)
{ {
pam_handle_t *pamh; pam_handle_t *pamh;
int pam_err, count = 0; int pam_err, count = 0;
pam_err = pam_start("User Switcher", uname, &conv, &pamh);
if (pam_err != PAM_SUCCESS) {
fprintf(stderr, "pam_start: %s\n", pam_strerror(pamh, pam_err));
return pam_err;
}
do { do {
pam_err = pam_start("User Switcher", uname, &conv, &pamh);
if (pam_err != PAM_SUCCESS) {
fprintf(stderr, "pam_start: %s\n", pam_strerror(pamh, pam_err));
return pam_err;
}
pam_err = pam_authenticate(pamh, 0); pam_err = pam_authenticate(pamh, 0);
if (pam_err != PAM_SUCCESS) if (pam_err == PAM_SUCCESS) {
pam_err = pam_acct_mgmt(pamh, 0);
}
if (pam_err != PAM_SUCCESS) {
printf("Auth failed: %s\n", pam_strerror(pamh, pam_err)); printf("Auth failed: %s\n", pam_strerror(pamh, pam_err));
// FIXME: count gets ignored because authentication service has pam_end(pamh, pam_err);
// a set amount of retries giving an error: }
// Have exhausted maximum number of retries for service
count++; count++;
} while (pam_err != PAM_SUCCESS && count < 4); } while (pam_err != PAM_SUCCESS && count < 3);
if (pam_err != PAM_SUCCESS) { if (pam_err != PAM_SUCCESS) {
fprintf(stderr, "better luck next time\n"); fprintf(stderr, "better luck next time\n");
pam_end(pamh, pam_err);
return pam_err; return pam_err;
} }
// FIXME: check again for the validity of the login for more security // FIXME: check again for the validity of the login for more security