From 1cabd594f224825bd0eae543216d87801091c33c Mon Sep 17 00:00:00 2001 From: Sumit Bose Date: Thu, 23 Apr 2009 16:33:39 +0200 Subject: fix for pam proxy chauthtok When a user from a domain served by the proxy backend changes his password with passwd the passwd command asks for the old password, but it is not validated by the pam_chauthtok call in the proxy backend, because it is running as root. If the request is coming the unpriviledged socket we now call pam_authenticate explicitly before pam_chauthtok. --- server/providers/data_provider.h | 1 + 1 file changed, 1 insertion(+) (limited to 'server/providers/data_provider.h') diff --git a/server/providers/data_provider.h b/server/providers/data_provider.h index 2c828fab3..9278e3961 100644 --- a/server/providers/data_provider.h +++ b/server/providers/data_provider.h @@ -115,6 +115,7 @@ struct pam_data { struct response_data *resp_list; bool offline_auth; + int priv; }; void pam_print_data(int l, struct pam_data *pd); -- cgit