Relevant BUGIDs:

Purpose of commit: bugfix

Commit summary:
---------------
2010-11-16  Tomas Mraz  <tm@t8m.info>

        * modules/pam_pwhistory/pam_pwhistory.c (pam_sm_chauthtok): Remove
        dead and duplicate code. Return PAM_INCOMPLETE instead of
        PAM_CONV_AGAIN.

diff --git a/ChangeLog b/ChangeLog
index 9a7baef57dccbd95d189f371670d679bce5853d8..41d782f2e5fda29c08178a4354c2472ca65b5073 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,9 @@
+2010-11-16  Tomas Mraz  <tm@t8m.info>
+
+       * modules/pam_pwhistory/pam_pwhistory.c (pam_sm_chauthtok): Remove
+       dead and duplicate code. Return PAM_INCOMPLETE instead of
+       PAM_CONV_AGAIN.
+
 2010-11-11  Tomas Mraz  <tm@t8m.info>
 
        * modules/pam_selinux/pam_selinux.c (pam_sm_open_session): Fix

diff --git a/modules/pam_pwhistory/pam_pwhistory.c b/modules/pam_pwhistory/pam_pwhistory.c
index 0f6ffca3496677f616655f7de8f20a02b64d7ad4..9b588958d0b670a9fa667c1d836f5f19c83dba11 100644 (file)
--- a/modules/pam_pwhistory/pam_pwhistory.c
+++ b/modules/pam_pwhistory/pam_pwhistory.c
@@ -187,12 +187,13 @@ pam_sm_chauthtok (pam_handle_t *pamh, int flags, int argc, const char **argv)
     {
       retval = pam_get_authtok (pamh, PAM_AUTHTOK, &newpass, NULL);
       if (retval != PAM_SUCCESS && retval != PAM_TRY_AGAIN)
-       return retval;
+       {
+         if (retval == PAM_CONV_AGAIN)
+           retval = PAM_INCOMPLETE;
+         return retval;
+       }
       tries++;
 
-      if (newpass == NULL || retval == PAM_TRY_AGAIN)
-       continue;
-
       if (options.debug)
        {
          if (newpass)
@@ -201,12 +202,8 @@ pam_sm_chauthtok (pam_handle_t *pamh, int flags, int argc, const char **argv)
            pam_syslog (pamh, LOG_DEBUG, "got no auth token");
        }
 
-      if (retval != PAM_SUCCESS || newpass == NULL)
-       {
-         if (retval == PAM_CONV_AGAIN)
-           retval = PAM_INCOMPLETE;
-         return retval;
-       }
+      if (newpass == NULL || retval == PAM_TRY_AGAIN)
+       continue;
 
       if (options.debug)
        pam_syslog (pamh, LOG_DEBUG, "check against old password file");
@@ -219,7 +216,6 @@ pam_sm_chauthtok (pam_handle_t *pamh, int flags, int argc, const char **argv)
          newpass = NULL;
          /* Remove password item, else following module will use it */
           pam_set_item (pamh, PAM_AUTHTOK, (void *) NULL);
-         continue;
        }
     }
 
@@ -230,8 +226,7 @@ pam_sm_chauthtok (pam_handle_t *pamh, int flags, int argc, const char **argv)
       return PAM_MAXTRIES;
     }
 
-  /* Remember new password */
-  return pam_set_item (pamh, PAM_AUTHTOK, newpass);
+  return PAM_SUCCESS;
 }