6 files changed, 31 insertions, 11 deletions

diff --git a/libpam/include/security/_pam_types.h b/libpam/include/security/_pam_types.h
index 2f7e807f..2d684bce 100644
--- a/libpam/include/security/_pam_types.h
+++ b/libpam/include/security/_pam_types.h
@@ -143,6 +143,7 @@ typedef struct pam_handle pam_handle_t;
 				   delays */
 #define PAM_XDISPLAY       11   /* X display name */
 #define PAM_XAUTHDATA      12   /* X server authentication data */
+#define PAM_AUTHTOK_TYPE   13   /* The type for pam_get_authtok */
 
 /* -------------- Special defines used by Linux-PAM -------------- */
 
diff --git a/libpam/pam_end.c b/libpam/pam_end.c
index c96dc384..942253d8 100644
--- a/libpam/pam_end.c
+++ b/libpam/pam_end.c
@@ -82,6 +82,9 @@ int pam_end(pam_handle_t *pamh, int pam_status)
     _pam_drop(pamh->xauth.data);
     _pam_overwrite_n((char *)&pamh->xauth, sizeof(pamh->xauth));
 
+    _pam_overwrite(pamh->authtok_type);
+    _pam_drop(pamh->authtok_type);
+
     /* and finally liberate the memory for the pam_handle structure */
 
     _pam_drop(pamh);
diff --git a/libpam/pam_get_authtok.c b/libpam/pam_get_authtok.c
index 83b3f530..9e9f8409 100644
--- a/libpam/pam_get_authtok.c
+++ b/libpam/pam_get_authtok.c
@@ -77,7 +77,7 @@ pam_get_authtok (pam_handle_t *pamh, int item, const char **authtok,
 {
   char *resp[2] = {NULL, NULL};
   const void* prevauthtok;
-  const char *type = "";
+  const char *authtok_type = "";
   int ask_twice = 0; /* Password change, ask twice for it */
   int retval;
 
@@ -89,9 +89,13 @@ pam_get_authtok (pam_handle_t *pamh, int item, const char **authtok,
   if (item == PAM_AUTHTOK && pamh->choice == PAM_CHAUTHTOK)
     {
       ask_twice = 1;
-      type = get_option (pamh, "type");
-      if (type == NULL)
-	type = "";
+      authtok_type = get_option (pamh, "authtok_type");
+      if (authtok_type == NULL)
+	{
+	  retval = pam_get_item (pamh, PAM_AUTHTOK_TYPE, (const void **)&authtok_type);
+	  if (retval != PAM_SUCCESS || authtok_type == NULL)
+	    authtok_type = "";
+	}
     }
 
   retval = pam_get_item (pamh, item, &prevauthtok);
@@ -125,12 +129,12 @@ pam_get_authtok (pam_handle_t *pamh, int item, const char **authtok,
   else if (ask_twice)
     {
       retval = pam_prompt (pamh, PAM_PROMPT_ECHO_OFF, &resp[0],
-			   PROMPT1, type,
-			   strlen (type) > 0?" ":"");
+			   PROMPT1, authtok_type,
+			   strlen (authtok_type) > 0?" ":"");
       if (retval == PAM_SUCCESS && ask_twice && resp[0] != NULL)
 	retval = pam_prompt (pamh, PAM_PROMPT_ECHO_OFF, &resp[1],
-			     PROMPT2, type,
-			     strlen (type) > 0?" ":"");
+			     PROMPT2, authtok_type,
+			     strlen (authtok_type) > 0?" ":"");
     }
   else
     retval = pam_prompt (pamh, PAM_PROMPT_ECHO_OFF, &resp[0], "%s",
diff --git a/libpam/pam_item.c b/libpam/pam_item.c
index f3d794eb..ed478a4a 100644
--- a/libpam/pam_item.c
+++ b/libpam/pam_item.c
@@ -151,7 +151,7 @@ int pam_set_item (pam_handle_t *pamh, int item_type, const void *item)
 	if ((pamh->xauth.name=_pam_strdup(pamh->xauth.name)) == NULL) {
 	    memset(&pamh->xauth, '\0', sizeof(pamh->xauth));
 	    return PAM_BUF_ERR;
-	}	
+	}
 	if ((pamh->xauth.data=_pam_memdup(pamh->xauth.data,
 	    pamh->xauth.datalen)) == NULL) {
 	    _pam_overwrite(pamh->xauth.name);
@@ -161,6 +161,10 @@ int pam_set_item (pam_handle_t *pamh, int item_type, const void *item)
 	}
 	break;
 
+    case PAM_AUTHTOK_TYPE:
+	TRY_SET(pamh->authtok_type, item);
+	break;
+
     default:
 	retval = PAM_BAD_ITEM;
     }
@@ -251,6 +255,10 @@ int pam_get_item (const pam_handle_t *pamh, int item_type, const void **item)
 	*item = &pamh->xauth;
 	break;
 
+    case PAM_AUTHTOK_TYPE:
+	*item = pamh->authtok_type;
+	break;
+
     default:
 	retval = PAM_BAD_ITEM;
     }
diff --git a/libpam/pam_private.h b/libpam/pam_private.h
index 777fd2d7..134dc726 100644
--- a/libpam/pam_private.h
+++ b/libpam/pam_private.h
@@ -154,6 +154,7 @@ struct pam_handle {
     char *ruser;
     char *tty;
     char *xdisplay;
+    char *authtok_type;          /* PAM_AUTHTOK_TYPE */
     struct pam_data *data;
     struct pam_environ *env;      /* structure to maintain environment list */
     struct _pam_fail_delay fail_delay;   /* helper function for easy delays */
diff --git a/libpam/pam_start.c b/libpam/pam_start.c
index 7b0d3aa4..b7cd771e 100644
--- a/libpam/pam_start.c
+++ b/libpam/pam_start.c
@@ -51,7 +51,7 @@ int pam_start (
        else. Forbid paths. */
     if (strrchr(service_name, '/') != NULL)
 	service_name = strrchr(service_name, '/') + 1;
-    
+
     /* Mark the caller as the application - permission to do certain
        things is limited to a module or an application */
 
@@ -92,6 +92,9 @@ int pam_start (
 #ifdef HAVE_LIBAUDIT
     (*pamh)->audit_state = 0;
 #endif
+    (*pamh)->xdisplay = NULL;
+    (*pamh)->authtok_type = NULL;
+    memset (&((*pamh)->xauth), 0, sizeof ((*pamh)->xauth));
 
     if (((*pamh)->pam_conversation = (struct pam_conv *)
 	  malloc(sizeof(struct pam_conv))) == NULL) {
@@ -129,7 +132,7 @@ int pam_start (
 	_pam_drop(*pamh);
 	return PAM_ABORT;
     }
-    
+
     D(("exiting pam_start successfully"));
 
     return PAM_SUCCESS;