File pam_cracklib-no-pwhistory.diff of Package pam

--- modules/pam_cracklib/pam_cracklib.8.xml
+++ modules/pam_cracklib/pam_cracklib.8.xml	2008/10/17 10:25:35
@@ -111,15 +111,6 @@
           </para>
         </listitem>
       </varlistentry>
-      <varlistentry>
-        <term>Already used</term>
-        <listitem>
-          <para>
-            Was the password used in the past? Previously used passwords
-            are to be found in <filename>/etc/security/opasswd</filename>.
-          </para>
-        </listitem>
-      </varlistentry>
     </variablelist>
     <para>
       This module with no arguments will work well for standard unix
--- modules/pam_cracklib/pam_cracklib.c
+++ modules/pam_cracklib/pam_cracklib.c	2008/10/17 10:26:56
@@ -472,43 +472,6 @@
 }
 
 
-#define OLD_PASSWORDS_FILE	"/etc/security/opasswd"
-
-static const char * check_old_password(const char *forwho, const char *newpass)
-{
-	static char buf[16384];
-	char *s_luser, *s_uid, *s_npas, *s_pas;
-	const char *msg = NULL;
-	FILE *opwfile;
-
-	opwfile = fopen(OLD_PASSWORDS_FILE, "r");
-	if (opwfile == NULL)
-		return NULL;
-
-	while (fgets(buf, 16380, opwfile)) {
-		if (!strncmp(buf, forwho, strlen(forwho))) {
-			char *sptr;
-			buf[strlen(buf)-1] = '\0';
-			s_luser = strtok_r(buf, ":,", &sptr);
-			s_uid   = strtok_r(NULL, ":,", &sptr);
-			s_npas  = strtok_r(NULL, ":,", &sptr);
-			s_pas   = strtok_r(NULL, ":,", &sptr);
-			while (s_pas != NULL) {
-				if (!strcmp(crypt(newpass, s_pas), s_pas)) {
-					msg = _("has been already used");
-					break;
-				}
-				s_pas = strtok_r(NULL, ":,", &sptr);
-			}
-			break;
-		}
-	}
-	fclose(opwfile);
-
-	return msg;
-}
-
-
 static int _pam_unix_approve_pass(pam_handle_t *pamh,
                                   unsigned int ctrl,
 				  struct cracklib_options *opt,
@@ -516,7 +479,6 @@
                                   const char *pass_new)
 {
     const char *msg = NULL;
-    const void *user;
     int retval;
 
     if (pass_new == NULL || (pass_old && !strcmp(pass_old,pass_new))) {
@@ -532,15 +494,6 @@
      * checking this would be the place
      */
     msg = password_check(opt, pass_old, pass_new);
-    if (!msg) {
-	retval = pam_get_item(pamh, PAM_USER, &user);
-	if (retval != PAM_SUCCESS || user == NULL) {
-	    if (ctrl & PAM_DEBUG_ARG)
-		pam_syslog(pamh,LOG_ERR,"Can not get username");
-	    return PAM_AUTHTOK_ERR;
-	}
-	msg = check_old_password(user, pass_new);
-    }
 
     if (msg) {
         if (ctrl & PAM_DEBUG_ARG)