diff options
author | Darren Tucker <dtucker@zip.com.au> | 2005-07-16 11:33:06 +1000 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2005-07-16 11:33:06 +1000 |
commit | 4f1adad4f65d63645689d2d947876848b0813390 (patch) | |
tree | 2d928ab277c10e7107aa0dd27bd2aa80e60bf630 | |
parent | 4a42257b06fed3f2ec60ca27175d7db76761aebc (diff) |
- (dtucker) [auth-pam.c] Ensure that only one side of the authentication
socketpair stays open on in both the monitor and PAM process. Patch from
Joerg Sonnenberger.
-rw-r--r-- | ChangeLog | 7 | ||||
-rw-r--r-- | auth-pam.c | 7 |
2 files changed, 12 insertions, 2 deletions
@@ -1,3 +1,8 @@ | |||
1 | 20050716 | ||
2 | - (dtucker) [auth-pam.c] Ensure that only one side of the authentication | ||
3 | socketpair stays open on in both the monitor and PAM process. Patch from | ||
4 | Joerg Sonnenberger. | ||
5 | |||
1 | 20050714 | 6 | 20050714 |
2 | - (dtucker) OpenBSD CVS Sync | 7 | - (dtucker) OpenBSD CVS Sync |
3 | - dtucker@cvs.openbsd.org 2005/07/06 09:33:05 | 8 | - dtucker@cvs.openbsd.org 2005/07/06 09:33:05 |
@@ -2825,4 +2830,4 @@ | |||
2825 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM | 2830 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM |
2826 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu | 2831 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu |
2827 | 2832 | ||
2828 | $Id: ChangeLog,v 1.3845 2005/07/14 07:22:11 dtucker Exp $ | 2833 | $Id: ChangeLog,v 1.3846 2005/07/16 01:33:06 dtucker Exp $ |
diff --git a/auth-pam.c b/auth-pam.c index db80017ef..fecba5de0 100644 --- a/auth-pam.c +++ b/auth-pam.c | |||
@@ -47,7 +47,7 @@ | |||
47 | 47 | ||
48 | /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ | 48 | /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ |
49 | #include "includes.h" | 49 | #include "includes.h" |
50 | RCSID("$Id: auth-pam.c,v 1.123 2005/05/26 09:59:48 dtucker Exp $"); | 50 | RCSID("$Id: auth-pam.c,v 1.124 2005/07/16 01:33:06 dtucker Exp $"); |
51 | 51 | ||
52 | #ifdef USE_PAM | 52 | #ifdef USE_PAM |
53 | #if defined(HAVE_SECURITY_PAM_APPL_H) | 53 | #if defined(HAVE_SECURITY_PAM_APPL_H) |
@@ -157,6 +157,7 @@ pthread_create(sp_pthread_t *thread, const void *attr __unused, | |||
157 | void *(*thread_start)(void *), void *arg) | 157 | void *(*thread_start)(void *), void *arg) |
158 | { | 158 | { |
159 | pid_t pid; | 159 | pid_t pid; |
160 | struct pam_ctxt *ctx = arg; | ||
160 | 161 | ||
161 | sshpam_thread_status = -1; | 162 | sshpam_thread_status = -1; |
162 | switch ((pid = fork())) { | 163 | switch ((pid = fork())) { |
@@ -164,10 +165,14 @@ pthread_create(sp_pthread_t *thread, const void *attr __unused, | |||
164 | error("fork(): %s", strerror(errno)); | 165 | error("fork(): %s", strerror(errno)); |
165 | return (-1); | 166 | return (-1); |
166 | case 0: | 167 | case 0: |
168 | close(ctx->pam_psock); | ||
169 | ctx->pam_psock = -1; | ||
167 | thread_start(arg); | 170 | thread_start(arg); |
168 | _exit(1); | 171 | _exit(1); |
169 | default: | 172 | default: |
170 | *thread = pid; | 173 | *thread = pid; |
174 | close(ctx->pam_csock); | ||
175 | ctx->pam_csock = -1; | ||
171 | sshpam_oldsig = signal(SIGCHLD, sshpam_sigchld_handler); | 176 | sshpam_oldsig = signal(SIGCHLD, sshpam_sigchld_handler); |
172 | return (0); | 177 | return (0); |
173 | } | 178 | } |