Author: jerry Date: 2007-01-25 01:18:31 +0000 (Thu, 25 Jan 2007) New Revision: 21011
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=21011 Log: Another patch from Danilo Almeida @ Centeris (via me): Details: Reset the "new password prompt required" state whenever we do a new auth. In more detail, in pam_sm_authenticate, if not settting PAM_WINBIND_NEW_AUTHTOK_REQD, then clean any potentially present PAM_WINBIND_NEW_AUTHTOK_REQD. Modified: branches/SAMBA_3_0/source/nsswitch/pam_winbind.c Changeset: Modified: branches/SAMBA_3_0/source/nsswitch/pam_winbind.c =================================================================== --- branches/SAMBA_3_0/source/nsswitch/pam_winbind.c 2007-01-25 00:50:36 UTC (rev 21010) +++ branches/SAMBA_3_0/source/nsswitch/pam_winbind.c 2007-01-25 01:18:31 UTC (rev 21011) @@ -1179,6 +1179,7 @@ int retval = PAM_AUTH_ERR; dictionary *d = NULL; char *username_ret = NULL; + char *new_authtok_required = NULL; /* parse arguments */ int ctrl = _pam_parse(pamh, flags, argc, argv, &d); @@ -1227,14 +1228,12 @@ if (retval == PAM_NEW_AUTHTOK_REQD || retval == PAM_AUTHTOK_EXPIRED) { - char *buf; - - if (!asprintf(&buf, "%d", retval)) { + if (!asprintf(&new_authtok_required, "%d", retval)) { retval = PAM_BUF_ERR; goto out; } - pam_set_data( pamh, PAM_WINBIND_NEW_AUTHTOK_REQD, (void *)buf, _pam_winbind_cleanup_func); + pam_set_data(pamh, PAM_WINBIND_NEW_AUTHTOK_REQD, new_authtok_required, _pam_winbind_cleanup_func); retval = PAM_SUCCESS; goto out; @@ -1296,6 +1295,10 @@ iniparser_freedict(d); } + if (!new_authtok_required) { + pam_set_data(pamh, PAM_WINBIND_NEW_AUTHTOK_REQD, NULL, NULL); + } + return ret; }
