|
Lines 186-191
static int sshpam_account_status = -1;
Link Here
|
| 186 |
static char **sshpam_env = NULL; |
186 |
static char **sshpam_env = NULL; |
| 187 |
static Authctxt *sshpam_authctxt = NULL; |
187 |
static Authctxt *sshpam_authctxt = NULL; |
| 188 |
static const char *sshpam_password = NULL; |
188 |
static const char *sshpam_password = NULL; |
|
|
189 |
static char badpw[] = "\b\n\r\177INCORRECT"; |
| 189 |
|
190 |
|
| 190 |
/* Some PAM implementations don't implement this */ |
191 |
/* Some PAM implementations don't implement this */ |
| 191 |
#ifndef HAVE_PAM_GETENVLIST |
192 |
#ifndef HAVE_PAM_GETENVLIST |
|
Lines 746-752
sshpam_respond(void *ctx, u_int num, cha
Link Here
|
| 746 |
return (-1); |
747 |
return (-1); |
| 747 |
} |
748 |
} |
| 748 |
buffer_init(&buffer); |
749 |
buffer_init(&buffer); |
| 749 |
buffer_put_cstring(&buffer, *resp); |
750 |
if (sshpam_authctxt->valid && |
|
|
751 |
(sshpam_authctxt->pw->pw_uid != 0 || |
| 752 |
options.permit_root_login == PERMIT_YES)) |
| 753 |
buffer_put_cstring(&buffer, *resp); |
| 754 |
else |
| 755 |
buffer_put_cstring(&buffer, badpw); |
| 750 |
if (ssh_msg_send(ctxt->pam_psock, PAM_AUTHTOK, &buffer) == -1) { |
756 |
if (ssh_msg_send(ctxt->pam_psock, PAM_AUTHTOK, &buffer) == -1) { |
| 751 |
buffer_free(&buffer); |
757 |
buffer_free(&buffer); |
| 752 |
return (-1); |
758 |
return (-1); |
|
Lines 1093-1099
sshpam_auth_passwd(Authctxt *authctxt, c
Link Here
|
| 1093 |
{ |
1099 |
{ |
| 1094 |
int flags = (options.permit_empty_passwd == 0 ? |
1100 |
int flags = (options.permit_empty_passwd == 0 ? |
| 1095 |
PAM_DISALLOW_NULL_AUTHTOK : 0); |
1101 |
PAM_DISALLOW_NULL_AUTHTOK : 0); |
| 1096 |
static char badpw[] = "\b\n\r\177INCORRECT"; |
|
|
| 1097 |
|
1102 |
|
| 1098 |
if (!options.use_pam || sshpam_handle == NULL) |
1103 |
if (!options.use_pam || sshpam_handle == NULL) |
| 1099 |
fatal("PAM: %s called when PAM disabled or failed to " |
1104 |
fatal("PAM: %s called when PAM disabled or failed to " |