[strongSwan-dev] [PATCH] xauth_pam don't open/close PAM sessions

[Martin Willi]

Andrea,

> the following patch is a small improvement for the xauth_pam plugin.
> The actual plugin performs the XAuth users authentication though PAM
> but don't open/close the user sessions with the PAM
> pam_open_session/pam_close_session methods.

Sorry for the loooong delay, I finally had a chance to take a closer
look at your patch.

I haven't tested it yet, but overall it looks very good, thanks a lot.

> +    service = lib->settings->get_str(lib->settings,
> +                "%s.plugins.xauth-pam.pam_service",
> +                    lib->settings->get_str(lib->settings,
> +                        "%s.plugins.eap-gtc.pam_service",
> +                        "login", charon->name),
> +                charon->name);

That service lookup could actually be done during listener construction,
avoiding it for each client. Just a minor nitpick, not really important.

Unfortunately, your mailer messed up to patch. Can you resend it without
unintended line breaks? As attachement is ok as well.

Further, would you mind to contribute this patch under the MIT license
instead of GPLv2? Have a look at [1] for the reasons.

Best Regards
Martin

[1]http://wiki.strongswan.org/projects/strongswan/wiki/Contributions