s3: Don't overwrite password in pam_winbind, subsequent pam modules

    might use the old password and new password.

Signed-off-by: Bo Yang <boyang@samba.org>

diff --git a/nsswitch/pam_winbind.c b/nsswitch/pam_winbind.c
index 4e84574d258b3a9db57fc4efcf2b108265810e3d..324bede9ea38ec3854c050cdc80081dde059755f 100644 (file)
--- a/nsswitch/pam_winbind.c
+++ b/nsswitch/pam_winbind.c
@@ -3059,8 +3059,6 @@ int pam_sm_chauthtok(pam_handle_t * pamh, int flags,
                ret = winbind_chauthtok_request(ctx, user, pass_old,
                                                pass_new, pwdlastset_update);
                if (ret) {
-                       _pam_overwrite(pass_new);
-                       _pam_overwrite(pass_old);
                        pass_old = pass_new = NULL;
                        goto out;
                }
@@ -3089,8 +3087,6 @@ int pam_sm_chauthtok(pam_handle_t * pamh, int flags,
                                                   member, cctype, 0,
                                                   &error, &info, &policy,
                                                   NULL, &username_ret);
-                       _pam_overwrite(pass_new);
-                       _pam_overwrite(pass_old);
                        pass_old = pass_new = NULL;
 
                        if (ret == PAM_SUCCESS) {