- (djm) Don't loop forever when changing password via PAM. Patch

from Solar Designer <solar@openwall.com>
2001-03-21 13:01:35 +11:00 · 2001-03-21 13:01:35 +11:00 · ec7e1b1d0f
parent 2e9adb27e9
commit ec7e1b1d0f
2 changed files with 8 additions and 10 deletions
--- a/4
+++ b/4
@ -3,6 +3,8 @@
   VanDevender <stevev@darkwing.uoregon.edu>
 - (djm) Make sure pam_retval is initialised on call to pam_end. Patch
   from Solar Designer <solar@openwall.com>
+ - (djm) Don't loop forever when changing password via PAM. Patch
+   from Solar Designer <solar@openwall.com>

 20010320
 - (bal) glob.c update to added GLOB_LIMITS (OpenBSD CVS).
@ -4651,4 +4653,4 @@
 - Wrote replacements for strlcpy and mkdtemp
 - Released 1.0pre1

-$Id: ChangeLog,v 1.995 2001/03/21 01:16:24 djm Exp $
+$Id: ChangeLog,v 1.996 2001/03/21 02:01:35 djm Exp $
--- a/auth-pam.c
+++ b/auth-pam.c
@ -33,7 +33,7 @@
 #include "canohost.h"
 #include "readpass.h"

-RCSID("$Id: auth-pam.c,v 1.32 2001/03/21 01:16:25 djm Exp $");
+RCSID("$Id: auth-pam.c,v 1.33 2001/03/21 02:01:35 djm Exp $");

 #define NEW_AUTHTOK_MSG \
 	"Warning: Your password has expired, please change it now"
@ -326,14 +326,10 @@ void do_pam_chauthtok(void)

 	if (password_change_required) {
 		pamstate = OTHER;
-		/* XXX: should we really loop forever? */
-		do {
-			pam_retval = pam_chauthtok(__pamh, 
-			    PAM_CHANGE_EXPIRED_AUTHTOK);
-			if (pam_retval != PAM_SUCCESS)
-				log("PAM pam_chauthtok failed[%d]: %.200s",
-				    pam_retval, PAM_STRERROR(__pamh, pam_retval));
-		} while (pam_retval != PAM_SUCCESS);
+		pam_retval = pam_chauthtok(__pamh, PAM_CHANGE_EXPIRED_AUTHTOK);
+		if (pam_retval != PAM_SUCCESS)
+			fatal("PAM pam_chauthtok failed[%d]: %.200s",
+			    pam_retval, PAM_STRERROR(__pamh, pam_retval));
 	}
 }