check user account validity after PAM authentication
authorMartin Willi <martin@strongswan.org>
Wed, 27 Aug 2008 13:48:54 +0000 (13:48 -0000)
committerMartin Willi <martin@strongswan.org>
Wed, 27 Aug 2008 13:48:54 +0000 (13:48 -0000)
src/charon/plugins/eap_gtc/eap_gtc.c

index 5f6f655..0a93a90 100644 (file)
@@ -120,7 +120,16 @@ static bool authenticate(char *service, char *user, char *password)
                return FALSE;
        }
        ret = pam_authenticate(pamh, 0);
-       if (ret != PAM_SUCCESS)
+       if (ret == PAM_SUCCESS)
+       {
+               ret = pam_acct_mgmt(pamh, 0);
+               if (ret != PAM_SUCCESS)
+               {
+                       DBG1(DBG_IKE, "EAP-GTC pam_acct_mgmt failed: %s",
+                                pam_strerror(pamh, ret));
+               }
+       }
+       else
        {
                DBG1(DBG_IKE, "EAP-GTC pam_authenticate failed: %s",
                         pam_strerror(pamh, ret));