SSSD / sssd

Clone

29d0635 pam: properly support UPN logon names

2 files Authored by sbose 6 years ago, Committed by jhrozek 6 years ago,
raw patch tree parent
2 files changed. 80 lines added. 3 lines removed.
src/responder/pam/pamsrv_cmd.c
file modified
+2 -2
src/tests/cmocka/test_pam_srv.c
file modified
+78 -1 
    pam: properly support UPN logon names
    
    Many logon applications like /bin/login or sshd canonicalize the user
    name before they call pam_start() and hence the UPN is not seen by
    SSSD's pam responder. But some like e.g. gdm don't and authentication
    might fail if a UPN is used.
    
    The reason is that currently the already parsed short name of the user
    was used in the cache_req and hence the cache_req was not able to fall
    back to the UPN lookup code. This patch uses the name originally
    provided by the user as input to allow the fallback to the UPN lookup.
    
    Resolves https://pagure.io/SSSD/sssd/issue/3240
    
    Reviewed-by: Fabiano FidĂȘncio <fidencio@redhat.com>
file modified
+2 -2
file modified
+78 -1
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.