diff options
| author | mbr <mbr@FreeBSD.org> | 2003-06-15 10:37:22 +0000 |
|---|---|---|
| committer | mbr <mbr@FreeBSD.org> | 2003-06-15 10:37:22 +0000 |
| commit | 43c169a64db662775f6c2dd3dc39f34a89b11151 (patch) | |
| tree | fadfce6b3d59484583389a0059881e618d7962c2 /lib/libpam | |
| parent | ab23b5e2160bfd4ff375399c77692b76f9f8b042 (diff) | |
| download | FreeBSD-src-43c169a64db662775f6c2dd3dc39f34a89b11151.zip FreeBSD-src-43c169a64db662775f6c2dd3dc39f34a89b11151.tar.gz | |
Fix the master yppasswd routines, so they really work
for root on ypmaster. yppasswd_local() did use YPPASSWDPROG
instead of MASTER_YPPASSWDPROG, and the domain was not set,
resulting in a coredump during xdr-encode.
Reviewed by: des
Diffstat (limited to 'lib/libpam')
| -rw-r--r-- | lib/libpam/modules/pam_unix/pam_unix.c | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/lib/libpam/modules/pam_unix/pam_unix.c b/lib/libpam/modules/pam_unix/pam_unix.c index 036e5d8..705e3a4 100644 --- a/lib/libpam/modules/pam_unix/pam_unix.c +++ b/lib/libpam/modules/pam_unix/pam_unix.c @@ -292,7 +292,33 @@ pam_sm_chauthtok(pam_handle_t *pamh, int flags, (pwd->pw_fields & _PWF_SOURCE) == _PWF_FILES) /* root doesn't need the old password */ return (pam_set_item(pamh, PAM_OLDAUTHTOK, "")); +#ifdef YP + if (getuid() == 0 && + (pwd->pw_fields & _PWF_SOURCE) == _PWF_NIS) { + + yp_domain = yp_server = NULL; + (void)pam_get_data(pamh, + "yp_domain", (const void **)&yp_domain); + (void)pam_get_data(pamh, + "yp_server", (const void **)&yp_server); + + ypclnt = ypclnt_new(yp_domain, "passwd.byname", yp_server); + if (ypclnt == NULL) + return (PAM_BUF_ERR); + + if (ypclnt_connect(ypclnt) == -1) { + ypclnt_free(ypclnt); + return (PAM_SERVICE_ERR); + } + retval = ypclnt_havepasswdd(ypclnt); + ypclnt_free(ypclnt); + if (retval == 1) + return (pam_set_item(pamh, PAM_OLDAUTHTOK, "")); + else if (retval == -1) + return (PAM_SERVICE_ERR); + } +#endif if (pwd->pw_passwd[0] == '\0' && openpam_get_option(pamh, PAM_OPT_NULLOK)) { /* |
