summaryrefslogtreecommitdiff
path: root/modules
diff options
context:
space:
mode:
authorThorsten Kukuk <kukuk@thkukuk.de>2008-12-11 19:41:49 +0000
committerThorsten Kukuk <kukuk@thkukuk.de>2008-12-11 19:41:49 +0000
commita1131337d71a61da5b3b5e129545d3257a709480 (patch)
treea2a9c49346bcb8912b31916f40f96d67479f0c36 /modules
parent300b741a23d95cd44fa391905d6edce8340c8fee (diff)
Relevant BUGIDs:
Purpose of commit: new feature Commit summary: --------------- 2008-12-10 Thorsten Kukuk <kukuk@thkukuk.de> * doc/man/pam_item_types_ext.inc.xml: Document PAM_AUTHTOK_TYPE. * libpam/pam_end.c (pam_end): Free authtok_type. * tests/tst-pam_get_item.c: Add PAM_AUTHTOK_TYPE as test case. * tests/tst-pam_set_item.c: Likewise. * libpam/pam_start.c (pam_start): Initialize xdisplay, xauth and authtok_type. * libpam/pam_get_authtok.c (pam_get_authtok): Rename "type" to "authtok_type". * modules/pam_cracklib/pam_cracklib.8.xml: Replace "type=" with "authtok_type=". * doc/man/pam_get_authtok.3.xml: Document authtok_type argument. * modules/pam_cracklib/pam_cracklib.c (pam_sm_chauthtok): Set type= argument as PAM_AUTHTOK_TYPE item. * libpam/pam_get_authtok.c (pam_get_authtok): If no type argument given, use PAM_AUTHTOK_TYPE item. * libpam/pam_item.c (pam_get_item): Fetch PAM_AUTHTOK_TYPE item. (pam_set_item): Store PAM_AUTHTOK_TYPE item. * libpam/pam_private.h: Add authtok_type to pam_handle. * libpam/include/security/_pam_types.h (PAM_AUTHTOK_TYPE): New.
Diffstat (limited to 'modules')
-rw-r--r--modules/pam_cracklib/pam_cracklib.8.xml6
-rw-r--r--modules/pam_cracklib/pam_cracklib.c18
2 files changed, 9 insertions, 15 deletions
diff --git a/modules/pam_cracklib/pam_cracklib.8.xml b/modules/pam_cracklib/pam_cracklib.8.xml
index 336da5dd..1c31e077 100644
--- a/modules/pam_cracklib/pam_cracklib.8.xml
+++ b/modules/pam_cracklib/pam_cracklib.8.xml
@@ -171,15 +171,15 @@
<varlistentry>
<term>
- <option>type=<replaceable>XXX</replaceable></option>
+ <option>authtok_type=<replaceable>XXX</replaceable></option>
</term>
<listitem>
<para>
The default action is for the module to use the
following prompts when requesting passwords:
"New UNIX password: " and "Retype UNIX password: ".
- The default word <emphasis>UNIX</emphasis> can
- be replaced with this option.
+ The example word <emphasis>UNIX</emphasis> can
+ be replaced with this option, by default it is empty.
</para>
</listitem>
</varlistentry>
diff --git a/modules/pam_cracklib/pam_cracklib.c b/modules/pam_cracklib/pam_cracklib.c
index 398727e1..ba64aae2 100644
--- a/modules/pam_cracklib/pam_cracklib.c
+++ b/modules/pam_cracklib/pam_cracklib.c
@@ -99,11 +99,8 @@ struct cracklib_options {
int low_credit;
int oth_credit;
int min_class;
- int use_authtok;
- int try_first_pass;
int max_repeat;
int reject_user;
- char prompt_type[BUFSIZ];
const char *cracklib_dictpath;
};
@@ -116,7 +113,6 @@ struct cracklib_options {
#define CO_UP_CREDIT 1
#define CO_LOW_CREDIT 1
#define CO_OTH_CREDIT 1
-#define CO_USE_AUTHTOK 0
static int
_pam_parse (pam_handle_t *pamh, struct cracklib_options *opt,
@@ -133,7 +129,7 @@ _pam_parse (pam_handle_t *pamh, struct cracklib_options *opt,
if (!strcmp(*argv,"debug"))
ctrl |= PAM_DEBUG_ARG;
else if (!strncmp(*argv,"type=",5))
- strncpy(opt->prompt_type, *argv+5, sizeof(opt->prompt_type) - 1);
+ pam_set_item (pamh, PAM_AUTHTOK_TYPE, *argv+5);
else if (!strncmp(*argv,"retry=",6)) {
opt->retry_times = strtol(*argv+6,&ep,10);
if (!ep || (opt->retry_times < 1))
@@ -178,12 +174,14 @@ _pam_parse (pam_handle_t *pamh, struct cracklib_options *opt,
opt->max_repeat = 0;
} else if (!strncmp(*argv,"reject_username",15)) {
opt->reject_user = 1;
+ } else if (!strncmp(*argv,"authtok_type",12)) {
+ /* for pam_get_authtok, ignore */;
} else if (!strncmp(*argv,"use_authtok",11)) {
- opt->use_authtok = 1;
+ /* for pam_get_authtok, ignore */;
} else if (!strncmp(*argv,"use_first_pass",14)) {
- opt->use_authtok = 1;
+ /* for pam_get_authtok, ignore */;
} else if (!strncmp(*argv,"try_first_pass",14)) {
- opt->try_first_pass = 1;
+ /* for pam_get_authtok, ignore */;
} else if (!strncmp(*argv,"dictpath=",9)) {
opt->cracklib_dictpath = *argv+9;
if (!*(opt->cracklib_dictpath)) {
@@ -193,7 +191,6 @@ _pam_parse (pam_handle_t *pamh, struct cracklib_options *opt,
pam_syslog(pamh,LOG_ERR,"pam_parse: unknown option; %s",*argv);
}
}
- opt->prompt_type[sizeof(opt->prompt_type) - 1] = '\0';
return ctrl;
}
@@ -602,9 +599,6 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
options.up_credit = CO_UP_CREDIT;
options.low_credit = CO_LOW_CREDIT;
options.oth_credit = CO_OTH_CREDIT;
- options.use_authtok = CO_USE_AUTHTOK;
- memset(options.prompt_type, 0, BUFSIZ);
- strcpy(options.prompt_type,"UNIX");
options.cracklib_dictpath = CRACKLIB_DICTS;
ctrl = _pam_parse(pamh, &options, argc, argv);