[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: pam_password.c question



Its not in the original RFC spec, but in Sun's originial set of manuals:

 http://www.us.kernel.org/pub/linux/libs/pam/sun_pam_sm.ps.gz

[Which were kindly donated at some point in the distant past.]

Cheers

Andrew

Katy Burns wrote:
> 
> Hi--
> 
> I have a question about the following lines in pam_password.c:
> 
> int pam_chauthtok(pam_handle_t *pamh, int flags)
> {
>    [...]
> 
>     /* first loop through to check if there will be a problem */
> 
>     if ((retval = _pam_dispatch(pamh, flags|PAM_PRELIM_CHECK
>                                 , PAM_CHAUTHTOK)) == PAM_SUCCESS) {
>         retval = _pam_dispatch(pamh, flags|PAM_UPDATE_AUTHTOK
>                                , PAM_CHAUTHTOK);
>     }
>     [...]
> 
>     return retval;
> }
> 
> I am wondering why it is necessary to call _pam_dispatch twice?  Is
> this part of the specification?
> 
> I am surprised that this double calling is enforced by the framework,
> when some/many modules do not need a separate pass for preliminary
> checks.
> 
> I am tempted to omit the preliminary check in my port of the
> framework, but would like to understand the implications before doing
> so.
> 
> Thank you.
> 
> --kt (ktb@sgi.com)
> 
> --
> To unsubscribe: mail -s unsubscribe pam-list-request@redhat.com < /dev/null



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []