Displaying 1 result from an estimated 1 matches for "check_pam_us".
Did you mean:
check_pam_user
2025 Feb 13
1
[PATCH] auth-pam: Check the user didn't change during PAM transaction
...+++++++++-----
1 file changed, 30 insertions(+), 5 deletions(-)
diff --git a/auth-pam.c b/auth-pam.c
index 13c0a792e..f45e61675 100644
--- a/auth-pam.c
+++ b/auth-pam.c
@@ -467,6 +467,28 @@ sshpam_thread_conv(int n, sshpam_const struct pam_message **msg,
return (PAM_CONV_ERR);
}
+static int
+check_pam_user(Authctxt *authctxt)
+{
+ const char *pam_user;
+
+ if (authctxt == NULL || authctxt->user == NULL)
+ fatal("%s: PAM authctxt user not initialized", __func__);
+
+ sshpam_err = pam_get_item(sshpam_handle,
+ PAM_USER, (sshpam_const void **) &pam_user);
+ if (sshpam_err != PAM...