Bug 1710

Summary: aix_setauthdb/aix_restoredb are not called in getpwnamallow() causing permanently_set_uid() to fail
Product: Portable OpenSSH Reporter: Alexandre Letourneau <letourneau.alexandre>
Component: sshdAssignee: Assigned to nobody <unassigned-bugs>
Status: CLOSED FIXED    
Severity: normal CC: burgergold, dtucker
Priority: P2    
Version: 5.3p1   
Hardware: PPC   
OS: AIX   
Bug Depends on:    
Bug Blocks: 1626    
Attachments:
Description Flags
A patch fixing this issue
none
Level 3 debug logs showing the problem none

Description Alexandre Letourneau 2010-02-02 05:48:15 AEDT 
Created attachment 1787 [details]
A patch fixing this issue

We are using a bunch of diffrent LAMs to authenticate users, and
while qualifying openSSH5.3p1 on aix 5.3 and 6.1 we discovered 
a small bug.

In auth.c inside the function getpwnamallow(const char *user)
getpwnam(user) is called w/o setting the authdb first.

This results in the wrong authdb being used to retrieve the
user's passwd structure: it uses the default LAM. 
(ie: the first one it finds in /usr/lib/security/methods.cfg)

setauthdb() is called during the authentication phase
(which is very good), but it is also necessary to make 
the call before using getpwnam/getpwuid/etc.

This is easly fixed by wrapping aix_setauthdb()/aix_restoredb [from port-aix.c] around the getpwnam(user) call [in auth.c]

I attached a patch, that I tested on aix 5.3 and aix 6.1, fixing this issue.
Comment 1 Alexandre Letourneau 2010-02-02 05:49:02 AEDT 
Created attachment 1788 [details]
Level 3 debug logs showing the problem
Comment 2 Darren Tucker 2010-02-12 10:39:18 AEDT 
Thanks, I'll look at this.
Comment 3 Yannick Bergeron 2010-03-06 07:25:23 AEDT 
is it still planned to be included in 5.4?

I saw that some bugs that were previously blocks for 5.4 were moved to 5.5

We would really appreciate that this fix could be included in 5.4
Comment 4 Darren Tucker 2010-03-07 11:57:53 AEDT 
Patch applied, thanks.  It will be in 5.4p1.

I think that after the release we should put a getpwnam() wrapper in port-aix.c that does this to keep the diffs out of the mainline code.
Comment 5 Alexandre Letourneau 2010-03-07 16:50:49 AEDT 
Thanks, yes it would be much cleaner that way. I could work on it.
Comment 6 Darren Tucker 2010-03-26 10:52:13 AEDT 
With the release of 5.4p1, this bug is now considered closed.