From f38db7f5dae83b5aeeab681edd266a62b3ebc1f6 Mon Sep 17 00:00:00 2001 From: Darren Tucker Date: Fri, 8 Aug 2003 13:43:37 +1000 Subject: [PATCH] - (dtucker) [auth-pam.c] Don't set PAM_TTY if tty is null. ok djm@ --- ChangeLog | 3 ++- auth-pam.c | 14 ++++++++------ 2 files changed, 10 insertions(+), 7 deletions(-) diff --git a/ChangeLog b/ChangeLog index 4281613e0..fed3b3d66 100644 --- a/ChangeLog +++ b/ChangeLog @@ -2,6 +2,7 @@ - (dtucker) [openbsd-compat/fake-rfc2553.h] Older Linuxes have AI_PASSIVE and AI_CANONNAME in netdb.h but not AI_NUMERICHOST, so check each definition separately before defining them. + - (dtucker) [auth-pam.c] Don't set PAM_TTY if tty is null. ok djm@ 20030807 - (dtucker) [session.c] Have session_break_req not attempt to send a break @@ -803,4 +804,4 @@ - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo. Report from murple@murple.net, diagnosis from dtucker@zip.com.au -$Id: ChangeLog,v 1.2885 2003/08/08 02:15:11 dtucker Exp $ +$Id: ChangeLog,v 1.2886 2003/08/08 03:43:37 dtucker Exp $ diff --git a/auth-pam.c b/auth-pam.c index 9ca18e77e..970ff61cb 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -31,7 +31,7 @@ /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ #include "includes.h" -RCSID("$Id: auth-pam.c,v 1.65 2003/07/30 04:53:11 djm Exp $"); +RCSID("$Id: auth-pam.c,v 1.66 2003/08/08 03:43:37 dtucker Exp $"); #ifdef USE_PAM #include @@ -534,11 +534,13 @@ do_pam_session(const char *user, const char *tty) if (sshpam_err != PAM_SUCCESS) fatal("PAM: failed to set PAM_CONV: %s", pam_strerror(sshpam_handle, sshpam_err)); - debug("PAM: setting PAM_TTY to \"%s\"", tty); - sshpam_err = pam_set_item(sshpam_handle, PAM_TTY, tty); - if (sshpam_err != PAM_SUCCESS) - fatal("PAM: failed to set PAM_TTY: %s", - pam_strerror(sshpam_handle, sshpam_err)); + if (tty != NULL) { + debug("PAM: setting PAM_TTY to \"%s\"", tty); + sshpam_err = pam_set_item(sshpam_handle, PAM_TTY, tty); + if (sshpam_err != PAM_SUCCESS) + fatal("PAM: failed to set PAM_TTY: %s", + pam_strerror(sshpam_handle, sshpam_err)); + } sshpam_err = pam_open_session(sshpam_handle, 0); if (sshpam_err != PAM_SUCCESS) fatal("PAM: pam_open_session(): %s",