tyler.durden
/
openssh-portable
mirror of https://github.com/PowerShell/openssh-portable.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

- (djm) Return of the dreaded PAM_TTY_KLUDGE, which went missing in 

recent merge
This commit is contained in:
Damien Miller 2003-05-18 20:45:47 +10:00
parent 4c9e9ab165
commit 25d9342f04
2 changed files with 30 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ChangeLog
View File

@ -1,3 +1,7 @@
20030517
- (djm) Return of the dreaded PAM_TTY_KLUDGE, which went missing in
recent merge
20030517 20030517
- (bal) strcat -> strlcat on openbsd-compat/realpath.c (rev 1.8 OpenBSD) - (bal) strcat -> strlcat on openbsd-compat/realpath.c (rev 1.8 OpenBSD)
@ -1552,4 +1556,4 @@
save auth method before monitor_reset_key_state(); bugzilla bug #284; save auth method before monitor_reset_key_state(); bugzilla bug #284;
ok provos@ ok provos@
$Id: ChangeLog,v 1.2731 2003/05/18 01:22:43 mouring Exp $ $Id: ChangeLog,v 1.2732 2003/05/18 10:45:47 djm Exp $

32
auth-pam.c
View File

@ -29,8 +29,9 @@
* SUCH DAMAGE. * SUCH DAMAGE.
*/ */
/* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */
#include "includes.h" #include "includes.h"
RCSID("$FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $"); RCSID("$Id: auth-pam.c,v 1.62 2003/05/18 10:45:48 djm Exp $");
#ifdef USE_PAM #ifdef USE_PAM
#include <security/pam_appl.h> #include <security/pam_appl.h>
@ -293,17 +294,34 @@ sshpam_init(const char *user)
} }
debug("PAM: initializing for \"%s\"", user); debug("PAM: initializing for \"%s\"", user);
sshpam_err = pam_start("sshd", user, &null_conv, &sshpam_handle); sshpam_err = pam_start("sshd", user, &null_conv, &sshpam_handle);
if (sshpam_err != PAM_SUCCESS)
return (-1);
pam_rhost = get_remote_name_or_ip(utmp_len,
options.verify_reverse_mapping);
debug("PAM: setting PAM_RHOST to \"%s\"", pam_rhost);
sshpam_err = pam_set_item(sshpam_handle, PAM_RHOST, pam_rhost);
if (sshpam_err != PAM_SUCCESS) { if (sshpam_err != PAM_SUCCESS) {
pam_end(sshpam_handle, sshpam_err); pam_end(sshpam_handle, sshpam_err);
sshpam_handle = NULL; sshpam_handle = NULL;
return (-1); return (-1);
} }
debug("PAM: setting PAM_RHOST to \"%s\"", pam_rhost);
pam_rhost = get_remote_name_or_ip(utmp_len,
options.verify_reverse_mapping);
sshpam_err = pam_set_item(sshpam_handle, PAM_RHOST, pam_rhost);
if (sshpam_err != PAM_SUCCESS) {
pam_end(sshpam_handle, sshpam_err);
sshpam_handle = NULL;
return (-1);
}
#ifdef PAM_TTY_KLUDGE
/*
* Some silly PAM modules (e.g. pam_time) require a TTY to operate.
* sshd doesn't set the tty until too late in the auth process and
* may not even set one (for tty-less connections)
*/
debug("PAM: setting PAM_TTY to \"ssh\"");
sshpam_err = pam_set_item(sshpam_handle, PAM_TTY, "ssh");
if (sshpam_err != PAM_SUCCESS) {
pam_end(sshpam_handle, sshpam_err);
sshpam_handle = NULL;
return (-1);
}
#endif
fatal_add_cleanup(sshpam_cleanup, NULL); fatal_add_cleanup(sshpam_cleanup, NULL);
return (0); return (0);
} }