[PATCH] s3: Fix pam_authenticate() when lp_null_passwords() is true
Jeremy Allison
jra at samba.org
Mon May 4 10:10:13 MDT 2015
On Sun, May 03, 2015 at 01:38:33PM +0300, Maks Naumov wrote:
> It seems this is an old bug.
> For example:
> http://www.linuxquestions.org/questions/linux-server-73/samba-authentication-through-pam-with-mysql-problem-609546/
> http://www.freebsddiary.org/phorum/read.php?f=1&i=10615&t=10615
Oh that's so obviously good ! Thanks for spotting it !
Reviewed-by: Jeremy Allison <jra at samba.org>.
Can I get a second Team reviewer ?
Cheers,
Jeremy.
> From f53e1c8b63a528e087ed23543a0b187ca7e397b9 Mon Sep 17 00:00:00 2001
> From: Maks Naumov <maksqwe1 at ukr.net>
> Date: Sun, 3 May 2015 13:34:49 +0300
> Subject: [PATCH] s3: Fix pam_authenticate() when lp_null_passwords() is true
>
> (PAM_SILENT | lp_null_passwords() ? 0 : PAM_DISALLOW_NULL_AUTHTOK)
> is always 0 when lp_null_passwords() == true.
>
> Signed-off-by: Maks Naumov <maksqwe1 at ukr.net>
> ---
> source3/auth/pampass.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/source3/auth/pampass.c b/source3/auth/pampass.c
> index bde7c22..2a3195c 100644
> --- a/source3/auth/pampass.c
> +++ b/source3/auth/pampass.c
> @@ -524,7 +524,7 @@ static NTSTATUS smb_pam_auth(pam_handle_t *pamh, const char *user)
> */
>
> DEBUG(4,("smb_pam_auth: PAM: Authenticate User: %s\n", user));
> - pam_error = pam_authenticate(pamh, PAM_SILENT | lp_null_passwords() ? 0 : PAM_DISALLOW_NULL_AUTHTOK);
> + pam_error = pam_authenticate(pamh, PAM_SILENT | (lp_null_passwords() ? 0 : PAM_DISALLOW_NULL_AUTHTOK));
> switch( pam_error ){
> case PAM_AUTH_ERR:
> DEBUG(2, ("smb_pam_auth: PAM: Authentication Error for user %s\n", user));
> --
> 1.9.5.msysgit.1
>
More information about the samba-technical
mailing list