char *sid_list_buffer,
int sid_list_buffer_size)
{
- const char* sid_string;
+ const char* sid_string = NULL;
+ char *sid_str = NULL;
/* lookup name? */
if (IS_SID_STRING(name)) {
wbcErr wbc_status;
struct wbcDomainSid sid;
enum wbcSidType type;
- char *sid_str;
_pam_log_debug(ctx, LOG_DEBUG,
"no sid given, looking up: %s\n", name);
return false;
}
- wbcFreeMemory(sid_str);
sid_string = sid_str;
}
if (!safe_append_string(sid_list_buffer, sid_string,
sid_list_buffer_size)) {
+ wbcFreeMemory(sid_str);
return false;
}
+ wbcFreeMemory(sid_str);
return true;
}
current_name,
sid_list_buffer,
sid_list_buffer_size)) {
- goto out;
+ /*
+ * If one group name failed, we must not fail
+ * the authentication totally, continue with
+ * the following group names. If user belongs to
+ * one of the valid groups, we must allow it
+ * login. -- BoYang
+ */
+
+ _pam_log(ctx, LOG_INFO, "cannot convert group %s to sid, "
+ "check if group %s is valid group.", current_name,
+ current_name);
+ _make_remark_format(ctx, PAM_TEXT_INFO, _("Cannot convert group %s "
+ "to sid, please contact your administrator to see "
+ "if group %s is valid."), current_name, current_name);
+ SAFE_FREE(current_name);
+ search_location = comma + 1;
+ continue;
}
SAFE_FREE(current_name);
if (!winbind_name_to_sid_string(ctx, user, search_location,
sid_list_buffer,
sid_list_buffer_size)) {
- goto out;
+ _pam_log(ctx, LOG_INFO, "cannot convert group %s to sid, "
+ "check if group %s is valid group.", search_location,
+ search_location);
+ _make_remark_format(ctx, PAM_TEXT_INFO, _("Cannot convert group %s "
+ "to sid, please contact your administrator to see "
+ "if group %s is valid."), search_location, search_location);
}
result = true;