Bugzilla – Attachment 1293 Details for
Bug 1215
sshd requires entry from getpwnam for PAM accounts
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Remember the mapped username and restore it
auth-pam-remap-hack-patch (text/plain), 1.95 KB, created by
Jesse Zbikowski
on 2007-05-19 11:26:35 AEST
(
hide
)
Description:
Remember the mapped username and restore it
Filename:
MIME Type:
Creator:
Jesse Zbikowski
Created:
2007-05-19 11:26:35 AEST
Size:
1.95 KB
patch
obsolete
>--- auth-pam.c 2007-05-18 16:14:28.000000000 -0700 >+++ auth-pam.c.submit 2007-05-18 17:04:21.000000000 -0700 >@@ -83,6 +83,9 @@ > extern int compat20; > extern u_int utmp_len; > >+#define PAM_MAP_USER "PAM_MAP_USER" >+#define PAM_MAP_USER_LEN 12 >+ > /* so we don't silently change behaviour */ > #ifdef USE_POSIX_THREADS > # error "USE_POSIX_THREADS replaced by UNSUPPORTED_POSIX_THREADS_HACK" >@@ -281,6 +284,8 @@ > if (strcmp(user, sshpam_authctxt->pw->pw_name) != 0) { > debug("PAM: user mapped from '%.100s' to '%.100s'", > sshpam_authctxt->pw->pw_name, user); >+ setenv(PAM_MAP_USER, user, 1); >+ debug("Setting " PAM_MAP_USER " to %s", user); > if ((pw = getpwnam(user)) == NULL) > fatal("PAM: could not get passwd entry for user " > "'%.100s' provided by PAM_USER", user); >@@ -326,18 +331,26 @@ > sshpam_password_change_required(buffer_get_int(b)); > user = buffer_get_string(b, NULL); > debug("PAM: got username '%.100s' from thread", user); >- if ((err = pam_set_item(sshpam_handle, PAM_USER, user)) != PAM_SUCCESS) >- fatal("PAM: failed to set PAM_USER: %s", >- pam_strerror(sshpam_handle, err)); >- pwfree(sshpam_authctxt->pw); >- sshpam_authctxt->pw = pwcopy(sshpam_getpw(user)); > > /* Import environment from subprocess */ > num_env = buffer_get_int(b); > sshpam_env = xmalloc((num_env + 1) * sizeof(*sshpam_env)); > debug3("PAM: num env strings %d", num_env); >- for(i = 0; i < num_env; i++) >+ for(i = 0; i < num_env; i++) { > sshpam_env[i] = buffer_get_string(b, NULL); >+ debug(sshpam_env[i]); >+ if (strncmp(sshpam_env[i], PAM_MAP_USER, PAM_MAP_USER_LEN) == 0) { >+ user = sshpam_env[i] + PAM_MAP_USER_LEN + 1; >+ if ((err = pam_set_item(sshpam_handle, PAM_USER, user)) >+ != PAM_SUCCESS) >+ fatal("PAM: failed to set PAM_USER: %s", >+ pam_strerror(sshpam_handle, err)); >+ pwfree(sshpam_authctxt->pw); >+ sshpam_authctxt->pw = pwcopy(sshpam_getpw(user)); >+ >+ debug("RESTORED USER %s", user); >+ } >+ } > > sshpam_env[num_env] = NULL; >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1293">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 1215
:
1170
|
1171
|
1292
|
1293
|
1298
|
1300
|
1574
|
2228