Bugzilla – Attachment 1183 Details for
Bug 1228
kbd-int device for AIX authenticate
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
patch for AIX authenticate kbdint device
x (text/plain), 18.02 KB, created by
David Leonard
on 2006-09-14 12:49:19 AEST
(
hide
)
Description:
patch for AIX authenticate kbdint device
Filename:
MIME Type:
Creator:
David Leonard
Created:
2006-09-14 12:49:19 AEST
Size:
18.02 KB
patch
obsolete
> >This patch is copyright (c) 2006 Quest Software, Inc. >All rights reserved. > >Redistribution and use in source and binary forms, with or without >modification, are permitted provided that the following conditions >are met: > > 1. Redistributions of source code must retain the above copyright > notice, this list of conditions and the following disclaimer. > > 2. Redistributions in binary form must reproduce the above copyright > notice, this list of conditions and the following disclaimer in the > documentation and/or other materials provided with the distribution. > > 3. Neither the name of Quest Software, Inc. nor the names of its contributors > may be used to endorse or promote products derived from this software > without specific prior written permission. > >THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS >"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT >LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR >A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT >OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, >SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT >LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, >DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY >THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT >(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE >OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. > > >Index: openssh/auth2-chall.c >=================================================================== >--- openssh/auth2-chall.c (revision 32) >+++ openssh/auth2-chall.c (revision 33) >@@ -47,6 +47,9 @@ > #ifdef USE_PAM > extern KbdintDevice sshpam_device; > #endif >+#ifdef WITH_AIXAUTHENTICATE >+extern KbdintDevice sshlam_device; >+#endif > #ifdef SKEY > extern KbdintDevice skey_device; > #endif >@@ -59,6 +62,9 @@ > #ifdef USE_PAM > &sshpam_device, > #endif >+#ifdef WITH_AIXAUTHENTICATE >+ &sshlam_device, >+#endif > #ifdef SKEY > &skey_device, > #endif >@@ -343,7 +349,7 @@ > void > privsep_challenge_enable(void) > { >-#if defined(BSD_AUTH) || defined(USE_PAM) || defined(SKEY) >+#if defined(BSD_AUTH) || defined(USE_PAM) || defined(SKEY) || defined(WITH_AIXAUTHENTICATE) > int n = 0; > #endif > #ifdef BSD_AUTH >@@ -352,6 +358,9 @@ > #ifdef USE_PAM > extern KbdintDevice mm_sshpam_device; > #endif >+#ifdef WITH_AIXAUTHENTICATE >+ extern KbdintDevice mm_sshlam_device; >+#endif > #ifdef SKEY > extern KbdintDevice mm_skey_device; > #endif >@@ -362,6 +371,9 @@ > #ifdef USE_PAM > devices[n++] = &mm_sshpam_device; > #endif >+#ifdef WITH_AIXAUTHENTICATE >+ devices[n++] = &mm_sshlam_device; >+#endif > #ifdef SKEY > devices[n++] = &mm_skey_device; > #endif >Index: openssh/Makefile.in >=================================================================== >--- openssh/Makefile.in (revision 32) >+++ openssh/Makefile.in (revision 33) >@@ -86,6 +86,7 @@ > auth-krb5.o \ > auth2-gss.o gss-serv.o gss-serv-krb5.o kexgsss.o\ > loginrec.o auth-pam.o auth-shadow.o auth-sia.o md5crypt.o \ >+ auth-lam.o \ > audit.o audit-bsm.o > > MANPAGES = scp.1.out ssh-add.1.out ssh-agent.1.out ssh-keygen.1.out ssh-keyscan.1.out ssh.1.out sshd.8.out sftp-server.8.out sftp.1.out ssh-rand-helper.8.out ssh-keysign.8.out sshd_config.5.out ssh_config.5.out >Index: openssh/monitor.c >=================================================================== >--- openssh/monitor.c (revision 32) >+++ openssh/monitor.c (revision 33) >@@ -136,6 +136,13 @@ > int mm_answer_pam_free_ctx(int, Buffer *); > #endif > >+#ifdef WITH_AIXAUTHENTICATE >+int mm_answer_lam_init_ctx(int, Buffer *); >+int mm_answer_lam_query(int, Buffer *); >+int mm_answer_lam_respond(int, Buffer *); >+int mm_answer_lam_free_ctx(int, Buffer *); >+#endif >+ > #ifdef GSSAPI > int mm_answer_gss_setup_ctx(int, Buffer *); > int mm_answer_gss_accept_ctx(int, Buffer *); >@@ -192,6 +199,12 @@ > {MONITOR_REQ_PAM_RESPOND, MON_ISAUTH, mm_answer_pam_respond}, > {MONITOR_REQ_PAM_FREE_CTX, MON_ONCE|MON_AUTHDECIDE, mm_answer_pam_free_ctx}, > #endif >+#ifdef WITH_AIXAUTHENTICATE >+ {MONITOR_REQ_LAM_INIT_CTX, MON_ISAUTH, mm_answer_lam_init_ctx}, >+ {MONITOR_REQ_LAM_QUERY, MON_ISAUTH, mm_answer_lam_query}, >+ {MONITOR_REQ_LAM_RESPOND, MON_ISAUTH, mm_answer_lam_respond}, >+ {MONITOR_REQ_LAM_FREE_CTX, MON_ONCE|MON_AUTHDECIDE, mm_answer_lam_free_ctx}, >+#endif > #ifdef SSH_AUDIT_EVENTS > {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event}, > #endif >@@ -258,6 +271,12 @@ > {MONITOR_REQ_PAM_RESPOND, MON_ISAUTH, mm_answer_pam_respond}, > {MONITOR_REQ_PAM_FREE_CTX, MON_ONCE|MON_AUTHDECIDE, mm_answer_pam_free_ctx}, > #endif >+#ifdef WITH_AIXAUTHENTICATE >+ {MONITOR_REQ_LAM_INIT_CTX, MON_ISAUTH, mm_answer_lam_init_ctx}, >+ {MONITOR_REQ_LAM_QUERY, MON_ISAUTH, mm_answer_lam_query}, >+ {MONITOR_REQ_LAM_RESPOND, MON_ISAUTH, mm_answer_lam_respond}, >+ {MONITOR_REQ_LAM_FREE_CTX, MON_ONCE|MON_AUTHDECIDE, mm_answer_lam_free_ctx}, >+#endif > #ifdef SSH_AUDIT_EVENTS > {MONITOR_REQ_AUDIT_EVENT, MON_PERMIT, mm_answer_audit_event}, > #endif >@@ -959,6 +978,106 @@ > } > #endif > >+#ifdef WITH_AIXAUTHENTICATE >+static void *sshlam_ctxt, *sshlam_authok; >+extern KbdintDevice sshlam_device; >+ >+int >+mm_answer_lam_init_ctx(int sock, Buffer *m) >+{ >+ >+ debug3("%s", __func__); >+ authctxt->user = buffer_get_string(m, NULL); >+ sshlam_ctxt = (sshlam_device.init_ctx)(authctxt); >+ sshlam_authok = NULL; >+ buffer_clear(m); >+ if (sshlam_ctxt != NULL) { >+ monitor_permit(mon_dispatch, MONITOR_REQ_LAM_FREE_CTX, 1); >+ buffer_put_int(m, 1); >+ } else { >+ buffer_put_int(m, 0); >+ } >+ mm_request_send(sock, MONITOR_ANS_LAM_INIT_CTX, m); >+ return (0); >+} >+ >+int >+mm_answer_lam_query(int sock, Buffer *m) >+{ >+ char *name, *info, **prompts; >+ u_int i, num, *echo_on; >+ int ret; >+ >+ debug3("%s", __func__); >+ sshlam_authok = NULL; >+ ret = (sshlam_device.query)(sshlam_ctxt, &name, &info, &num, &prompts, &echo_on); >+ if (ret == 0 && num == 0) >+ sshlam_authok = sshlam_ctxt; >+ if (num > 1 || name == NULL || info == NULL) >+ ret = -1; >+ buffer_clear(m); >+ buffer_put_int(m, ret); >+ buffer_put_cstring(m, name); >+ xfree(name); >+ buffer_put_cstring(m, info); >+ xfree(info); >+ buffer_put_int(m, num); >+ for (i = 0; i < num; ++i) { >+ buffer_put_cstring(m, prompts[i]); >+ xfree(prompts[i]); >+ buffer_put_int(m, echo_on[i]); >+ } >+ if (prompts != NULL) >+ xfree(prompts); >+ if (echo_on != NULL) >+ xfree(echo_on); >+ mm_request_send(sock, MONITOR_ANS_LAM_QUERY, m); >+ return (0); >+} >+ >+int >+mm_answer_lam_respond(int sock, Buffer *m) >+{ >+ char **resp; >+ u_int i, num; >+ int ret; >+ >+ debug3("%s", __func__); >+ sshlam_authok = NULL; >+ num = buffer_get_int(m); >+ if (num > 0) { >+ resp = xmalloc(num * sizeof(char *)); >+ for (i = 0; i < num; ++i) >+ resp[i] = buffer_get_string(m, NULL); >+ ret = (sshlam_device.respond)(sshlam_ctxt, num, resp); >+ for (i = 0; i < num; ++i) >+ xfree(resp[i]); >+ xfree(resp); >+ } else { >+ ret = (sshlam_device.respond)(sshlam_ctxt, num, NULL); >+ } >+ buffer_clear(m); >+ buffer_put_int(m, ret); >+ mm_request_send(sock, MONITOR_ANS_LAM_RESPOND, m); >+ auth_method = "keyboard-interactive/lam"; >+ if (ret == 0) >+ sshlam_authok = sshlam_ctxt; >+ return (0); >+} >+ >+int >+mm_answer_lam_free_ctx(int sock, Buffer *m) >+{ >+ >+ debug3("%s", __func__); >+ (sshlam_device.free_ctx)(sshlam_ctxt); >+ buffer_clear(m); >+ mm_request_send(sock, MONITOR_ANS_LAM_FREE_CTX, m); >+ return (sshlam_authok && sshlam_authok == sshlam_ctxt); >+} >+#endif /* WITH_AIXAUTHENTICATE */ >+ >+ > static void > mm_append_debug(Buffer *m) > { >Index: openssh/monitor.h >=================================================================== >--- openssh/monitor.h (revision 32) >+++ openssh/monitor.h (revision 33) >@@ -60,6 +60,10 @@ > MONITOR_REQ_PAM_QUERY, MONITOR_ANS_PAM_QUERY, > MONITOR_REQ_PAM_RESPOND, MONITOR_ANS_PAM_RESPOND, > MONITOR_REQ_PAM_FREE_CTX, MONITOR_ANS_PAM_FREE_CTX, >+ MONITOR_REQ_LAM_INIT_CTX, MONITOR_ANS_LAM_INIT_CTX, >+ MONITOR_REQ_LAM_QUERY, MONITOR_ANS_LAM_QUERY, >+ MONITOR_REQ_LAM_RESPOND, MONITOR_ANS_LAM_RESPOND, >+ MONITOR_REQ_LAM_FREE_CTX, MONITOR_ANS_LAM_FREE_CTX, > MONITOR_REQ_AUDIT_EVENT, MONITOR_REQ_AUDIT_COMMAND, > MONITOR_REQ_TERM > }; >Index: openssh/auth-lam.c >=================================================================== >--- openssh/auth-lam.c (revision 0) >+++ openssh/auth-lam.c (revision 33) >@@ -0,0 +1,261 @@ >+/*- >+ * Copyright (c) 2006 Quest Software, Inc. All rights reserved. >+ * >+ * Permission to use, copy, modify, and distribute this software for any >+ * purpose with or without fee is hereby granted, provided that the above >+ * copyright notice and this permission notice appear in all copies. >+ * >+ * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES >+ * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF >+ * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR >+ * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES >+ * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN >+ * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF >+ * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. >+ */ >+ >+#include "includes.h" >+#ifdef WITH_AIXAUTHENTICATE >+#include <sys/audit.h> >+#include <usersec.h> >+#include "auth.h" >+#include "buffer.h" >+#include "bufaux.h" >+#include "canohost.h" >+#include "log.h" >+#include "monitor_wrap.h" >+#include "msg.h" >+#include "packet.h" >+#include "misc.h" >+#include "servconf.h" >+#include "ssh2.h" >+#include "uidswap.h" >+#include "xmalloc.h" >+#include "auth-options.h" >+#include "openbsd-compat/port-aix.h" >+ >+extern ServerOptions options; >+extern Buffer loginmsg; >+ >+struct lam_ctxt { >+ char * user; >+ char * message; >+ int reenter; >+ int faking_noent; >+}; >+struct Authctxt *sshlam_authctxt; >+ >+static void * sshlam_init_ctx(Authctxt *authctxt); >+static int sshlam_query(void *ctx, char **name, char **info, >+ u_int *num, char ***prompts, u_int **echo_on); >+static int sshlam_respond(void *ctx, u_int num, char **resp); >+static void sshlam_free_ctx(void *ctxtp); >+static void sshlam_force_pwchange(int reqd); >+ >+KbdintDevice sshlam_device = { >+ "lam", >+ sshlam_init_ctx, >+ sshlam_query, >+ sshlam_respond, >+ sshlam_free_ctx >+}; >+ >+KbdintDevice mm_sshlam_device = { >+ "lam", >+ mm_sshlam_init_ctx, >+ mm_sshlam_query, >+ mm_sshlam_respond, >+ mm_sshlam_free_ctx >+}; >+ >+/* >+ * Allocates and initialises storage for LAM authentication state. >+ * Returns NULL if LAM authentication is not available. >+ */ >+static void * >+sshlam_init_ctx(Authctxt *authctxt) >+{ >+ struct lam_ctxt *ctxt; >+ >+ debug3("LAM: sshlam_init_ctx entering"); >+ >+ ctxt = xmalloc(sizeof *ctxt); >+ memset(ctxt, 0, sizeof *ctxt); >+ >+ ctxt->user = xstrdup(authctxt->user); >+ ctxt->message = NULL; >+ ctxt->faking_noent = 0; >+ ctxt->reenter = 0; >+ sshlam_authctxt = authctxt; >+ >+ debug3("LAM: AUTHSTATE=%s", getenv("AUTHSTATE") ? >+ getenv("AUTHSTATE") : "NULL"); >+ >+ /* aix_setauthdb(ctxt->user); */ >+ if (authenticate(ctxt->user, NULL, &ctxt->reenter, &ctxt->message)) >+ { >+ error("LAM: authenticate(%.100s) failed: %.100s", ctxt->user, >+ strerror(errno)); >+ if (errno == ENOENT) { >+ char buf[200]; >+ /* >+ * When a user is known not to exist, we pretend >+ * that they do, and fake a password prompt >+ */ >+ logit("LAM: pretending that user '%.100s' exists", ctxt->user); >+ ctxt->faking_noent = 1; >+ snprintf(buf, sizeof buf, "%.100s's Password:", ctxt->user); >+ ctxt->message = xstrdup(buf); >+ ctxt->reenter = 1; >+ } else { >+ goto fail; >+ } >+ } >+ >+ /* Instant authentication should never happen here; >+ * 'none' authentication should have permitted it */ >+ if (!ctxt->reenter) { >+ error("LAM: %.100s authenticated immediately; ignoring", >+ ctxt->user); >+ goto fail; >+ } >+ >+ return (ctxt); >+ >+ fail: >+ sshlam_free_ctx(ctxt); >+ return (NULL); >+} >+ >+/* >+ * Releases storage associated with the context >+ * returned from sshlam_init_ctx >+ */ >+static void >+sshlam_free_ctx(void *ctxtp) >+{ >+ struct lam_ctxt *ctxt = ctxtp; >+ >+ debug3("LAM: sshlam_free_ctx entering"); >+ >+ /* aix_restoreauthdb(); */ >+ if (ctxt->message) >+ xfree(ctxt->message); >+ xfree(ctxt->user); >+ xfree(ctxt); >+} >+ >+/* >+ * Returns the user prompt for the current round of >+ * AIX LAM authentication. >+ */ >+static int >+sshlam_query(void *ctx, char **name, char **info, >+ u_int *num, char ***prompts, u_int **echo_on) >+{ >+ struct lam_ctxt *ctxt = ctx; >+ >+ debug3("LAM: sshlam_query entering"); >+ >+ *name = xstrdup(""); >+ *info = xstrdup(""); >+ *prompts = (char **)xmalloc(sizeof(char *)); >+ *echo_on = (u_int *)xmalloc(sizeof(u_int)); >+ if (ctxt->message) { >+ **prompts = ctxt->message; >+ **echo_on = 0; >+ *num = 1; >+ } else >+ *num = 0; >+ >+ return 0; >+} >+ >+/* >+ * Processes a user response for an AIX LAM authentication round. >+ * Returns >+ * 1 if another round must be performed >+ * 0 if authentication completed with success >+ * -1 if authentication failed >+ */ >+static int >+sshlam_respond(void *ctx, u_int num, char **resp) >+{ >+ struct lam_ctxt *ctxt = ctx; >+ int e; >+ char *message = NULL; >+ >+ debug2("LAM: sshlam_respond entering, %u responses", num); >+ >+ if (num != 1) { >+ error("LAM: expected one response, got %u", num); >+ return (-1); >+ } >+ >+ if (ctxt->faking_noent) >+ return (-1); >+ >+ /* Perform an authentication round */ >+ e = authenticate(ctxt->user, *resp, &ctxt->reenter, &message); >+ if (e) { >+ if (message) >+ xfree(message); >+ error("LAM: authenticate %s: %d %.100s", ctxt->user, e, >+ strerror(errno)); >+ return (-1); >+ } >+ if (ctxt->reenter) { >+ if (message == NULL) { >+ error("LAM: authenticate %s returned NULL message", ctxt->user); >+ return (-1); >+ } >+ ctxt->message = message; >+ return 1; >+ } >+ >+ /* Handle extra messages by adding them to the login banner */ >+ if (message) { >+ debug3("LAM: authenticate: %.100s", message); >+ buffer_append(&loginmsg, message, strlen(message)); >+ xfree(message); >+ message = NULL; >+ } >+ >+ /* Detect expired passwords */ >+ e = passwdexpired(ctxt->user, &message); >+ if (e == -1) { >+ error("LAM: passwdexpired %s: %.100s", ctxt->user, strerror(errno)); >+ return (-1); >+ } >+ if (message) { >+ debug3("LAM: passwdexpired: %.100s", message); >+ buffer_append(&loginmsg, message, strlen(message)); >+ xfree(message); >+ message = NULL; >+ } >+ switch (e) { >+ case 0: >+ break; >+ case 1: >+ logit("LAM: password for %s expired", ctxt->user); >+ sshlam_force_pwchange(1); >+ break; >+ case 2: >+ error("LAM: password for %s expired and unchangeable", ctxt->user); >+ return (-1); >+ default: >+ error("LAM: passwdexpired returned %d", e); >+ return (-1); >+ } >+ >+ return 0; >+} >+ >+static void >+sshlam_force_pwchange(int reqd) >+{ >+ sshlam_authctxt->force_pwchange = reqd; >+} >+ >+#endif /* WITH_AIXAUTHENTICATE */ >+ >Index: openssh/monitor_wrap.c >=================================================================== >--- openssh/monitor_wrap.c (revision 32) >+++ openssh/monitor_wrap.c (revision 33) >@@ -821,6 +821,93 @@ > } > #endif /* USE_PAM */ > >+#if WITH_AIXAUTHENTICATE >+void * >+mm_sshlam_init_ctx(Authctxt *authctxt) >+{ >+ Buffer m; >+ int success; >+ >+ debug3("%s", __func__); >+ buffer_init(&m); >+ buffer_put_cstring(&m, authctxt->user); >+ mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_LAM_INIT_CTX, &m); >+ debug3("%s: waiting for MONITOR_ANS_LAM_INIT_CTX", __func__); >+ mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_LAM_INIT_CTX, &m); >+ success = buffer_get_int(&m); >+ if (success == 0) { >+ debug3("%s: lam_init_ctx failed", __func__); >+ buffer_free(&m); >+ return (NULL); >+ } >+ buffer_free(&m); >+ return (authctxt); >+} >+ >+int >+mm_sshlam_query(void *ctx, char **name, char **info, >+ u_int *num, char ***prompts, u_int **echo_on) >+{ >+ Buffer m; >+ u_int i; >+ int ret; >+ >+ debug3("%s", __func__); >+ buffer_init(&m); >+ mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_LAM_QUERY, &m); >+ debug3("%s: waiting for MONITOR_ANS_LAM_QUERY", __func__); >+ mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_LAM_QUERY, &m); >+ ret = buffer_get_int(&m); >+ debug3("%s: lam_query returned %d", __func__, ret); >+ *name = buffer_get_string(&m, NULL); >+ *info = buffer_get_string(&m, NULL); >+ *num = buffer_get_int(&m); >+ *prompts = xmalloc((*num + 1) * sizeof(char *)); >+ *echo_on = xmalloc((*num + 1) * sizeof(u_int)); >+ for (i = 0; i < *num; ++i) { >+ (*prompts)[i] = buffer_get_string(&m, NULL); >+ (*echo_on)[i] = buffer_get_int(&m); >+ } >+ buffer_free(&m); >+ return (ret); >+} >+ >+int >+mm_sshlam_respond(void *ctx, u_int num, char **resp) >+{ >+ Buffer m; >+ u_int i; >+ int ret; >+ >+ debug3("%s", __func__); >+ buffer_init(&m); >+ buffer_put_int(&m, num); >+ for (i = 0; i < num; ++i) >+ buffer_put_cstring(&m, resp[i]); >+ mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_LAM_RESPOND, &m); >+ debug3("%s: waiting for MONITOR_ANS_LAM_RESPOND", __func__); >+ mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_LAM_RESPOND, &m); >+ ret = buffer_get_int(&m); >+ debug3("%s: lam_respond returned %d", __func__, ret); >+ buffer_free(&m); >+ return (ret); >+} >+ >+void >+mm_sshlam_free_ctx(void *ctxtp) >+{ >+ Buffer m; >+ >+ debug3("%s", __func__); >+ buffer_init(&m); >+ mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_LAM_FREE_CTX, &m); >+ debug3("%s: waiting for MONITOR_ANS_LAM_FREE_CTX", __func__); >+ mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_LAM_FREE_CTX, &m); >+ buffer_free(&m); >+} >+#endif /* WITH_AIXAUTHENTICATE */ >+ >+ > /* Request process termination */ > > void >Index: openssh/monitor_wrap.h >=================================================================== >--- openssh/monitor_wrap.h (revision 32) >+++ openssh/monitor_wrap.h (revision 33) >@@ -75,6 +75,13 @@ > void mm_sshpam_free_ctx(void *); > #endif > >+#ifdef WITH_AIXAUTHENTICATE >+void *mm_sshlam_init_ctx(struct Authctxt *); >+int mm_sshlam_query(void *, char **, char **, u_int *, char ***, u_int **); >+int mm_sshlam_respond(void *, u_int, char **); >+void mm_sshlam_free_ctx(void *); >+#endif >+ > #ifdef SSH_AUDIT_EVENTS > #include "audit.h" > void mm_audit_event(ssh_audit_event_t);
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1183">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 1228
:
1183
|
1658