svn commit: samba r21011 - in branches/SAMBA_3_0/source/nsswitch: .

[jerry at samba.org]

Author: jerry
Date: 2007-01-25 01:18:31 +0000 (Thu, 25 Jan 2007)
New Revision: 21011

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=21011

Log:
Another patch from Danilo Almeida @ Centeris (via me):

Details: Reset the "new password prompt required" state whenever
we do a new auth.  In more detail, in pam_sm_authenticate, if not
settting PAM_WINBIND_NEW_AUTHTOK_REQD, then clean any potentially
present PAM_WINBIND_NEW_AUTHTOK_REQD.


Modified:
   branches/SAMBA_3_0/source/nsswitch/pam_winbind.c


Changeset:
Modified: branches/SAMBA_3_0/source/nsswitch/pam_winbind.c
===================================================================
--- branches/SAMBA_3_0/source/nsswitch/pam_winbind.c	2007-01-25 00:50:36 UTC (rev 21010)
+++ branches/SAMBA_3_0/source/nsswitch/pam_winbind.c	2007-01-25 01:18:31 UTC (rev 21011)
@@ -1179,6 +1179,7 @@
 	int retval = PAM_AUTH_ERR;
 	dictionary *d = NULL;
 	char *username_ret = NULL;
+	char *new_authtok_required = NULL;
 
 	/* parse arguments */
 	int ctrl = _pam_parse(pamh, flags, argc, argv, &d);
@@ -1227,14 +1228,12 @@
 	if (retval == PAM_NEW_AUTHTOK_REQD ||
 	    retval == PAM_AUTHTOK_EXPIRED) {
 
-		char *buf;
-
-		if (!asprintf(&buf, "%d", retval)) {
+		if (!asprintf(&new_authtok_required, "%d", retval)) {
 			retval = PAM_BUF_ERR;
 			goto out;
 		}
 
-		pam_set_data( pamh, PAM_WINBIND_NEW_AUTHTOK_REQD, (void *)buf, _pam_winbind_cleanup_func);
+		pam_set_data(pamh, PAM_WINBIND_NEW_AUTHTOK_REQD, new_authtok_required, _pam_winbind_cleanup_func);
 
 		retval = PAM_SUCCESS;
 		goto out;
@@ -1296,6 +1295,10 @@
 		iniparser_freedict(d);
 	}
 
+	if (!new_authtok_required) {
+		pam_set_data(pamh, PAM_WINBIND_NEW_AUTHTOK_REQD, NULL, NULL);
+	}
+
 	return ret;
 }