diff options
Diffstat (limited to 'engine')
| -rw-r--r-- | engine/classes/ElggPAM.php | 5 | ||||
| -rw-r--r-- | engine/lib/pam.php | 6 |
2 files changed, 8 insertions, 3 deletions
diff --git a/engine/classes/ElggPAM.php b/engine/classes/ElggPAM.php index a3e4f9a77..37436fba3 100644 --- a/engine/classes/ElggPAM.php +++ b/engine/classes/ElggPAM.php @@ -52,9 +52,10 @@ class ElggPAM { try { // Execute the handler - if ($handler($credentials)) { + $result = $handler($credentials); + if ($result) { $authenticated = true; - } else { + } elseif ($result === false) { if ($importance == 'required') { $this->messages['required'][] = "$handler:failed"; return false; diff --git a/engine/lib/pam.php b/engine/lib/pam.php index f1df3feba..f6db28355 100644 --- a/engine/lib/pam.php +++ b/engine/lib/pam.php @@ -25,12 +25,16 @@ $_PAM_HANDLERS = array(); /** * Register a PAM handler. * + * A PAM handler should return true if the authentication attempt passed. For a + * failure, return false or throw an exception. Returning nothing indicates that + * the handler wants to be skipped. + * * @param string $handler The handler function in the format * pam_handler($credentials = NULL); * @param string $importance The importance - "sufficient" (default) or "required" * @param string $policy The policy type, default is "user" * - * @return boolean + * @return bool */ function register_pam_handler($handler, $importance = "sufficient", $policy = "user") { global $_PAM_HANDLERS; |