albino
/
ngircd-tor
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Don't even fork a PAM-subprocess if "NoPAM" option is set

This commit is contained in:
Alexander Barton 2010-07-13 22:14:53 +02:00
parent 57a2faf4a7
commit 6131822af6
1 changed files with 12 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/ngircd/irc-login.c
View File

@ -778,6 +778,17 @@ Hello_User(CLIENT * Client)
assert(Client != NULL);
conn = Client_Conn(Client);
if (Conf_NoPAM) {
/* Don't do any PAM authentication at all, instead emulate
* the beahiour of the daemon compiled without PAM support:
* because there can't be any "server password", all
* passwords supplied are classified as "wrong". */
if(Client_Password(Client)[0] == '\0')
return Hello_User_PostAuth(Client);
Reject_Client(Client);
return DISCONNECTED;
}
pid = Proc_Fork(Conn_GetProcStat(conn), pipefd, cb_Read_Auth_Result);
if (pid > 0) {
LogDebug("Authenticator for connection %d created (PID %d).",
@ -786,10 +797,7 @@ Hello_User(CLIENT * Client)
} else {
/* Sub process */
Log_Init_Subprocess("Auth");
if (Conf_NoPAM) {
result = (Client_Password(Client)[0] == '\0');
} else
result = PAM_Authenticate(Client);
result = PAM_Authenticate(Client);
write(pipefd[1], &result, sizeof(result));
Log_Exit_Subprocess("Auth");
exit(0);