bugzilla-daemon at bugzilla.mindrot.org
2019-May-13 22:00 UTC
[Bug 3008] New: pam_putenv used regardless of whether or not it is available
https://bugzilla.mindrot.org/show_bug.cgi?id=3008 Bug ID: 3008 Summary: pam_putenv used regardless of whether or not it is available Product: Portable OpenSSH Version: 8.0p1 Hardware: HPPA OS: HP-UX Status: NEW Severity: normal Priority: P5 Component: PAM support Assignee: unassigned-bugs at mindrot.org Reporter: bugs-openssh at vendor.thewrittenword.com configure.ac has: AC_CHECK_FUNCS([pam_putenv]) yet auth-pam.c uses pam_putenv regardless: if (sshpam_rhost != NULL) { debug("PAM: setting PAM_RHOST to \"%s\"", sshpam_rhost); sshpam_err = pam_set_item(sshpam_handle, PAM_RHOST, sshpam_rhost); if (sshpam_err != PAM_SUCCESS) { pam_end(sshpam_handle, sshpam_err); sshpam_handle = NULL; return (-1); } /* Put SSH_CONNECTION in the PAM environment too */ pam_putenv(sshpam_handle, sshpam_conninfo); } This is despite earlier uses of pam_putenv being wrapped with #ifdef HAVE_PAM_PUTENV: #ifdef HAVE_PAM_PUTENV /* Errors are not fatal here */ if ((r = pam_putenv(sshpam_handle, env)) !PAM_SUCCESS) { error("PAM: pam_putenv: %s", pam_strerror(sshpam_handle, r)); } #endif -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2019-May-13 22:03 UTC
[Bug 3008] pam_putenv used regardless of whether or not it is available
https://bugzilla.mindrot.org/show_bug.cgi?id=3008 --- Comment #1 from The Written Word <bugs-openssh at vendor.thewrittenword.com> --- Created attachment 3281 --> https://bugzilla.mindrot.org/attachment.cgi?id=3281&action=edit Possible patch -- You are receiving this mail because: You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2019-May-14 00:59 UTC
[Bug 3008] pam_putenv used regardless of whether or not it is available
https://bugzilla.mindrot.org/show_bug.cgi?id=3008 Darren Tucker <dtucker at dtucker.net> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |djm at mindrot.org, | |dtucker at dtucker.net Attachment #3282| |ok?(djm at mindrot.org) Flags| | --- Comment #2 from Darren Tucker <dtucker at dtucker.net> --- Created attachment 3282 --> https://bugzilla.mindrot.org/attachment.cgi?id=3282&action=edit Add no-op implementation of pam_putenv I think we would be better off adding a no-op implementation of pam_putenv similar to what we already do with pam_getenvlist. Your diff has some other unrelated changes in configure.ac, what's the deal with those? -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2019-May-14 00:59 UTC
[Bug 3008] pam_putenv used regardless of whether or not it is available
https://bugzilla.mindrot.org/show_bug.cgi?id=3008 Darren Tucker <dtucker at dtucker.net> changed: What |Removed |Added ---------------------------------------------------------------------------- Blocks| |2988 Referenced Bugs: https://bugzilla.mindrot.org/show_bug.cgi?id=2988 [Bug 2988] Tracking bug for 8.1 release -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2019-May-14 01:01 UTC
[Bug 3008] pam_putenv used regardless of whether or not it is available
https://bugzilla.mindrot.org/show_bug.cgi?id=3008 --- Comment #3 from The Written Word <bugs-openssh at vendor.thewrittenword.com> --- (In reply to Darren Tucker from comment #2)> Created attachment 3282 [details] > Add no-op implementation of pam_putenv > > I think we would be better off adding a no-op implementation of > pam_putenv similar to what we already do with pam_getenvlist. > > Your diff has some other unrelated changes in configure.ac, what's > the deal with those?Oops, my bad. Internal changes. Let me test your patch on our HP-UX systems. -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2019-May-17 03:13 UTC
[Bug 3008] pam_putenv used regardless of whether or not it is available
https://bugzilla.mindrot.org/show_bug.cgi?id=3008 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Attachment #3282|ok?(djm at mindrot.org) |ok+ Flags| | -- You are receiving this mail because: You are watching someone on the CC list of the bug. You are watching the assignee of the bug.
bugzilla-daemon at bugzilla.mindrot.org
2019-May-17 03:25 UTC
[Bug 3008] pam_putenv used regardless of whether or not it is available
https://bugzilla.mindrot.org/show_bug.cgi?id=3008 Darren Tucker <dtucker at dtucker.net> changed: What |Removed |Added ---------------------------------------------------------------------------- Resolution|--- |FIXED Status|NEW |RESOLVED --- Comment #4 from Darren Tucker <dtucker at dtucker.net> --- Thanks for the report. Patch (attachment #3282) has been committed and will be in the next release. I'm pretty sure that will resolve it, but if you discover any problems please reopen. -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.
bugzilla-daemon at mindrot.org
2021-Apr-23 05:00 UTC
[Bug 3008] pam_putenv used regardless of whether or not it is available
https://bugzilla.mindrot.org/show_bug.cgi?id=3008 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |CLOSED --- Comment #5 from Damien Miller <djm at mindrot.org> --- closing resolved bugs as of 8.6p1 release -- You are receiving this mail because: You are watching the assignee of the bug. You are watching someone on the CC list of the bug.