From ec7e1b1d0fa042c7670122b6eb5cb59b14491fca Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Wed, 21 Mar 2001 13:01:35 +1100 Subject: - (djm) Don't loop forever when changing password via PAM. Patch from Solar Designer --- ChangeLog | 4 +++- auth-pam.c | 14 +++++--------- 2 files changed, 8 insertions(+), 10 deletions(-) diff --git a/ChangeLog b/ChangeLog index 9e05e2fe..57b999ef 100644 --- a/ChangeLog +++ b/ChangeLog @@ -3,6 +3,8 @@ VanDevender - (djm) Make sure pam_retval is initialised on call to pam_end. Patch from Solar Designer + - (djm) Don't loop forever when changing password via PAM. Patch + from Solar Designer 20010320 - (bal) glob.c update to added GLOB_LIMITS (OpenBSD CVS). @@ -4651,4 +4653,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.995 2001/03/21 01:16:24 djm Exp $ +$Id: ChangeLog,v 1.996 2001/03/21 02:01:35 djm Exp $ diff --git a/auth-pam.c b/auth-pam.c index dfaaacdc..2ea29964 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -33,7 +33,7 @@ #include "canohost.h" #include "readpass.h" -RCSID("$Id: auth-pam.c,v 1.32 2001/03/21 01:16:25 djm Exp $"); +RCSID("$Id: auth-pam.c,v 1.33 2001/03/21 02:01:35 djm Exp $"); #define NEW_AUTHTOK_MSG \ "Warning: Your password has expired, please change it now" @@ -326,14 +326,10 @@ void do_pam_chauthtok(void) if (password_change_required) { pamstate = OTHER; - /* XXX: should we really loop forever? */ - do { - pam_retval = pam_chauthtok(__pamh, - PAM_CHANGE_EXPIRED_AUTHTOK); - if (pam_retval != PAM_SUCCESS) - log("PAM pam_chauthtok failed[%d]: %.200s", - pam_retval, PAM_STRERROR(__pamh, pam_retval)); - } while (pam_retval != PAM_SUCCESS); + pam_retval = pam_chauthtok(__pamh, PAM_CHANGE_EXPIRED_AUTHTOK); + if (pam_retval != PAM_SUCCESS) + fatal("PAM pam_chauthtok failed[%d]: %.200s", + pam_retval, PAM_STRERROR(__pamh, pam_retval)); } } -- cgit v1.2.3