Bug 796 - sshd should restore previous authdb setting
Summary: sshd should restore previous authdb setting
Status: CLOSED FIXED
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: sshd (show other bugs)
Version: -current
Hardware: PPC AIX
: P2 normal
Assignee: OpenSSH Bugzilla mailing list
URL:
Keywords:
Depends on:
Blocks: 793
  Show dependency treegraph
 
Reported: 2004-01-25 17:53 AEDT by Darren Tucker
Modified: 2004-04-14 12:24 AEST (History)
0 users

See Also:

Attachments
Restore old authdb setting after aix auth calls. (3.81 KB, patch)
2004-01-27 18:35 AEDT, Darren Tucker 		no flags Details | Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Darren Tucker 2004-01-25 17:53:11 AEDT 
Currently on AIX, sshd does something like this:
    setauthdb([whatever]);
    aix_auth_functions();
    [ much other stuff ]
    setpcred();

In some cases, (eg if the password registry is NIS) the setpcred call fails. 
(This is possibly a bug in the AIX NIS module, this behaviour has been reported
on AIX 5.1 ML4 and AIX 5.2 ML2.)

sshd should probably restore the previous authdb setting after calling the AIX
auth functions.
Comment 1 Darren Tucker 2004-01-27 17:20:14 AEDT 
Also reported as not working: AIX 5.1 ML5 with NIS and AFS password registries.
Comment 2 Darren Tucker 2004-01-27 18:35:27 AEDT 
Created attachment 536 [details]
Restore old authdb setting after aix auth calls.

Note: the patch will probably only apply to a recent snapshot:
ftp://ftp.ca.openbsd.org/pub/OpenBSD/OpenSSH/portable/snapshot/
Comment 3 Darren Tucker 2004-02-06 16:19:33 AEDT 
The patch has been applied, closing.

 - (dtucker) [openbsd-compat/port-aix.c openbsd-compat/port-aix.h] Bug #796:
   Restore previous authdb setting after auth calls.  Fixes problems with
   setpcred failing on accounts that use AFS or NIS password registries.
Comment 4 Damien Miller 2004-04-14 12:24:20 AEST 
Mass change of RESOLVED bugs to CLOSED