gdm r6650 - in branches/gnome-2-20: . daemon

[bcameron svn gnome org]

Author: bcameron
Date: Tue Jan  6 00:23:21 2009
New Revision: 6650
URL: http://svn.gnome.org/viewvc/gdm?rev=6650&view=rev

Log:
2008-01-05 Brian Cameron <brian cameron sun com>

        * daemon/verify-pam.c: Make sure that pwent gets set before
          calling audit_fail_login, otherwise the audit record is not
          set properly.


Modified:
   branches/gnome-2-20/ChangeLog
   branches/gnome-2-20/daemon/verify-pam.c

Modified: branches/gnome-2-20/daemon/verify-pam.c
==============================================================================
--- branches/gnome-2-20/daemon/verify-pam.c	(original)
+++ branches/gnome-2-20/daemon/verify-pam.c	Tue Jan  6 00:23:21 2009
@@ -1264,6 +1264,19 @@
 	return login;
 
  pamerr:
+	/*
+	 * Take care of situation where we get here before setting pwent.
+	 * Since login can be passed in as NULL, get the actual value if
+	 * possible.
+	 */
+	if ((pam_get_item (pamh, PAM_USER, &p)) == PAM_SUCCESS) {
+		g_free (login);
+		login = g_strdup ((const char *)p);
+	}
+	if (pwent == NULL && login != NULL) {
+		pwent = getpwnam (login);
+	}
+
 #ifdef  HAVE_ADT
 	audit_fail_login (d, pw_change, pwent, pamerr);
 #endif	/* HAVE_ADT */
@@ -1450,11 +1463,6 @@
 		*new_login = g_strdup (after_login);
 	}
 
-#ifdef  HAVE_ADT
-	/* to set up for same auditing calls as in gdm_verify_user */
-	pwent = getpwnam (login);
-#endif	/* HAVE_ADT */
-
 	/* Check if the user's account is healthy. */
 	pamerr = pam_acct_mgmt (pamh, null_tok);
 	switch (pamerr) {
@@ -1590,6 +1598,14 @@
 	return TRUE;
 
  setup_pamerr:
+	/*
+	 * Take care of situation where we get here before setting pwent.
+	 * Note login is never NULL when this function is called.
+	 */
+	if (pwent == NULL) {
+		pwent = getpwnam (login);
+	}
+
 #ifdef  HAVE_ADT
 	audit_fail_login (d, pw_change, pwent, pamerr);
 #endif	/* HAVE_ADT */