summaryrefslogtreecommitdiff
path: root/server/responder
diff options
context:
space:
mode:
authorSumit Bose <sbose@redhat.com>2009-12-16 12:53:55 +0100
committerStephen Gallagher <sgallagh@redhat.com>2009-12-18 09:46:25 -0500
commit23dc20cd69cfbb2731c36e1610536ba190bbd459 (patch)
tree106d84e5d8f6a2eef8861a07fa662666ca5ab90f /server/responder
parent66e4134d8be0eb42c645e9730d46bb2c7f561e81 (diff)
downloadsssd-23dc20cd69cfbb2731c36e1610536ba190bbd459.tar.gz
sssd-23dc20cd69cfbb2731c36e1610536ba190bbd459.tar.bz2
sssd-23dc20cd69cfbb2731c36e1610536ba190bbd459.zip
Handle chauthtok with PAM_PRELIM_CHECK separately
If pam_sm_chauthtok is called with the flag PAM_PRELIM_CHECK set we generate a separate call to the sssd to validate the old password before asking for a new password and sending the change password request.
Diffstat (limited to 'server/responder')
-rw-r--r--server/responder/pam/pamsrv_cmd.c6
1 files changed, 6 insertions, 0 deletions
diff --git a/server/responder/pam/pamsrv_cmd.c b/server/responder/pam/pamsrv_cmd.c
index 44799266..69cbf55d 100644
--- a/server/responder/pam/pamsrv_cmd.c
+++ b/server/responder/pam/pamsrv_cmd.c
@@ -1051,6 +1051,11 @@ static int pam_cmd_chauthtok(struct cli_ctx *cctx) {
return pam_forwarder(cctx, SSS_PAM_CHAUTHTOK);
}
+static int pam_cmd_chauthtok_prelim(struct cli_ctx *cctx) {
+ DEBUG(4, ("entering pam_cmd_chauthtok_prelim\n"));
+ return pam_forwarder(cctx, SSS_PAM_CHAUTHTOK_PRELIM);
+}
+
struct cli_protocol_version *register_cli_protocol_version(void)
{
static struct cli_protocol_version pam_cli_protocol_version[] = {
@@ -1073,6 +1078,7 @@ struct sss_cmd_table *get_pam_cmds(void)
{SSS_PAM_OPEN_SESSION, pam_cmd_open_session},
{SSS_PAM_CLOSE_SESSION, pam_cmd_close_session},
{SSS_PAM_CHAUTHTOK, pam_cmd_chauthtok},
+ {SSS_PAM_CHAUTHTOK_PRELIM, pam_cmd_chauthtok_prelim},
{SSS_CLI_NULL, NULL}
};