diff options
author | Colin Watson <cjwatson@debian.org> | 2013-09-14 23:42:11 +0100 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2013-09-14 23:42:11 +0100 |
commit | 327155e6824b3ee13837bdde04e4eb47e147ff46 (patch) | |
tree | 8f8743122403c7a2e6ed919156711fb1520c657f /auth-pam.c | |
parent | 0334ce32304e9ba2a10ee5ca49ca6e8ff3ba6cf4 (diff) | |
parent | 74e339b8f8936bc0d985e053a076d0c9b5e9ea51 (diff) |
* New upstream release (http://www.openssh.com/txt/release-6.3).
- sftp(1): add support for resuming partial downloads using the "reget"
command and on the sftp commandline or on the "get" commandline using
the "-a" (append) option (closes: #158590).
- ssh(1): add an "IgnoreUnknown" configuration option to selectively
suppress errors arising from unknown configuration directives (closes:
#436052).
- sftp(1): update progressmeter when data is acknowledged, not when it's
sent (partially addresses #708372).
- ssh(1): do not fatally exit when attempting to cleanup multiplexing-
created channels that are incompletely opened (closes: #651357).
Diffstat (limited to 'auth-pam.c')
-rw-r--r-- | auth-pam.c | 44 |
1 files changed, 20 insertions, 24 deletions
diff --git a/auth-pam.c b/auth-pam.c index 675006e6f..d51318b3a 100644 --- a/auth-pam.c +++ b/auth-pam.c | |||
@@ -412,10 +412,9 @@ sshpam_thread_conv(int n, sshpam_const struct pam_message **msg, | |||
412 | 412 | ||
413 | fail: | 413 | fail: |
414 | for(i = 0; i < n; i++) { | 414 | for(i = 0; i < n; i++) { |
415 | if (reply[i].resp != NULL) | 415 | free(reply[i].resp); |
416 | xfree(reply[i].resp); | ||
417 | } | 416 | } |
418 | xfree(reply); | 417 | free(reply); |
419 | buffer_free(&buffer); | 418 | buffer_free(&buffer); |
420 | return (PAM_CONV_ERR); | 419 | return (PAM_CONV_ERR); |
421 | } | 420 | } |
@@ -586,10 +585,9 @@ sshpam_store_conv(int n, sshpam_const struct pam_message **msg, | |||
586 | 585 | ||
587 | fail: | 586 | fail: |
588 | for(i = 0; i < n; i++) { | 587 | for(i = 0; i < n; i++) { |
589 | if (reply[i].resp != NULL) | 588 | free(reply[i].resp); |
590 | xfree(reply[i].resp); | ||
591 | } | 589 | } |
592 | xfree(reply); | 590 | free(reply); |
593 | return (PAM_CONV_ERR); | 591 | return (PAM_CONV_ERR); |
594 | } | 592 | } |
595 | 593 | ||
@@ -693,7 +691,7 @@ sshpam_init_ctx(Authctxt *authctxt) | |||
693 | /* Start the authentication thread */ | 691 | /* Start the authentication thread */ |
694 | if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, socks) == -1) { | 692 | if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, socks) == -1) { |
695 | error("PAM: failed create sockets: %s", strerror(errno)); | 693 | error("PAM: failed create sockets: %s", strerror(errno)); |
696 | xfree(ctxt); | 694 | free(ctxt); |
697 | return (NULL); | 695 | return (NULL); |
698 | } | 696 | } |
699 | ctxt->pam_psock = socks[0]; | 697 | ctxt->pam_psock = socks[0]; |
@@ -703,7 +701,7 @@ sshpam_init_ctx(Authctxt *authctxt) | |||
703 | strerror(errno)); | 701 | strerror(errno)); |
704 | close(socks[0]); | 702 | close(socks[0]); |
705 | close(socks[1]); | 703 | close(socks[1]); |
706 | xfree(ctxt); | 704 | free(ctxt); |
707 | return (NULL); | 705 | return (NULL); |
708 | } | 706 | } |
709 | cleanup_ctxt = ctxt; | 707 | cleanup_ctxt = ctxt; |
@@ -742,7 +740,7 @@ sshpam_query(void *ctx, char **name, char **info, | |||
742 | strlcpy(**prompts + plen, msg, len - plen); | 740 | strlcpy(**prompts + plen, msg, len - plen); |
743 | plen += mlen; | 741 | plen += mlen; |
744 | **echo_on = (type == PAM_PROMPT_ECHO_ON); | 742 | **echo_on = (type == PAM_PROMPT_ECHO_ON); |
745 | xfree(msg); | 743 | free(msg); |
746 | return (0); | 744 | return (0); |
747 | case PAM_ERROR_MSG: | 745 | case PAM_ERROR_MSG: |
748 | case PAM_TEXT_INFO: | 746 | case PAM_TEXT_INFO: |
@@ -753,7 +751,7 @@ sshpam_query(void *ctx, char **name, char **info, | |||
753 | plen += mlen; | 751 | plen += mlen; |
754 | strlcat(**prompts + plen, "\n", len - plen); | 752 | strlcat(**prompts + plen, "\n", len - plen); |
755 | plen++; | 753 | plen++; |
756 | xfree(msg); | 754 | free(msg); |
757 | break; | 755 | break; |
758 | case PAM_ACCT_EXPIRED: | 756 | case PAM_ACCT_EXPIRED: |
759 | sshpam_account_status = 0; | 757 | sshpam_account_status = 0; |
@@ -766,7 +764,7 @@ sshpam_query(void *ctx, char **name, char **info, | |||
766 | *num = 0; | 764 | *num = 0; |
767 | **echo_on = 0; | 765 | **echo_on = 0; |
768 | ctxt->pam_done = -1; | 766 | ctxt->pam_done = -1; |
769 | xfree(msg); | 767 | free(msg); |
770 | return 0; | 768 | return 0; |
771 | } | 769 | } |
772 | /* FALLTHROUGH */ | 770 | /* FALLTHROUGH */ |
@@ -776,7 +774,7 @@ sshpam_query(void *ctx, char **name, char **info, | |||
776 | debug("PAM: %s", **prompts); | 774 | debug("PAM: %s", **prompts); |
777 | buffer_append(&loginmsg, **prompts, | 775 | buffer_append(&loginmsg, **prompts, |
778 | strlen(**prompts)); | 776 | strlen(**prompts)); |
779 | xfree(**prompts); | 777 | free(**prompts); |
780 | **prompts = NULL; | 778 | **prompts = NULL; |
781 | } | 779 | } |
782 | if (type == PAM_SUCCESS) { | 780 | if (type == PAM_SUCCESS) { |
@@ -790,7 +788,7 @@ sshpam_query(void *ctx, char **name, char **info, | |||
790 | *num = 0; | 788 | *num = 0; |
791 | **echo_on = 0; | 789 | **echo_on = 0; |
792 | ctxt->pam_done = 1; | 790 | ctxt->pam_done = 1; |
793 | xfree(msg); | 791 | free(msg); |
794 | return (0); | 792 | return (0); |
795 | } | 793 | } |
796 | error("PAM: %s for %s%.100s from %.100s", msg, | 794 | error("PAM: %s for %s%.100s from %.100s", msg, |
@@ -801,7 +799,7 @@ sshpam_query(void *ctx, char **name, char **info, | |||
801 | default: | 799 | default: |
802 | *num = 0; | 800 | *num = 0; |
803 | **echo_on = 0; | 801 | **echo_on = 0; |
804 | xfree(msg); | 802 | free(msg); |
805 | ctxt->pam_done = -1; | 803 | ctxt->pam_done = -1; |
806 | return (-1); | 804 | return (-1); |
807 | } | 805 | } |
@@ -852,7 +850,7 @@ sshpam_free_ctx(void *ctxtp) | |||
852 | 850 | ||
853 | debug3("PAM: %s entering", __func__); | 851 | debug3("PAM: %s entering", __func__); |
854 | sshpam_thread_cleanup(); | 852 | sshpam_thread_cleanup(); |
855 | xfree(ctxt); | 853 | free(ctxt); |
856 | /* | 854 | /* |
857 | * We don't call sshpam_cleanup() here because we may need the PAM | 855 | * We don't call sshpam_cleanup() here because we may need the PAM |
858 | * handle at a later stage, e.g. when setting up a session. It's | 856 | * handle at a later stage, e.g. when setting up a session. It's |
@@ -1006,10 +1004,9 @@ sshpam_tty_conv(int n, sshpam_const struct pam_message **msg, | |||
1006 | 1004 | ||
1007 | fail: | 1005 | fail: |
1008 | for(i = 0; i < n; i++) { | 1006 | for(i = 0; i < n; i++) { |
1009 | if (reply[i].resp != NULL) | 1007 | free(reply[i].resp); |
1010 | xfree(reply[i].resp); | ||
1011 | } | 1008 | } |
1012 | xfree(reply); | 1009 | free(reply); |
1013 | return (PAM_CONV_ERR); | 1010 | return (PAM_CONV_ERR); |
1014 | } | 1011 | } |
1015 | 1012 | ||
@@ -1081,7 +1078,7 @@ do_pam_putenv(char *name, char *value) | |||
1081 | 1078 | ||
1082 | snprintf(compound, len, "%s=%s", name, value); | 1079 | snprintf(compound, len, "%s=%s", name, value); |
1083 | ret = pam_putenv(sshpam_handle, compound); | 1080 | ret = pam_putenv(sshpam_handle, compound); |
1084 | xfree(compound); | 1081 | free(compound); |
1085 | #endif | 1082 | #endif |
1086 | 1083 | ||
1087 | return (ret); | 1084 | return (ret); |
@@ -1108,8 +1105,8 @@ free_pam_environment(char **env) | |||
1108 | return; | 1105 | return; |
1109 | 1106 | ||
1110 | for (envp = env; *envp; envp++) | 1107 | for (envp = env; *envp; envp++) |
1111 | xfree(*envp); | 1108 | free(*envp); |
1112 | xfree(env); | 1109 | free(env); |
1113 | } | 1110 | } |
1114 | 1111 | ||
1115 | /* | 1112 | /* |
@@ -1165,10 +1162,9 @@ sshpam_passwd_conv(int n, sshpam_const struct pam_message **msg, | |||
1165 | 1162 | ||
1166 | fail: | 1163 | fail: |
1167 | for(i = 0; i < n; i++) { | 1164 | for(i = 0; i < n; i++) { |
1168 | if (reply[i].resp != NULL) | 1165 | free(reply[i].resp); |
1169 | xfree(reply[i].resp); | ||
1170 | } | 1166 | } |
1171 | xfree(reply); | 1167 | free(reply); |
1172 | return (PAM_CONV_ERR); | 1168 | return (PAM_CONV_ERR); |
1173 | } | 1169 | } |
1174 | 1170 | ||