From 3c4328635ade0cd7bc1fb9d5f145f4dff76f9c1b Mon Sep 17 00:00:00 2001 From: Tomas Mraz Date: Wed, 6 Apr 2016 13:52:21 +0200 Subject: pam_get_authtok(): Add authtok_type support to current password prompt. * libpam/pam_get_authtok.c (pam_get_authtok_internal): When changing password, use different prompt for current password allowing for authtok_type to be displayed to the user. --- libpam/pam_get_authtok.c | 18 +++++++++++++----- 1 file changed, 13 insertions(+), 5 deletions(-) (limited to 'libpam/pam_get_authtok.c') diff --git a/libpam/pam_get_authtok.c b/libpam/pam_get_authtok.c index 663f1f36..9bfbdf0f 100644 --- a/libpam/pam_get_authtok.c +++ b/libpam/pam_get_authtok.c @@ -38,6 +38,8 @@ #define PROMPT _("Password: ") /* For Translators: "%s%s" could be replaced with " " or "". */ +#define PROMPTCURRENT _("Current %s%spassword: ") +/* For Translators: "%s%s" could be replaced with " " or "". */ #define PROMPT1 _("New %s%spassword: ") /* For Translators: "%s%s" could be replaced with " " or "". */ #define PROMPT2 _("Retype new %s%spassword: ") @@ -89,12 +91,14 @@ pam_get_authtok_internal (pam_handle_t *pamh, int item, /* PAM_AUTHTOK in password stack returns new password, which needs to be verified. */ - if (item == PAM_AUTHTOK && pamh->choice == PAM_CHAUTHTOK) + if (pamh->choice == PAM_CHAUTHTOK) { - chpass = 1; - if (!(flags & PAM_GETAUTHTOK_NOVERIFY)) - ++chpass; - + if (item == PAM_AUTHTOK) + { + chpass = 1; + if (!(flags & PAM_GETAUTHTOK_NOVERIFY)) + ++chpass; + } authtok_type = get_option (pamh, "authtok_type"); if (authtok_type == NULL) { @@ -144,6 +148,10 @@ pam_get_authtok_internal (pam_handle_t *pamh, int item, PROMPT2, authtok_type, strlen (authtok_type) > 0?" ":""); } + else if (item == PAM_OLDAUTHTOK) + retval = pam_prompt (pamh, PAM_PROMPT_ECHO_OFF, &resp[0], + PROMPTCURRENT, authtok_type, + strlen (authtok_type) > 0?" ":""); else retval = pam_prompt (pamh, PAM_PROMPT_ECHO_OFF, &resp[0], "%s", PROMPT); -- cgit v1.2.3