Mercurial > illumos > illumos-gate

changeset 12954:e1e7ceb4453f

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
6937882 pam_krb5_prompter should deny all forms of password type prompts
author Will Fiveash <will.fiveash@oracle.com>
date Wed, 28 Jul 2010 17:47:31 -0500
parents 2df46ea8f1b1
children b0be48f0b2d0
files usr/src/lib/pam_modules/krb5/krb5_authenticate.c
diffstat 1 files changed, 5 insertions(+), 1 deletions(-) [+]
line wrap: on
line diff
--- a/usr/src/lib/pam_modules/krb5/krb5_authenticate.c	Wed Jul 28 17:47:31 2010 -0500
+++ b/usr/src/lib/pam_modules/krb5/krb5_authenticate.c	Wed Jul 28 17:47:31 2010 -0500
@@ -394,8 +394,12 @@
 	 * disallow password prompts.
 	 */
 	for (i = 0; i < num_prompts; i++) {
-		if (prompt_type[i] == KRB5_PROMPT_TYPE_PASSWORD)
+		switch (prompt_type[i]) {
+		case KRB5_PROMPT_TYPE_PASSWORD:
+		case KRB5_PROMPT_TYPE_NEW_PASSWORD:
+		case KRB5_PROMPT_TYPE_NEW_PASSWORD_AGAIN:
 			return (KRB5_LIBOS_CANTREADPWD);
+		}
 	}
 
 	if (num_prompts == 0) {