From 2d71f7049ba13d786d73fbebdcd054544bf7d492 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dag-Erling=20Sm=C3=B8rgrav?= <des@des.no>
Date: Fri, 22 Feb 2002 22:04:11 +0000
Subject: [PATCH] Respect echo_pass, try_first_pass, use_first_pass options.

Sponsored by:	DARPA, NAI Labs


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@75 185d5e19-27fe-0310-9dcf-9bff6b9f3609
---
 lib/pam_get_authtok.c | 18 ++++++++++++------
 1 file changed, 12 insertions(+), 6 deletions(-)

diff --git a/lib/pam_get_authtok.c b/lib/pam_get_authtok.c
index a8934a7..c2a933f 100644
--- a/lib/pam_get_authtok.c
+++ b/lib/pam_get_authtok.c
@@ -53,20 +53,26 @@ pam_get_authtok(pam_handle_t *pamh,
 	const char *prompt)
 {
 	char *p, *resp;
-	int r;
+	int r, style;
 
 	if (pamh == NULL || authtok == NULL)
 		return (PAM_SYSTEM_ERR);
 
-	r = pam_get_item(pamh, PAM_AUTHTOK, (const void **)authtok);
-	if (r == PAM_SUCCESS && *authtok != NULL)
-		return (PAM_SUCCESS);
+	if (openpam_get_option(pamh, "try_first_pass") ||
+	    openpam_get_option(pamh, "use_first_pass")) {
+		r = pam_get_item(pamh, PAM_AUTHTOK, (const void **)authtok);
+		if (r == PAM_SUCCESS && *authtok != NULL)
+			return (PAM_SUCCESS);
+		else if (openpam_get_option(pamh, "use_first_pass"))
+			return (r == PAM_SUCCESS ? PAM_AUTH_ERR : r);
+	}
 	if (pam_get_item(pamh, PAM_AUTHTOK_PROMPT,
 	    (const void **)&p) != PAM_SUCCESS || p == NULL)
 		if (prompt == NULL)
 			prompt = "Password:";
-	r = pam_prompt(pamh, PAM_PROMPT_ECHO_OFF, &resp,
-	    "%s", p ? p : prompt);
+	style = openpam_get_option(pamh, "echo_pass") ?
+	    PAM_PROMPT_ECHO_ON : PAM_PROMPT_ECHO_OFF;
+	r = pam_prompt(pamh, style, &resp, "%s", p ? p : prompt);
 	if (r != PAM_SUCCESS)
 		return (r);
 	*authtok = resp;