diff options
| author | Damien Miller <djm@mindrot.org> | 2003-09-02 23:18:52 +1000 |
|---|---|---|
| committer | Damien Miller <djm@mindrot.org> | 2003-09-02 23:18:52 +1000 |
| commit | 341c6e687c2e2d3629f19d4b43fccc2dc8d7f9d3 (patch) | |
| tree | a54163ac7548e84d257e611333f8e3cf628a7b9d /auth-pam.c | |
| parent | f4b6f10deda4413528ddb5ffbb69c5da84ae58b9 (diff) | |
- (djm) Bug #423: reorder setting of PAM_TTY and calling of PAM session
management (now done in do_setusercontext). Largely from
michael_steffens AT hp.com
Diffstat (limited to 'auth-pam.c')
| -rw-r--r-- | auth-pam.c | 19 |
1 files changed, 12 insertions, 7 deletions
diff --git a/auth-pam.c b/auth-pam.c index 3f3fbf28c..bc378a32b 100644 --- a/auth-pam.c +++ b/auth-pam.c | |||
| @@ -31,7 +31,7 @@ | |||
| 31 | 31 | ||
| 32 | /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ | 32 | /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ |
| 33 | #include "includes.h" | 33 | #include "includes.h" |
| 34 | RCSID("$Id: auth-pam.c,v 1.69 2003/09/02 13:12:06 djm Exp $"); | 34 | RCSID("$Id: auth-pam.c,v 1.70 2003/09/02 13:18:53 djm Exp $"); |
| 35 | 35 | ||
| 36 | #ifdef USE_PAM | 36 | #ifdef USE_PAM |
| 37 | #include <security/pam_appl.h> | 37 | #include <security/pam_appl.h> |
| @@ -534,13 +534,23 @@ do_pam_account(void) | |||
| 534 | } | 534 | } |
| 535 | 535 | ||
| 536 | void | 536 | void |
| 537 | do_pam_session(const char *user, const char *tty) | 537 | do_pam_session(void) |
| 538 | { | 538 | { |
| 539 | sshpam_err = pam_set_item(sshpam_handle, PAM_CONV, | 539 | sshpam_err = pam_set_item(sshpam_handle, PAM_CONV, |
| 540 | (const void *)&null_conv); | 540 | (const void *)&null_conv); |
| 541 | if (sshpam_err != PAM_SUCCESS) | 541 | if (sshpam_err != PAM_SUCCESS) |
| 542 | fatal("PAM: failed to set PAM_CONV: %s", | 542 | fatal("PAM: failed to set PAM_CONV: %s", |
| 543 | pam_strerror(sshpam_handle, sshpam_err)); | 543 | pam_strerror(sshpam_handle, sshpam_err)); |
| 544 | sshpam_err = pam_open_session(sshpam_handle, 0); | ||
| 545 | if (sshpam_err != PAM_SUCCESS) | ||
| 546 | fatal("PAM: pam_open_session(): %s", | ||
| 547 | pam_strerror(sshpam_handle, sshpam_err)); | ||
| 548 | sshpam_session_open = 1; | ||
| 549 | } | ||
| 550 | |||
| 551 | void | ||
| 552 | do_pam_set_tty(const char *tty) | ||
| 553 | { | ||
| 544 | if (tty != NULL) { | 554 | if (tty != NULL) { |
| 545 | debug("PAM: setting PAM_TTY to \"%s\"", tty); | 555 | debug("PAM: setting PAM_TTY to \"%s\"", tty); |
| 546 | sshpam_err = pam_set_item(sshpam_handle, PAM_TTY, tty); | 556 | sshpam_err = pam_set_item(sshpam_handle, PAM_TTY, tty); |
| @@ -548,11 +558,6 @@ do_pam_session(const char *user, const char *tty) | |||
| 548 | fatal("PAM: failed to set PAM_TTY: %s", | 558 | fatal("PAM: failed to set PAM_TTY: %s", |
| 549 | pam_strerror(sshpam_handle, sshpam_err)); | 559 | pam_strerror(sshpam_handle, sshpam_err)); |
| 550 | } | 560 | } |
| 551 | sshpam_err = pam_open_session(sshpam_handle, 0); | ||
| 552 | if (sshpam_err != PAM_SUCCESS) | ||
| 553 | fatal("PAM: pam_open_session(): %s", | ||
| 554 | pam_strerror(sshpam_handle, sshpam_err)); | ||
| 555 | sshpam_session_open = 1; | ||
| 556 | } | 561 | } |
| 557 | 562 | ||
| 558 | void | 563 | void |