From 23dc20cd69cfbb2731c36e1610536ba190bbd459 Mon Sep 17 00:00:00 2001 From: Sumit Bose Date: Wed, 16 Dec 2009 12:53:55 +0100 Subject: Handle chauthtok with PAM_PRELIM_CHECK separately If pam_sm_chauthtok is called with the flag PAM_PRELIM_CHECK set we generate a separate call to the sssd to validate the old password before asking for a new password and sending the change password request. --- server/responder/pam/pamsrv_cmd.c | 6 ++++++ 1 file changed, 6 insertions(+) (limited to 'server/responder/pam/pamsrv_cmd.c') diff --git a/server/responder/pam/pamsrv_cmd.c b/server/responder/pam/pamsrv_cmd.c index 447992664..69cbf55d8 100644 --- a/server/responder/pam/pamsrv_cmd.c +++ b/server/responder/pam/pamsrv_cmd.c @@ -1051,6 +1051,11 @@ static int pam_cmd_chauthtok(struct cli_ctx *cctx) { return pam_forwarder(cctx, SSS_PAM_CHAUTHTOK); } +static int pam_cmd_chauthtok_prelim(struct cli_ctx *cctx) { + DEBUG(4, ("entering pam_cmd_chauthtok_prelim\n")); + return pam_forwarder(cctx, SSS_PAM_CHAUTHTOK_PRELIM); +} + struct cli_protocol_version *register_cli_protocol_version(void) { static struct cli_protocol_version pam_cli_protocol_version[] = { @@ -1073,6 +1078,7 @@ struct sss_cmd_table *get_pam_cmds(void) {SSS_PAM_OPEN_SESSION, pam_cmd_open_session}, {SSS_PAM_CLOSE_SESSION, pam_cmd_close_session}, {SSS_PAM_CHAUTHTOK, pam_cmd_chauthtok}, + {SSS_PAM_CHAUTHTOK_PRELIM, pam_cmd_chauthtok_prelim}, {SSS_CLI_NULL, NULL} }; -- cgit