1) The ENTRY method is not working 2) The schema is not correct - pamMapMethod should be pamIDMapMethod to correspond to the pamIDAttr attribute type.
Created attachment 136369 [details] diffs for fix
Fix: 1) Rename all occurrences of pamMapMethod to pamIDMapMethod 2) The parsing code for the map method was just plain wrong - it wasn't incrementing the pointer correctly. 3) This code: if (one == two == three == PAMPT_MAP_METHOD_NONE) - is not correct.
Your fix looks good. Looking into the file pam_ptconfig.c, there are two places calling parse_map_method. First one in pam_passthru_validate_config assign the return value to *returncode, but it's not checking the value. The next one in pam_passthru_apply_config does not check the return value from parse_map_method nor the returned theConfig.pamptconfig_map_method#... Could they be okay?
Created attachment 136376 [details] new diffs Thanks Noriko. I was missing some error checking there. For the second call to parse_map_method in pam_passthru_apply_config() - it doesn't need checking. This function is the DSE post op callback, and pam_passthru_validate_config() is the DSE pre op callback. If validate passes, it is ok to apply the changes. If validate fails, apply will never be called.
internal_comp_deps.mk? ;)
Created attachment 136380 [details] real new diffs These are the real diffs
Looks good.
Branch: HEAD Fix Description: 1) Rename all occurrences of pamMapMethod to pamIDMapMethod 2) The parsing code for the map method was just plain wrong - it wasn't incrementing the pointer correctly. 3) This code: if (one == two == three == PAMPT_MAP_METHOD_NONE) - is not correct. Platforms tested: RHEL4 Flag Day: no Doc impact: no Checking in ldapserver/ldap/schema/60pam-plugin.ldif; /cvs/dirsec/ldapserver/ldap/schema/60pam-plugin.ldif,v <-- 60pam-plugin.ldif new revision: 1.5; previous revision: 1.4 done Checking in ldapserver/ldap/servers/plugins/pam_passthru/README; /cvs/dirsec/ldapserver/ldap/servers/plugins/pam_passthru/README,v <-- README new revision: 1.5; previous revision: 1.4 done Checking in ldapserver/ldap/servers/plugins/pam_passthru/config.ldif; /cvs/dirsec/ldapserver/ldap/servers/plugins/pam_passthru/config.ldif,v <-- config.ldif new revision: 1.5; previous revision: 1.4 done Checking in ldapserver/ldap/servers/plugins/pam_passthru/pam_ptconfig.c; /cvs/dirsec/ldapserver/ldap/servers/plugins/pam_passthru/pam_ptconfig.c,v <-- pam_ptconfig.c new revision: 1.7; previous revision: 1.6 done
PAM passthrough startup Tests PASS : 100% (13/13) PAM passthrough run Tests PASS : 100% (9/9) PAM passthrough cleanup Tests PASS : 100% (5/5) hence marking Verified -sanity only.