save the old password if either the authentication or the authorisation response is NEW_AUTHTOK_REQD

git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd@1899 ef36b2f9-881f-0410-afb5-c4e39611909c
author: Arthur de Jong <arthur@arthurdejong.org> 2013-01-05 23:49:39 +0100
committer: Arthur de Jong <arthur@arthurdejong.org> 2013-01-05 23:49:39 +0100
commit: c89c41b523dfeec992fde31f490d639adf7905a7 (patch)
tree: df266d501f941907aa5d99327bc451b213570948 /pam/pam.c
parent: 33518d5408cf656a4a58f13d729219928ff8620e (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/pam/pam.c b/pam/pam.c
index 32cd98b..9947d52 100644
--- a/pam/pam.c
+++ b/pam/pam.c
@@ -2,7 +2,7 @@
    pam.c - pam module functions
 
    Copyright (C) 2009 Howard Chu
-   Copyright (C) 2009, 2010, 2011, 2012 Arthur de Jong
+   Copyright (C) 2009, 2010, 2011, 2012, 2013 Arthur de Jong
 
    This library is free software; you can redistribute it and/or
    modify it under the terms of the GNU Lesser General Public
@@ -503,7 +503,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags,
   if (cfg.debug)
     pam_syslog(pamh, LOG_DEBUG, "authentication succeeded");
   /* if password change is required, save old password in context */
-  if (resp.res == PAM_NEW_AUTHTOK_REQD)
+  if ((resp.res == PAM_NEW_AUTHTOK_REQD) || (ctx->saved_authz.res == PAM_NEW_AUTHTOK_REQD))
     ctx->oldpassword = strdup(passwd);
   /* update caller's idea of the user name */
   if ((resp.msg[0] != '\0') && (strcmp(resp.msg, username) != 0))
author	Arthur de Jong <arthur@arthurdejong.org>	2013-01-05 23:49:39 +0100
committer	Arthur de Jong <arthur@arthurdejong.org>	2013-01-05 23:49:39 +0100
commit	c89c41b523dfeec992fde31f490d639adf7905a7 (patch)
tree	df266d501f941907aa5d99327bc451b213570948 /pam/pam.c
parent	33518d5408cf656a4a58f13d729219928ff8620e (diff)