diff options
| author | Luke Shumaker <lukeshu@sbcglobal.net> | 2014-12-22 15:46:43 -0500 |
|---|---|---|
| committer | Tomas Mraz <tmraz@fedoraproject.org> | 2015-01-02 09:16:20 +0100 |
| commit | c1023edd3d2e9dcd83a7822f1830a69f51101334 (patch) | |
| tree | b59e3751d296bcd2a4333c9d6378720fcf44d141 /modules/pam_unix/pam_unix_static.c | |
| parent | 9d1545efee73ec834b051c50a1bc0d2a63d8765b (diff) | |
| download | pam-c1023edd3d2e9dcd83a7822f1830a69f51101334.tar.gz pam-c1023edd3d2e9dcd83a7822f1830a69f51101334.tar.bz2 pam-c1023edd3d2e9dcd83a7822f1830a69f51101334.zip | |
libpam: Only print "Password change aborted" when it's true.
pam_get_authtok() may be used any time that a password needs to be entered,
unlike pam_get_authtok_{no,}verify(), which may only be used when
changing a password; yet when the user aborts, it prints "Password change
aborted." whether or not that was the operation being performed.
This bug was non-obvious because none of the modules distributed with
Linux-PAM use it for anything but changing passwords; pam_unix has its
own utility function that it uses instead. As an example, the
nss-pam-ldapd package uses it in pam_sm_authenticate().
libpam/pam_get_authtok.c (pam_get_authtok_internal): check that the
password is trying to be changed before printing a message about the
password change being aborted.
Diffstat (limited to 'modules/pam_unix/pam_unix_static.c')
0 files changed, 0 insertions, 0 deletions