diff options
author | Robert Ancell <robert.ancell@canonical.com> | 2014-02-06 16:58:00 +0000 |
---|---|---|
committer | Robert Ancell <robert.ancell@canonical.com> | 2014-02-06 16:58:00 +0000 |
commit | 323dff5c9ce2bb324acd3dbeea97e1093237d3b5 (patch) | |
tree | 7f1616b45f9d5fb439d1617a1b276fb630cf69d1 | |
parent | cf896b3b7b7267fa8aa898006c0f4ad4d90502ef (diff) | |
download | lightdm-git-323dff5c9ce2bb324acd3dbeea97e1093237d3b5.tar.gz |
Correctly invoke PAM to change authentication token
-rw-r--r-- | src/session-child.c | 2 | ||||
-rw-r--r-- | tests/scripts/login-new-authtok.conf | 2 | ||||
-rw-r--r-- | tests/src/libsystem.c | 5 |
3 files changed, 6 insertions, 3 deletions
diff --git a/src/session-child.c b/src/session-child.c index bf70aa7f..aee68d2e 100644 --- a/src/session-child.c +++ b/src/session-child.c @@ -336,7 +336,7 @@ session_child_run (int argc, char **argv) if (authentication_result == PAM_SUCCESS) authentication_result = pam_acct_mgmt (pam_handle, 0); if (authentication_result == PAM_NEW_AUTHTOK_REQD) - authentication_result = pam_chauthtok (pam_handle, 0); + authentication_result = pam_chauthtok (pam_handle, PAM_CHANGE_EXPIRED_AUTHTOK); } else authentication_result = PAM_SUCCESS; diff --git a/tests/scripts/login-new-authtok.conf b/tests/scripts/login-new-authtok.conf index 36843128..fcbb4647 100644 --- a/tests/scripts/login-new-authtok.conf +++ b/tests/scripts/login-new-authtok.conf @@ -24,7 +24,7 @@ user-session=default # Log into account that requires as password change #?*GREETER-X-0 AUTHENTICATE USERNAME=new-authtok -#?GREETER-X-0 SHOW-PROMPT TEXT="Enter new password:" +#?GREETER-X-0 SHOW-PROMPT TEXT="Enter new password \(expired\):" #?*GREETER-X-0 RESPOND TEXT="New password" #?GREETER-X-0 AUTHENTICATION-COMPLETE USERNAME=new-authtok AUTHENTICATED=TRUE #?*GREETER-X-0 START-SESSION diff --git a/tests/src/libsystem.c b/tests/src/libsystem.c index 7a15dbad..f6f2d317 100644 --- a/tests/src/libsystem.c +++ b/tests/src/libsystem.c @@ -1194,7 +1194,10 @@ pam_chauthtok (pam_handle_t *pamh, int flags) msg = malloc (sizeof (struct pam_message *) * 1); msg[0] = malloc (sizeof (struct pam_message)); msg[0]->msg_style = PAM_PROMPT_ECHO_OFF; - msg[0]->msg = "Enter new password:"; + if ((flags & PAM_CHANGE_EXPIRED_AUTHTOK) != 0) + msg[0]->msg = "Enter new password (expired):"; + else + msg[0]->msg = "Enter new password:"; result = pamh->conversation.conv (1, (const struct pam_message **) msg, &resp, pamh->conversation.appdata_ptr); free (msg[0]); free (msg); |