diff options
author | Gerald Carter <jerry@samba.org> | 2007-01-25 01:18:31 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 12:17:26 -0500 |
commit | 76fd8f8e1d774f247423ddfe0c76c3f89bbd3b48 (patch) | |
tree | 1f96ffff642a8837050181dfdbf5f889c4271f60 /source3/nsswitch | |
parent | 6ff9007252c530f59e8365a10be234a13e6202bd (diff) | |
download | samba-76fd8f8e1d774f247423ddfe0c76c3f89bbd3b48.tar.gz samba-76fd8f8e1d774f247423ddfe0c76c3f89bbd3b48.tar.bz2 samba-76fd8f8e1d774f247423ddfe0c76c3f89bbd3b48.zip |
r21011: Another patch from Danilo Almeida @ Centeris (via me):
Details: Reset the "new password prompt required" state whenever
we do a new auth. In more detail, in pam_sm_authenticate, if not
settting PAM_WINBIND_NEW_AUTHTOK_REQD, then clean any potentially
present PAM_WINBIND_NEW_AUTHTOK_REQD.
(This used to be commit 402e8594759b42c1986f4f8d69273f68ec5160af)
Diffstat (limited to 'source3/nsswitch')
-rw-r--r-- | source3/nsswitch/pam_winbind.c | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/source3/nsswitch/pam_winbind.c b/source3/nsswitch/pam_winbind.c index 8984b92df8..91a333b93d 100644 --- a/source3/nsswitch/pam_winbind.c +++ b/source3/nsswitch/pam_winbind.c @@ -1179,6 +1179,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int retval = PAM_AUTH_ERR; dictionary *d = NULL; char *username_ret = NULL; + char *new_authtok_required = NULL; /* parse arguments */ int ctrl = _pam_parse(pamh, flags, argc, argv, &d); @@ -1227,14 +1228,12 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, if (retval == PAM_NEW_AUTHTOK_REQD || retval == PAM_AUTHTOK_EXPIRED) { - char *buf; - - if (!asprintf(&buf, "%d", retval)) { + if (!asprintf(&new_authtok_required, "%d", retval)) { retval = PAM_BUF_ERR; goto out; } - pam_set_data( pamh, PAM_WINBIND_NEW_AUTHTOK_REQD, (void *)buf, _pam_winbind_cleanup_func); + pam_set_data(pamh, PAM_WINBIND_NEW_AUTHTOK_REQD, new_authtok_required, _pam_winbind_cleanup_func); retval = PAM_SUCCESS; goto out; @@ -1296,6 +1295,10 @@ int pam_sm_setcred(pam_handle_t *pamh, int flags, iniparser_freedict(d); } + if (!new_authtok_required) { + pam_set_data(pamh, PAM_WINBIND_NEW_AUTHTOK_REQD, NULL, NULL); + } + return ret; } |