[Freeipa-devel] [PATCH] first version of LOCAL pam backend
Martin Nagy
mnagy at redhat.com
Mon Mar 2 15:22:25 UTC 2009
On Mon, 02 Mar 2009 13:14:38 +0100, Sumit Bose <sbose at redhat.com> wrote:
> Hi,
>
> please find enclosed a first version of the pam backend for the LOCAL
> domain.
>
> - currently authenticate, chauthtok and acct_mgmt work
> - so far only glibc compatible sha512 passwords are used
> - NSS is used for sha512 and random number generation
> - currently I use direct libldb calls to be able to test things, I
> will change this when Simo's work on sysdb is done
>
> bye,
> Sumit
Hi, I didn't review the patch, but I have one tip:
I'd personally change NEQ_CHECK_OR_JUMP macro to something like this:
#define CHECK(expr, msg) do { \
if ((expr)) { \
DEBUG(1, (msg)); \
pam_status = PAM_SYSTEM_ERR; \
goto done; \
} \
} while (0)
Same for NULL_CHECK_OR_JUMP:
#define CHECK_NULL(var, msg) CHECK((var) == NULL, (msg))
It's less flexible, but also much less verbose, you just need to stick
to one convention, which you already are doing. Names are of course
just my opinion, but I wouldn't make them too long. If it's a commonly
used macro, people reading the code will remember what it does.
Martin.
More information about the Freeipa-devel
mailing list