[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

pam_password.c question

From: Katy Burns <ktb anemone engr sgi com>
To: pam-list redhat com
Subject: pam_password.c question
Date: Mon, 01 Feb 99 17:25:46 -0800

Hi--

I have a question about the following lines in pam_password.c:

int pam_chauthtok(pam_handle_t *pamh, int flags)
{
   [...]

    /* first loop through to check if there will be a problem */

    if ((retval = _pam_dispatch(pamh, flags|PAM_PRELIM_CHECK
				, PAM_CHAUTHTOK)) == PAM_SUCCESS) {
	retval = _pam_dispatch(pamh, flags|PAM_UPDATE_AUTHTOK
			       , PAM_CHAUTHTOK);
    }
    [...]

    return retval;
}

I am wondering why it is necessary to call _pam_dispatch twice?  Is
this part of the specification?  

I am surprised that this double calling is enforced by the framework,
when some/many modules do not need a separate pass for preliminary
checks.  

I am tempted to omit the preliminary check in my port of the
framework, but would like to understand the implications before doing
so.

Thank you.

--kt (ktb@sgi.com)

Follow-Ups:
- Re: pam_password.c question
  - From: Andrew Morgan <morgan@transmeta.com>
- Re: pam_password.c question
  - From: Pavel Kankovsky <peak@kerberos.troja.mff.cuni.cz>

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index] []