Attachment #678 for bug #890

Lines 919-928 do_pam_session(void) Link Here

(-)auth-pam.c (-3 / +13 lines)
919	fatal("PAM: failed to set PAM_CONV: %s",	919	fatal("PAM: failed to set PAM_CONV: %s",
920	pam_strerror(sshpam_handle, sshpam_err));	920	pam_strerror(sshpam_handle, sshpam_err));
921	sshpam_err = pam_open_session(sshpam_handle, 0);	921	sshpam_err = pam_open_session(sshpam_handle, 0);
922	if (sshpam_err != PAM_SUCCESS)	922	if (sshpam_err == PAM_SUCCESS)
923	fatal("PAM: pam_open_session(): %s",	923	sshpam_session_open = 1;
		924	else {
		925	disable_forwarding();
		926	error("PAM: pam_open_session(): %s",
924	pam_strerror(sshpam_handle, sshpam_err));	927	pam_strerror(sshpam_handle, sshpam_err));
925	sshpam_session_open = 1;	928	}
		929
		930	}
		931
		932	int
		933	is_pam_session_open(void)
		934	{
		935	return sshpam_session_open;
926	}	936	}
927		937
928	/*	938	/*

Lines 45-49 void free_pam_environment(char **); Link Here

(-)auth-pam.h (+1 lines)
45	void sshpam_thread_cleanup(void);	45	void sshpam_thread_cleanup(void);
46	void sshpam_cleanup(void);	46	void sshpam_cleanup(void);
47	int sshpam_auth_passwd(Authctxt , const char );	47	int sshpam_auth_passwd(Authctxt , const char );
		48	int is_pam_session_open(void);
48		49
49	#endif /* USE_PAM */	50	#endif /* USE_PAM */

Lines 711-716 do_login(Session s, const char command Link Here

(-)session.c (+5 lines)
711	(struct sockaddr *)&from, fromlen);	711	(struct sockaddr *)&from, fromlen);
712		712
713	#ifdef USE_PAM	713	#ifdef USE_PAM
		714	if (options.use_pam && !is_pam_session_open()) {
		715	display_loginmsg();
		716	exit(254);
		717	}
		718
714	/*	719	/*
715	* If password change is needed, do it now.	720	* If password change is needed, do it now.
716	* This needs to occur before the ~/.hushlogin check.	721	* This needs to occur before the ~/.hushlogin check.

Return to bug 890