diff --git a/ChangeLog b/ChangeLog index f09fa8a8b..3ce097835 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,6 +1,8 @@ 20000125 - Fix NULL pointer dereference in login.c. Fix from Andre Lucas + - Reorder PAM initialisation so it does not mess up lastlog. Reported + by Andre Lucas 20000124 - Pick up version 1.2.2 from OpenBSD CVS (no changes, just version number diff --git a/sshd.c b/sshd.c index a5cbbfc43..f12279786 100644 --- a/sshd.c +++ b/sshd.c @@ -1740,12 +1740,6 @@ do_authenticated(struct passwd * pw) /* Indicate that we now have a pty. */ have_pty = 1; - -#ifdef USE_PAM - /* do the pam_open_session since we have the pty */ - do_pam_session(pw->pw_name, ttyname); -#endif /* USE_PAM */ - break; case SSH_CMSG_X11_REQUEST_FORWARDING: @@ -1821,9 +1815,6 @@ do_authenticated(struct passwd * pw) packet_set_interactive(have_pty || display != NULL, options.keepalives); -#ifdef USE_PAM - do_pam_setcred(); -#endif /* USE_PAM */ if (forced_command != NULL) goto do_forced_command; debug("Forking shell."); @@ -1839,9 +1830,6 @@ do_authenticated(struct passwd * pw) packet_set_interactive(have_pty || display != NULL, options.keepalives); -#ifdef USE_PAM - do_pam_setcred(); -#endif /* USE_PAM */ if (forced_command != NULL) goto do_forced_command; /* Get command from the packet. */ @@ -1929,6 +1917,10 @@ do_exec_no_pty(const char *command, struct passwd * pw, setproctitle("%s@notty", pw->pw_name); +#ifdef USE_PAM + do_pam_setcred(); +#endif /* USE_PAM */ + /* Fork the child. */ if ((pid = fork()) == 0) { /* Child. Reinitialize the log since the pid has changed. */ @@ -2067,6 +2059,11 @@ do_exec_pty(const char *command, int ptyfd, int ttyfd, } setproctitle("%s@%s", pw->pw_name, strrchr(ttyname, '/') + 1); +#ifdef USE_PAM + do_pam_session(pw->pw_name, ttyname); + do_pam_setcred(); +#endif /* USE_PAM */ + /* Fork the child. */ if ((pid = fork()) == 0) { pid = getpid();