RepoMirrors
/
openssh
mirror of git://anongit.mindrot.org/openssh.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

- (dtucker) [auth-pam.c] Since people don't seem to be getting the message 

that USE_POSIX_THREADS is unsupported, not recommended and generally a bad
   idea, it is now known as UNSUPPORTED_POSIX_THREADS_HACK.  Attempting to use
   USE_POSIX_THREADS will now generate an error so we don't silently change
   behaviour.  ok djm@
This commit is contained in:
Darren Tucker 2005-05-25 16:18:09 +10:00
parent 4d8f560c39
commit 328118aa79
2 changed files with 22 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
ChangeLog
View File

@ -1,6 +1,11 @@
20050524 20050524
- (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec] - (djm) [contrib/caldera/openssh.spec contrib/redhat/openssh.spec]
[contrib/suse/openssh.spec] Update spec file versions to 4.1p1 [contrib/suse/openssh.spec] Update spec file versions to 4.1p1
- (dtucker) [auth-pam.c] Since people don't seem to be getting the message
that USE_POSIX_THREADS is unsupported, not recommended and generally a bad
idea, it is now known as UNSUPPORTED_POSIX_THREADS_HACK. Attempting to use
USE_POSIX_THREADS will now generate an error so we don't silently change
behaviour. ok djm@
20050524 20050524
- (djm) [openbsd-compat/readpassphrase.c] bz #950: Retry tcsetattr to ensure - (djm) [openbsd-compat/readpassphrase.c] bz #950: Retry tcsetattr to ensure
@ -48,10 +53,6 @@
- (dtucker) [session.c] Bug #1024: Don't check pam_session_is_open if - (dtucker) [session.c] Bug #1024: Don't check pam_session_is_open if
UseLogin is set as PAM is not used to establish credentials in that UseLogin is set as PAM is not used to establish credentials in that
case. Found by Michael Selvesteen, ok djm@ case. Found by Michael Selvesteen, ok djm@
- (dtucker) [auth-pam.c] Since people don't seem to be getting the message,
USE_POSIX_THREADS is now known as UNSUPPORTED_POSIX_THREADS_HACK.
USE_POSIX_THREADS will now generate an error so we don't silently change
behaviour. ok djm@
20050419 20050419
- (dtucker) [INSTALL] Reference README.privsep for the privilege separation - (dtucker) [INSTALL] Reference README.privsep for the privilege separation
@ -2491,4 +2492,4 @@
- (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Trim deprecated options from INSTALL. Mention UsePAM
- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
$Id: ChangeLog,v 1.3757 2005/05/25 04:43:47 djm Exp $ $Id: ChangeLog,v 1.3758 2005/05/25 06:18:09 dtucker Exp $

22
auth-pam.c
View File

@ -47,7 +47,7 @@
/* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */
#include "includes.h" #include "includes.h"
RCSID("$Id: auth-pam.c,v 1.121 2005/01/20 02:29:51 dtucker Exp $"); RCSID("$Id: auth-pam.c,v 1.122 2005/05/25 06:18:10 dtucker Exp $");
#ifdef USE_PAM #ifdef USE_PAM
#if defined(HAVE_SECURITY_PAM_APPL_H) #if defined(HAVE_SECURITY_PAM_APPL_H)
@ -76,7 +76,17 @@ extern Buffer loginmsg;
extern int compat20; extern int compat20;
extern u_int utmp_len; extern u_int utmp_len;
/* so we don't silently change behaviour */
#ifdef USE_POSIX_THREADS #ifdef USE_POSIX_THREADS
# error "USE_POSIX_THREADS replaced by UNSUPPORTED_POSIX_THREADS_HACK"
#endif
/*
* Formerly known as USE_POSIX_THREADS, using this is completely unsupported
* and generally a bad idea. Use at own risk and do not expect support if
* this breaks.
*/
#ifdef UNSUPPORTED_POSIX_THREADS_HACK
#include <pthread.h> #include <pthread.h>
/* /*
* Avoid namespace clash when *not* using pthreads for systems *with* * Avoid namespace clash when *not* using pthreads for systems *with*
@ -98,7 +108,7 @@ struct pam_ctxt {
static void sshpam_free_ctx(void *); static void sshpam_free_ctx(void *);
static struct pam_ctxt *cleanup_ctxt; static struct pam_ctxt *cleanup_ctxt;
#ifndef USE_POSIX_THREADS #ifndef UNSUPPORTED_POSIX_THREADS_HACK
/* /*
* Simulate threads with processes. * Simulate threads with processes.
*/ */
@ -255,7 +265,7 @@ import_environments(Buffer *b)
debug3("PAM: %s entering", __func__); debug3("PAM: %s entering", __func__);
#ifndef USE_POSIX_THREADS #ifndef UNSUPPORTED_POSIX_THREADS_HACK
/* Import variables set by do_pam_account */ /* Import variables set by do_pam_account */
sshpam_account_status = buffer_get_int(b); sshpam_account_status = buffer_get_int(b);
sshpam_password_change_required(buffer_get_int(b)); sshpam_password_change_required(buffer_get_int(b));
@ -384,7 +394,7 @@ sshpam_thread(void *ctxtp)
struct pam_conv sshpam_conv; struct pam_conv sshpam_conv;
int flags = (options.permit_empty_passwd == 0 ? int flags = (options.permit_empty_passwd == 0 ?
PAM_DISALLOW_NULL_AUTHTOK : 0); PAM_DISALLOW_NULL_AUTHTOK : 0);
#ifndef USE_POSIX_THREADS #ifndef UNSUPPORTED_POSIX_THREADS_HACK
extern char **environ; extern char **environ;
char **env_from_pam; char **env_from_pam;
u_int i; u_int i;
@ -428,7 +438,7 @@ sshpam_thread(void *ctxtp)
buffer_put_cstring(&buffer, "OK"); buffer_put_cstring(&buffer, "OK");
#ifndef USE_POSIX_THREADS #ifndef UNSUPPORTED_POSIX_THREADS_HACK
/* Export variables set by do_pam_account */ /* Export variables set by do_pam_account */
buffer_put_int(&buffer, sshpam_account_status); buffer_put_int(&buffer, sshpam_account_status);
buffer_put_int(&buffer, sshpam_authctxt->force_pwchange); buffer_put_int(&buffer, sshpam_authctxt->force_pwchange);
@ -447,7 +457,7 @@ sshpam_thread(void *ctxtp)
buffer_put_int(&buffer, i); buffer_put_int(&buffer, i);
for(i = 0; env_from_pam != NULL && env_from_pam[i] != NULL; i++) for(i = 0; env_from_pam != NULL && env_from_pam[i] != NULL; i++)
buffer_put_cstring(&buffer, env_from_pam[i]); buffer_put_cstring(&buffer, env_from_pam[i]);
#endif /* USE_POSIX_THREADS */ #endif /* UNSUPPORTED_POSIX_THREADS_HACK */
/* XXX - can't do much about an error here */ /* XXX - can't do much about an error here */
ssh_msg_send(ctxt->pam_csock, sshpam_err, &buffer); ssh_msg_send(ctxt->pam_csock, sshpam_err, &buffer);