Displaying 9 results from an estimated 9 matches for "ctxtp".
Did you mean:
ctxt
2006 Sep 12
3
Weird TZ Behavior in 4.1p1 and 4.3p2 on AIX
Hi,
I am using PAM authentication on 3.8p1. In my PAM auth module I can
turn on debug logging that includes a timestamp in the form "mm/dd/yy
hh:mm:ss". Life is good.
I want to upgrade from 3.8p1 so I can use PAM for PasswordAuthentication
in addition to keyboard-interactive. I have compiled both 4.1p1 and
4.3p2 and the PAM authentication for both methods works fine in both
2003 Oct 12
4
[PATCH]: Call pam_chauthtok from keyboard-interactive.
...7,6 +119,7 @@ static int sshpam_authenticated = 0;
static int sshpam_new_authtok_reqd = 0;
static int sshpam_session_open = 0;
static int sshpam_cred_established = 0;
+static int sshpam_account_status = -1;
struct pam_ctxt {
sp_pthread_t pam_thread;
@@ -231,6 +234,15 @@ sshpam_thread(void *ctxtp)
sshpam_err = pam_authenticate(sshpam_handle, 0);
if (sshpam_err != PAM_SUCCESS)
goto auth_fail;
+ if (compat20) {
+ if (do_pam_account() && sshpam_new_authtok_reqd) {
+ sshpam_err = pam_chauthtok(sshpam_handle,
+ PAM_CHANGE_EXPIRED_AUTHTOK);
+ if (sshpam_err != PAM_SUCCES...
2002 Apr 26
0
PAM keyboard-interactive
...'=':
+ msg = pam_receive(ctxt);
+ xfree(msg);
+ ctxt->pam_done = 1;
+ return (0);
+ default:
+ msg = pam_receive(ctxt);
+ if (*msg == '!')
+ error("%s", msg + 1);
+ xfree(msg);
+ ctxt->pam_done = -1;
+ return (-1);
+ }
+}
+
+static void
+pam_free_ctx(void *ctxtp)
+{
+ struct pam_ctxt *ctxt = ctxtp;
+
+ close(ctxt->pam_sock);
+ kill(ctxt->pam_pid, SIGHUP);
+ /* XXX: wait()? */
+ xfree(ctxt->pam_user);
+ xfree(ctxt);
+}
+
+KbdintDevice pam_device = {
+ "pam",
+ pam_init_ctx,
+ pam_query,
+ pam_respond,
+ pam_free_ctx
+};
+
+KbdintDevice mm...
2002 Jun 25
4
PAM kbd-int with privsep
...case '=':
+ msg = sshpam_receive(ctxt);
+ xfree(msg);
+ ctxt->done = 1;
+ return (0);
+ default:
+ msg = sshpam_receive(ctxt);
+ if (*msg == '!')
+ error("%s", msg + 1);
+ xfree(msg);
+ ctxt->done = -1;
+ return (-1);
}
+}
+
+void
+sshpam_free_ctx(void *ctxtp)
+{
+ struct sshpam_ctxt *ctxt = ctxtp;
- context_pam2.finished = 1;
+ debug3("Freeing PAM kbd-int ctx");
- packet_check_eom();
+ close(ctxt->sock);
+ kill(ctxt->pid, SIGHUP);
+ /* XXX: wait()? */
+ xfree(ctxt->user);
+ xfree(ctxt);
}
-#endif
+KbdintDevice sshpam_device =...
2003 Aug 24
12
[Bug 423] Workaround for pw change in privsep mode (3.5.p1)
http://bugzilla.mindrot.org/show_bug.cgi?id=423
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
OtherBugsDependingO| |627
nThis| |
Status|NEW |ASSIGNED
------- Additional
2003 Dec 07
0
[PATCH] Do PAM chauthtok via keyboard-interactive.
...+ sshpam_new_authtok_reqd = buffer_get_int(b);
+
+ if (sshpam_new_authtok_reqd == 1)
+ pam_password_change_required(1);
+
/* Import environment from subprocess */
num_env = buffer_get_int(b);
sshpam_env = xmalloc((num_env + 1) * sizeof(*sshpam_env));
@@ -290,9 +314,28 @@ sshpam_thread(void *ctxtp)
sshpam_err = pam_authenticate(sshpam_handle, 0);
if (sshpam_err != PAM_SUCCESS)
goto auth_fail;
+
+ if (compat20) {
+ if (do_pam_account()) {
+ if (sshpam_new_authtok_reqd) {
+ sshpam_err = pam_chauthtok(sshpam_handle,
+ PAM_CHANGE_EXPIRED_AUTHTOK);
+ if (sshpam_err !=...
2003 Nov 13
0
[PATCH] Perform do_pam_chauthtok via SSH2 keyboard-interactive.
...7,6 +119,7 @@ static int sshpam_authenticated = 0;
static int sshpam_new_authtok_reqd = 0;
static int sshpam_session_open = 0;
static int sshpam_cred_established = 0;
+static int sshpam_account_status = -1;
struct pam_ctxt {
sp_pthread_t pam_thread;
@@ -231,6 +234,17 @@ sshpam_thread(void *ctxtp)
sshpam_err = pam_authenticate(sshpam_handle, 0);
if (sshpam_err != PAM_SUCCESS)
goto auth_fail;
+#ifndef DISABLE_KBDINT_CHAUTHTOK
+ if (compat20) {
+ if (do_pam_account() && sshpam_new_authtok_reqd) {
+ sshpam_err = pam_chauthtok(sshpam_handle,
+ PAM_CHANGE_EXPIRED_AUTHTOK)...
2002 Jul 02
3
New PAM kbd-int diff
...t */
+ msg = sshpam_receive(ctxt);
+ xfree(msg);
+ ctxt->done = 1;
+ return (0);
+ default: /* Error */
+ msg = sshpam_receive(ctxt);
+ if (*msg == '!')
+ error("%s", msg + 1);
+ xfree(msg);
+ ctxt->done = -1;
+ return (-1);
+ }
+}
+
+void
+sshpam_free_ctx(void *ctxtp)
+{
+ struct sshpam_ctxt *ctxt = ctxtp;
- context_pam2.finished = 1;
+ debug3("Freeing PAM kbd-int ctx");
- packet_check_eom();
+ close(ctxt->sock);
+ kill(ctxt->pid, SIGHUP);
+ /* XXX: wait()? */
+ xfree(ctxt->user);
+ xfree(ctxt);
}
-#endif
+
+KbdintDevice sshpam_device =...
2005 Mar 16
1
openssh-3.8.1p1, with pthreads enabled, hung in pthread_join.
.../OpenSSH.roots/OpenSSH/openssh/auth-pam.c:272
#4 0x96798918 in _pam_system_log ()
#5 0x967989f4 in pam_get_pass ()
#6 0x0018a930 in pam_sm_authenticate ()
#7 0x967961c4 in pam_fail_delay ()
#8 0x96796514 in _pam_dispatch ()
#9 0x96797c40 in pam_authenticate ()
#10 0x00028880 in sshpam_thread (ctxtp=0x403830) at
/tmp/OpenSSH.roots/OpenSSH/openssh/auth-pam.c:354
#11 0x9002c7f4 in _pthread_body ()
Thread two will just sit there in read while thread one waits for
thread two to exit.
If i attempt this with privilege separation turned on the lowered
privilege process will exit and become a zomb...