diff options
author | Seraphim Mellos <mellos@ceid.upatras.gr> | 2008-07-10 16:27:34 +0300 |
---|---|---|
committer | Seraphim Mellos <mellos@ceid.upatras.gr> | 2008-07-10 16:27:34 +0300 |
commit | 47c0262569275c08243ba23e47ca59501b6fdb7c (patch) | |
tree | 40bdb1211a989e981167b4a2e6daf029c8df825f | |
parent | Added TODO list in file (diff) | |
download | openpam-modules-47c0262569275c08243ba23e47ca59501b6fdb7c.tar.gz openpam-modules-47c0262569275c08243ba23e47ca59501b6fdb7c.tar.bz2 openpam-modules-47c0262569275c08243ba23e47ca59501b6fdb7c.zip |
Added more pam flags support
-rw-r--r-- | include/security/pam_mod_misc.h | 3 | ||||
-rw-r--r-- | modules/pam_unix/pam_unix.c | 11 |
2 files changed, 10 insertions, 4 deletions
diff --git a/include/security/pam_mod_misc.h b/include/security/pam_mod_misc.h index 829dece..418fb1b 100644 --- a/include/security/pam_mod_misc.h +++ b/include/security/pam_mod_misc.h @@ -19,6 +19,9 @@ #define PAM_OPT_AUTH_AS_SELF "auth_as_self" #define PAM_OPT_ECHO_PASS "echo_pass" #define PAM_OPT_DEBUG "debug" +#define PAM_OPT_PRELIM_CHECK "prelim_check" +#define PAM_OPT_UPDATE_AUTHTOK "update_authtok" +#define PAM_OPT_MD5 "md5" #define PAM_LOG(...) \ diff --git a/modules/pam_unix/pam_unix.c b/modules/pam_unix/pam_unix.c index ad066e0..97e7145 100644 --- a/modules/pam_unix/pam_unix.c +++ b/modules/pam_unix/pam_unix.c @@ -270,7 +270,7 @@ pam_sm_chauthtok(pam_handle_t *pamh, int flags, - if (flags & PAM_PRELIM_CHECK) { + if ( openpam_get_option(pamh,PAM_OPT_PRELIM_CHECK) ) { PAM_LOG("Doing preliminary actions."); if (getuid() == 0 ) { /* root doesn't need old passwd */ @@ -278,8 +278,8 @@ pam_sm_chauthtok(pam_handle_t *pamh, int flags, } if ( (old_pwd->pw_passwd[0] == '\0' ) && - ( openpam_get_option(pamh, PAM_OPT_NULLOK) ) && - !(flags & PAM_DISALLOW_NULL_AUTHTOK) ) { + ( openpam_get_option(pamh, PAM_OPT_NULLOK) ) ) { +// !(flags & PAM_DISALLOW_NULL_AUTHTOK) ) { /* * Something funny could happen here since we don't * ask for a password. @@ -303,7 +303,7 @@ pam_sm_chauthtok(pam_handle_t *pamh, int flags, if (strcmp(hashedpwd, old_pwd->pw_passwd) != 0) return (PAM_PERM_DENIED); - } else if ( flags & PAM_UPDATE_AUTHTOK ) { + } else if ( openpam_get_option(pamh, PAM_OPT_UPDATE_AUTHTOK ) ) { PAM_LOG("Doing actual update."); pam_err= pam_get_authtok(pamh, PAM_OLDAUTHTOK ,&old_pass, NULL); @@ -343,6 +343,9 @@ pam_sm_chauthtok(pam_handle_t *pamh, int flags, makesalt(salt); /* Update shadow/passwd entries for Linux */ + if ( openpam_get_option (pamh, PAM_OPT_MD5) ) + PAM_ERROR("MD5 not supported yet. Using standar crypt..."); + pam_err = update_shadow( pamh ,user,crypt(new_pass, salt)); if ( pam_err != PAM_SUCCESS) return (pam_err); |