summaryrefslogtreecommitdiffstats
path: root/tdm/backend
diff options
context:
space:
mode:
Diffstat (limited to 'tdm/backend')
-rw-r--r--tdm/backend/client.c19
1 files changed, 14 insertions, 5 deletions
diff --git a/tdm/backend/client.c b/tdm/backend/client.c
index cb185bca1..2676a5d2a 100644
--- a/tdm/backend/client.c
+++ b/tdm/backend/client.c
@@ -180,7 +180,7 @@ PAM_conv( int num_msg,
ReInitErrorLog();
Debug( "PAM_conv\n" );
- for (count = 0; count < num_msg; count++)
+ for (count = 0; count < num_msg; count++) {
switch (msg[count]->msg_style) {
case PAM_TEXT_INFO:
Debug( " PAM_TEXT_INFO: %s\n", msg[count]->msg );
@@ -201,9 +201,18 @@ PAM_conv( int num_msg,
/* case PAM_PROMPT_ECHO_ON: cannot happen */
case PAM_PROMPT_ECHO_OFF:
Debug( " PAM_PROMPT_ECHO_OFF (usecur): %s\n", msg[count]->msg );
- if (!curpass)
- pd->gconv( GCONV_PASS, 0 );
- StrDup( &reply[count].resp, curpass );
+ // WARNING
+ // This is far from foolproof, but it's the best we can do at this time...
+ // Try to detect PIN entry requests
+ if (strstr(msg[count]->msg, "PIN")) {
+ reply[count].resp = pd->gconv(GCONV_HIDDEN, msg[count]->msg);
+ }
+ else {
+ if (!curpass) {
+ pd->gconv( GCONV_PASS, 0 );
+ }
+ StrDup( &reply[count].resp, curpass );
+ }
break;
default:
LogError( "Unknown PAM message style <%d>\n", msg[count]->msg_style );
@@ -237,6 +246,7 @@ PAM_conv( int num_msg,
}
reply[count].resp_retcode = PAM_SUCCESS; /* unused in linux-pam */
}
+ }
Debug( " PAM_conv success\n" );
*resp = reply;
return PAM_SUCCESS;
@@ -769,7 +779,6 @@ Verify( GConvFunc gconv, int rootok )
}
#ifdef USE_PAM
-
Debug( " pam_acct_mgmt() ...\n" );
pretc = pam_acct_mgmt( pamh, 0 );
ReInitErrorLog();