view release on metacpan or  search on metacpan

SimplePam.pm  view on Meta::CPAN

	  $answer     = $user;
	}

      #PAM_PROMPT_ECHO_OFF usually is the new or old password.
      elsif ($pam_code == PAM_PROMPT_ECHO_OFF )
      {

	print "DEBUG: PAM_PROMPT_ECHO_OFF message '$pam_message'\n" if $DEBUG;

	#we try to verify what it wants accordinly with $pam_message

	if (defined ($state = _check_msg($pam_message)))
        {
	  print "DEBUG: PAM_PROMPT_ECHO_OFF: state: $state\n" if $DEBUG;
	  #state == 0 is the old_password
	  if ($state == 0)
	  {
	    print "DEBUG: sending the old password.\n" if $DEBUG;
	    $answer                    = $old_password;
	    $self->{used_old_password} = 1;
	    $done                      = 1;
	  }

	  #state == 1 or 2 is the new_password
	  elsif ($state == 1 || $state == 2)
	  {
	    print "DEBUG: sending the new pasword.\n" if $DEBUG;
	    $answer     = $new_password;

	    if (! $self->{used_old_password} && $done < 1)
	    {
	      print "DEBUG: The old password was not asked for (before)\n" if $DEBUG;
	      $done = 1;
	    }

	    $done++;
	  }
	  else
	  {
	    #we got an unknown state
	    #if this happens it is our fault
	    warn __PACKAGE__ . ": You seen to have found a bug in _general_pam_conv().\n";
	    warn __PACKAGE__ . ": state is $state and this is invalid.\n";
	    warn __PACKAGE__ . ": Please fill a bug report to relate this.\n";
	    warn __PACKAGE__ . ": I will try to continue, but it might not work.\n";

	    $answer     = $new_password;

	    if (! $self->{used_old_password} && $done < 1)
	    {
	      print "DEBUG: The old password was not asked for\n" if $DEBUG;
	      $done = 1;
	    }
	    $done++;
	  }
	}
	else
	{
	  # $state not defined
	  # This means that we got an unknow message.
	  # guessing blindly
	  warn "Don't know what to do about '$pam_message' .\n";
	  print "DEBUG: 'done' guess flag is $done\n";

	  if ($done == 0)
	  {
	    $answer     = $old_password;
	    warn "Trying to give the OLD password.\n";
	    $done ++;
	  }
	  elsif ($done > 0 && $done < 4)
	  {
	    $answer     = $new_password;

	    $done++;
	    warn "trying to give the NEW password.\n";
	  }
	  else
	  {
	    warn "Giving up.\n";
	  }
	}
	print "DEBUG: end of state comparation \n" if $DEBUG;
      }

      #PAM_ERROR_MSG is an error whichh we got.
      elsif ($pam_code == PAM_ERROR_MSG)
      {
	# we got some kind of error.
	my $error_message = _check_error_msg ($pam_message);

	#save the error messag
	$self->{pam_error_message} = $pam_message;
	$self->{error_code} = $error_message;

	if ($self->_abort_on_error)
	{
	  print "DEBUG: PAM_ERROR_MSG Aborting\n" if $DEBUG;
	  #advise pam about the error
	  $self->{conv_failure} = 1;
	  $failure = 1;
	  #note that this will cause PAM_CONV_ERR to be returned to the pam_function
	}
	else
	{
	  print "DEBUG: PAM_ERROR_MSG: Ignoring the error.\n" if $DEBUG;
	}
      }

      elsif ($pam_code == PAM_TEXT_INFO) {
	#Pam sent a informative message
	#for now this messages are hardcoded here
	print "DEBUG: PAM_TEXT_INFO: $pam_message\n" if $DEBUG;

	if ($pam_message =~ /^Changing password for (.*)$/)
        {
	  if (($1 ne $user) && ($self->_call_type eq "change_password"))
	  {
	    warn "Something bad is about to happen, I am trying to change";
	    warn " password for $user, howerver, the system expects $1\n";
	  }
	  else
	  {