On Tue, Aug 06, 2019 at 07:20:32PM +0200, Tomas Mraz wrote:
On Tue, 2019-08-06 at 19:21 +0300, Dmitry V. Levin wrote:
> On Tue, Aug 06, 2019 at 02:10:58PM +0200, Tomas Mraz wrote:
> [...]
> > @@ -214,6 +219,9 @@ pam_get_authtok_verify (pam_handle_t *pamh,
> > const char **authtok,
> > if (authtok == NULL || pamh->choice != PAM_CHAUTHTOK)
> > return PAM_SYSTEM_ERR;
> >
> > + if (pamh->authtok_verified)
> > + return pam_get_item (pamh, PAM_AUTHTOK, (const void
> > **)authtok);
> > +
> > if (prompt != NULL)
> > {
> > retval = pam_prompt (pamh, PAM_PROMPT_ECHO_OFF, &resp,
>
> OK, we check pamh->authtok_verified early in this function, so ...
>
> > @@ -239,6 +247,7 @@ pam_get_authtok_verify (pam_handle_t *pamh,
> > const char **authtok,
> >
> > if (strcmp (*authtok, resp) != 0)
> > {
> > + pamh->authtok_verified = 0;
> > pam_set_item (pamh, PAM_AUTHTOK, NULL);
> > pam_error (pamh, MISTYPED_PASS);
> > _pam_overwrite (resp);
>
> ... here pamh->authtok_verified is expected to be zero.
> Why it is reset again?
Yeah, that is redundant, kind of defensive programming. But I'll drop
it, if you want.
If we couldn't assume that pamh->authtok_verified remains zero, then we
should reset it in other places where this function returns an error, too.
So yes, let's drop it instead.
--
ldv