git.samba.org / ira / wip.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Delete the krb5 ccname variable from the PAM environment if set.
[ira/wip.git] / source3 / nsswitch / pam_winbind.c
diff --git a/source3/nsswitch/pam_winbind.c b/source3/nsswitch/pam_winbind.c
index 8d8868d0ef2d62b8a942a399c9a26adc97208f24..2967770d8d0493d72b523302049af7195799fb34 100644 (file)
--- a/source3/nsswitch/pam_winbind.c
+++ b/source3/nsswitch/pam_winbind.c
@@ -2735,6 +2735,19 @@ out:
                wbcFreeMemory(logoff.blobs);
        }
 
+       if (!WBC_ERROR_IS_OK(wbc_status)) {
+               retval = wbc_auth_error_to_pam_error(ctx, error, wbc_status,
+                    user, "wbcLogoffUser");
+       }
+
+       /*
+        * Delete the krb5 ccname variable from the PAM environment
+        * if it was set by winbind.
+        */
+       if (ctx->ctrl & WINBIND_KRB5_AUTH) {
+               pam_putenv(pamh, "KRB5CCNAME");
+       }
+
        _PAM_LOG_FUNCTION_LEAVE("pam_sm_close_session", ctx, retval);
 
        TALLOC_FREE(ctx);
Unnamed repository; edit this file 'description' to name the repository.