]> git.pld-linux.org Git - packages/openssh.git/blobdiff - openssh-PAM_NEW_AUTHTOK.patch
projects / packages / openssh.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
perl -pi -e "s/^automake -a -c -f --foreing/\%\{__automake\}/; \
[packages/openssh.git] / openssh-PAM_NEW_AUTHTOK.patch
diff --git a/openssh-PAM_NEW_AUTHTOK.patch b/openssh-PAM_NEW_AUTHTOK.patch
index 9828675cd964464e8305a04eeaa74d76b24d85b3..93dee61ff09bff424c2279ae10bb95d564b48065 100644 (file)
--- a/openssh-PAM_NEW_AUTHTOK.patch
+++ b/openssh-PAM_NEW_AUTHTOK.patch
@@ -1,18 +1,18 @@
-diff -ur openssh-1.2.1pre24.orig/auth-pam.c openssh-1.2.1pre24/auth-pam.c
---- openssh-1.2.1pre24.orig/auth-pam.c Thu Dec 30 05:11:25 1999
-+++ openssh-1.2.1pre24/auth-pam.c      Tue Jan  4 19:07:56 2000
-@@ -15,6 +15,8 @@
- RCSID("$Id$");
+diff -Naur openssh-2.1.1p1/auth-pam.c openssh-2.1.1p1-p/auth-pam.c
+--- openssh-2.1.1p1/auth-pam.c Wed May 31 03:20:12 2000
++++ openssh-2.1.1p1-p/auth-pam.c       Mon Jun 12 16:31:42 2000
+@@ -18,6 +18,8 @@
+ #define NEW_AUTHTOK_MSG \
+       "Warning: You password has expired, please change it now"
  
 +extern char *forced_command;
 +
  /* Callbacks */
  static int pamconv(int num_msg, const struct pam_message **msg,
          struct pam_response **resp, void *appdata_ptr);
-@@ -137,6 +139,9 @@
-       if (pam_retval == PAM_SUCCESS) {
-               debug("PAM Password authentication accepted for user \"%.100s\"", pw->pw_name);
+@@ -123,6 +125,9 @@
+               debug("PAM Password authentication accepted for user \"%.100s\"", 
+                       pw->pw_name);
                return 1;
 +      } else if (pam_retval == PAM_NEW_AUTHTOK_REQD) {
 +              debug("PAM (expired)Password authentication accepted for user \"%.100s\"", pw->pw_name);
@@ -20,40 +20,37 @@ diff -ur openssh-1.2.1pre24.orig/auth-pam.c openssh-1.2.1pre24/auth-pam.c
        } else {
                debug("PAM Password authentication for \"%.100s\" failed: %s", 
                        pw->pw_name, PAM_STRERROR((pam_handle_t *)pamh, pam_retval));
-@@ -165,9 +170,15 @@
-       }
-       pam_retval = pam_acct_mgmt((pam_handle_t *)pamh, 0);
--      if (pam_retval != PAM_SUCCESS) {
--              log("PAM rejected by account configuration: %.200s", PAM_STRERROR((pam_handle_t *)pamh, pam_retval));
--              return(0);
-+      if(pam_retval == PAM_NEW_AUTHTOK_REQD) {
-+              forced_command = xmalloc(strlen("/usr/bin/passwd -N ssh") + 1);
-+              strcpy(forced_command, "/usr/bin/passwd -N ssh");
-+/*            pam_retval = pam_chauthtok((pam_handle_t *)pamh, PAM_CHANGE_EXPIRED_AUTHTOK); */
-+      } else {
-+              if (pam_retval != PAM_SUCCESS) {
-+                      log("PAM rejected by account configuration: %.200s", PAM_STRERROR((pam_handle_t *)pamh, pam_retval));
-+                      return(0);
-+              }
-       }
-       
-       return(1);
-@@ -186,7 +197,7 @@
+@@ -159,6 +164,9 @@
+                       break;
+               case PAM_NEW_AUTHTOK_REQD:
+                       pam_msg_cat(NEW_AUTHTOK_MSG);
++                      forced_command = xmalloc(strlen("/usr/bin/passwd") + 1);
++                      strcpy(forced_command, "/usr/bin/passwd");
++/*                    pam_retval = pam_chauthtok((pam_handle_t *)pamh, PAM_CHANGE_EXPIRED_AUTHTOK); */
+                       break;
+               default:
+                       log("PAM rejected by account configuration: %.200s", 
+@@ -184,10 +192,9 @@
        }
  
        pam_retval = pam_open_session((pam_handle_t *)pamh, 0);
--      if (pam_retval != PAM_SUCCESS)
+-      if (pam_retval != PAM_SUCCESS) {
 +      if ((pam_retval != PAM_SUCCESS) && (pam_retval != PAM_NEW_AUTHTOK_REQD))
-               fatal("PAM session setup failed: %.200s", PAM_STRERROR((pam_handle_t *)pamh, pam_retval));
+               fatal("PAM session setup failed: %.200s", 
+                       PAM_STRERROR((pam_handle_t *)pamh, pam_retval));
+-      }
  }
  
-@@ -197,7 +208,7 @@
+ /* Set PAM credentials */ 
+@@ -197,10 +204,9 @@
   
        debug("PAM establishing creds");
        pam_retval = pam_setcred((pam_handle_t *)pamh, PAM_ESTABLISH_CRED);
--      if (pam_retval != PAM_SUCCESS)
+-      if (pam_retval != PAM_SUCCESS) {
 +      if ((pam_retval != PAM_SUCCESS) && (pam_retval != PAM_NEW_AUTHTOK_REQD))
-               fatal("PAM setcred failed: %.200s", PAM_STRERROR((pam_handle_t *)pamh, pam_retval));
+               fatal("PAM setcred failed: %.200s", 
+                       PAM_STRERROR((pam_handle_t *)pamh, pam_retval));
+-      }
  }
  
+ /* Cleanly shutdown PAM */
OpenSSH free Secure Shell (SSH) implementation
This page took 0.723668 seconds and 4 git commands to generate.