summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMartin Blapp <mbr@FreeBSD.org>2003-06-15 10:37:22 +0000
committerMartin Blapp <mbr@FreeBSD.org>2003-06-15 10:37:22 +0000
commitdd01398df6484bfec62fa41e62eb8b91931c3d43 (patch)
treefadfce6b3d59484583389a0059881e618d7962c2
parentec01fc4f1494272e55d52b63aeaa4cf5bba056d4 (diff)
Notes
Diffstat
-rw-r--r--lib/libpam/modules/pam_unix/pam_unix.c26
1 files changed, 26 insertions, 0 deletions
diff --git a/lib/libpam/modules/pam_unix/pam_unix.c b/lib/libpam/modules/pam_unix/pam_unix.c
index 036e5d840741..705e3a4e23f8 100644
--- a/lib/libpam/modules/pam_unix/pam_unix.c
+++ b/lib/libpam/modules/pam_unix/pam_unix.c
@@ -292,7 +292,33 @@ pam_sm_chauthtok(pam_handle_t *pamh, int flags,
(pwd->pw_fields & _PWF_SOURCE) == _PWF_FILES)
/* root doesn't need the old password */
return (pam_set_item(pamh, PAM_OLDAUTHTOK, ""));
+#ifdef YP
+ if (getuid() == 0 &&
+ (pwd->pw_fields & _PWF_SOURCE) == _PWF_NIS) {
+
+ yp_domain = yp_server = NULL;
+ (void)pam_get_data(pamh,
+ "yp_domain", (const void **)&yp_domain);
+ (void)pam_get_data(pamh,
+ "yp_server", (const void **)&yp_server);
+
+ ypclnt = ypclnt_new(yp_domain, "passwd.byname", yp_server);
+ if (ypclnt == NULL)
+ return (PAM_BUF_ERR);
+
+ if (ypclnt_connect(ypclnt) == -1) {
+ ypclnt_free(ypclnt);
+ return (PAM_SERVICE_ERR);
+ }
+ retval = ypclnt_havepasswdd(ypclnt);
+ ypclnt_free(ypclnt);
+ if (retval == 1)
+ return (pam_set_item(pamh, PAM_OLDAUTHTOK, ""));
+ else if (retval == -1)
+ return (PAM_SERVICE_ERR);
+ }
+#endif
if (pwd->pw_passwd[0] == '\0'
&& openpam_get_option(pamh, PAM_OPT_NULLOK)) {
/*
generated by cgit v1.2.3 (git 2.25.1) at 2025-11-20 11:25:47 +0000