39 lines
1.5 KiB
Diff
39 lines
1.5 KiB
Diff
Reset the new authtok if weak.
|
|
diff -u -p -r1.33 -r1.34
|
|
--- modules/pam_cracklib/pam_cracklib.c 11 Dec 2008 19:41:49 -0000 1.33
|
|
+++ modules/pam_cracklib/pam_cracklib.c 21 Jul 2009 13:59:24 -0000 1.34
|
|
@@ -545,7 +545,7 @@ static int _pam_unix_approve_pass(pam_ha
|
|
const char *pass_new)
|
|
{
|
|
const char *msg = NULL;
|
|
- const void *user;
|
|
+ const char *user;
|
|
int retval;
|
|
|
|
if (pass_new == NULL || (pass_old && !strcmp(pass_old,pass_new))) {
|
|
@@ -556,7 +556,7 @@ static int _pam_unix_approve_pass(pam_ha
|
|
return PAM_AUTHTOK_ERR;
|
|
}
|
|
|
|
- retval = pam_get_item(pamh, PAM_USER, &user);
|
|
+ retval = pam_get_user(pamh, &user, NULL);
|
|
if (retval != PAM_SUCCESS || user == NULL) {
|
|
if (ctrl & PAM_DEBUG_ARG)
|
|
pam_syslog(pamh,LOG_ERR,"Can not get username");
|
|
@@ -658,6 +658,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand
|
|
pam_error (pamh, _("BAD PASSWORD: %s"), crack_msg);
|
|
if (getuid() || (flags & PAM_CHANGE_EXPIRED_AUTHTOK))
|
|
{
|
|
+ pam_set_item (pamh, PAM_AUTHTOK, NULL);
|
|
retval = PAM_AUTHTOK_ERR;
|
|
continue;
|
|
}
|
|
@@ -670,6 +671,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_hand
|
|
if (retval != PAM_SUCCESS) {
|
|
if (getuid() || (flags & PAM_CHANGE_EXPIRED_AUTHTOK))
|
|
{
|
|
+ pam_set_item(pamh, PAM_AUTHTOK, NULL);
|
|
retval = PAM_AUTHTOK_ERR;
|
|
continue;
|
|
}
|