diff options
Diffstat (limited to 'auth-pam.c')
-rw-r--r-- | auth-pam.c | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/auth-pam.c b/auth-pam.c index 45c5e0a0a..0e2725b80 100644 --- a/auth-pam.c +++ b/auth-pam.c | |||
@@ -31,7 +31,7 @@ | |||
31 | 31 | ||
32 | /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ | 32 | /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ |
33 | #include "includes.h" | 33 | #include "includes.h" |
34 | RCSID("$Id: auth-pam.c,v 1.91 2004/01/14 12:07:56 dtucker Exp $"); | 34 | RCSID("$Id: auth-pam.c,v 1.92 2004/01/14 13:15:08 dtucker Exp $"); |
35 | 35 | ||
36 | #ifdef USE_PAM | 36 | #ifdef USE_PAM |
37 | #if defined(HAVE_SECURITY_PAM_APPL_H) | 37 | #if defined(HAVE_SECURITY_PAM_APPL_H) |
@@ -178,6 +178,7 @@ pam_getenvlist(pam_handle_t *pamh) | |||
178 | void | 178 | void |
179 | pam_password_change_required(int reqd) | 179 | pam_password_change_required(int reqd) |
180 | { | 180 | { |
181 | debug3("%s %d", __func__, reqd); | ||
181 | sshpam_new_authtok_reqd = reqd; | 182 | sshpam_new_authtok_reqd = reqd; |
182 | if (reqd) { | 183 | if (reqd) { |
183 | no_port_forwarding_flag |= 2; | 184 | no_port_forwarding_flag |= 2; |
@@ -198,6 +199,8 @@ import_environments(Buffer *b) | |||
198 | u_int i, num_env; | 199 | u_int i, num_env; |
199 | int err; | 200 | int err; |
200 | 201 | ||
202 | debug3("PAM: %s entering", __func__); | ||
203 | |||
201 | /* Import variables set by do_pam_account */ | 204 | /* Import variables set by do_pam_account */ |
202 | sshpam_account_status = buffer_get_int(b); | 205 | sshpam_account_status = buffer_get_int(b); |
203 | pam_password_change_required(buffer_get_int(b)); | 206 | pam_password_change_required(buffer_get_int(b)); |
@@ -239,6 +242,7 @@ sshpam_thread_conv(int n, const struct pam_message **msg, | |||
239 | struct pam_response *reply; | 242 | struct pam_response *reply; |
240 | int i; | 243 | int i; |
241 | 244 | ||
245 | debug3("PAM: %s entering, %d responses", __func__, n); | ||
242 | *resp = NULL; | 246 | *resp = NULL; |
243 | 247 | ||
244 | ctxt = data; | 248 | ctxt = data; |
@@ -397,6 +401,7 @@ sshpam_thread_cleanup(void) | |||
397 | { | 401 | { |
398 | struct pam_ctxt *ctxt = cleanup_ctxt; | 402 | struct pam_ctxt *ctxt = cleanup_ctxt; |
399 | 403 | ||
404 | debug3("PAM: %s entering", __func__); | ||
400 | if (ctxt != NULL && ctxt->pam_thread != 0) { | 405 | if (ctxt != NULL && ctxt->pam_thread != 0) { |
401 | pthread_cancel(ctxt->pam_thread); | 406 | pthread_cancel(ctxt->pam_thread); |
402 | pthread_join(ctxt->pam_thread, NULL); | 407 | pthread_join(ctxt->pam_thread, NULL); |
@@ -411,6 +416,7 @@ static int | |||
411 | sshpam_null_conv(int n, const struct pam_message **msg, | 416 | sshpam_null_conv(int n, const struct pam_message **msg, |
412 | struct pam_response **resp, void *data) | 417 | struct pam_response **resp, void *data) |
413 | { | 418 | { |
419 | debug3("PAM: %s entering, %d responses", __func__, n); | ||
414 | return (PAM_CONV_ERR); | 420 | return (PAM_CONV_ERR); |
415 | } | 421 | } |
416 | 422 | ||
@@ -491,6 +497,7 @@ sshpam_init_ctx(Authctxt *authctxt) | |||
491 | struct pam_ctxt *ctxt; | 497 | struct pam_ctxt *ctxt; |
492 | int socks[2]; | 498 | int socks[2]; |
493 | 499 | ||
500 | debug3("PAM: %s entering", __func__); | ||
494 | /* Refuse to start if we don't have PAM enabled */ | 501 | /* Refuse to start if we don't have PAM enabled */ |
495 | if (!options.use_pam) | 502 | if (!options.use_pam) |
496 | return NULL; | 503 | return NULL; |
@@ -535,6 +542,7 @@ sshpam_query(void *ctx, char **name, char **info, | |||
535 | char *msg; | 542 | char *msg; |
536 | size_t len; | 543 | size_t len; |
537 | 544 | ||
545 | debug3("PAM: %s entering", __func__); | ||
538 | buffer_init(&buffer); | 546 | buffer_init(&buffer); |
539 | *name = xstrdup(""); | 547 | *name = xstrdup(""); |
540 | *info = xstrdup(""); | 548 | *info = xstrdup(""); |
@@ -601,7 +609,7 @@ sshpam_respond(void *ctx, u_int num, char **resp) | |||
601 | Buffer buffer; | 609 | Buffer buffer; |
602 | struct pam_ctxt *ctxt = ctx; | 610 | struct pam_ctxt *ctxt = ctx; |
603 | 611 | ||
604 | debug2("PAM: %s", __func__); | 612 | debug2("PAM: %s entering, %d responses", __func__, num); |
605 | switch (ctxt->pam_done) { | 613 | switch (ctxt->pam_done) { |
606 | case 1: | 614 | case 1: |
607 | sshpam_authenticated = 1; | 615 | sshpam_authenticated = 1; |
@@ -630,6 +638,7 @@ sshpam_free_ctx(void *ctxtp) | |||
630 | { | 638 | { |
631 | struct pam_ctxt *ctxt = ctxtp; | 639 | struct pam_ctxt *ctxt = ctxtp; |
632 | 640 | ||
641 | debug3("PAM: %s entering", __func__); | ||
633 | sshpam_thread_cleanup(); | 642 | sshpam_thread_cleanup(); |
634 | xfree(ctxt); | 643 | xfree(ctxt); |
635 | /* | 644 | /* |
@@ -682,7 +691,7 @@ do_pam_account(void) | |||
682 | return (sshpam_account_status); | 691 | return (sshpam_account_status); |
683 | 692 | ||
684 | sshpam_err = pam_acct_mgmt(sshpam_handle, 0); | 693 | sshpam_err = pam_acct_mgmt(sshpam_handle, 0); |
685 | debug3("%s: pam_acct_mgmt = %d", __func__, sshpam_err); | 694 | debug3("PAM: %s pam_acct_mgmt = %d", __func__, sshpam_err); |
686 | 695 | ||
687 | if (sshpam_err != PAM_SUCCESS && sshpam_err != PAM_NEW_AUTHTOK_REQD) { | 696 | if (sshpam_err != PAM_SUCCESS && sshpam_err != PAM_NEW_AUTHTOK_REQD) { |
688 | sshpam_account_status = 0; | 697 | sshpam_account_status = 0; |