1 diff -urpa shadow-4.8.orig/lib/getdef.c shadow-4.8/lib/getdef.c
2 --- shadow-4.8.orig/lib/getdef.c 2019-12-01 18:02:43.000000000 +0100
3 +++ shadow-4.8/lib/getdef.c 2019-12-15 23:52:32.683000000 +0100
4 @@ -89,7 +89,6 @@ static struct itemdef def_table[] = {
8 - {"FAIL_DELAY", NULL},
12 diff -urpa shadow-4.8.orig/src/login.c shadow-4.8/src/login.c
13 --- shadow-4.8.orig/src/login.c 2019-07-23 17:26:08.000000000 +0200
14 +++ shadow-4.8/src/login.c 2019-12-15 23:52:32.684000000 +0100
15 @@ -536,7 +536,6 @@ int main (int argc, char **argv)
16 #if defined(HAVE_STRFTIME) && !defined(USE_PAM)
23 @@ -561,6 +560,7 @@ int main (int argc, char **argv)
25 char *pam_user = NULL;
28 struct spwd *spwd = NULL;
31 @@ -723,7 +723,6 @@ int main (int argc, char **argv)
34 environ = newenvp; /* make new environment active */
35 - delay = getdef_unum ("FAIL_DELAY", 1);
36 retries = getdef_unum ("LOGIN_RETRIES", RETRIES);
39 @@ -739,8 +738,7 @@ int main (int argc, char **argv)
42 * hostname & tty are either set to NULL or their correct values,
43 - * depending on how much we know. We also set PAM's fail delay to
45 + * depending on how much we know.
47 * PAM_RHOST and PAM_TTY are used for authentication, only use
48 * information coming from login or from the caller (e.g. no utmp)
49 @@ -749,10 +747,6 @@ int main (int argc, char **argv)
51 retcode = pam_set_item (pamh, PAM_TTY, tty);
53 -#ifdef HAS_PAM_FAIL_DELAY
54 - retcode = pam_fail_delay (pamh, 1000000 * delay);
57 /* if fflg, then the user has already been authenticated */
59 unsigned int failcount = 0;
60 @@ -793,12 +787,6 @@ int main (int argc, char **argv)
64 -#ifdef HAS_PAM_FAIL_DELAY
66 - retcode = pam_fail_delay(pamh, 1000000*delay);
71 retcode = pam_authenticate (pamh, 0);
73 @@ -1088,14 +1076,17 @@ int main (int argc, char **argv)
79 * Wait a while (a la SVR4 /usr/bin/login) before attempting
80 * to login the user again. If the earlier alarm occurs
81 * before the sleep() below completes, login will exit.
83 + delay = getdef_unum ("FAIL_DELAY", 1);
89 (void) puts (_("Login incorrect"));