Only in ./pam_sqlite-0.3-patched: .README.swp
Only in ./pam_sqlite-0.3-patched: Makefile
Only in ./pam_sqlite-0.3-patched: config.cache
Only in ./pam_sqlite-0.3-patched: config.h
Only in ./pam_sqlite-0.3-patched: config.log
Only in ./pam_sqlite-0.3-patched: config.status
Only in ./pam_sqlite-0.3-patched: pam_get_pass.o
diff -ur ./pam_sqlite-0.3/pam_get_service.c ./pam_sqlite-0.3-patched/pam_get_service.c
--- ./pam_sqlite-0.3/pam_get_service.c	2003-06-20 09:56:31.000000000 +0000
+++ ./pam_sqlite-0.3-patched/pam_get_service.c	2007-12-14 04:58:44.000000000 +0000
@@ -3,6 +3,7 @@
  */
 
 /* $Id: pam_get_service.c,v 1.1 2003/06/20 09:56:31 ek Exp $ */
+#include <stdlib.h>
 #include <security/pam_modules.h>
 
 const char *pam_get_service(pam_handle_t *pamh)
Only in ./pam_sqlite-0.3-patched: pam_get_service.o
diff -ur ./pam_sqlite-0.3/pam_sqlite.c ./pam_sqlite-0.3-patched/pam_sqlite.c
--- ./pam_sqlite-0.3/pam_sqlite.c	2003-07-17 14:03:43.000000000 +0000
+++ ./pam_sqlite-0.3-patched/pam_sqlite.c	2007-12-14 17:20:54.000000000 +0000
@@ -69,7 +69,8 @@
 	char *expired_column;
 	char *newtok_column;
 	pw_scheme pw_type;
-	int debug;
+	int debug, 
+      use_authtok;
 	char *sql_verify;
 	char *sql_check_expired;
 	char *sql_check_newtok;
@@ -224,6 +225,8 @@
 #endif
 	} else if(!strcmp(buf, "debug")) {
 		options->debug = 1;
+  } else if (!strcmp(buf, "use_authtok")) {
+    options->use_authtok = 1;
 	} else if (!strcmp(buf, "config_file")) {
 		get_module_options_from_file(val, options, 1);
 	} else if (!strcmp(buf, "sql_verify")) {
@@ -273,8 +276,8 @@
 	int i, rc;
 	struct module_options *opts;
 
-	opts = (struct module_options *)malloc(sizeof *opts);
-	bzero(opts, sizeof(*opts));
+	opts = (struct module_options *)malloc(sizeof(struct module_options));
+  memset(opts, 0, sizeof(struct module_options));
 	opts->pw_type = PW_CLEAR;
 	rc = 0;
 
@@ -315,7 +318,7 @@
 	if(options->sql_set_passwd)
 		free(options->sql_set_passwd);
 
-	bzero(options, sizeof(*options));
+  memset(options, 0, sizeof(struct module_options));
 	free(options);
 }
 
@@ -669,34 +672,50 @@
 		}
 	} else if(flags & PAM_UPDATE_AUTHTOK) {
 		pass = newpass = NULL;
-		rc = pam_get_item(pamh, PAM_OLDAUTHTOK, (const void **) &pass);
-		if(rc != PAM_SUCCESS) {
-			SYSLOG("could not retrieve old token");
-			free_module_options(options);
-			return rc;
-		}
-		rc = auth_verify_password(user, pass, options);
-		if(rc != PAM_SUCCESS) {
-			SYSLOG("(%s) user '%s' not authenticated.", pam_get_service(pamh), user);
-			free_module_options(options);
-			return rc;
-		}
 
-		/* get and confirm the new passwords */
-		rc = pam_get_confirm_pass(pamh, &newpass, PASSWORD_PROMPT_NEW, PASSWORD_PROMPT_CONFIRM, std_flags);
-		if(rc != PAM_SUCCESS) {
-			SYSLOG("could not retrieve new authentication tokens");
-			free_module_options(options);
-			return rc;
-		}
+    if (options->use_authtok) { 
+      /* use password from prior stacked module */
 
-		/* save the new password for subsequently stacked modules */
-		rc = pam_set_item(pamh, PAM_AUTHTOK, (const void *)newpass);
-		if(rc != PAM_SUCCESS) {
-			SYSLOG("failed to set PAM_AUTHTOK!");
-			free_module_options(options);
-			return rc;
-		}
+      rc = pam_get_item(pamh, PAM_AUTHTOK, (const void **) &newpass);
+      if(rc != PAM_SUCCESS) {
+        SYSLOG("could not retrieve stacked authentication tokens");
+        free_module_options(options);
+        return rc;
+      }
+    } else {
+      /* not using password from stacked module */
+
+      rc = pam_get_item(pamh, PAM_OLDAUTHTOK, (const void **) &pass);
+
+      if(rc != PAM_SUCCESS) {
+        SYSLOG("could not retrieve old token");
+        free_module_options(options);
+        return rc;
+      }
+
+      rc = auth_verify_password(user, pass, options);
+      if(rc != PAM_SUCCESS) {
+        SYSLOG("(%s) user '%s' not authenticated.", pam_get_service(pamh), user);
+        free_module_options(options);
+        return rc;
+      }
+
+      /* get and confirm the new passwords */
+      rc = pam_get_confirm_pass(pamh, &newpass, PASSWORD_PROMPT_NEW, PASSWORD_PROMPT_CONFIRM, std_flags);
+      if(rc != PAM_SUCCESS) {
+        SYSLOG("could not retrieve new authentication tokens");
+        free_module_options(options);
+        return rc;
+      }
+
+      /* save the new password for subsequently stacked modules */
+      rc = pam_set_item(pamh, PAM_AUTHTOK, (const void *)newpass);
+      if(rc != PAM_SUCCESS) {
+        SYSLOG("failed to set PAM_AUTHTOK!");
+        free_module_options(options);
+        return rc;
+      }
+    }
 
 		/* update the database */
 		if(!(newpass_crypt = encrypt_password(options, newpass))) {
Only in ./pam_sqlite-0.3-patched: pam_sqlite.o
Only in ./pam_sqlite-0.3-patched: pam_sqlite.so
Only in ./pam_sqlite-0.3-patched: pam_std_option.o