aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/pam-freerdp.c12
1 files changed, 11 insertions, 1 deletions
diff --git a/src/pam-freerdp.c b/src/pam-freerdp.c
index 4714165..7770970 100644
--- a/src/pam-freerdp.c
+++ b/src/pam-freerdp.c
@@ -48,14 +48,20 @@ get_item (pam_handle_t * pamh, int type)
/* Check to see if we just have the value. If we do, great
let's dup it some we're consitently allocating memory */
if (type != PAM_TYPE_DOMAIN) {
+ /* If it's not a domain we can use the PAM functions because the PAM
+ functions don't support the domain */
char * value = NULL;
if (pam_get_item(pamh, type, (const void **)&value) == PAM_SUCCESS && value != NULL) {
return value;
}
if (type == PAM_AUTHTOK && global_password != NULL) {
+ /* If we're looking for a password, we didn't get one, before
+ prompting see if we've got a global one. */
return global_password;
}
} else {
+ /* Here we only have domains, so we can see if the global domain is
+ useful for us, if we have it */
if (global_domain != NULL) {
return global_domain;
}
@@ -122,10 +128,13 @@ get_item (pam_handle_t * pamh, int type)
char * retval = NULL;
if (promptval != NULL) { /* Can't believe it really would be at this point, but let's be sure */
if (type != PAM_TYPE_DOMAIN) {
+ /* We can only use the PAM functions if it's not the domain */
pam_set_item(pamh, type, (const void *)promptval);
/* We're returning the value saved by PAM so we can clear promptval */
pam_get_item(pamh, type, (const void **)&retval);
- } else {
+ }
+ if (type == PAM_TYPE_DOMAIN) {
+ /* The domain can be saved globally so we can use it for open */
if (global_domain != NULL) {
free(global_domain);
}
@@ -133,6 +142,7 @@ get_item (pam_handle_t * pamh, int type)
retval = global_domain;
}
if (type == PAM_AUTHTOK) {
+ /* We also save the password globally if we've got one */
if (global_password != NULL) {
memset(global_password, 0, strlen(global_password));
munlock(global_password, strlen(global_password));