diff options
author | Darren Tucker <dtucker@zip.com.au> | 2004-09-11 22:17:26 +1000 |
---|---|---|
committer | Darren Tucker <dtucker@zip.com.au> | 2004-09-11 22:17:26 +1000 |
commit | 69687f4b65373e09269db8c18f18b4ac7225a382 (patch) | |
tree | bdc1ab58486951379f020d2e4a147c5a41997b01 /auth-pam.c | |
parent | 928a19ad9e82d2098c9309553e7f6c97d7665322 (diff) |
- (dtucker) [auth-pam.c auth-pam.h session.c] Bug #890: Send output from
failing PAM session modules to user then exit, similar to the way
/etc/nologin is handled. ok djm@
Diffstat (limited to 'auth-pam.c')
-rw-r--r-- | auth-pam.c | 19 |
1 files changed, 15 insertions, 4 deletions
diff --git a/auth-pam.c b/auth-pam.c index b93241f48..27b9bab23 100644 --- a/auth-pam.c +++ b/auth-pam.c | |||
@@ -47,7 +47,7 @@ | |||
47 | 47 | ||
48 | /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ | 48 | /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ |
49 | #include "includes.h" | 49 | #include "includes.h" |
50 | RCSID("$Id: auth-pam.c,v 1.114 2004/08/16 13:12:06 dtucker Exp $"); | 50 | RCSID("$Id: auth-pam.c,v 1.115 2004/09/11 12:17:26 dtucker Exp $"); |
51 | 51 | ||
52 | #ifdef USE_PAM | 52 | #ifdef USE_PAM |
53 | #if defined(HAVE_SECURITY_PAM_APPL_H) | 53 | #if defined(HAVE_SECURITY_PAM_APPL_H) |
@@ -949,10 +949,21 @@ do_pam_session(void) | |||
949 | fatal("PAM: failed to set PAM_CONV: %s", | 949 | fatal("PAM: failed to set PAM_CONV: %s", |
950 | pam_strerror(sshpam_handle, sshpam_err)); | 950 | pam_strerror(sshpam_handle, sshpam_err)); |
951 | sshpam_err = pam_open_session(sshpam_handle, 0); | 951 | sshpam_err = pam_open_session(sshpam_handle, 0); |
952 | if (sshpam_err != PAM_SUCCESS) | 952 | if (sshpam_err == PAM_SUCCESS) |
953 | fatal("PAM: pam_open_session(): %s", | 953 | sshpam_session_open = 1; |
954 | else { | ||
955 | sshpam_session_open = 0; | ||
956 | disable_forwarding(); | ||
957 | error("PAM: pam_open_session(): %s", | ||
954 | pam_strerror(sshpam_handle, sshpam_err)); | 958 | pam_strerror(sshpam_handle, sshpam_err)); |
955 | sshpam_session_open = 1; | 959 | } |
960 | |||
961 | } | ||
962 | |||
963 | int | ||
964 | is_pam_session_open(void) | ||
965 | { | ||
966 | return sshpam_session_open; | ||
956 | } | 967 | } |
957 | 968 | ||
958 | /* | 969 | /* |