mirror of git://anongit.mindrot.org/openssh.git
- (dtucker) [auth-pam.c] Since people don't seem to be getting the message
that USE_POSIX_THREADS is unsupported, not recommended and generally a bad idea, it is now known as UNSUPPORTED_POSIX_THREADS_HACK. Attempting to use USE_POSIX_THREADS will now generate an error so we don't silently change behaviour. ok djm@
This commit is contained in:
parent
4d8f560c39
commit
328118aa79
11
ChangeLog
11
ChangeLog
|
@ -1,6 +1,11 @@
|
||||||
20050524
|
20050524
|
||||||
- (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
|
- (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
|
||||||
[contrib/suse/openssh.spec] Update spec file versions to 4.1p1
|
[contrib/suse/openssh.spec] Update spec file versions to 4.1p1
|
||||||
|
- (dtucker) [auth-pam.c] Since people don't seem to be getting the message
|
||||||
|
that USE_POSIX_THREADS is unsupported, not recommended and generally a bad
|
||||||
|
idea, it is now known as UNSUPPORTED_POSIX_THREADS_HACK. Attempting to use
|
||||||
|
USE_POSIX_THREADS will now generate an error so we don't silently change
|
||||||
|
behaviour. ok djm@
|
||||||
|
|
||||||
20050524
|
20050524
|
||||||
- (djm) [openbsd-compat/readpassphrase.c] bz #950: Retry tcsetattr to ensure
|
- (djm) [openbsd-compat/readpassphrase.c] bz #950: Retry tcsetattr to ensure
|
||||||
|
@ -48,10 +53,6 @@
|
||||||
- (dtucker) [session.c] Bug #1024: Don't check pam_session_is_open if
|
- (dtucker) [session.c] Bug #1024: Don't check pam_session_is_open if
|
||||||
UseLogin is set as PAM is not used to establish credentials in that
|
UseLogin is set as PAM is not used to establish credentials in that
|
||||||
case. Found by Michael Selvesteen, ok djm@
|
case. Found by Michael Selvesteen, ok djm@
|
||||||
- (dtucker) [auth-pam.c] Since people don't seem to be getting the message,
|
|
||||||
USE_POSIX_THREADS is now known as UNSUPPORTED_POSIX_THREADS_HACK.
|
|
||||||
USE_POSIX_THREADS will now generate an error so we don't silently change
|
|
||||||
behaviour. ok djm@
|
|
||||||
|
|
||||||
20050419
|
20050419
|
||||||
- (dtucker) [INSTALL] Reference README.privsep for the privilege separation
|
- (dtucker) [INSTALL] Reference README.privsep for the privilege separation
|
||||||
|
@ -2491,4 +2492,4 @@
|
||||||
- (djm) Trim deprecated options from INSTALL. Mention UsePAM
|
- (djm) Trim deprecated options from INSTALL. Mention UsePAM
|
||||||
- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
|
- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
|
||||||
|
|
||||||
$Id: ChangeLog,v 1.3757 2005/05/25 04:43:47 djm Exp $
|
$Id: ChangeLog,v 1.3758 2005/05/25 06:18:09 dtucker Exp $
|
||||||
|
|
22
auth-pam.c
22
auth-pam.c
|
@ -47,7 +47,7 @@
|
||||||
|
|
||||||
/* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */
|
/* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: auth-pam.c,v 1.121 2005/01/20 02:29:51 dtucker Exp $");
|
RCSID("$Id: auth-pam.c,v 1.122 2005/05/25 06:18:10 dtucker Exp $");
|
||||||
|
|
||||||
#ifdef USE_PAM
|
#ifdef USE_PAM
|
||||||
#if defined(HAVE_SECURITY_PAM_APPL_H)
|
#if defined(HAVE_SECURITY_PAM_APPL_H)
|
||||||
|
@ -76,7 +76,17 @@ extern Buffer loginmsg;
|
||||||
extern int compat20;
|
extern int compat20;
|
||||||
extern u_int utmp_len;
|
extern u_int utmp_len;
|
||||||
|
|
||||||
|
/* so we don't silently change behaviour */
|
||||||
#ifdef USE_POSIX_THREADS
|
#ifdef USE_POSIX_THREADS
|
||||||
|
# error "USE_POSIX_THREADS replaced by UNSUPPORTED_POSIX_THREADS_HACK"
|
||||||
|
#endif
|
||||||
|
|
||||||
|
/*
|
||||||
|
* Formerly known as USE_POSIX_THREADS, using this is completely unsupported
|
||||||
|
* and generally a bad idea. Use at own risk and do not expect support if
|
||||||
|
* this breaks.
|
||||||
|
*/
|
||||||
|
#ifdef UNSUPPORTED_POSIX_THREADS_HACK
|
||||||
#include <pthread.h>
|
#include <pthread.h>
|
||||||
/*
|
/*
|
||||||
* Avoid namespace clash when *not* using pthreads for systems *with*
|
* Avoid namespace clash when *not* using pthreads for systems *with*
|
||||||
|
@ -98,7 +108,7 @@ struct pam_ctxt {
|
||||||
static void sshpam_free_ctx(void *);
|
static void sshpam_free_ctx(void *);
|
||||||
static struct pam_ctxt *cleanup_ctxt;
|
static struct pam_ctxt *cleanup_ctxt;
|
||||||
|
|
||||||
#ifndef USE_POSIX_THREADS
|
#ifndef UNSUPPORTED_POSIX_THREADS_HACK
|
||||||
/*
|
/*
|
||||||
* Simulate threads with processes.
|
* Simulate threads with processes.
|
||||||
*/
|
*/
|
||||||
|
@ -255,7 +265,7 @@ import_environments(Buffer *b)
|
||||||
|
|
||||||
debug3("PAM: %s entering", __func__);
|
debug3("PAM: %s entering", __func__);
|
||||||
|
|
||||||
#ifndef USE_POSIX_THREADS
|
#ifndef UNSUPPORTED_POSIX_THREADS_HACK
|
||||||
/* Import variables set by do_pam_account */
|
/* Import variables set by do_pam_account */
|
||||||
sshpam_account_status = buffer_get_int(b);
|
sshpam_account_status = buffer_get_int(b);
|
||||||
sshpam_password_change_required(buffer_get_int(b));
|
sshpam_password_change_required(buffer_get_int(b));
|
||||||
|
@ -384,7 +394,7 @@ sshpam_thread(void *ctxtp)
|
||||||
struct pam_conv sshpam_conv;
|
struct pam_conv sshpam_conv;
|
||||||
int flags = (options.permit_empty_passwd == 0 ?
|
int flags = (options.permit_empty_passwd == 0 ?
|
||||||
PAM_DISALLOW_NULL_AUTHTOK : 0);
|
PAM_DISALLOW_NULL_AUTHTOK : 0);
|
||||||
#ifndef USE_POSIX_THREADS
|
#ifndef UNSUPPORTED_POSIX_THREADS_HACK
|
||||||
extern char **environ;
|
extern char **environ;
|
||||||
char **env_from_pam;
|
char **env_from_pam;
|
||||||
u_int i;
|
u_int i;
|
||||||
|
@ -428,7 +438,7 @@ sshpam_thread(void *ctxtp)
|
||||||
|
|
||||||
buffer_put_cstring(&buffer, "OK");
|
buffer_put_cstring(&buffer, "OK");
|
||||||
|
|
||||||
#ifndef USE_POSIX_THREADS
|
#ifndef UNSUPPORTED_POSIX_THREADS_HACK
|
||||||
/* Export variables set by do_pam_account */
|
/* Export variables set by do_pam_account */
|
||||||
buffer_put_int(&buffer, sshpam_account_status);
|
buffer_put_int(&buffer, sshpam_account_status);
|
||||||
buffer_put_int(&buffer, sshpam_authctxt->force_pwchange);
|
buffer_put_int(&buffer, sshpam_authctxt->force_pwchange);
|
||||||
|
@ -447,7 +457,7 @@ sshpam_thread(void *ctxtp)
|
||||||
buffer_put_int(&buffer, i);
|
buffer_put_int(&buffer, i);
|
||||||
for(i = 0; env_from_pam != NULL && env_from_pam[i] != NULL; i++)
|
for(i = 0; env_from_pam != NULL && env_from_pam[i] != NULL; i++)
|
||||||
buffer_put_cstring(&buffer, env_from_pam[i]);
|
buffer_put_cstring(&buffer, env_from_pam[i]);
|
||||||
#endif /* USE_POSIX_THREADS */
|
#endif /* UNSUPPORTED_POSIX_THREADS_HACK */
|
||||||
|
|
||||||
/* XXX - can't do much about an error here */
|
/* XXX - can't do much about an error here */
|
||||||
ssh_msg_send(ctxt->pam_csock, sshpam_err, &buffer);
|
ssh_msg_send(ctxt->pam_csock, sshpam_err, &buffer);
|
||||||
|
|
Loading…
Reference in New Issue