mirror of git://anongit.mindrot.org/openssh.git
- Calls to pam_setcred, patch from Nalin Dahyabhai
<nalin@thermo.stat.ncsu.edu>
This commit is contained in:
parent
d00d1611e4
commit
ac3a4b4a96
|
@ -6,6 +6,8 @@
|
||||||
<drankin@bohemians.lexington.ky.us>
|
<drankin@bohemians.lexington.ky.us>
|
||||||
- Print whether OpenSSH was compiled with RSARef, patch from
|
- Print whether OpenSSH was compiled with RSARef, patch from
|
||||||
Nalin Dahyabhai <nalin@thermo.stat.ncsu.edu>
|
Nalin Dahyabhai <nalin@thermo.stat.ncsu.edu>
|
||||||
|
- Calls to pam_setcred, patch from Nalin Dahyabhai
|
||||||
|
<nalin@thermo.stat.ncsu.edu>
|
||||||
|
|
||||||
19991228
|
19991228
|
||||||
- Replacement for getpagesize() for systems which lack it
|
- Replacement for getpagesize() for systems which lack it
|
||||||
|
|
25
sshd.c
25
sshd.c
|
@ -11,7 +11,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$Id: sshd.c,v 1.47 1999/12/28 23:17:09 damien Exp $");
|
RCSID("$Id: sshd.c,v 1.48 1999/12/28 23:25:41 damien Exp $");
|
||||||
|
|
||||||
#ifdef HAVE_POLL_H
|
#ifdef HAVE_POLL_H
|
||||||
# include <poll.h>
|
# include <poll.h>
|
||||||
|
@ -149,6 +149,7 @@ static int pamconv(int num_msg, const struct pam_message **msg,
|
||||||
int do_pam_auth(const char *user, const char *password);
|
int do_pam_auth(const char *user, const char *password);
|
||||||
void do_pam_account(char *username, char *remote_user);
|
void do_pam_account(char *username, char *remote_user);
|
||||||
void do_pam_session(char *username, char *ttyname);
|
void do_pam_session(char *username, char *ttyname);
|
||||||
|
void do_pam_setcred();
|
||||||
void pam_cleanup_proc(void *context);
|
void pam_cleanup_proc(void *context);
|
||||||
|
|
||||||
static struct pam_conv conv = {
|
static struct pam_conv conv = {
|
||||||
|
@ -230,6 +231,12 @@ void pam_cleanup_proc(void *context)
|
||||||
PAM_STRERROR((pam_handle_t *)pamh, pam_retval));
|
PAM_STRERROR((pam_handle_t *)pamh, pam_retval));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pam_retval = pam_setcred((pam_handle_t *)pamh, PAM_DELETE_CRED);
|
||||||
|
if (pam_retval != PAM_SUCCESS) {
|
||||||
|
log("Cannot delete credentials: %.200s",
|
||||||
|
PAM_STRERROR((pam_handle_t *)pamh, pam_retval));
|
||||||
|
}
|
||||||
|
|
||||||
pam_retval = pam_end((pam_handle_t *)pamh, pam_retval);
|
pam_retval = pam_end((pam_handle_t *)pamh, pam_retval);
|
||||||
if (pam_retval != PAM_SUCCESS) {
|
if (pam_retval != PAM_SUCCESS) {
|
||||||
log("Cannot release PAM authentication: %.200s",
|
log("Cannot release PAM authentication: %.200s",
|
||||||
|
@ -301,6 +308,16 @@ void do_pam_session(char *username, char *ttyname)
|
||||||
if (pam_retval != PAM_SUCCESS)
|
if (pam_retval != PAM_SUCCESS)
|
||||||
fatal("PAM session setup failed: %.200s", PAM_STRERROR((pam_handle_t *)pamh, pam_retval));
|
fatal("PAM session setup failed: %.200s", PAM_STRERROR((pam_handle_t *)pamh, pam_retval));
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void do_pam_setcred()
|
||||||
|
{
|
||||||
|
int pam_retval;
|
||||||
|
|
||||||
|
debug("PAM establishing creds");
|
||||||
|
pam_retval = pam_setcred((pam_handle_t *)pamh, PAM_ESTABLISH_CRED);
|
||||||
|
if (pam_retval != PAM_SUCCESS)
|
||||||
|
fatal("PAM setcred failed: %.200s", PAM_STRERROR((pam_handle_t *)pamh, pam_retval));
|
||||||
|
}
|
||||||
#endif /* USE_PAM */
|
#endif /* USE_PAM */
|
||||||
|
|
||||||
/*
|
/*
|
||||||
|
@ -1906,6 +1923,9 @@ do_authenticated(struct passwd * pw)
|
||||||
packet_set_interactive(have_pty || display != NULL,
|
packet_set_interactive(have_pty || display != NULL,
|
||||||
options.keepalives);
|
options.keepalives);
|
||||||
|
|
||||||
|
#ifdef USE_PAM
|
||||||
|
do_pam_setcred();
|
||||||
|
#endif
|
||||||
if (forced_command != NULL)
|
if (forced_command != NULL)
|
||||||
goto do_forced_command;
|
goto do_forced_command;
|
||||||
debug("Forking shell.");
|
debug("Forking shell.");
|
||||||
|
@ -1921,6 +1941,9 @@ do_authenticated(struct passwd * pw)
|
||||||
packet_set_interactive(have_pty || display != NULL,
|
packet_set_interactive(have_pty || display != NULL,
|
||||||
options.keepalives);
|
options.keepalives);
|
||||||
|
|
||||||
|
#ifdef USE_PAM
|
||||||
|
do_pam_setcred();
|
||||||
|
#endif
|
||||||
if (forced_command != NULL)
|
if (forced_command != NULL)
|
||||||
goto do_forced_command;
|
goto do_forced_command;
|
||||||
/* Get command from the packet. */
|
/* Get command from the packet. */
|
||||||
|
|
Loading…
Reference in New Issue