From 973bebfc2cb7e77b4fb3687da5c832516543b479 Mon Sep 17 00:00:00 2001 From: Sumit Bose Date: Wed, 16 Dec 2009 12:53:55 +0100 Subject: Handle chauthtok with PAM_PRELIM_CHECK separately If pam_sm_chauthtok is called with the flag PAM_PRELIM_CHECK set we generate a separate call to the sssd to validate the old password before asking for a new password and sending the change password request. --- sss_client/pam_sss.c | 2 +- sss_client/sss_cli.h | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) (limited to 'sss_client') diff --git a/sss_client/pam_sss.c b/sss_client/pam_sss.c index 1c4aed04e..951a1dcef 100644 --- a/sss_client/pam_sss.c +++ b/sss_client/pam_sss.c @@ -814,7 +814,7 @@ static int pam_sss(enum sss_cli_command task, pam_handle_t *pamh, return ret; } if (pam_flags & PAM_PRELIM_CHECK) { - return ret; + task = SSS_PAM_CHAUTHTOK_PRELIM; } break; case SSS_PAM_ACCT_MGMT: diff --git a/sss_client/sss_cli.h b/sss_client/sss_cli.h index b036aec31..7c18e1cf8 100644 --- a/sss_client/sss_cli.h +++ b/sss_client/sss_cli.h @@ -128,7 +128,7 @@ enum sss_cli_command { SSS_PAM_OPEN_SESSION = 0x00F4, SSS_PAM_CLOSE_SESSION = 0x00F5, SSS_PAM_CHAUTHTOK = 0x00F6, - SSS_PAM_CHAUTHTOK_PRELIM = 0x00F6, + SSS_PAM_CHAUTHTOK_PRELIM = 0x00F7, }; -- cgit