--- modules/pam_cracklib/pam_cracklib.8.xml
+++ modules/pam_cracklib/pam_cracklib.8.xml 2008/10/17 10:25:35
@@ -111,15 +111,6 @@
-
- Already used
-
-
- Was the password used in the past? Previously used passwords
- are to be found in /etc/security/opasswd.
-
-
-
This module with no arguments will work well for standard unix
--- modules/pam_cracklib/pam_cracklib.c
+++ modules/pam_cracklib/pam_cracklib.c 2008/10/17 10:26:56
@@ -472,43 +472,6 @@
}
-#define OLD_PASSWORDS_FILE "/etc/security/opasswd"
-
-static const char * check_old_password(const char *forwho, const char *newpass)
-{
- static char buf[16384];
- char *s_luser, *s_uid, *s_npas, *s_pas;
- const char *msg = NULL;
- FILE *opwfile;
-
- opwfile = fopen(OLD_PASSWORDS_FILE, "r");
- if (opwfile == NULL)
- return NULL;
-
- while (fgets(buf, 16380, opwfile)) {
- if (!strncmp(buf, forwho, strlen(forwho))) {
- char *sptr;
- buf[strlen(buf)-1] = '\0';
- s_luser = strtok_r(buf, ":,", &sptr);
- s_uid = strtok_r(NULL, ":,", &sptr);
- s_npas = strtok_r(NULL, ":,", &sptr);
- s_pas = strtok_r(NULL, ":,", &sptr);
- while (s_pas != NULL) {
- if (!strcmp(crypt(newpass, s_pas), s_pas)) {
- msg = _("has been already used");
- break;
- }
- s_pas = strtok_r(NULL, ":,", &sptr);
- }
- break;
- }
- }
- fclose(opwfile);
-
- return msg;
-}
-
-
static int _pam_unix_approve_pass(pam_handle_t *pamh,
unsigned int ctrl,
struct cracklib_options *opt,
@@ -516,7 +479,6 @@
const char *pass_new)
{
const char *msg = NULL;
- const void *user;
int retval;
if (pass_new == NULL || (pass_old && !strcmp(pass_old,pass_new))) {
@@ -532,15 +494,6 @@
* checking this would be the place
*/
msg = password_check(opt, pass_old, pass_new);
- if (!msg) {
- retval = pam_get_item(pamh, PAM_USER, &user);
- if (retval != PAM_SUCCESS || user == NULL) {
- if (ctrl & PAM_DEBUG_ARG)
- pam_syslog(pamh,LOG_ERR,"Can not get username");
- return PAM_AUTHTOK_ERR;
- }
- msg = check_old_password(user, pass_new);
- }
if (msg) {
if (ctrl & PAM_DEBUG_ARG)