nss-pam-ldapd commit: r1904 - nss-pam-ldapd/pam

[Commits of the nss-pam-ldapd project <nss-pam-ldapd-commits [at] lists.arthurdejong.org>]

Author: arthur
Date: Sun Jan  6 15:24:08 2013
New Revision: 1904
URL: http://arthurdejong.org/viewvc/nss-pam-ldapd?revision=1904&view=revision

Log:
do not recheck the user password in first password phase if it was stored in 
the authentication phase

Modified:
   nss-pam-ldapd/pam/pam.c

Modified: nss-pam-ldapd/pam/pam.c
==============================================================================
--- nss-pam-ldapd/pam/pam.c     Sun Jan  6 11:59:14 2013        (r1903)
+++ nss-pam-ldapd/pam/pam.c     Sun Jan  6 15:24:08 2013        (r1904)
@@ -710,9 +710,12 @@
       username = "";
     }
     else if ((ctx->oldpassword != NULL) && (*ctx->oldpassword != '\0'))
+    {
       /* we already have an old password stored (from a previous
-         authentication phase) so we'll use that */
-      oldpassword = ctx->oldpassword;
+         authentication phase) so we'll use that and don't re-check */
+      rc = pam_set_item(pamh, PAM_OLDAUTHTOK, ctx->oldpassword);
+      return remap_pam_rc(rc, &cfg);
+    }
     else
     {
       /* prompt the user for a password if needed */
@@ -739,13 +742,6 @@
                  pam_strerror(pamh, resp.res), username);
     else if (cfg.debug)
       pam_syslog(pamh, LOG_DEBUG, "authentication succeeded");
-    /* store password (needed if oldpassword was retreived from context) */
-    if (resp.res == PAM_SUCCESS)
-    {
-      rc = pam_set_item(pamh, PAM_OLDAUTHTOK, oldpassword);
-      if (rc != PAM_SUCCESS)
-        return remap_pam_rc(rc, &cfg);
-    }
     /* remap error code */
     return remap_pam_rc(resp.res, &cfg);
   }
-- 
To unsubscribe send an email to
nss-pam-ldapd-commits-unsubscribe@lists.arthurdejong.org or see
http://lists.arthurdejong.org/nss-pam-ldapd-commits/