From ed95a928eb095f8585bf216a05182a3e30cc9886 Mon Sep 17 00:00:00 2001 From: Daniel Baumann Date: Mon, 20 May 2024 17:22:34 +0200 Subject: Adding upstream version 2.9.5. Signed-off-by: Daniel Baumann --- src/responder/pam/pamsrv.h | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'src/responder/pam/pamsrv.h') diff --git a/src/responder/pam/pamsrv.h b/src/responder/pam/pamsrv.h index 7013a8e..2aa14ae 100644 --- a/src/responder/pam/pamsrv.h +++ b/src/responder/pam/pamsrv.h @@ -93,7 +93,17 @@ struct pam_auth_req { struct ldb_message *user_obj; struct cert_auth_info *cert_list; struct cert_auth_info *current_cert; + /* Switched to 'true' if the backend indicates that it cannot handle + * Smartcard authentication, but Smartcard authentication is + * possible and local Smartcard authentication is allowed. */ bool cert_auth_local; + /* Switched to 'true' if authentication (not pre-authentication) was + * started without a login name and the name had to be lookup up with the + * certificate used for authentication. Since reading the certificate from + * the Smartcard already involves the PIN validation in this case there + * would be no need for an additional Smartcard interaction if only local + * Smartcard authentication is possible. */ + bool initial_cert_auth_successful; bool passkey_data_exists; uint32_t client_id_num; @@ -104,6 +114,7 @@ struct pam_resp_auth_type { bool otp_auth; bool cert_auth; bool passkey_auth; + bool backend_returned_no_auth_type; }; struct sss_cmd_table *get_pam_cmds(void); -- cgit v1.2.3