diff options
| -rw-r--r-- | ChangeLog | 4 | ||||
| -rw-r--r-- | auth-pam.c | 11 |
2 files changed, 10 insertions, 5 deletions
| @@ -1,6 +1,8 @@ | |||
| 1 | 20040719 | 1 | 20040719 |
| 2 | - (djm) [openbsd-compat/bsd-arc4random.c] Discard early keystream, like OpenBSD | 2 | - (djm) [openbsd-compat/bsd-arc4random.c] Discard early keystream, like OpenBSD |
| 3 | ok dtucker@ | 3 | ok dtucker@ |
| 4 | - (djm) [auth-pam.c] Avoid use of xstrdup and friends in conversation function, | ||
| 5 | instead return PAM_CONV_ERR, avoiding another path to fatal(); ok dtucker@ | ||
| 4 | 6 | ||
| 5 | 20040717 | 7 | 20040717 |
| 6 | - (dtucker) [logintest.c scp.c sftp-server.c sftp.c ssh-add.c ssh-agent.c | 8 | - (dtucker) [logintest.c scp.c sftp-server.c sftp.c ssh-add.c ssh-agent.c |
| @@ -1531,4 +1533,4 @@ | |||
| 1531 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM | 1533 | - (djm) Trim deprecated options from INSTALL. Mention UsePAM |
| 1532 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu | 1534 | - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu |
| 1533 | 1535 | ||
| 1534 | $Id: ChangeLog,v 1.3478 2004/07/18 23:30:38 djm Exp $ | 1536 | $Id: ChangeLog,v 1.3479 2004/07/18 23:39:11 djm Exp $ |
diff --git a/auth-pam.c b/auth-pam.c index 5f4200f6f..63515c311 100644 --- a/auth-pam.c +++ b/auth-pam.c | |||
| @@ -47,7 +47,7 @@ | |||
| 47 | 47 | ||
| 48 | /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ | 48 | /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ |
| 49 | #include "includes.h" | 49 | #include "includes.h" |
| 50 | RCSID("$Id: auth-pam.c,v 1.111 2004/07/11 06:54:08 dtucker Exp $"); | 50 | RCSID("$Id: auth-pam.c,v 1.112 2004/07/18 23:39:11 djm Exp $"); |
| 51 | 51 | ||
| 52 | #ifdef USE_PAM | 52 | #ifdef USE_PAM |
| 53 | #if defined(HAVE_SECURITY_PAM_APPL_H) | 53 | #if defined(HAVE_SECURITY_PAM_APPL_H) |
| @@ -817,7 +817,8 @@ sshpam_tty_conv(int n, struct pam_message **msg, | |||
| 817 | case PAM_PROMPT_ECHO_ON: | 817 | case PAM_PROMPT_ECHO_ON: |
| 818 | fprintf(stderr, "%s\n", PAM_MSG_MEMBER(msg, i, msg)); | 818 | fprintf(stderr, "%s\n", PAM_MSG_MEMBER(msg, i, msg)); |
| 819 | fgets(input, sizeof input, stdin); | 819 | fgets(input, sizeof input, stdin); |
| 820 | reply[i].resp = xstrdup(input); | 820 | if ((reply[i].resp = strdup(input)) == NULL) |
| 821 | goto fail; | ||
| 821 | reply[i].resp_retcode = PAM_SUCCESS; | 822 | reply[i].resp_retcode = PAM_SUCCESS; |
| 822 | break; | 823 | break; |
| 823 | case PAM_ERROR_MSG: | 824 | case PAM_ERROR_MSG: |
| @@ -1003,7 +1004,8 @@ sshpam_passwd_conv(int n, struct pam_message **msg, | |||
| 1003 | case PAM_PROMPT_ECHO_OFF: | 1004 | case PAM_PROMPT_ECHO_OFF: |
| 1004 | if (sshpam_password == NULL) | 1005 | if (sshpam_password == NULL) |
| 1005 | goto fail; | 1006 | goto fail; |
| 1006 | reply[i].resp = xstrdup(sshpam_password); | 1007 | if ((reply[i].resp = strdup(sshpam_password)) == NULL) |
| 1008 | goto fail; | ||
| 1007 | reply[i].resp_retcode = PAM_SUCCESS; | 1009 | reply[i].resp_retcode = PAM_SUCCESS; |
| 1008 | break; | 1010 | break; |
| 1009 | case PAM_ERROR_MSG: | 1011 | case PAM_ERROR_MSG: |
| @@ -1014,7 +1016,8 @@ sshpam_passwd_conv(int n, struct pam_message **msg, | |||
| 1014 | PAM_MSG_MEMBER(msg, i, msg), len); | 1016 | PAM_MSG_MEMBER(msg, i, msg), len); |
| 1015 | buffer_append(&loginmsg, "\n", 1); | 1017 | buffer_append(&loginmsg, "\n", 1); |
| 1016 | } | 1018 | } |
| 1017 | reply[i].resp = xstrdup(""); | 1019 | if ((reply[i].resp = strdup("")) == NULL) |
| 1020 | goto fail; | ||
| 1018 | reply[i].resp_retcode = PAM_SUCCESS; | 1021 | reply[i].resp_retcode = PAM_SUCCESS; |
| 1019 | break; | 1022 | break; |
| 1020 | default: | 1023 | default: |