summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDamien Miller <djm@mindrot.org>2003-05-18 20:45:47 +1000
committerDamien Miller <djm@mindrot.org>2003-05-18 20:45:47 +1000
commit25d9342f04249e3af01058bb9ba2a539f928bab0 (patch)
treefb81b43925fd3ba4713a1538213063de872f9de9
parent4c9e9ab1657016a4fb85e4c1a6cac110a42c1e9b (diff)
- (djm) Return of the dreaded PAM_TTY_KLUDGE, which went missing in
recent merge
Diffstat
-rw-r--r--ChangeLog6
-rw-r--r--auth-pam.c24
2 files changed, 26 insertions, 4 deletions
diff --git a/ChangeLog b/ChangeLog
index 8253cc873..6046e1fec 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,4 +1,8 @@
120030517 120030517
2 - (djm) Return of the dreaded PAM_TTY_KLUDGE, which went missing in
3 recent merge
4
520030517
2 - (bal) strcat -> strlcat on openbsd-compat/realpath.c (rev 1.8 OpenBSD) 6 - (bal) strcat -> strlcat on openbsd-compat/realpath.c (rev 1.8 OpenBSD)
3 7
420030516 820030516
@@ -1552,4 +1556,4 @@
1552 save auth method before monitor_reset_key_state(); bugzilla bug #284; 1556 save auth method before monitor_reset_key_state(); bugzilla bug #284;
1553 ok provos@ 1557 ok provos@
1554 1558
1555$Id: ChangeLog,v 1.2731 2003/05/18 01:22:43 mouring Exp $ 1559$Id: ChangeLog,v 1.2732 2003/05/18 10:45:47 djm Exp $
diff --git a/auth-pam.c b/auth-pam.c
index dc4116175..0dcdb651d 100644
--- a/auth-pam.c
+++ b/auth-pam.c
@@ -29,8 +29,9 @@
29 * SUCH DAMAGE. 29 * SUCH DAMAGE.
30 */ 30 */
31 31
32/* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */
32#include "includes.h" 33#include "includes.h"
33RCSID("$FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $"); 34RCSID("$Id: auth-pam.c,v 1.62 2003/05/18 10:45:48 djm Exp $");
34 35
35#ifdef USE_PAM 36#ifdef USE_PAM
36#include <security/pam_appl.h> 37#include <security/pam_appl.h>
@@ -293,17 +294,34 @@ sshpam_init(const char *user)
293 } 294 }
294 debug("PAM: initializing for \"%s\"", user); 295 debug("PAM: initializing for \"%s\"", user);
295 sshpam_err = pam_start("sshd", user, &null_conv, &sshpam_handle); 296 sshpam_err = pam_start("sshd", user, &null_conv, &sshpam_handle);
296 if (sshpam_err != PAM_SUCCESS) 297 if (sshpam_err != PAM_SUCCESS) {
298 pam_end(sshpam_handle, sshpam_err);
299 sshpam_handle = NULL;
297 return (-1); 300 return (-1);
301 }
302 debug("PAM: setting PAM_RHOST to \"%s\"", pam_rhost);
298 pam_rhost = get_remote_name_or_ip(utmp_len, 303 pam_rhost = get_remote_name_or_ip(utmp_len,
299 options.verify_reverse_mapping); 304 options.verify_reverse_mapping);
300 debug("PAM: setting PAM_RHOST to \"%s\"", pam_rhost);
301 sshpam_err = pam_set_item(sshpam_handle, PAM_RHOST, pam_rhost); 305 sshpam_err = pam_set_item(sshpam_handle, PAM_RHOST, pam_rhost);
302 if (sshpam_err != PAM_SUCCESS) { 306 if (sshpam_err != PAM_SUCCESS) {
307 pam_end(sshpam_handle, sshpam_err);
308 sshpam_handle = NULL;
309 return (-1);
310 }
311#ifdef PAM_TTY_KLUDGE
312 /*
313 * Some silly PAM modules (e.g. pam_time) require a TTY to operate.
314 * sshd doesn't set the tty until too late in the auth process and
315 * may not even set one (for tty-less connections)
316 */
317 debug("PAM: setting PAM_TTY to \"ssh\"");
318 sshpam_err = pam_set_item(sshpam_handle, PAM_TTY, "ssh");
319 if (sshpam_err != PAM_SUCCESS) {
303 pam_end(sshpam_handle, sshpam_err); 320 pam_end(sshpam_handle, sshpam_err);
304 sshpam_handle = NULL; 321 sshpam_handle = NULL;
305 return (-1); 322 return (-1);
306 } 323 }
324#endif
307 fatal_add_cleanup(sshpam_cleanup, NULL); 325 fatal_add_cleanup(sshpam_cleanup, NULL);
308 return (0); 326 return (0);
309} 327}
generated by cgit v1.2.3 (git 2.39.1) at 2024-07-08 00:01:26 +0000