path: root/libpam/pam_private.h
diff options
authorAndrew G. Morgan <>2001-10-11 04:52:25 +0000
committerAndrew G. Morgan <>2001-10-11 04:52:25 +0000
commit64ab317e86dc8e798b4f4ed603227206c0fc001b (patch)
tree724590bf0513412074404694ffcfb0f4c8432999 /libpam/pam_private.h
parent345044121bc4e8977a22d6235d31df4b2114a240 (diff)
Relevant BUGIDs: 468724
Purpose of commit: bugfix Commit summary: --------------- Legacy behavior for pam_close_session and pam_setcred was not sufficient. Basically, it appears to be common practice for some applications to call these functions without first calling pam_authenticate and pam_open_session which would have frozen the auth and session module stacks. The new behavior is to treat the returns of these secondary functions as authoritative when navigating the stack in the absence of a chain-freezing first set of calls. pam_chauthtok should not benefit from this behavior, and there does not appear to be a justification for using an event like this to freeze the stack outright - legacy behavior did not do that.
Diffstat (limited to 'libpam/pam_private.h')
1 files changed, 2 insertions, 0 deletions
diff --git a/libpam/pam_private.h b/libpam/pam_private.h
index 52f6c5e6..7afc4fa7 100644
--- a/libpam/pam_private.h
+++ b/libpam/pam_private.h
@@ -43,6 +43,8 @@
/* components of the pam_handle structure */
+#define _PAM_INVALID_RETVAL -1 /* default value for cached_retval */
struct handler {
int must_fail;
int (*func)(pam_handle_t *pamh, int flags, int argc, char **argv);