Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
2010-11-16  Tomas Mraz  <tm@t8m.info>

        * modules/pam_pwhistory/pam_pwhistory.c (pam_sm_chauthtok): Remove
        dead and duplicate code. Return PAM_INCOMPLETE instead of
        PAM_CONV_AGAIN.

1 files changed, 8 insertions, 13 deletions

diff --git a/modules/pam_pwhistory/pam_pwhistory.c b/modules/pam_pwhistory/pam_pwhistory.c
index 0f6ffca3..9b588958 100644
--- a/modules/pam_pwhistory/pam_pwhistory.c
+++ b/modules/pam_pwhistory/pam_pwhistory.c
@@ -187,12 +187,13 @@ pam_sm_chauthtok (pam_handle_t *pamh, int flags, int argc, const char **argv)
     {
       retval = pam_get_authtok (pamh, PAM_AUTHTOK, &newpass, NULL);
       if (retval != PAM_SUCCESS && retval != PAM_TRY_AGAIN)
-	return retval;
+	{
+	  if (retval == PAM_CONV_AGAIN)
+	    retval = PAM_INCOMPLETE;
+	  return retval;
+	}
       tries++;
 
-      if (newpass == NULL || retval == PAM_TRY_AGAIN)
-	continue;
-
       if (options.debug)
 	{
 	  if (newpass)
@@ -201,12 +202,8 @@ pam_sm_chauthtok (pam_handle_t *pamh, int flags, int argc, const char **argv)
 	    pam_syslog (pamh, LOG_DEBUG, "got no auth token");
 	}
 
-      if (retval != PAM_SUCCESS || newpass == NULL)
-	{
-	  if (retval == PAM_CONV_AGAIN)
-	    retval = PAM_INCOMPLETE;
-	  return retval;
-	}
+      if (newpass == NULL || retval == PAM_TRY_AGAIN)
+	continue;
 
       if (options.debug)
 	pam_syslog (pamh, LOG_DEBUG, "check against old password file");
@@ -219,7 +216,6 @@ pam_sm_chauthtok (pam_handle_t *pamh, int flags, int argc, const char **argv)
 	  newpass = NULL;
 	  /* Remove password item, else following module will use it */
           pam_set_item (pamh, PAM_AUTHTOK, (void *) NULL);
-	  continue;
 	}
     }
 
@@ -230,8 +226,7 @@ pam_sm_chauthtok (pam_handle_t *pamh, int flags, int argc, const char **argv)
       return PAM_MAXTRIES;
     }
 
-  /* Remember new password */
-  return pam_set_item (pamh, PAM_AUTHTOK, newpass);
+  return PAM_SUCCESS;
 }