[packages/pam.git] / pam-cracklib-try-first-pass.patch

--- Linux-PAM-0.99.3.0/modules/pam_cracklib/pam_cracklib.c.try-first-pass	2006-01-08 10:49:05.000000000 +0100
+++ Linux-PAM-0.99.3.0/modules/pam_cracklib/pam_cracklib.c	2006-02-24 10:42:53.000000000 +0100
@@ -93,6 +93,7 @@
 	int low_credit;
 	int oth_credit;
 	int use_authtok;
+	int try_first_pass;
 	char prompt_type[BUFSIZ];
         char cracklib_dictpath[PATH_MAX];
 };
@@ -158,6 +159,10 @@
 		 opt->oth_credit = 0;
 	 } else if (!strncmp(*argv,"use_authtok",11)) {
 		 opt->use_authtok = 1;
+	 } else if (!strncmp(*argv,"use_first_pass",14)) {
+		 opt->use_authtok = 1;
+	 } else if (!strncmp(*argv,"try_first_pass",14)) {
+		 opt->try_first_pass = 1;
 	 } else if (!strncmp(*argv,"dictpath=",9)) {
 	     strncpy(opt->cracklib_dictpath, *argv+9,
 		     sizeof(opt->cracklib_dictpath) - 1);
@@ -559,7 +564,7 @@
          * set PAM_AUTHTOK and return
          */
 
-	if (options.use_authtok == 1) {
+	if (options.use_authtok == 1 || options.try_first_pass == 1) {
 	    const void *item = NULL;
 
 	    retval = pam_get_item(pamh, PAM_AUTHTOK, &item);
@@ -570,11 +575,13 @@
 	    } else if (item != NULL) {      /* we have a password! */
 		token1 = x_strdup(item);
 		item = NULL;
+		options.use_authtok = 1;    /* don't ask for the password again */
 	    } else {
 		retval = PAM_AUTHTOK_RECOVERY_ERR;         /* didn't work */
 	    }
-
-	} else {
+	}
+	
+	if (options.use_authtok != 1) {
             /* Prepare to ask the user for the first time */
             resp = NULL;
 	    retval = pam_prompt (pamh, PAM_PROMPT_ECHO_OFF, &resp,
Commit	Line	Data
e82119ee JR	1	--- Linux-PAM-0.99.3.0/modules/pam_cracklib/pam_cracklib.c.try-first-pass 2006-01-08 10:49:05.000000000 +0100
	2	+++ Linux-PAM-0.99.3.0/modules/pam_cracklib/pam_cracklib.c 2006-02-24 10:42:53.000000000 +0100
	3	@@ -93,6 +93,7 @@
	4	int low_credit;
	5	int oth_credit;
	6	int use_authtok;
	7	+ int try_first_pass;
	8	char prompt_type[BUFSIZ];
	9	char cracklib_dictpath[PATH_MAX];
	10	};
	11	@@ -158,6 +159,10 @@
	12	opt->oth_credit = 0;
	13	} else if (!strncmp(*argv,"use_authtok",11)) {
	14	opt->use_authtok = 1;
	15	+ } else if (!strncmp(*argv,"use_first_pass",14)) {
	16	+ opt->use_authtok = 1;
	17	+ } else if (!strncmp(*argv,"try_first_pass",14)) {
	18	+ opt->try_first_pass = 1;
	19	} else if (!strncmp(*argv,"dictpath=",9)) {
	20	strncpy(opt->cracklib_dictpath, *argv+9,
	21	sizeof(opt->cracklib_dictpath) - 1);
	22	@@ -559,7 +564,7 @@
	23	* set PAM_AUTHTOK and return
	24	*/
	25
	26	- if (options.use_authtok == 1) {
	27	+ if (options.use_authtok == 1 \|\| options.try_first_pass == 1) {
	28	const void *item = NULL;
	29
	30	retval = pam_get_item(pamh, PAM_AUTHTOK, &item);
	31	@@ -570,11 +575,13 @@
	32	} else if (item != NULL) { /* we have a password! */
	33	token1 = x_strdup(item);
	34	item = NULL;
	35	+ options.use_authtok = 1; /* don't ask for the password again */
	36	} else {
	37	retval = PAM_AUTHTOK_RECOVERY_ERR; /* didn't work */
	38	}
	39	-
	40	- } else {
	41	+ }
	42	+
	43	+ if (options.use_authtok != 1) {
	44	/* Prepare to ask the user for the first time */
	45	resp = NULL;
	46	retval = pam_prompt (pamh, PAM_PROMPT_ECHO_OFF, &resp,