auth: pam fallback log message and always call pam_end after pam_authenticate (#399)

* auth: make the fallback to sudo error more descriptive

* auth: always call pam_end after pam_authenticate
This commit is contained in:
Maximilian Seidler 2024-07-05 22:54:40 +02:00 committed by GitHub
parent 01bf48ed96
commit b862bbce71
No known key found for this signature in database
GPG key ID: B5690EEEBB952194

View file

@ -58,7 +58,7 @@ CAuth::CAuth() {
m_sPamModule = *PPAMMODULE; m_sPamModule = *PPAMMODULE;
if (!std::filesystem::exists(std::filesystem::path("/etc/pam.d/") / m_sPamModule)) { if (!std::filesystem::exists(std::filesystem::path("/etc/pam.d/") / m_sPamModule)) {
Debug::log(ERR, "Pam module \"{}\" not found! Falling back to \"su\"", m_sPamModule); Debug::log(ERR, "Pam module \"/etc/pam.d/{}\" does not exist! Falling back to \"/etc/pam.d/su\"", m_sPamModule);
m_sPamModule = "su"; m_sPamModule = "su";
} }
} }
@ -91,6 +91,8 @@ bool CAuth::auth() {
} }
ret = pam_authenticate(handle, 0); ret = pam_authenticate(handle, 0);
pam_end(handle, ret);
handle = nullptr;
m_sConversationState.waitingForPamAuth = false; m_sConversationState.waitingForPamAuth = false;
@ -101,8 +103,6 @@ bool CAuth::auth() {
return false; return false;
} }
ret = pam_end(handle, ret);
m_sConversationState.success = true; m_sConversationState.success = true;
m_sConversationState.failText = "Successfully authenticated"; m_sConversationState.failText = "Successfully authenticated";
Debug::log(LOG, "auth: authenticated for {}", m_sPamModule); Debug::log(LOG, "auth: authenticated for {}", m_sPamModule);