granicus.if.org Git - linux-pam/commit

author	Andrew G. Morgan <morgan@kernel.org>
	Thu, 11 Oct 2001 04:52:25 +0000 (04:52 +0000)
committer	Andrew G. Morgan <morgan@kernel.org>
	Thu, 11 Oct 2001 04:52:25 +0000 (04:52 +0000)
commit	64ab317e86dc8e798b4f4ed603227206c0fc001b
tree	724590bf0513412074404694ffcfb0f4c8432999	tree \| snapshot
parent	345044121bc4e8977a22d6235d31df4b2114a240	commit \| diff

Relevant BUGIDs: 468724

Purpose of commit: bugfix

Commit summary:
---------------
Legacy behavior for pam_close_session and pam_setcred was not sufficient.
Basically, it appears to be common practice for some applications to call
these functions without first calling pam_authenticate and pam_open_session
which would have frozen the auth and session module stacks.

The new behavior is to treat the returns of these secondary functions as
authoritative when navigating the stack in the absence of a chain-freezing
first set of calls.

pam_chauthtok should not benefit from this behavior, and there does not
appear to be a justification for using an event like this to freeze the
stack outright - legacy behavior did not do that.

CHANGELOG		diff \| blob \| history
libpam/pam_dispatch.c		diff \| blob \| history
libpam/pam_handlers.c		diff \| blob \| history
libpam/pam_private.h		diff \| blob \| history