Bugzilla – Attachment 1300 Details for
Bug 1215
sshd requires entry from getpwnam for PAM accounts
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Authorize with PAM virtual username, not local username
patch-virtual-authorize (text/plain), 1.56 KB, created by
Jesse Zbikowski
on 2007-06-02 11:23:30 AEST
(
hide
)
Description:
Authorize with PAM virtual username, not local username
Filename:
MIME Type:
Creator:
Jesse Zbikowski
Created:
2007-06-02 11:23:30 AEST
Size:
1.56 KB
patch
obsolete
>--- vu-uc-openssh-4.3p2/auth-pam.c 2007-06-01 16:02:59.000000000 -0700 >+++ dev-openssh-4.3p2/auth-pam.c 2007-06-01 16:40:49.000000000 -0700 >@@ -358,6 +358,9 @@ > #endif > } > >+char virtual_username[64] = "\0"; >+char local_username[64] = "\0"; >+ > static > int sshpam_handle_user_change(pam_handle_t *sshpam_handle, Authctxt *authctxt) > { >@@ -374,6 +377,8 @@ > char *user = strdup(pam_user); > struct passwd *pw; > >+ strcpy(local_username, pam_user); >+ strcpy(virtual_username, authctxt->user); > if (!user) > return PAM_AUTH_ERR; > >@@ -959,11 +964,26 @@ > if (sshpam_account_status != -1) > return (sshpam_account_status); > >+ if (*virtual_username >+ && (pam_set_item(sshpam_handle, PAM_USER, virtual_username) >+ != PAM_SUCCESS)) { >+ error ("PAM: Couldn't attempt authorization with virtual username %s", >+ virtual_username); >+ } > sshpam_err = pam_acct_mgmt(sshpam_handle, 0); > debug3("PAM: %s pam_acct_mgmt = %d (%s)", __func__, sshpam_err, > pam_strerror(sshpam_handle, sshpam_err)); >+ char *user; >+ int sshpam_err = pam_get_item(sshpam_handle, PAM_USER, &user); >+ if (*virtual_username && *local_username >+ && (strcmp(user, virtual_username) == 0) >+ && (pam_set_item(sshpam_handle, PAM_USER, local_username) >+ != PAM_SUCCESS)) { >+ error ("PAM: Couldn't switch to local username %s", local_username); >+ } else { >+ sshpam_check_userchanged(); >+ } > >- sshpam_check_userchanged(); > if (getpwnam(sshpam_authctxt->pw->pw_name) == NULL) > fatal("PAM: completed authentication but PAM account invalid"); >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=1300">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 1215
:
1170
|
1171
|
1292
|
1293
|
1298
| 1300 |
1574
|
2228