Gitiles
Code Review Sign In
gerrit.openbmc.org / openbmc / pam-ipmi / e3771e857cb37f1352c3ac76c6fcfca772f63aeb
commite3771e857cb37f1352c3ac76c6fcfca772f63aeb[log] [tgz]
authorJiaqing Zhao <jiaqing.zhao@intel.com>Sat Apr 02 18:02:25 2022 +0800
committerJiaqing Zhao <jiaqing.zhao@intel.com>Sat Apr 02 18:09:13 2022 +0800
tree10f0f1be21ef0f21f9d834f47a426e5f1109e2b0
parent08be868a6d18bca99d3580f4b3247c0c953f0f84 [diff]
Return PAM_AUTHTOK_ERR when length exceeds limit

Currently, when the length of username or password exceeds IPMI limit,
it returns PAM_NEW_AUTHTOK_REQD. But according to the man page of
pam_sm_chauthtok, PAM_NEW_AUTHTOK_REQD is not a vaild return value.
Return PAM_AUTHTOK_ERR instead.

Tested:
Try updating a user in ipmi group with a 21-char password by calling
pam_chauthtok, PAM_AUTHTOK_ERR is returned.

Change-Id: Ia055f253865e9f4174dcbee8eec87917b7612f94
Signed-off-by: Jiaqing Zhao <jiaqing.zhao@intel.com>
2 files changed
tree: 10f0f1be21ef0f21f9d834f47a426e5f1109e2b0
  1. src/
  2. .clang-format
  3. .gitignore
  4. bootstrap.sh
  5. configure.ac
  6. ipmi_pass
  7. key_file
  8. LICENSE
  9. MAINTAINERS
  10. Makefile.am
  11. OWNERS
  12. README.md
README.md

pam-ipmi