diff options
| author | ysf <34326+ysf@users.noreply.github.com> | 2022-03-08 13:02:01 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-03-08 20:02:01 +0800 |
| commit | 940a7da9d162d1363b7ca5d050f86556cd5762a0 (patch) | |
| tree | f6b2ccb79894465ce62c0b9efa90d4881a20ba0c | |
| parent | 242deca524dbf922bfb08dadd65455164b9e663e (diff) | |
security: fix improper PAM authorization handling (#6819)
Co-authored-by: Joe Chen <jc@unknwon.io>
| -rw-r--r-- | CHANGELOG.md | 1 | ||||
| -rw-r--r-- | internal/auth/pam/pam.go | 8 |
2 files changed, 7 insertions, 2 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md index 1a1a4def..59bc75c9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -22,6 +22,7 @@ All notable changes to Gogs are documented in this file. ### Fixed - _Security:_ Potential SSRF in repository migration. [#6754](https://github.com/gogs/gogs/issues/6754) +- _Security:_ Improper PAM authorization handling. [#6810](https://github.com/gogs/gogs/issues/6810) - Unable to use LDAP authentication on ARM machines. [#6761](https://github.com/gogs/gogs/issues/6761) ### Removed diff --git a/internal/auth/pam/pam.go b/internal/auth/pam/pam.go index 0777bf7c..cbd3500d 100644 --- a/internal/auth/pam/pam.go +++ b/internal/auth/pam/pam.go @@ -25,6 +25,10 @@ func (c *Config) doAuth(login, password string) error { if err != nil { return err } - - return t.Authenticate(0) + + err = t.Authenticate(0) + if err != nil { + return err + } + return t.AcctMgmt(0) } |