rpms/sssd
7
0
Fork 0
Code Issues Pull Requests Releases Activity
c9-beta
sssd/SOURCES/0008-pam_sss-add-missing-optional-2nd-factor-handling.patch

46 lines
1.8 KiB
Diff
Raw Permalink Blame History

From 7e76396a891b4c704f1db8c71a217f869bef0ec3 Mon Sep 17 00:00:00 2001
From: Sumit Bose <sbose@redhat.com>
Date: Fri, 12 Jul 2024 13:46:00 +0200
Subject: [PATCH 8/8] pam_sss: add missing optional 2nd factor handling
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This is a follow up to pull-request #7462 and adds the proper handling of
an optional second factor in case the prompting is configured.
Resolves: https://github.com/SSSD/sssd/issues/7456
Reviewed-by: Justin Stephenson <jstephen@redhat.com>
Reviewed-by: Tomáš Halman <thalman@redhat.com>
(cherry picked from commit 077d2993a1b306e7cfe61618cbd5d03c602572f8)
Reviewed-by: Sumit Bose <sbose@redhat.com>
---
src/sss_client/pam_sss.c | 9 +++++++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/src/sss_client/pam_sss.c b/src/sss_client/pam_sss.c
index d43bd0f55..d1101e16c 100644
--- a/src/sss_client/pam_sss.c
+++ b/src/sss_client/pam_sss.c
@@ -2505,8 +2505,13 @@ static int prompt_by_config(pam_handle_t *pamh, struct pam_items *pi)
ret = prompt_password(pamh, pi, pc_get_password_prompt(pi->pc[c]));
break;
case PC_TYPE_2FA:
- ret = prompt_2fa(pamh, pi, false, pc_get_2fa_1st_prompt(pi->pc[c]),
- pc_get_2fa_2nd_prompt(pi->pc[c]));
+ if (pi->password_prompting) {
+ ret = prompt_2fa(pamh, pi, true, pc_get_2fa_1st_prompt(pi->pc[c]),
+ pc_get_2fa_2nd_prompt(pi->pc[c]));
+ } else {
+ ret = prompt_2fa(pamh, pi, false, pc_get_2fa_1st_prompt(pi->pc[c]),
+ pc_get_2fa_2nd_prompt(pi->pc[c]));
+ }
break;
case PC_TYPE_2FA_SINGLE:
ret = prompt_2fa_single(pamh, pi,
--
2.45.2
Reference in New Issue View Git Blame Copy Permalink