- if (flags & PAM_DISALLOW_NULL_AUTHTOK) {
- if ((pam_err = pam_get_item(pamh, PAM_AUTHTOK,
- (const void **)&password))) {
+ if (!cfg.noaskpass) {
+#ifdef _OPENPAM
+ pam_err = pam_get_authtok(pamh, PAM_AUTHTOK,
+ (const char **)&password, NULL);
+#else
+ struct pam_conv *conv;
+ struct pam_message msg;
+ const struct pam_message *msgp;
+ struct pam_response *resp;
+
+ if ((pam_err = pam_get_item(pamh, PAM_CONV,
+ (const void **)&conv))) {