Attachment 766 Details for Bug 971 – Feed bogus input to PAM for invalid logins

[patch] Feed bogus input to PAM for invalid logins

openssh-pam-kbdint-leak.patch (text/plain), 1.35 KB, created by Darren Tucker on 2005-01-11 18:12:21 AEDT

(hide)

Description:

Filename:

MIME Type:

Creator: Darren Tucker

Created: 2005-01-11 18:12:21 AEDT

Size: 1.35 KB

patch

obsolete

>Index: auth-pam.c
>===================================================================
>RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/auth-pam.c,v
>retrieving revision 1.118
>diff -u -p -r1.118 auth-pam.c
>--- auth-pam.c	16 Oct 2004 08:52:44 -0000	1.118
>+++ auth-pam.c	21 Dec 2004 11:23:23 -0000
>@@ -186,6 +186,7 @@ static int sshpam_account_status = -1;
> static char **sshpam_env = NULL;
> static Authctxt *sshpam_authctxt = NULL;
> static const char *sshpam_password = NULL;
>+static char badpw[] = "\b\n\r\177INCORRECT";
> 
> /* Some PAM implementations don't implement this */
> #ifndef HAVE_PAM_GETENVLIST
>@@ -746,7 +747,12 @@ sshpam_respond(void *ctx, u_int num, cha
> 		return (-1);
> 	}
> 	buffer_init(&buffer);
>-	buffer_put_cstring(&buffer, *resp);
>+	if (sshpam_authctxt->valid &&
>+	    (sshpam_authctxt->pw->pw_uid != 0 ||
>+	     options.permit_root_login == PERMIT_YES))
>+		buffer_put_cstring(&buffer, *resp);
>+	else
>+		buffer_put_cstring(&buffer, badpw);
> 	if (ssh_msg_send(ctxt->pam_psock, PAM_AUTHTOK, &buffer) == -1) {
> 		buffer_free(&buffer);
> 		return (-1);
>@@ -1093,7 +1099,6 @@ sshpam_auth_passwd(Authctxt *authctxt, c
> {
> 	int flags = (options.permit_empty_passwd == 0 ?
> 	    PAM_DISALLOW_NULL_AUTHTOK : 0);
>-	static char badpw[] = "\b\n\r\177INCORRECT";
> 
> 	if (!options.use_pam || sshpam_handle == NULL)
> 		fatal("PAM: %s called when PAM disabled or failed to "

Actions: View | Diff

Attachments on bug 971: 765 | 766 | 771 | 775