From f326d04ccd16631d57134487e56bb73074f0dd0e Mon Sep 17 00:00:00 2001 From: Thorsten Kukuk Date: Wed, 3 Dec 2008 14:16:33 +0000 Subject: Relevant BUGIDs: Purpose of commit: new feature Commit summary: --------------- 2008-12-03 Thorsten Kukuk * doc/man/Makefile.am: Add pam_get_authtok.3.xml. * doc/man/pam_get_authtok.3.xml: New. * libpam/Makefile.am: Add pam_get_authtok.c. * libpam/libpam.map: Export pam_get_authtok. * libpam/pam_get_authtok.c: New. * libpam/pam_private.h: Add mod_argc and mod_argv to pam_handle. * libpam_include/security/pam_ext.h: Add pam_get_authtok prototype. * modules/pam_cracklib/pam_cracklib.c: Use pam_get_authtok. * modules/pam_pwhistory/pam_pwhistory.c: Likewise. * po/POTFILES.in: Add libpam/pam_get_authtok.c. * xtests/tst-pam_cracklib1.c: Adjust error codes. * modules/pam_timestamp/Makefile.am: Remove hmactest.c from EXTRA_DIST. * po/*.po: Regenerated. --- libpam/pam_dispatch.c | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'libpam/pam_dispatch.c') diff --git a/libpam/pam_dispatch.c b/libpam/pam_dispatch.c index fa4e5ed4..42482573 100644 --- a/libpam/pam_dispatch.c +++ b/libpam/pam_dispatch.c @@ -87,7 +87,7 @@ static int _pam_dispatch_aux(pam_handle_t *pamh, int flags, struct handler *h, } /* remember state if we are entering a substack */ - if (prev_level < stack_level) { + if (prev_level < stack_level) { substates[stack_level].impression = impression; substates[stack_level].status = status; } @@ -105,8 +105,12 @@ static int _pam_dispatch_aux(pam_handle_t *pamh, int flags, struct handler *h, } else { D(("passing control to module...")); pamh->mod_name=h->mod_name; + pamh->mod_argc = h->argc; + pamh->mod_argv = h->argv; retval = h->func(pamh, flags, h->argc, h->argv); pamh->mod_name=NULL; + pamh->mod_argc = 0; + pamh->mod_argv = NULL; D(("module returned: %s", pam_strerror(pamh, retval))); } @@ -286,7 +290,7 @@ static int _pam_dispatch_aux(pam_handle_t *pamh, int flags, struct handler *h, } } continue; - + decision_made: /* by getting here we have made a decision */ while (h->next != NULL && h->next->stack_level >= stack_level) { h = h->next; -- cgit v1.2.3 From 4e53d8d8c64e89a05c24e4a208675f28680f7aa7 Mon Sep 17 00:00:00 2001 From: Thorsten Kukuk Date: Tue, 17 Feb 2009 16:34:47 +0000 Subject: Relevant BUGIDs: bugzilla.novell.com#470337 Purpose of commit: bugfix Commit summary: --------------- 2009-02-17 Thorsten Kukuk * doc/man/pam_sm_chauthtok.3.xml: Document that sufficient can break the PRELIM_CHECK chain. * libpam/pam_dispatch.c: Don't freeze chain for chauthtok [bugzilla.novell.com#470337] --- libpam/pam_dispatch.c | 12 ++++-------- 1 file changed, 4 insertions(+), 8 deletions(-) (limited to 'libpam/pam_dispatch.c') diff --git a/libpam/pam_dispatch.c b/libpam/pam_dispatch.c index 42482573..98c69c60 100644 --- a/libpam/pam_dispatch.c +++ b/libpam/pam_dispatch.c @@ -132,11 +132,10 @@ static int _pam_dispatch_aux(pam_handle_t *pamh, int flags, struct handler *h, } /* - * use_cached_chain is how we ensure that the setcred/close_session - * and chauthtok(2) modules are called in the same order as they did - * when they were invoked as auth/open_session/chauthtok(1). This - * feature was added in 0.75 to make the behavior of pam_setcred - * sane. It was debugged by release 0.76. + * use_cached_chain is how we ensure that the setcred and + * close_session modules are called in the same order as they did + * when they were invoked as auth/open_session. This feature was + * added in 0.75 to make the behavior of pam_setcred sane. */ if (use_cached_chain != _PAM_PLEASE_FREEZE) { @@ -358,9 +357,6 @@ int _pam_dispatch(pam_handle_t *pamh, int flags, int choice) break; case PAM_CHAUTHTOK: h = pamh->handlers.conf.chauthtok; - if (flags & PAM_UPDATE_AUTHTOK) { - use_cached_chain = _PAM_MUST_BE_FROZEN; - } break; default: pam_syslog(pamh, LOG_ERR, "undefined fn choice; %d", choice); -- cgit v1.2.3