couldn't log on to my -CURRENT machine after upgrade to latest
PAM
Dag-Erling Smørgrav
des at des.no
Mon Jan 9 15:15:29 UTC 2012
Don Lewis <truckman at FreeBSD.org> writes:
> Dag-Erling Smørgrav <des at des.no> writes:
> > The culprit was this commit:
> >
> > http://trac.des.no/openpam/changeset/487/trunk/lib/openpam_configure.c
> >
> > However, I'm not confident that simply reverting this commit is the
> > right way to go.
> Thanks for the detective work. It looks to me like the bug is caused by
> the change in the openpam_parse_chain() return value. In the previous
> code it returned the value of count, which I would guess was greater
> than zero if it found something. In that case, the for loop in
> openpam_load_chain() would be terminated because r != 0. In the new
> code, openpam_parse_chain() will return PAM_SUCCESS if it found
> something, and the loop in openpam_load_chain() will go through another
> iteration because ret == PAM_SUCCESS.
Thank you, Captain Obvious. I am still not confident that simply
reverting this commit is the right way to go, because it discards
valuable information when an error occurs, especially if an error occurs
while parsing an include.
DES
--
Dag-Erling Smørgrav - des at des.no
More information about the freebsd-current
mailing list