On Fri, Mar 22, 2013 at 09:19:13AM +0100, Lukas Slebodnik wrote:
On (21/03/13 20:18), Jakub Hrozek wrote:
>On Wed, Mar 20, 2013 at 07:17:28PM +0100, Lukas Slebodnik wrote:
>> On (20/03/13 13:58), Jakub Hrozek wrote:
>> >On Fri, Mar 15, 2013 at 12:46:34PM +0100, Ondrej Kos wrote:
>> >> On 03/15/2013 10:34 AM, Lukas Slebodnik wrote:
>> >> >On (15/03/13 09:13), Ondrej Kos wrote:
>> >> >>On 03/14/2013 12:58 PM, Lukas Slebodnik wrote:
>> >> >>>@@ -151,8 +167,10 @@ void pam_print_data(int l, struct
pam_data *pd)
>> >> >>> DEBUG(l, ("tty: %s\n",
PAM_SAFE_ITEM(pd->tty)));
>> >> >>> DEBUG(l, ("ruser: %s\n",
PAM_SAFE_ITEM(pd->ruser)));
>> >> >>> DEBUG(l, ("rhost: %s\n",
PAM_SAFE_ITEM(pd->rhost)));
>> >> >>>- DEBUG(l, ("authtok type: %d\n",
sss_authtok_get_type(&pd->authtok)));
>> >> >>>- DEBUG(l, ("newauthtok type: %d\n",
sss_authtok_get_type(&pd->newauthtok)));
>> >> >>>+ DEBUG(SSSDBG_CRIT_FAILURE,
>> >> >>>+ ("authtok type: %d\n",
sss_authtok_get_type(pd->authtok)));
>> >> >>>+ DEBUG(SSSDBG_CRIT_FAILURE,
>> >> >>>+ ("newauthtok type: %d\n",
sss_authtok_get_type(pd->newauthtok)));
>> >> >>> DEBUG(l, ("priv: %d\n", pd->priv));
>> >> >>> DEBUG(l, ("cli_pid: %d\n",
pd->cli_pid));
>> >> >>> }
>> >> >>
>> >> >>The patches look good to me, just please use the debug level
variable
>> >> >>here, not hardcoded level.
>> >> >>
>> >> >>--
>> >> >>Ondrej Kos
>> >> >
>> >> >Thanks.
>> >> >I am attaching updated patches.
>> >> >
>> >> >LS
>> >> >
>> >> >
>> >> >
>> >> Ack from me
>> >>
>> >> Ondra
>> >
>> >The second patch no longer applies on the current master, can you rebase
>> >it?
>>
>> I am attaching rebased patches.
>>
>> LS
>
>> +struct sss_auth_token *sss_authtok_new_empty(TALLOC_CTX *mem_ctx)
>> +{
>> + struct sss_auth_token *token;
>> +
>> + token = talloc_zero(mem_ctx, struct sss_auth_token);
>
>^^^ tabs instead of spaces.
>
>> + if (token == NULL) {
>> + DEBUG(SSSDBG_CRIT_FAILURE, ("talloc_zero failed.\n"));
>> + }
>> +
>> + return token;
>> +}
>> +
>> +
>
>The rest looks good to me.
Thanks.
I'm attaching updated patches.
LS
- ret = sss_authtok_set_password(pd, &pd->authtok,
password, keysize);
+ ret = sss_authtok_set_password(pd, pd->authtok, password, keysize);
We agreed with Lukas off-list that it would be safer to use pd->authtok
as the memory context here, because the memory blob should be owned by
the authtok structure, not the pam_data structure. It's unlikely we'll
ever steal or move the memory, but it's better to be safe.