Bug 687

Summary: sshd segfaults under Solaris 2.6
Product: Portable OpenSSH Reporter: Martin Siegert <siegert>
Component: PAM supportAssignee: OpenSSH Bugzilla mailing list <openssh-bugs>
Status: CLOSED WORKSFORME    
Severity: critical    
Priority: P2    
Version: 3.7.1p1   
Hardware: UltraSPARC   
OS: Solaris   
Attachments:
Description Flags
truss output and gdb traces
none
Make PAM_TTY "/dev/ssh" not "ssh" for PAM_TTY_KLUDGE none

Description Martin Siegert 2003-09-19 14:52:31 AEST 
The segmentation fault seems to occur in auth-pam.c in sshpam_thread on the
sshpam_err = pam_authenticate(sshpam_handle, 0);
line. I attach truss output as well as gdb traces from the parent and the
child.
- the segfault only appears on Solaris 2.6, the code runs fine under Solaris 8
and 9 (same configuration)
- patch #422, http://bugzilla.mindrot.org/show_bug.cgi?id=647, is applied
(although this patch should be irrelevant in our configuration since we
do have pam enabled)
- the segfault occurs with and without privsep
- the segfault does not occur under version 3.6.1p2 (with the same
configuration) with the recent patches applied
Comment 1 Martin Siegert 2003-09-19 14:58:04 AEST 
Created attachment 431 [details]
truss output and gdb traces
Comment 2 Darren Tucker 2003-11-08 21:37:44 AEDT 
Created attachment 495 [details]
Make PAM_TTY "/dev/ssh" not "ssh" for PAM_TTY_KLUDGE

Please try this patch and see if it makes a difference for you.
Comment 3 Damien Miller 2003-11-08 21:54:45 AEDT 
Hasn't this been discussed before? I thought there was a Solaris patch that
fixes the underlying problem.
Comment 4 Darren Tucker 2003-11-08 22:02:41 AEDT 
Yes, but those were different bug reports and different Solaris versions.  I was
wondering if this one was related.
Comment 5 Darren Tucker 2004-01-24 18:43:04 AEDT 
No reply==closed bug
Comment 6 Damien Miller 2004-04-14 12:24:19 AEST 
Mass change of RESOLVED bugs to CLOSED