2008-04-16 Tomas Mraz <t8m@centrum.cz>
* modules/pam_unix/Makefile.am: Link unix_chkpwd with libaudit.
-
* modules/pam_unix/unix_chkpwd.c(_audit_log): New function for audit.
(main): Call _audit_log() when appropriate.
+ * modules/pam_cracklib/pam_cracklib.c(_pam_parse): Recognize also
+ try_first_pass and use_first_pass options.
+ (pam_sm_chauthtok): Implement the new options.
+
2008-04-08 Tomas Mraz <t8m@centrum.cz>
* modules/pam_xauth/pam_xauth.c(run_coprocess): Avoid multiple
int oth_credit;
int min_class;
int use_authtok;
+ int try_first_pass;
char prompt_type[BUFSIZ];
const char *cracklib_dictpath;
};
opt->min_class = 4 ;
} else if (!strncmp(*argv,"use_authtok",11)) {
opt->use_authtok = 1;
+ } else if (!strncmp(*argv,"use_first_pass",14)) {
+ opt->use_authtok = 1;
+ } else if (!strncmp(*argv,"try_first_pass",14)) {
+ opt->try_first_pass = 1;
} else if (!strncmp(*argv,"dictpath=",9)) {
opt->cracklib_dictpath = *argv+9;
if (!*(opt->cracklib_dictpath)) {
* set PAM_AUTHTOK and return
*/
- if (options.use_authtok == 1) {
+ if (options.use_authtok == 1 || options.try_first_pass == 1) {
const void *item = NULL;
retval = pam_get_item(pamh, PAM_AUTHTOK, &item);
} else if (item != NULL) { /* we have a password! */
token1 = x_strdup(item);
item = NULL;
+ options.use_authtok = 1; /* don't ask for the password again */
} else {
retval = PAM_AUTHTOK_RECOVERY_ERR; /* didn't work */
}
-
- } else {
+ }
+
+ if (options.use_authtok != 1) {
/* Prepare to ask the user for the first time */
resp = NULL;
retval = pam_prompt (pamh, PAM_PROMPT_ECHO_OFF, &resp,
projects / linux-pam / commitdiff