diff options
| author | Darren Tucker <dtucker@zip.com.au> | 2008-03-11 22:58:25 +1100 |
|---|---|---|
| committer | Darren Tucker <dtucker@zip.com.au> | 2008-03-11 22:58:25 +1100 |
| commit | 52358d6df32d9ae923572c43a58159d84b673631 (patch) | |
| tree | 83261a70dd007f2af900e1b22884c75b703f8b37 /auth-pam.c | |
| parent | fe1cf97ee811dc7a2bb7cea912c9292c976ab5af (diff) | |
- (dtucker) [auth-pam.c monitor.c session.c sshd.c] Bug #926: Move
pam_open_session and pam_close_session into the privsep monitor, which
will ensure that pam_session_close is called as root. Patch from Tomas
Mraz.
Diffstat (limited to 'auth-pam.c')
| -rw-r--r-- | auth-pam.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/auth-pam.c b/auth-pam.c index a07f1fe77..ccdb9937e 100644 --- a/auth-pam.c +++ b/auth-pam.c | |||
| @@ -598,15 +598,17 @@ static struct pam_conv store_conv = { sshpam_store_conv, NULL }; | |||
| 598 | void | 598 | void |
| 599 | sshpam_cleanup(void) | 599 | sshpam_cleanup(void) |
| 600 | { | 600 | { |
| 601 | debug("PAM: cleanup"); | 601 | if (sshpam_handle == NULL || (use_privsep && !mm_is_monitor())) |
| 602 | if (sshpam_handle == NULL) | ||
| 603 | return; | 602 | return; |
| 603 | debug("PAM: cleanup"); | ||
| 604 | pam_set_item(sshpam_handle, PAM_CONV, (const void *)&null_conv); | 604 | pam_set_item(sshpam_handle, PAM_CONV, (const void *)&null_conv); |
| 605 | if (sshpam_cred_established) { | 605 | if (sshpam_cred_established) { |
| 606 | debug("PAM: deleting credentials"); | ||
| 606 | pam_setcred(sshpam_handle, PAM_DELETE_CRED); | 607 | pam_setcred(sshpam_handle, PAM_DELETE_CRED); |
| 607 | sshpam_cred_established = 0; | 608 | sshpam_cred_established = 0; |
| 608 | } | 609 | } |
| 609 | if (sshpam_session_open) { | 610 | if (sshpam_session_open) { |
| 611 | debug("PAM: closing session"); | ||
| 610 | pam_close_session(sshpam_handle, PAM_SILENT); | 612 | pam_close_session(sshpam_handle, PAM_SILENT); |
| 611 | sshpam_session_open = 0; | 613 | sshpam_session_open = 0; |
| 612 | } | 614 | } |