aboutsummaryrefslogtreecommitdiff
path: root/modules/pam_pwdb/pwdb_chkpwd.c
diff options
context:
space:
mode:
Diffstat (limited to 'modules/pam_pwdb/pwdb_chkpwd.c')
-rw-r--r--modules/pam_pwdb/pwdb_chkpwd.c24
1 files changed, 20 insertions, 4 deletions
diff --git a/modules/pam_pwdb/pwdb_chkpwd.c b/modules/pam_pwdb/pwdb_chkpwd.c
index fdd3cfa3..36cf0984 100644
--- a/modules/pam_pwdb/pwdb_chkpwd.c
+++ b/modules/pam_pwdb/pwdb_chkpwd.c
@@ -83,12 +83,12 @@ static int _unix_verify_passwd(const char *salt, const char *p)
return retval;
}
-int main(void)
+int main(int argc, char **argv)
{
const struct pwdb *pw=NULL;
const struct pwdb_entry *pwe=NULL;
char pass[MAXPASS+1];
- int npass;
+ int npass, force_failure=0;
int retval=UNIX_FAILED;
/*
@@ -120,14 +120,26 @@ int main(void)
retval = UNIX_FAILED;
}
if (retval != UNIX_FAILED) {
- retval = pwdb_locate("user", PWDB_DEFAULT, PWDB_NAME_UNKNOWN
- , getuid(), &pw);
+ retval = pwdb_locate("user", PWDB_DEFAULT, PWDB_NAME_UNKNOWN,
+ getuid(), &pw);
}
if (retval != PWDB_SUCCESS) {
_log_err(LOG_ALERT, "could not identify user");
while (pwdb_end() != PWDB_SUCCESS);
exit(UNIX_FAILED);
}
+ if (argc == 2) {
+ if (pwdb_get_entry(pw, "user", &pwe) == PWDB_SUCCESS) {
+ if (pwe == NULL) {
+ force_failure = 1;
+ } else {
+ if (strcmp((const char *) pwe->value, argv[1])) {
+ force_failure = 1;
+ }
+ pwdb_entry_delete(&pwe);
+ }
+ }
+ }
/* read the password from stdin (a pipe from the pam_pwdb module) */
@@ -158,6 +170,10 @@ int main(void)
memset(pass, '\0', MAXPASS); /* clear memory of the password */
while (pwdb_end() != PWDB_SUCCESS);
+ if ((retval != UNIX_FAILED) && force_failure) {
+ retval = UNIX_FAILED;
+ }
+
/* return pass or fail */
exit(retval);
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-15 14:30:18 +0000