diff options
| author | Tomas Mraz <tm@t8m.info> | 2008-04-16 08:21:05 +0000 |
|---|---|---|
| committer | Tomas Mraz <tm@t8m.info> | 2008-04-16 08:21:05 +0000 |
| commit | 3165b29623e3498f8e75dba5413c4a662bdcec15 (patch) | |
| tree | 87f27ace8bdd2c2c6a6ac2d9769b0031c1fe3476 /modules | |
| parent | 71ef5e4a1c83fed2bb6f9753afc6a8a7c81ee0ba (diff) | |
Relevant BUGIDs:
Purpose of commit: new feature
Commit summary:
---------------
2008-04-16 Tomas Mraz <t8m@centrum.cz>
* modules/pam_cracklib/pam_cracklib.c(_pam_parse): Recognize also
try_first_pass and use_first_pass options.
(pam_sm_chauthtok): Implement the new options.
Diffstat (limited to 'modules')
| -rw-r--r-- | modules/pam_cracklib/pam_cracklib.c | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/modules/pam_cracklib/pam_cracklib.c b/modules/pam_cracklib/pam_cracklib.c index 0c39f89d..12cbcf3c 100644 --- a/modules/pam_cracklib/pam_cracklib.c +++ b/modules/pam_cracklib/pam_cracklib.c @@ -98,6 +98,7 @@ struct cracklib_options { int oth_credit; int min_class; int use_authtok; + int try_first_pass; char prompt_type[BUFSIZ]; const char *cracklib_dictpath; }; @@ -169,6 +170,10 @@ _pam_parse (pam_handle_t *pamh, struct cracklib_options *opt, opt->min_class = 4 ; } else if (!strncmp(*argv,"use_authtok",11)) { opt->use_authtok = 1; + } else if (!strncmp(*argv,"use_first_pass",14)) { + opt->use_authtok = 1; + } else if (!strncmp(*argv,"try_first_pass",14)) { + opt->try_first_pass = 1; } else if (!strncmp(*argv,"dictpath=",9)) { opt->cracklib_dictpath = *argv+9; if (!*(opt->cracklib_dictpath)) { @@ -619,7 +624,7 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags, * set PAM_AUTHTOK and return */ - if (options.use_authtok == 1) { + if (options.use_authtok == 1 || options.try_first_pass == 1) { const void *item = NULL; retval = pam_get_item(pamh, PAM_AUTHTOK, &item); @@ -630,11 +635,13 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags, } else if (item != NULL) { /* we have a password! */ token1 = x_strdup(item); item = NULL; + options.use_authtok = 1; /* don't ask for the password again */ } else { retval = PAM_AUTHTOK_RECOVERY_ERR; /* didn't work */ } - - } else { + } + + if (options.use_authtok != 1) { /* Prepare to ask the user for the first time */ resp = NULL; retval = pam_prompt (pamh, PAM_PROMPT_ECHO_OFF, &resp, |