[Freeipa-devel] [PATCH] cleanup of pam_sss

Stephen Gallagher sgallagh at redhat.com
Wed Jul 22 11:46:53 UTC 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 07/22/2009 06:52 AM, Sumit Bose wrote:
> Hi,
> 
> this patch should make pam_sss.c considerably more readable and should
> allow to use modules like pam_cracklib together with pam_sss. I hope I
> have caught all corner cases.
> 
> bye,
> Sumit
> 
> 
> ------------------------------------------------------------------------
> 
> _______________________________________________
> Freeipa-devel mailing list
> Freeipa-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-devel

Nack.

It would be wise in print_pam_items() to check whether pi is NULL before
attempting to dereference it to print all of its members. Similarly,
It's unsafe to check whether dereferencing a pointer == 0 before
checking whether that pointer itself is valid. I'd suggest creating a
macro to do that comparison, something like
PI_STRING_VALID_AND_NONZERO(*pi->pam_service).

In prompt_password(), shouldn't the password prompt be localized?

- -- 
Stephen Gallagher
RHCE 804006346421761

Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/

iEYEARECAAYFAkpm/CYACgkQeiVVYja6o6OepwCgnOp+gTAFHJu/2gix6xIPvGYk
vzEAoKK3QPvrjbRTKu4ELIE07369ybzX
=B/Tr
-----END PGP SIGNATURE-----




More information about the Freeipa-devel mailing list