File gnome-keyring-pam-auth-prompt-password.patch of Package gnome-keyring
Index: gnome-keyring-2.28.0/pam/gkr-pam-module.c
===================================================================
--- gnome-keyring-2.28.0.orig/pam/gkr-pam-module.c
+++ gnome-keyring-2.28.0/pam/gkr-pam-module.c
@@ -889,12 +889,27 @@ pam_sm_authenticate (pam_handle_t *ph, i
/* Look up the password */
ret = pam_get_item (ph, PAM_AUTHTOK, (const void**)&password);
if (ret != PAM_SUCCESS || password == NULL) {
- if (ret == PAM_SUCCESS)
- syslog (GKR_LOG_WARN, "gkr-pam: no password is available for user");
- else
- syslog (GKR_LOG_WARN, "gkr-pam: no password is available for user: %s",
+ if (args & ARG_USE_AUTHTOK) {
+ if (ret == PAM_SUCCESS)
+ syslog (GKR_LOG_WARN, "gkr-pam: no password is available for user");
+ else
+ syslog (GKR_LOG_WARN, "gkr-pam: no password is available for user: %s",
+ pam_strerror (ph, ret));
+ return PAM_SUCCESS;
+ }
+
+ ret = prompt_password (ph);
+ if (ret != PAM_SUCCESS) {
+ syslog (GKR_LOG_ERR, "gkr-pam: couldn't get the password from user: %s",
pam_strerror (ph, ret));
- return PAM_SUCCESS;
+ return PAM_AUTH_ERR;
+ }
+ ret = pam_get_item (ph, PAM_AUTHTOK, (const void**)&password);
+ if (ret != PAM_SUCCESS || password == NULL) {
+ syslog (GKR_LOG_ERR, "gkr-pam: couldn't get the password from user: %s",
+ ret == PAM_SUCCESS ? "password was null" : pam_strerror (ph, ret));
+ return PAM_AUTH_ERR;
+ }
}
started_daemon = 0;