- (djm) Don't accept PAM_PROMPT_ECHO_ON messages during initial auth
This commit is contained in:
parent
48b7cc0dd7
commit
60819b44bd
|
@ -1,3 +1,6 @@
|
|||
20001014
|
||||
- (djm) Don't accept PAM_PROMPT_ECHO_ON messages during initial auth
|
||||
|
||||
20001007
|
||||
- (stevesk) Print PAM return value in PAM log messages to aid
|
||||
with debugging.
|
||||
|
|
23
auth-pam.c
23
auth-pam.c
|
@ -29,7 +29,7 @@
|
|||
#include "xmalloc.h"
|
||||
#include "servconf.h"
|
||||
|
||||
RCSID("$Id: auth-pam.c,v 1.14 2000/10/07 11:16:55 stevesk Exp $");
|
||||
RCSID("$Id: auth-pam.c,v 1.15 2000/10/14 00:16:12 djm Exp $");
|
||||
|
||||
#define NEW_AUTHTOK_MSG \
|
||||
"Warning: Your password has expired, please change it now"
|
||||
|
@ -83,11 +83,16 @@ static int pamconv(int num_msg, const struct pam_message **msg,
|
|||
for (count = 0; count < num_msg; count++) {
|
||||
switch ((*msg)[count].msg_style) {
|
||||
case PAM_PROMPT_ECHO_ON:
|
||||
fputs((*msg)[count].msg, stderr);
|
||||
fgets(buf, sizeof(buf), stdin);
|
||||
reply[count].resp = xstrdup(buf);
|
||||
reply[count].resp_retcode = PAM_SUCCESS;
|
||||
break;
|
||||
if (pamstate == INITIAL_LOGIN) {
|
||||
free(reply);
|
||||
return PAM_CONV_ERR;
|
||||
} else {
|
||||
fputs((*msg)[count].msg, stderr);
|
||||
fgets(buf, sizeof(buf), stdin);
|
||||
reply[count].resp = xstrdup(buf);
|
||||
reply[count].resp_retcode = PAM_SUCCESS;
|
||||
break;
|
||||
}
|
||||
case PAM_PROMPT_ECHO_OFF:
|
||||
if (pamstate == INITIAL_LOGIN) {
|
||||
if (pampasswd == NULL) {
|
||||
|
@ -95,8 +100,10 @@ static int pamconv(int num_msg, const struct pam_message **msg,
|
|||
return PAM_CONV_ERR;
|
||||
}
|
||||
reply[count].resp = xstrdup(pampasswd);
|
||||
} else
|
||||
reply[count].resp = xstrdup(read_passphrase((*msg)[count].msg, 1));
|
||||
} else {
|
||||
reply[count].resp =
|
||||
xstrdup(read_passphrase((*msg)[count].msg, 1));
|
||||
}
|
||||
reply[count].resp_retcode = PAM_SUCCESS;
|
||||
break;
|
||||
case PAM_ERROR_MSG:
|
||||
|
|
Loading…
Reference in New Issue