From 64a9f33ffa84a37622b6a1a643990de23b483d5f Mon Sep 17 00:00:00 2001
From: nekral-guest <nekral-guest@5a98b0ae-9ef6-0310-add3-de5d479b70d7>
Date: Sun, 12 Apr 2009 00:08:26 +0000
Subject: [PATCH] 	* src/login.c: Fix the count of failures before login
 exits in 	case of PAM enabled configurations.

---
 ChangeLog   |  5 +++++
 src/login.c | 13 ++++++++++++-
 2 files changed, 17 insertions(+), 1 deletion(-)

diff --git a/ChangeLog b/ChangeLog
index ddc9ec09..8fb47218 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,8 @@
+2009-04-12  Nicolas François  <nicolas.francois@centraliens.net>
+
+	* src/login.c: Fix the count of failures before login exits in
+	case of PAM enabled configurations.
+
 2009-04-12  Nicolas François  <nicolas.francois@centraliens.net>
 
 	* man/passwd.1.xml: Document that passwd uses PAM to authenticate
diff --git a/src/login.c b/src/login.c
index 3edc5610..a77ca756 100644
--- a/src/login.c
+++ b/src/login.c
@@ -726,7 +726,7 @@ int main (int argc, char **argv)
 				failent_user = "UNKNOWN";
 			}
 
-			if (retcode == PAM_MAXTRIES || failcount >= retries) {
+			if (retcode == PAM_MAXTRIES) {
 				SYSLOG ((LOG_NOTICE,
 				         "TOO MANY LOGIN TRIES (%d)%s FOR '%s'",
 				         failcount, fromhost, failent_user));
@@ -769,6 +769,17 @@ int main (int argc, char **argv)
 
 			fprintf (stderr, "\nLogin incorrect\n");
 
+			if (failcount >= retries) {
+				SYSLOG ((LOG_NOTICE,
+				         "TOO MANY LOGIN TRIES (%d)%s FOR '%s'",
+				         failcount, fromhost, failent_user));
+				fprintf(stderr,
+				        _("Maximum number of tries exceeded (%d)\n"),
+				        failcount);
+				PAM_END;
+				exit(0);
+			}
+
 			/*
 			 * Let's give it another go around.
 			 * Even if a username was given on the command