summaryrefslogtreecommitdiff
path: root/modules/pam_cracklib/pam_cracklib.c
diff options
context:
space:
mode:
Diffstat (limited to 'modules/pam_cracklib/pam_cracklib.c')
-rw-r--r--modules/pam_cracklib/pam_cracklib.c15
1 files changed, 13 insertions, 2 deletions
diff --git a/modules/pam_cracklib/pam_cracklib.c b/modules/pam_cracklib/pam_cracklib.c
index cf383b2c..2e911261 100644
--- a/modules/pam_cracklib/pam_cracklib.c
+++ b/modules/pam_cracklib/pam_cracklib.c
@@ -639,9 +639,9 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
* set PAM_AUTHTOK and return
*/
- retval = pam_get_authtok (pamh, PAM_AUTHTOK, &newtoken, NULL);
+ retval = pam_get_authtok_noverify (pamh, &newtoken, NULL);
if (retval != PAM_SUCCESS) {
- pam_syslog(pamh, LOG_ERR, "pam_get_authtok returned error: %s",
+ pam_syslog(pamh, LOG_ERR, "pam_get_authtok_noverify returned error: %s",
pam_strerror (pamh, retval));
continue;
} else if (newtoken == NULL) { /* user aborted password change, quit */
@@ -676,6 +676,17 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
continue;
}
}
+
+ retval = pam_get_authtok_verify (pamh, &newtoken, NULL);
+ if (retval != PAM_SUCCESS) {
+ pam_syslog(pamh, LOG_ERR, "pam_get_authtok_verify returned error: %s",
+ pam_strerror (pamh, retval));
+ pam_set_item(pamh, PAM_AUTHTOK, NULL);
+ continue;
+ } else if (newtoken == NULL) { /* user aborted password change, quit */
+ return PAM_AUTHTOK_ERR;
+ }
+
return PAM_SUCCESS;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-25 17:19:18 +0000