Do not use oath_[ht]otp_match() as predicates - a non-zero return can
mean an error occurred. We should probably switch to the standard Unix idiom of returning 0 for success. git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@756 185d5e19-27fe-0310-9dcf-9bff6b9f3609
This commit is contained in:
parent
e8cd86aade
commit
59313f56a4
|
@ -271,9 +271,9 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags,
|
|||
ret = oath_totp_match(key, response, window);
|
||||
}
|
||||
openpam_log(PAM_LOG_VERBOSE, "verification code %s",
|
||||
ret ? "matched" : "did not match");
|
||||
if (ret == 0) {
|
||||
pam_err = PAM_AUTH_ERR;
|
||||
ret > 0 ? "matched" : "did not match");
|
||||
if (ret <= 0) {
|
||||
pam_err = ret < 0 ? PAM_SERVICE_ERR : PAM_AUTH_ERR;
|
||||
goto done;
|
||||
}
|
||||
|
||||
|
|
Loading…
Reference in New Issue