pam/pam-1.1.1-authtok-prompt.patch

79 lines
2.7 KiB
Diff

Index: libpam/pam_get_authtok.c
===================================================================
RCS file: /cvsroot/pam/Linux-PAM/libpam/pam_get_authtok.c,v
retrieving revision 1.3
diff -u -p -r1.3 pam_get_authtok.c
--- libpam/pam_get_authtok.c 10 Nov 2009 15:52:20 -0000 1.3
+++ libpam/pam_get_authtok.c 22 Jan 2010 17:31:40 -0000
@@ -81,7 +81,7 @@ pam_get_authtok_internal (pam_handle_t *
char *resp[2] = {NULL, NULL};
const void *prevauthtok;
const char *authtok_type = "";
- int ask_twice = 0; /* Password change, ask twice for it */
+ int chpass = 0; /* Password change, ask twice for it */
int retval;
if (authtok == NULL)
@@ -91,8 +91,9 @@ pam_get_authtok_internal (pam_handle_t *
which needs to be verified. */
if (item == PAM_AUTHTOK && pamh->choice == PAM_CHAUTHTOK)
{
+ chpass = 1;
if (!(flags & PAM_GETAUTHTOK_NOVERIFY))
- ask_twice = 1;
+ ++chpass;
authtok_type = get_option (pamh, "authtok_type");
if (authtok_type == NULL)
@@ -110,11 +111,11 @@ pam_get_authtok_internal (pam_handle_t *
return PAM_SUCCESS;
}
else if (get_option (pamh, "use_first_pass") ||
- (ask_twice && get_option (pamh, "use_authtok")))
+ (chpass && get_option (pamh, "use_authtok")))
{
if (prevauthtok == NULL)
{
- if (ask_twice)
+ if (chpass)
return PAM_AUTHTOK_ERR;
else
return PAM_AUTH_ERR;
@@ -127,16 +128,16 @@ pam_get_authtok_internal (pam_handle_t *
{
retval = pam_prompt (pamh, PAM_PROMPT_ECHO_OFF, &resp[0],
"%s", prompt);
- if (retval == PAM_SUCCESS && ask_twice && resp[0] != NULL)
+ if (retval == PAM_SUCCESS && chpass > 1 && resp[0] != NULL)
retval = pam_prompt (pamh, PAM_PROMPT_ECHO_OFF, &resp[1],
_("Retype %s"), prompt);
}
- else if (ask_twice)
+ else if (chpass)
{
retval = pam_prompt (pamh, PAM_PROMPT_ECHO_OFF, &resp[0],
PROMPT1, authtok_type,
strlen (authtok_type) > 0?" ":"");
- if (retval == PAM_SUCCESS && ask_twice && resp[0] != NULL)
+ if (retval == PAM_SUCCESS && chpass > 1 && resp[0] != NULL)
retval = pam_prompt (pamh, PAM_PROMPT_ECHO_OFF, &resp[1],
PROMPT2, authtok_type,
strlen (authtok_type) > 0?" ":"");
@@ -146,14 +147,14 @@ pam_get_authtok_internal (pam_handle_t *
PROMPT);
if (retval != PAM_SUCCESS || resp[0] == NULL ||
- (ask_twice && resp[1] == NULL))
+ (chpass > 1 && resp[1] == NULL))
{
/* We want to abort the password change */
pam_error (pamh, _("Password change aborted."));
return PAM_AUTHTOK_ERR;
}
- if (ask_twice && strcmp (resp[0], resp[1]) != 0)
+ if (chpass > 1 && strcmp (resp[0], resp[1]) != 0)
{
pam_error (pamh, MISTYPED_PASS);
_pam_overwrite (resp[0]);