3530f6ba5c
* Numerous bug fixes for most of the PAM modules, including several string length checks and fixes (update recommended!). * fix for legacy behavior of pam_setcred and pam_close_session in the case that pam_authenticate and pam_open_session hadn't been called * pam_unix: - don't zero out password strings during password changing function * pam_wheel: - feature: can use the module to provide wheel access to non-root accounts. * pam_limits: - added '%' domain for maxlogins limiting, now '*' and @group have the old meaning (every) and '%' the new one (all) - handle negative priority limits (which can apply to the superuser too). * pam_userdb: - require that all of typed password matches that in database * pam_access: - added the 'fieldsep=' argument, made a PAM_RHOST of "" equivalent to NULL Incidentally, cups-1.1.18 will once again do PAM authentication using pam_unix.so if built against PAM-0.77.
32 lines
907 B
Text
32 lines
907 B
Text
$NetBSD: patch-as,v 1.3 2002/12/23 21:24:00 jlam Exp $
|
|
|
|
--- modules/pam_unix/unix_chkpwd.c.orig Mon Sep 23 13:33:22 2002
|
|
+++ modules/pam_unix/unix_chkpwd.c
|
|
@@ -29,7 +29,9 @@
|
|
#include <unistd.h>
|
|
#include <sys/types.h>
|
|
#include <pwd.h>
|
|
+#ifdef HAVE_SHADOW_H
|
|
#include <shadow.h>
|
|
+#endif
|
|
#include <signal.h>
|
|
|
|
#define MAXPASS 200 /* the maximum length of a password */
|
|
@@ -101,6 +103,7 @@ static int _unix_verify_password(const c
|
|
pwd = getpwnam(name); /* Get password file entry... */
|
|
endpwent();
|
|
if (pwd != NULL) {
|
|
+#ifdef HAVE_GETSPNAM
|
|
if (strcmp(pwd->pw_passwd, "x") == 0) {
|
|
/*
|
|
* ...and shadow password file entry for this user,
|
|
@@ -127,6 +130,9 @@ static int _unix_verify_password(const c
|
|
salt = x_strdup(pwd->pw_passwd);
|
|
}
|
|
}
|
|
+#else
|
|
+ salt = x_strdup(pwd->pw_passwd);
|
|
+#endif
|
|
}
|
|
if (pwd == NULL || salt == NULL) {
|
|
_log_err(LOG_ALERT, "check pass; user unknown");
|