From b862bbce71e53a0c68955765003502087a4d0ea6 Mon Sep 17 00:00:00 2001 From: Maximilian Seidler <78690852+PaideiaDilemma@users.noreply.github.com> Date: Fri, 5 Jul 2024 22:54:40 +0200 Subject: [PATCH] auth: pam fallback log message and always call pam_end after pam_authenticate (#399) * auth: make the fallback to sudo error more descriptive * auth: always call pam_end after pam_authenticate --- src/core/Auth.cpp | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/core/Auth.cpp b/src/core/Auth.cpp index ea3066f..a4ca2f1 100644 --- a/src/core/Auth.cpp +++ b/src/core/Auth.cpp @@ -58,7 +58,7 @@ CAuth::CAuth() { m_sPamModule = *PPAMMODULE; if (!std::filesystem::exists(std::filesystem::path("/etc/pam.d/") / m_sPamModule)) { - Debug::log(ERR, "Pam module \"{}\" not found! Falling back to \"su\"", m_sPamModule); + Debug::log(ERR, "Pam module \"/etc/pam.d/{}\" does not exist! Falling back to \"/etc/pam.d/su\"", m_sPamModule); m_sPamModule = "su"; } } @@ -91,6 +91,8 @@ bool CAuth::auth() { } ret = pam_authenticate(handle, 0); + pam_end(handle, ret); + handle = nullptr; m_sConversationState.waitingForPamAuth = false; @@ -101,8 +103,6 @@ bool CAuth::auth() { return false; } - ret = pam_end(handle, ret); - m_sConversationState.success = true; m_sConversationState.failText = "Successfully authenticated"; Debug::log(LOG, "auth: authenticated for {}", m_sPamModule);