]>
Commit | Line | Data |
---|---|---|
a9a40bfe SZ |
1 | diff -Naur openssh-2.1.1p1/auth-pam.c openssh-2.1.1p1-p/auth-pam.c |
2 | --- openssh-2.1.1p1/auth-pam.c Wed May 31 03:20:12 2000 | |
3 | +++ openssh-2.1.1p1-p/auth-pam.c Mon Jun 12 16:31:42 2000 | |
4 | @@ -18,6 +18,8 @@ | |
5 | #define NEW_AUTHTOK_MSG \ | |
6 | "Warning: You password has expired, please change it now" | |
e2eebe46 JR |
7 | |
8 | +extern char *forced_command; | |
9 | + | |
10 | /* Callbacks */ | |
11 | static int pamconv(int num_msg, const struct pam_message **msg, | |
12 | struct pam_response **resp, void *appdata_ptr); | |
a9a40bfe SZ |
13 | @@ -123,6 +125,9 @@ |
14 | debug("PAM Password authentication accepted for user \"%.100s\"", | |
15 | pw->pw_name); | |
e2eebe46 JR |
16 | return 1; |
17 | + } else if (pam_retval == PAM_NEW_AUTHTOK_REQD) { | |
18 | + debug("PAM (expired)Password authentication accepted for user \"%.100s\"", pw->pw_name); | |
19 | + return 1; | |
20 | } else { | |
21 | debug("PAM Password authentication for \"%.100s\" failed: %s", | |
22 | pw->pw_name, PAM_STRERROR((pam_handle_t *)pamh, pam_retval)); | |
a9a40bfe SZ |
23 | @@ -159,6 +164,9 @@ |
24 | break; | |
25 | case PAM_NEW_AUTHTOK_REQD: | |
26 | pam_msg_cat(NEW_AUTHTOK_MSG); | |
55cfe211 | 27 | + forced_command = xmalloc(strlen("/usr/bin/passwd") + 1); |
d01de328 | 28 | + strcpy(forced_command, "/usr/bin/passwd"); |
a9a40bfe SZ |
29 | +/* pam_retval = pam_chauthtok((pam_handle_t *)pamh, PAM_CHANGE_EXPIRED_AUTHTOK); */ |
30 | break; | |
31 | default: | |
32 | log("PAM rejected by account configuration: %.200s", | |
33 | @@ -184,10 +192,9 @@ | |
e2eebe46 JR |
34 | } |
35 | ||
36 | pam_retval = pam_open_session((pam_handle_t *)pamh, 0); | |
a9a40bfe | 37 | - if (pam_retval != PAM_SUCCESS) { |
e2eebe46 | 38 | + if ((pam_retval != PAM_SUCCESS) && (pam_retval != PAM_NEW_AUTHTOK_REQD)) |
a9a40bfe SZ |
39 | fatal("PAM session setup failed: %.200s", |
40 | PAM_STRERROR((pam_handle_t *)pamh, pam_retval)); | |
41 | - } | |
e2eebe46 JR |
42 | } |
43 | ||
a9a40bfe SZ |
44 | /* Set PAM credentials */ |
45 | @@ -197,10 +204,9 @@ | |
e2eebe46 JR |
46 | |
47 | debug("PAM establishing creds"); | |
48 | pam_retval = pam_setcred((pam_handle_t *)pamh, PAM_ESTABLISH_CRED); | |
a9a40bfe | 49 | - if (pam_retval != PAM_SUCCESS) { |
e2eebe46 | 50 | + if ((pam_retval != PAM_SUCCESS) && (pam_retval != PAM_NEW_AUTHTOK_REQD)) |
a9a40bfe SZ |
51 | fatal("PAM setcred failed: %.200s", |
52 | PAM_STRERROR((pam_handle_t *)pamh, pam_retval)); | |
53 | - } | |
e2eebe46 JR |
54 | } |
55 | ||
a9a40bfe | 56 | /* Cleanly shutdown PAM */ |