diff options
-rw-r--r-- | ChangeLog | 11 | ||||
-rw-r--r-- | auth-pam.c | 22 |
2 files changed, 22 insertions, 11 deletions
@@ -1,6 +1,11 @@ | |||
1 | 20050524 | 1 | 20050524 |
2 | - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] | 2 | - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] |
3 | [contrib/suse/openssh.spec] Update spec file versions to 4.1p1 | 3 | [contrib/suse/openssh.spec] Update spec file versions to 4.1p1 |
4 | - (dtucker) [auth-pam.c] Since people don't seem to be getting the message | ||
5 | that USE_POSIX_THREADS is unsupported, not recommended and generally a bad | ||
6 | idea, it is now known as UNSUPPORTED_POSIX_THREADS_HACK. Attempting to use | ||
7 | USE_POSIX_THREADS will now generate an error so we don't silently change | ||
8 | behaviour. ok djm@ | ||
4 | 9 | ||
5 | 20050524 | 10 | 20050524 |
6 | - (djm) [openbsd-compat/readpassphrase.c] bz #950: Retry tcsetattr to ensure | 11 | - (djm) [openbsd-compat/readpassphrase.c] bz #950: Retry tcsetattr to ensure |
@@ -48,10 +53,6 @@ | |||
48 | - (dtucker) [session.c] Bug #1024: Don't check pam_session_is_open if | 53 | - (dtucker) [session.c] Bug #1024: Don't check pam_session_is_open if |
49 | UseLogin is set as PAM is not used to establish credentials in that | 54 | UseLogin is set as PAM is not used to establish credentials in that |
50 | case. Found by Michael Selvesteen, ok djm@ | 55 | case. Found by Michael Selvesteen, ok djm@ |
51 | - (dtucker) [auth-pam.c] Since people don't seem to be getting the message, | ||
52 | USE_POSIX_THREADS is now known as UNSUPPORTED_POSIX_THREADS_HACK. | ||
53 | USE_POSIX_THREADS will now generate an error so we don't silently change | ||
54 | behaviour. ok djm@ | ||
55 | 56 | ||
56 | 20050419 | 57 | 20050419 |
57 | - (dtucker) [INSTALL] Reference README.privsep for the privilege separation | 58 | - (dtucker) [INSTALL] Reference README.privsep for the privilege separation |
@@ -2491,4 +2492,4 @@ | |||
2491 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM | 2492 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM |
2492 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu | 2493 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu |
2493 | 2494 | ||
2494 | $Id: ChangeLog,v 1.3757 2005/05/25 04:43:47 djm Exp $ | 2495 | $Id: ChangeLog,v 1.3758 2005/05/25 06:18:09 dtucker Exp $ |
diff --git a/auth-pam.c b/auth-pam.c index 6ce8c429b..a8d372aac 100644 --- a/auth-pam.c +++ b/auth-pam.c | |||
@@ -47,7 +47,7 @@ | |||
47 | 47 | ||
48 | /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ | 48 | /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ |
49 | #include "includes.h" | 49 | #include "includes.h" |
50 | RCSID("$Id: auth-pam.c,v 1.121 2005/01/20 02:29:51 dtucker Exp $"); | 50 | RCSID("$Id: auth-pam.c,v 1.122 2005/05/25 06:18:10 dtucker Exp $"); |
51 | 51 | ||
52 | #ifdef USE_PAM | 52 | #ifdef USE_PAM |
53 | #if defined(HAVE_SECURITY_PAM_APPL_H) | 53 | #if defined(HAVE_SECURITY_PAM_APPL_H) |
@@ -76,7 +76,17 @@ extern Buffer loginmsg; | |||
76 | extern int compat20; | 76 | extern int compat20; |
77 | extern u_int utmp_len; | 77 | extern u_int utmp_len; |
78 | 78 | ||
79 | /* so we don't silently change behaviour */ | ||
79 | #ifdef USE_POSIX_THREADS | 80 | #ifdef USE_POSIX_THREADS |
81 | # error "USE_POSIX_THREADS replaced by UNSUPPORTED_POSIX_THREADS_HACK" | ||
82 | #endif | ||
83 | |||
84 | /* | ||
85 | * Formerly known as USE_POSIX_THREADS, using this is completely unsupported | ||
86 | * and generally a bad idea. Use at own risk and do not expect support if | ||
87 | * this breaks. | ||
88 | */ | ||
89 | #ifdef UNSUPPORTED_POSIX_THREADS_HACK | ||
80 | #include <pthread.h> | 90 | #include <pthread.h> |
81 | /* | 91 | /* |
82 | * Avoid namespace clash when *not* using pthreads for systems *with* | 92 | * Avoid namespace clash when *not* using pthreads for systems *with* |
@@ -98,7 +108,7 @@ struct pam_ctxt { | |||
98 | static void sshpam_free_ctx(void *); | 108 | static void sshpam_free_ctx(void *); |
99 | static struct pam_ctxt *cleanup_ctxt; | 109 | static struct pam_ctxt *cleanup_ctxt; |
100 | 110 | ||
101 | #ifndef USE_POSIX_THREADS | 111 | #ifndef UNSUPPORTED_POSIX_THREADS_HACK |
102 | /* | 112 | /* |
103 | * Simulate threads with processes. | 113 | * Simulate threads with processes. |
104 | */ | 114 | */ |
@@ -255,7 +265,7 @@ import_environments(Buffer *b) | |||
255 | 265 | ||
256 | debug3("PAM: %s entering", __func__); | 266 | debug3("PAM: %s entering", __func__); |
257 | 267 | ||
258 | #ifndef USE_POSIX_THREADS | 268 | #ifndef UNSUPPORTED_POSIX_THREADS_HACK |
259 | /* Import variables set by do_pam_account */ | 269 | /* Import variables set by do_pam_account */ |
260 | sshpam_account_status = buffer_get_int(b); | 270 | sshpam_account_status = buffer_get_int(b); |
261 | sshpam_password_change_required(buffer_get_int(b)); | 271 | sshpam_password_change_required(buffer_get_int(b)); |
@@ -384,7 +394,7 @@ sshpam_thread(void *ctxtp) | |||
384 | struct pam_conv sshpam_conv; | 394 | struct pam_conv sshpam_conv; |
385 | int flags = (options.permit_empty_passwd == 0 ? | 395 | int flags = (options.permit_empty_passwd == 0 ? |
386 | PAM_DISALLOW_NULL_AUTHTOK : 0); | 396 | PAM_DISALLOW_NULL_AUTHTOK : 0); |
387 | #ifndef USE_POSIX_THREADS | 397 | #ifndef UNSUPPORTED_POSIX_THREADS_HACK |
388 | extern char **environ; | 398 | extern char **environ; |
389 | char **env_from_pam; | 399 | char **env_from_pam; |
390 | u_int i; | 400 | u_int i; |
@@ -428,7 +438,7 @@ sshpam_thread(void *ctxtp) | |||
428 | 438 | ||
429 | buffer_put_cstring(&buffer, "OK"); | 439 | buffer_put_cstring(&buffer, "OK"); |
430 | 440 | ||
431 | #ifndef USE_POSIX_THREADS | 441 | #ifndef UNSUPPORTED_POSIX_THREADS_HACK |
432 | /* Export variables set by do_pam_account */ | 442 | /* Export variables set by do_pam_account */ |
433 | buffer_put_int(&buffer, sshpam_account_status); | 443 | buffer_put_int(&buffer, sshpam_account_status); |
434 | buffer_put_int(&buffer, sshpam_authctxt->force_pwchange); | 444 | buffer_put_int(&buffer, sshpam_authctxt->force_pwchange); |
@@ -447,7 +457,7 @@ sshpam_thread(void *ctxtp) | |||
447 | buffer_put_int(&buffer, i); | 457 | buffer_put_int(&buffer, i); |
448 | for(i = 0; env_from_pam != NULL && env_from_pam[i] != NULL; i++) | 458 | for(i = 0; env_from_pam != NULL && env_from_pam[i] != NULL; i++) |
449 | buffer_put_cstring(&buffer, env_from_pam[i]); | 459 | buffer_put_cstring(&buffer, env_from_pam[i]); |
450 | #endif /* USE_POSIX_THREADS */ | 460 | #endif /* UNSUPPORTED_POSIX_THREADS_HACK */ |
451 | 461 | ||
452 | /* XXX - can't do much about an error here */ | 462 | /* XXX - can't do much about an error here */ |
453 | ssh_msg_send(ctxt->pam_csock, sshpam_err, &buffer); | 463 | ssh_msg_send(ctxt->pam_csock, sshpam_err, &buffer); |