diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 14:22:51 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-07 14:22:51 +0000 |
commit | 9ada0093e92388590c7368600ca4e9e3e376f0d0 (patch) | |
tree | a56fe41110023676d7082028cbaa47ca4b6e6164 /libpam/pam_password.c | |
parent | Initial commit. (diff) | |
download | pam-9ada0093e92388590c7368600ca4e9e3e376f0d0.tar.xz pam-9ada0093e92388590c7368600ca4e9e3e376f0d0.zip |
Adding upstream version 1.5.2.upstream/1.5.2upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to '')
-rw-r--r-- | libpam/pam_password.c | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/libpam/pam_password.c b/libpam/pam_password.c new file mode 100644 index 0000000..592e01f --- /dev/null +++ b/libpam/pam_password.c @@ -0,0 +1,61 @@ +/* pam_password.c - PAM Password Management */ + +/* + * $Id$ + */ + +#include "pam_private.h" + +#include <stdio.h> +#include <stdlib.h> + +int pam_chauthtok(pam_handle_t *pamh, int flags) +{ + int retval; + + D(("called.")); + + IF_NO_PAMH("pam_chauthtok", pamh, PAM_SYSTEM_ERR); + + if (__PAM_FROM_MODULE(pamh)) { + D(("called from module!?")); + return PAM_SYSTEM_ERR; + } + + /* applications are not allowed to set this flags */ + if (flags & (PAM_PRELIM_CHECK | PAM_UPDATE_AUTHTOK)) { + pam_syslog (pamh, LOG_ERR, + "PAM_PRELIM_CHECK or PAM_UPDATE_AUTHTOK set by application"); + return PAM_SYSTEM_ERR; + } + + if (pamh->former.choice == PAM_NOT_STACKED) { + _pam_start_timer(pamh); /* we try to make the time for a failure + independent of the time it takes to + fail */ + _pam_sanitize(pamh); + pamh->former.update = PAM_FALSE; + } + + /* first call to check if there will be a problem */ + if (pamh->former.update || + (retval = _pam_dispatch(pamh, flags|PAM_PRELIM_CHECK, + PAM_CHAUTHTOK)) == PAM_SUCCESS) { + D(("completed check ok: former=%d", pamh->former.update)); + pamh->former.update = PAM_TRUE; + retval = _pam_dispatch(pamh, flags|PAM_UPDATE_AUTHTOK, + PAM_CHAUTHTOK); + } + + /* if we completed we should clean up */ + if (retval != PAM_INCOMPLETE) { + _pam_sanitize(pamh); + pamh->former.update = PAM_FALSE; + _pam_await_timer(pamh, retval); /* if unsuccessful then wait now */ + D(("pam_chauthtok exit %d - %d", retval, pamh->former.choice)); + } else { + D(("will resume when ready", retval)); + } + + return retval; +} |