X-Git-Url: http://git.hungrycats.org/cgi-bin/gitweb.cgi?p=xscreensaver;a=blobdiff_plain;f=driver%2Fpasswd-pam.c;h=d6966bdbe618eba3845786a93e18bcd055d0e2f0;hp=7083cfe487f41342c5c26ff1dd10518ceedcbdeb;hb=c28aecf9fc41e3a03494bacf7279745425e2fa18;hpb=723c9eeee862766a1534b2ce17b78adbfac1c3be

diff --git a/driver/passwd-pam.c b/driver/passwd-pam.c
index 7083cfe4..d6966bdb 100644
--- a/driver/passwd-pam.c
+++ b/driver/passwd-pam.c
@@ -254,8 +254,13 @@ pam_passwd_valid_p (const char *typed_passwd, Bool verbose_p)
       /* Each time we successfully authenticate, refresh credentials,
          for Kerberos/AFS/DCE/etc.  If this fails, just ignore that
          failure and blunder along; it shouldn't matter.
+
+         Note: this used to be PAM_REFRESH_CRED instead of
+         PAM_REINITIALIZE_CRED, but Jason Heiss <jheiss@ee.washington.edu>
+         says that the Linux PAM library ignores that one, and only refreshes
+         credentials when using PAM_REINITIALIZE_CRED.
        */
-      int status2 = pam_setcred (pamh, PAM_REFRESH_CRED);
+      int status2 = pam_setcred (pamh, PAM_REINITIALIZE_CRED);
       if (verbose_p)
         fprintf (stderr, "%s:   pam_setcred (...) ==> %d (%s)\n",
                  blurb(), status2, PAM_STRERROR(pamh, status2));