fail authentication if user isn't member of *any* require_membership_of specified groups

[Andreas Schneider]

On Thursday 07 November 2013 10:34:14 Noel Power wrote:
> While playing with pam I came across some strange ( or at least strange
> to me ) behaviour. If for example you set
> 
>     require_membership_of specified=bogus
> 
> where bogus ( like it hints is a non existent name or group sid ) then
> you will be happily authenticated. This imho wrong and dangerous as you
> easily might not notice a typo when entering that field, it would be
> better to fail in this case ( and force the administrator to investigate
> ). The attached patch should fix that. Please review

I as strlen() return an integer I prefer strlen(sid_list_buffer) == 0 for 
readablity.

Besides that:

Reviewed-by: Andreas Schneider <asn at samba.org>

-- 
Andreas Schneider                   GPG-ID: CC014E3D
Samba Team                             asn at samba.org
www.samba.org