cookiez/pam-fprint-grosshack
1
0
Fork 0
mirror of https://gitlab.com/mishakmak/pam-fprint-grosshack.git synced 2026-04-08 20:03:34 +02:00
Code Issues Packages Projects Releases Wiki Activity

pam_fprintd: Consistently return PAM_AUTHINFO_UNAVAIL when device has no prints

Browse Source 
Loading saved prints may lead to an error if they were stored long time
ago and so they're using a wrong format.

In such case we list the prints as available even though they are really
not, so the PAM module won't return PAM_AUTHINFO_UNAVAIL as in the
no-prints case but PAM_USER_UNKNOWN.

This will lead some auth systems (such as gdm) to keep retrying using
PAM fprintd module, even if it's not really available.
This commit is contained in:
Marco Trevisan (Treviño)
2021-03-02 15:03:38 +01:00
parent b7aa0c455d
commit df6ebefef7
2 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
tests/pam/test_pam_fprintd.py Executable file → Normal file
View File

@ -177,7 +177,7 @@ class TestPamFprintd(dbusmock.DBusTestCase):
]
self.device_mock.SetVerifyScript(script)
tc = pypamtest.TestCase(pypamtest.PAMTEST_AUTHENTICATE, expected_rv=PAM_USER_UNKNOWN)
tc = pypamtest.TestCase(pypamtest.PAMTEST_AUTHENTICATE, expected_rv=PAM_AUTHINFO_UNAVAIL)
res = pypamtest.run_pamtest("toto", "fprintd-pam-test", [tc], [ 'unused' ])
def test_pam_fprintd_blocks_unexpected_auth(self):