- (dtucker) [auth-pam.c] Don't set PAM_TTY if tty is null. ok djm@

ChangeLog

@@ -2,6 +2,7 @@
  - (dtucker) [openbsd-compat/fake-rfc2553.h] Older Linuxes have AI_PASSIVE and
    AI_CANONNAME in netdb.h but not AI_NUMERICHOST, so check each definition
    separately before defining them.
+ - (dtucker) [auth-pam.c] Don't set PAM_TTY if tty is null.  ok djm@
 
 20030807
  - (dtucker) [session.c] Have session_break_req not attempt to send a break
@@ -803,4 +804,4 @@
  - Fix sshd BindAddress and -b options for systems using fake-getaddrinfo.
    Report from murple@murple.net, diagnosis from dtucker@zip.com.au
 
-$Id: ChangeLog,v 1.2885 2003/08/08 02:15:11 dtucker Exp $
+$Id: ChangeLog,v 1.2886 2003/08/08 03:43:37 dtucker Exp $

auth-pam.c

@@ -31,7 +31,7 @@
 
 /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */
 #include "includes.h"
-RCSID("$Id: auth-pam.c,v 1.65 2003/07/30 04:53:11 djm Exp $");
+RCSID("$Id: auth-pam.c,v 1.66 2003/08/08 03:43:37 dtucker Exp $");
 
 #ifdef USE_PAM
 #include <security/pam_appl.h>
@@ -534,11 +534,13 @@ do_pam_session(const char *user, const char *tty)
 	if (sshpam_err != PAM_SUCCESS)
 		fatal("PAM: failed to set PAM_CONV: %s",
 		    pam_strerror(sshpam_handle, sshpam_err));
-	debug("PAM: setting PAM_TTY to \"%s\"", tty);
-	sshpam_err = pam_set_item(sshpam_handle, PAM_TTY, tty);
-	if (sshpam_err != PAM_SUCCESS)
-		fatal("PAM: failed to set PAM_TTY: %s",
-		    pam_strerror(sshpam_handle, sshpam_err));
+	if (tty != NULL) {
+		debug("PAM: setting PAM_TTY to \"%s\"", tty);
+		sshpam_err = pam_set_item(sshpam_handle, PAM_TTY, tty);
+		if (sshpam_err != PAM_SUCCESS)
+			fatal("PAM: failed to set PAM_TTY: %s",
+			    pam_strerror(sshpam_handle, sshpam_err));
+	}
 	sshpam_err = pam_open_session(sshpam_handle, 0);
 	if (sshpam_err != PAM_SUCCESS)
 		fatal("PAM: pam_open_session(): %s",