Bugzilla – Attachment 726 Details for
Bug 936
S/Key authentication fails if UsePAM=no
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
remove "pam" from kbdint devices if UsePAM=no take 2
openssh-chall2-authtype.patch (text/plain), 2.62 KB, created by
Darren Tucker
on 2004-10-07 20:42:56 AEST
(
hide
)
Description:
remove "pam" from kbdint devices if UsePAM=no take 2
Filename:
MIME Type:
Creator:
Darren Tucker
Created:
2004-10-07 20:42:56 AEST
Size:
2.62 KB
patch
obsolete
>Index: auth-chall.c >=================================================================== >RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/auth-chall.c,v >retrieving revision 1.14 >diff -u -p -r1.14 auth-chall.c >--- auth-chall.c 21 Nov 2003 12:48:55 -0000 1.14 >+++ auth-chall.c 7 Oct 2004 07:52:52 -0000 >@@ -28,11 +28,13 @@ RCSID("$OpenBSD: auth-chall.c,v 1.9 2003 > #include "auth.h" > #include "log.h" > #include "xmalloc.h" >+#include "servconf.h" > > /* limited protocol v1 interface to kbd-interactive authentication */ > > extern KbdintDevice *devices[]; > static KbdintDevice *device; >+extern ServerOptions options; > > char * > get_challenge(Authctxt *authctxt) >@@ -40,6 +42,11 @@ get_challenge(Authctxt *authctxt) > char *challenge, *name, *info, **prompts; > u_int i, numprompts; > u_int *echo_on; >+ >+#ifdef USE_PAM >+ if (!options.use_pam) >+ remove_kbdint_device("pam"); >+#endif > > device = devices[0]; /* we always use the 1st device for protocol 1 */ > if (device == NULL) >Index: auth.h >=================================================================== >RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/auth.h,v >retrieving revision 1.63 >diff -u -p -r1.63 auth.h >--- auth.h 11 Sep 2004 13:07:03 -0000 1.63 >+++ auth.h 7 Oct 2004 07:53:16 -0000 >@@ -130,6 +130,8 @@ int auth_shadow_pwexpired(Authctxt *); > #endif > > #include "auth-pam.h" >+void remove_kbdint_device(const char *); >+ > void disable_forwarding(void); > > void do_authentication(Authctxt *); >Index: auth2-chall.c >=================================================================== >RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/auth2-chall.c,v >retrieving revision 1.23 >diff -u -p -r1.23 auth2-chall.c >--- auth2-chall.c 15 Jun 2004 00:28:25 -0000 1.23 >+++ auth2-chall.c 7 Oct 2004 10:36:00 -0000 >@@ -32,6 +32,10 @@ RCSID("$OpenBSD: auth2-chall.c,v 1.21 20 > #include "xmalloc.h" > #include "dispatch.h" > #include "log.h" >+#include "servconf.h" >+ >+/* import */ >+extern ServerOptions options; > > static int auth2_challenge_start(Authctxt *); > static int send_userauth_info_request(Authctxt *); >@@ -71,12 +75,32 @@ struct KbdintAuthctxt > u_int nreq; > }; > >+#ifdef USE_PAM >+void >+remove_kbdint_device(const char *devname) >+{ >+ int i, j; >+ >+ for (i = 0; devices[i] != NULL; i++) >+ if (strcmp(devices[i]->name, devname) == 0) { >+ for (j = i; devices[j] != NULL; j++) >+ devices[j] = devices[j+1]; >+ i--; >+ } >+} >+#endif >+ > static KbdintAuthctxt * > kbdint_alloc(const char *devs) > { > KbdintAuthctxt *kbdintctxt; > Buffer b; > int i; >+ >+#ifdef USE_PAM >+ if (!options.use_pam) >+ remove_kbdint_device("pam"); >+#endif > > kbdintctxt = xmalloc(sizeof(KbdintAuthctxt)); > if (strcmp(devs, "") == 0) {
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=726">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Flags:
djm
:
ok+
Actions:
View
|
Diff
Attachments on
bug 936
:
720
|
721
|
723
|
724
|
725
| 726