View | Details | Raw Unified | Return to bug 890 | Differences between
and this patch

Collapse All | Expand All

(-)auth-pam.c (-3 / +13 lines)
Lines 919-928 do_pam_session(void) Link Here
919
		fatal("PAM: failed to set PAM_CONV: %s",
919
		fatal("PAM: failed to set PAM_CONV: %s",
920
		    pam_strerror(sshpam_handle, sshpam_err));
920
		    pam_strerror(sshpam_handle, sshpam_err));
921
	sshpam_err = pam_open_session(sshpam_handle, 0);
921
	sshpam_err = pam_open_session(sshpam_handle, 0);
922
	if (sshpam_err != PAM_SUCCESS)
922
	if (sshpam_err == PAM_SUCCESS)
923
		fatal("PAM: pam_open_session(): %s",
923
		sshpam_session_open = 1;
924
	else {
925
		disable_forwarding();
926
		error("PAM: pam_open_session(): %s",
924
		    pam_strerror(sshpam_handle, sshpam_err));
927
		    pam_strerror(sshpam_handle, sshpam_err));
925
	sshpam_session_open = 1;
928
	}
929
930
}
931
932
int
933
is_pam_session_open(void)
934
{
935
	return sshpam_session_open;
926
}
936
}
927
937
928
/*
938
/*
(-)auth-pam.h (+1 lines)
Lines 45-49 void free_pam_environment(char **); Link Here
45
void sshpam_thread_cleanup(void);
45
void sshpam_thread_cleanup(void);
46
void sshpam_cleanup(void);
46
void sshpam_cleanup(void);
47
int sshpam_auth_passwd(Authctxt *, const char *);
47
int sshpam_auth_passwd(Authctxt *, const char *);
48
int is_pam_session_open(void);
48
49
49
#endif /* USE_PAM */
50
#endif /* USE_PAM */
(-)session.c (+7 lines)
Lines 1441-1446 do_child(Session *s, const char *command Link Here
1441
#endif /* HAVE_OSF_SIA */
1441
#endif /* HAVE_OSF_SIA */
1442
	}
1442
	}
1443
1443
1444
#ifdef USE_PAM
1445
	if (options.use_pam && !is_pam_session_open()) {
1446
		display_loginmsg();
1447
		exit(254);
1448
	}
1449
#endif
1450
1444
	/*
1451
	/*
1445
	 * Get the shell from the password data.  An empty shell field is
1452
	 * Get the shell from the password data.  An empty shell field is
1446
	 * legal, and means /bin/sh.
1453
	 * legal, and means /bin/sh.

Return to bug 890