summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--ChangeLog11
-rw-r--r--auth-pam.c22
2 files changed, 22 insertions, 11 deletions
diff --git a/ChangeLog b/ChangeLog
index 2cfcd9596..a7eab8fc9 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,11 @@
120050524 120050524
2 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] 2 - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
3 [contrib/suse/openssh.spec] Update spec file versions to 4.1p1 3 [contrib/suse/openssh.spec] Update spec file versions to 4.1p1
4 - (dtucker) [auth-pam.c] Since people don't seem to be getting the message
5 that USE_POSIX_THREADS is unsupported, not recommended and generally a bad
6 idea, it is now known as UNSUPPORTED_POSIX_THREADS_HACK. Attempting to use
7 USE_POSIX_THREADS will now generate an error so we don't silently change
8 behaviour. ok djm@
4 9
520050524 1020050524
6 - (djm) [openbsd-compat/readpassphrase.c] bz #950: Retry tcsetattr to ensure 11 - (djm) [openbsd-compat/readpassphrase.c] bz #950: Retry tcsetattr to ensure
@@ -48,10 +53,6 @@
48 - (dtucker) [session.c] Bug #1024: Don't check pam_session_is_open if 53 - (dtucker) [session.c] Bug #1024: Don't check pam_session_is_open if
49 UseLogin is set as PAM is not used to establish credentials in that 54 UseLogin is set as PAM is not used to establish credentials in that
50 case. Found by Michael Selvesteen, ok djm@ 55 case. Found by Michael Selvesteen, ok djm@
51 - (dtucker) [auth-pam.c] Since people don't seem to be getting the message,
52 USE_POSIX_THREADS is now known as UNSUPPORTED_POSIX_THREADS_HACK.
53 USE_POSIX_THREADS will now generate an error so we don't silently change
54 behaviour. ok djm@
55 56
5620050419 5720050419
57 - (dtucker) [INSTALL] Reference README.privsep for the privilege separation 58 - (dtucker) [INSTALL] Reference README.privsep for the privilege separation
@@ -2491,4 +2492,4 @@
2491 - (djm) Trim deprecated options from INSTALL. Mention UsePAM 2492 - (djm) Trim deprecated options from INSTALL. Mention UsePAM
2492 - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu 2493 - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
2493 2494
2494$Id: ChangeLog,v 1.3757 2005/05/25 04:43:47 djm Exp $ 2495$Id: ChangeLog,v 1.3758 2005/05/25 06:18:09 dtucker Exp $
diff --git a/auth-pam.c b/auth-pam.c
index 6ce8c429b..a8d372aac 100644
--- a/auth-pam.c
+++ b/auth-pam.c
@@ -47,7 +47,7 @@
47 47
48/* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ 48/* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */
49#include "includes.h" 49#include "includes.h"
50RCSID("$Id: auth-pam.c,v 1.121 2005/01/20 02:29:51 dtucker Exp $"); 50RCSID("$Id: auth-pam.c,v 1.122 2005/05/25 06:18:10 dtucker Exp $");
51 51
52#ifdef USE_PAM 52#ifdef USE_PAM
53#if defined(HAVE_SECURITY_PAM_APPL_H) 53#if defined(HAVE_SECURITY_PAM_APPL_H)
@@ -76,7 +76,17 @@ extern Buffer loginmsg;
76extern int compat20; 76extern int compat20;
77extern u_int utmp_len; 77extern u_int utmp_len;
78 78
79/* so we don't silently change behaviour */
79#ifdef USE_POSIX_THREADS 80#ifdef USE_POSIX_THREADS
81# error "USE_POSIX_THREADS replaced by UNSUPPORTED_POSIX_THREADS_HACK"
82#endif
83
84/*
85 * Formerly known as USE_POSIX_THREADS, using this is completely unsupported
86 * and generally a bad idea. Use at own risk and do not expect support if
87 * this breaks.
88 */
89#ifdef UNSUPPORTED_POSIX_THREADS_HACK
80#include <pthread.h> 90#include <pthread.h>
81/* 91/*
82 * Avoid namespace clash when *not* using pthreads for systems *with* 92 * Avoid namespace clash when *not* using pthreads for systems *with*
@@ -98,7 +108,7 @@ struct pam_ctxt {
98static void sshpam_free_ctx(void *); 108static void sshpam_free_ctx(void *);
99static struct pam_ctxt *cleanup_ctxt; 109static struct pam_ctxt *cleanup_ctxt;
100 110
101#ifndef USE_POSIX_THREADS 111#ifndef UNSUPPORTED_POSIX_THREADS_HACK
102/* 112/*
103 * Simulate threads with processes. 113 * Simulate threads with processes.
104 */ 114 */
@@ -255,7 +265,7 @@ import_environments(Buffer *b)
255 265
256 debug3("PAM: %s entering", __func__); 266 debug3("PAM: %s entering", __func__);
257 267
258#ifndef USE_POSIX_THREADS 268#ifndef UNSUPPORTED_POSIX_THREADS_HACK
259 /* Import variables set by do_pam_account */ 269 /* Import variables set by do_pam_account */
260 sshpam_account_status = buffer_get_int(b); 270 sshpam_account_status = buffer_get_int(b);
261 sshpam_password_change_required(buffer_get_int(b)); 271 sshpam_password_change_required(buffer_get_int(b));
@@ -384,7 +394,7 @@ sshpam_thread(void *ctxtp)
384 struct pam_conv sshpam_conv; 394 struct pam_conv sshpam_conv;
385 int flags = (options.permit_empty_passwd == 0 ? 395 int flags = (options.permit_empty_passwd == 0 ?
386 PAM_DISALLOW_NULL_AUTHTOK : 0); 396 PAM_DISALLOW_NULL_AUTHTOK : 0);
387#ifndef USE_POSIX_THREADS 397#ifndef UNSUPPORTED_POSIX_THREADS_HACK
388 extern char **environ; 398 extern char **environ;
389 char **env_from_pam; 399 char **env_from_pam;
390 u_int i; 400 u_int i;
@@ -428,7 +438,7 @@ sshpam_thread(void *ctxtp)
428 438
429 buffer_put_cstring(&buffer, "OK"); 439 buffer_put_cstring(&buffer, "OK");
430 440
431#ifndef USE_POSIX_THREADS 441#ifndef UNSUPPORTED_POSIX_THREADS_HACK
432 /* Export variables set by do_pam_account */ 442 /* Export variables set by do_pam_account */
433 buffer_put_int(&buffer, sshpam_account_status); 443 buffer_put_int(&buffer, sshpam_account_status);
434 buffer_put_int(&buffer, sshpam_authctxt->force_pwchange); 444 buffer_put_int(&buffer, sshpam_authctxt->force_pwchange);
@@ -447,7 +457,7 @@ sshpam_thread(void *ctxtp)
447 buffer_put_int(&buffer, i); 457 buffer_put_int(&buffer, i);
448 for(i = 0; env_from_pam != NULL && env_from_pam[i] != NULL; i++) 458 for(i = 0; env_from_pam != NULL && env_from_pam[i] != NULL; i++)
449 buffer_put_cstring(&buffer, env_from_pam[i]); 459 buffer_put_cstring(&buffer, env_from_pam[i]);
450#endif /* USE_POSIX_THREADS */ 460#endif /* UNSUPPORTED_POSIX_THREADS_HACK */
451 461
452 /* XXX - can't do much about an error here */ 462 /* XXX - can't do much about an error here */
453 ssh_msg_send(ctxt->pam_csock, sshpam_err, &buffer); 463 ssh_msg_send(ctxt->pam_csock, sshpam_err, &buffer);