From 23dc20cd69cfbb2731c36e1610536ba190bbd459 Mon Sep 17 00:00:00 2001 From: Sumit Bose Date: Wed, 16 Dec 2009 12:53:55 +0100 Subject: Handle chauthtok with PAM_PRELIM_CHECK separately If pam_sm_chauthtok is called with the flag PAM_PRELIM_CHECK set we generate a separate call to the sssd to validate the old password before asking for a new password and sending the change password request. --- sss_client/pam_sss.c | 2 +- sss_client/sss_cli.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'sss_client') diff --git a/sss_client/pam_sss.c b/sss_client/pam_sss.c index 1c4aed04..951a1dce 100644 --- a/sss_client/pam_sss.c +++ b/sss_client/pam_sss.c @@ -814,7 +814,7 @@ static int pam_sss(enum sss_cli_command task, pam_handle_t *pamh, return ret; } if (pam_flags & PAM_PRELIM_CHECK) { - return ret; + task = SSS_PAM_CHAUTHTOK_PRELIM; } break; case SSS_PAM_ACCT_MGMT: diff --git a/sss_client/sss_cli.h b/sss_client/sss_cli.h index b036aec3..7c18e1cf 100644 --- a/sss_client/sss_cli.h +++ b/sss_client/sss_cli.h @@ -128,7 +128,7 @@ enum sss_cli_command { SSS_PAM_OPEN_SESSION = 0x00F4, SSS_PAM_CLOSE_SESSION = 0x00F5, SSS_PAM_CHAUTHTOK = 0x00F6, - SSS_PAM_CHAUTHTOK_PRELIM = 0x00F6, + SSS_PAM_CHAUTHTOK_PRELIM = 0x00F7, }; -- cgit