Bugzilla – Attachment 375 Details for
Bug 423
Workaround for pw change in privsep mode (3.5.p1)
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Ported version of Dan's original session setup patch
do_setusercontext-patch (text/plain), 2.02 KB, created by
Michael Steffens
on 2003-08-30 00:46:12 AEST
(
hide
)
Description:
Ported version of Dan's original session setup patch
Filename:
MIME Type:
Creator:
Michael Steffens
Created:
2003-08-30 00:46:12 AEST
Size:
2.02 KB
patch
obsolete
>--- auth-pam.h-orig Tue Aug 26 03:58:16 2003 >+++ auth-pam.h Fri Aug 29 16:19:28 2003 >@@ -35,6 +35,7 @@ > void finish_pam(void); > u_int do_pam_account(void); > void do_pam_session(const char *, const char *); >+void do_pam_set_tty(const char *ttyname); > void do_pam_setcred(int ); > int is_pam_password_change_required(void); > void do_pam_chauthtok(void); >--- auth-pam.c-orig Tue Aug 26 03:58:16 2003 >+++ auth-pam.c Fri Aug 29 16:19:28 2003 >@@ -199,10 +199,13 @@ > { > struct pam_ctxt *ctxt = ctxtp; > Buffer buffer; >- struct pam_conv sshpam_conv = { sshpam_thread_conv, ctxt }; >+ struct pam_conv sshpam_conv; > #ifndef USE_POSIX_THREADS > const char *pam_user; > >+ sshpam_conv.conv = sshpam_thread_conv; >+ sshpam_conv.appdata_ptr = ctxt; >+ > pam_get_item(sshpam_handle, PAM_USER, (const void **)&pam_user); > setproctitle("%s [pam]", pam_user); > #endif >@@ -550,6 +553,17 @@ > fatal("PAM: pam_open_session(): %s", > pam_strerror(sshpam_handle, sshpam_err)); > sshpam_session_open = 1; >+} >+ >+void >+do_pam_set_tty(const char *ttyname) { >+ if (ttyname != NULL) { >+ debug("PAM setting tty to \"%.200s\"", ttyname); >+ sshpam_err = pam_set_item(sshpam_handle, PAM_TTY, ttyname); >+ if (sshpam_err != PAM_SUCCESS) >+ fatal("PAM set tty failed[%d]: %.200s", >+ sshpam_err, pam_strerror(sshpam_handle, sshpam_err)); >+ } > } > > void >--- session.c-orig Tue Aug 26 03:58:16 2003 >+++ session.c Fri Aug 29 16:19:28 2003 >@@ -426,7 +426,6 @@ > > #if defined(USE_PAM) > if (options.use_pam) { >- do_pam_session(s->pw->pw_name, NULL); > do_pam_setcred(1); > if (is_pam_password_change_required()) > packet_disconnect("Password change required but no " >@@ -561,7 +560,7 @@ > > #if defined(USE_PAM) > if (options.use_pam) { >- do_pam_session(s->pw->pw_name, s->tty); >+ do_pam_set_tty(s->tty); > do_pam_setcred(1); > } > #endif >@@ -1235,6 +1234,7 @@ > */ > if (options.use_pam) > do_pam_setcred(0); >+ do_pam_session(pw->pw_name,NULL); > # endif /* USE_PAM */ > # if defined(WITH_IRIX_PROJECT) || defined(WITH_IRIX_JOBS) || defined(WITH_IRIX_ARRAY) > irix_setusercontext(pw);
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=375">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 423
:
162
|
163
|
198
|
246
|
375
|
376
|
377