bugzilla-daemon at bugzilla.mindrot.org
2012-Mar-27 15:35 UTC
[Bug 983] Required authentication
https://bugzilla.mindrot.org/show_bug.cgi?id=983 --- Comment #51 from Petr Lautrbach <plautrba at redhat.com> 2012-03-28 02:35:54 EST --- Created attachment 2138 --> https://bugzilla.mindrot.org/attachment.cgi?id=2138 fixes of original patch (In reply to comment #46)> Created attachment 2096 [details] > Updated version of original patch.Fix missing braces around block in monitor.c:449-451 which causes that condition on monitor.c:457 is never true. Fix possible dereferenced NULL value in auth2.c:449 Fix dereference before null check in servconf.c:1233 and 1246 which causes segfault if argument of RequiredAuthentications[12] is empty. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching someone on the CC list of the bug. You are watching the reporter of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2012-Mar-27 15:51 UTC
[Bug 983] Required authentication
https://bugzilla.mindrot.org/show_bug.cgi?id=983 --- Comment #52 from Petr Lautrbach <plautrba at redhat.com> 2012-03-28 02:51:10 EST --- (In reply to comment #46)> Created attachment 2096 [details] > Updated version of original patch. >auth2_check_required(const char *list): + /* Activate method if it isn't already */ + if (*(m->enabled) == -1) + *(m->enabled) = 1; I think that enable a method which is not explicitly enabled and might be disabled by default is not a good idea. An user should be warmed about the incorrect configuration is this case. -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching someone on the CC list of the bug. You are watching the reporter of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2012-Mar-28 12:31 UTC
[Bug 983] Required authentication
https://bugzilla.mindrot.org/show_bug.cgi?id=983 --- Comment #53 from Petr Lautrbach <plautrba at redhat.com> 2012-03-28 23:31:58 EST --- (In reply to comment #46)> Created attachment 2096 [details] > Updated version of original patch.- userauth_finish(authctxt, authenticated, method); - xfree(method); + userauth_finish(authctxt, authenticated, "keyboard-interactive", + kbdintctxt->device?kbdintctxt->device->name:NULL); kbdintctxt points to authctxt->kbdintctxt, but authctxt->kbdintctxt can be set to NULL in previous call of auth2_challenge_*() while kbdintctxt not. And there is probably accidentally removed line with xfree(method); - userauth_finish(authctxt, authenticated, method); + userauth_finish(authctxt, authenticated, "keyboard-interactive", + authctxt->kbdintctxt != NULL ? kbdintctxt->device->name : NULL); xfree(method); -- Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are watching someone on the CC list of the bug. You are watching the reporter of the bug.
Maybe Matching Threads
- [Bug 983] Required authentication
- [Bug 983] Required authentication
- [Bug 2270] New: AuthenticationMethods - partial success is considered as failure
- [Bug 2245] New: Multiple USER_LOGIN messages when linux audit support is enabled on bad login
- [Bug 2011] sandbox selection needs some kind of fallback mechanism