From b3a27f63a81adc66a5c204462db997cbf48a5672 Mon Sep 17 00:00:00 2001
From: Arthur de Jong <arthur@arthurdejong.org>
Date: Sun, 28 Apr 2013 11:15:17 +0000
Subject: save the old password if either the authentication or the
 authorisation response is NEW_AUTHTOK_REQD (c89c41b from 0.9)

git-svn-id: http://arthurdejong.org/svn/nss-pam-ldapd/nss-pam-ldapd-0.8@1939 ef36b2f9-881f-0410-afb5-c4e39611909c
---
 pam/pam.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/pam/pam.c b/pam/pam.c
index 1716c3a..692694b 100644
--- a/pam/pam.c
+++ b/pam/pam.c
@@ -2,7 +2,7 @@
    pam.c - pam module functions
 
    Copyright (C) 2009 Howard Chu
-   Copyright (C) 2009, 2010, 2011, 2012 Arthur de Jong
+   Copyright (C) 2009, 2010, 2011, 2012, 2013 Arthur de Jong
 
    This library is free software; you can redistribute it and/or
    modify it under the terms of the GNU Lesser General Public
@@ -443,7 +443,7 @@ int pam_sm_authenticate(pam_handle_t *pamh,int flags,int argc,const char **argv)
   /* save username */
   ctx->user=strdup(username);
   /* if password change is required, save old password in context */
-  if (ctx->authz==PAM_NEW_AUTHTOK_REQD)
+  if ((resp.res==PAM_NEW_AUTHTOK_REQD)||(ctx->saved_authz.res==PAM_NEW_AUTHTOK_REQD))
     ctx->oldpassword=strdup(passwd);
   /* update caller's idea of the user name */
   if ( ctx->tmpluser && ctx->tmpluser[0] && (strcmp(ctx->tmpluser,username)!=0) )
-- 
cgit v1.2.3