diff options
Diffstat (limited to 'session.c')
| -rw-r--r-- | session.c | 32 |
1 files changed, 14 insertions, 18 deletions
| @@ -193,6 +193,15 @@ auth_input_request_forwarding(struct passwd * pw) | |||
| 193 | return 1; | 193 | return 1; |
| 194 | } | 194 | } |
| 195 | 195 | ||
| 196 | static void | ||
| 197 | display_loginmsg(void) | ||
| 198 | { | ||
| 199 | if (buffer_len(&loginmsg) > 0) { | ||
| 200 | buffer_append(&loginmsg, "\0", 1); | ||
| 201 | printf("%s\n", (char *)buffer_ptr(&loginmsg)); | ||
| 202 | buffer_clear(&loginmsg); | ||
| 203 | } | ||
| 204 | } | ||
| 196 | 205 | ||
| 197 | void | 206 | void |
| 198 | do_authenticated(Authctxt *authctxt) | 207 | do_authenticated(Authctxt *authctxt) |
| @@ -389,12 +398,8 @@ do_exec_no_pty(Session *s, const char *command) | |||
| 389 | session_proctitle(s); | 398 | session_proctitle(s); |
| 390 | 399 | ||
| 391 | #if defined(USE_PAM) | 400 | #if defined(USE_PAM) |
| 392 | if (options.use_pam) { | 401 | if (options.use_pam) |
| 393 | do_pam_setcred(1); | 402 | do_pam_setcred(1); |
| 394 | if (is_pam_password_change_required()) | ||
| 395 | packet_disconnect("Password change required but no " | ||
| 396 | "TTY available"); | ||
| 397 | } | ||
| 398 | #endif /* USE_PAM */ | 403 | #endif /* USE_PAM */ |
| 399 | 404 | ||
| 400 | /* Fork the child. */ | 405 | /* Fork the child. */ |
| @@ -698,9 +703,10 @@ do_login(Session *s, const char *command) | |||
| 698 | * If password change is needed, do it now. | 703 | * If password change is needed, do it now. |
| 699 | * This needs to occur before the ~/.hushlogin check. | 704 | * This needs to occur before the ~/.hushlogin check. |
| 700 | */ | 705 | */ |
| 701 | if (options.use_pam && is_pam_password_change_required()) { | 706 | if (options.use_pam && !use_privsep && s->authctxt->force_pwchange) { |
| 702 | print_pam_messages(); | 707 | display_loginmsg(); |
| 703 | do_pam_chauthtok(); | 708 | do_pam_chauthtok(); |
| 709 | s->authctxt->force_pwchange = 0; | ||
| 704 | /* XXX - signal [net] parent to enable forwardings */ | 710 | /* XXX - signal [net] parent to enable forwardings */ |
| 705 | } | 711 | } |
| 706 | #endif | 712 | #endif |
| @@ -708,17 +714,7 @@ do_login(Session *s, const char *command) | |||
| 708 | if (check_quietlogin(s, command)) | 714 | if (check_quietlogin(s, command)) |
| 709 | return; | 715 | return; |
| 710 | 716 | ||
| 711 | #ifdef USE_PAM | 717 | display_loginmsg(); |
| 712 | if (options.use_pam && !is_pam_password_change_required()) | ||
| 713 | print_pam_messages(); | ||
| 714 | #endif /* USE_PAM */ | ||
| 715 | |||
| 716 | /* display post-login message */ | ||
| 717 | if (buffer_len(&loginmsg) > 0) { | ||
| 718 | buffer_append(&loginmsg, "\0", 1); | ||
| 719 | printf("%s\n", (char *)buffer_ptr(&loginmsg)); | ||
| 720 | } | ||
| 721 | buffer_free(&loginmsg); | ||
| 722 | 718 | ||
| 723 | #ifndef NO_SSH_LASTLOG | 719 | #ifndef NO_SSH_LASTLOG |
| 724 | if (options.print_lastlog && s->last_login_time != 0) { | 720 | if (options.print_lastlog && s->last_login_time != 0) { |