Displaying 14 results from an estimated 14 matches for "is_pam_password_change_required".
2002 Dec 21
6
[PATCH] PAM chauthtok + Privsep
...error("dup2 stdout: %s", strerror(errno));
+ if (dup2(ttyfd, 2) < 0)
+ error("dup2 stderr: %s", strerror(errno));
+
+ /* close extra descriptors */
+ close(socket);
+ close(ttyfd);
+
+ /* call PAM chauthtok and return status to parent */
+ do_pam_chauthtok();
+ if(is_pam_password_change_required())
+ exit(1); /* failed */
+ else
+ exit(0); /* success */
+ }
+ close(ttyfd);
+
+ if (waitpid(pid, &status, 0) == -1)
+ fatal("Couldn't wait for child: %s", strerror(errno));
+
+ if (WEXITSTATUS(status))
+ fatal("do_pam_chauthtok() failed, child returned %d",...
2002 Feb 12
1
openssh + pam errors (fwd)
...9;ll know what to
do with it...
-d.
---
http://www.monkey.org/~dugsong/
--- old/session.c Sat Dec 1 18:37:08 2001
+++ session.c Tue Feb 12 00:03:37 2002
@@ -437,7 +437,6 @@
session_proctitle(s);
#if defined(USE_PAM)
- do_pam_session(s->pw->pw_name, NULL);
do_pam_setcred(1);
if (is_pam_password_change_required())
packet_disconnect("Password change required but no "
@@ -494,6 +493,9 @@
#endif /* USE_PIPES */
/* Do processing for the child (exec command etc). */
+#if defined(USE_PAM)
+ do_pam_session(s->pw->pw_name, NULL);
+#endif /* USE_PAM */
do_child(s, command);
/* NOTREA...
2002 Oct 21
0
[Bug 419] New: HP-UX PAM problems with 3.5p1
...16 10:00:40 2002
@@ -39,6 +39,7 @@
int do_pam_authenticate(int flags);
int do_pam_account(char *username, char *remote_user);
void do_pam_session(char *username, const char *ttyname);
+void do_pam_set_tty(const char *ttyname);
void do_pam_setcred(int init);
void print_pam_messages(void);
int is_pam_password_change_required(void);
diff -u -r openssh-3.5p1/session.c openssh-3.5p1a/session.c
--- openssh-3.5p1/session.c Thu Sep 26 02:38:50 2002
+++ openssh-3.5p1a/session.c Wed Oct 16 15:01:40 2002
@@ -454,7 +454,6 @@
session_proctitle(s);
#if defined(USE_PAM)
- do_pam_session(s->pw->pw_name, NULL);
do_pam_se...
2002 Nov 20
0
[PATCH #9] Password expiration via /bin/passwd.
...d = 0;
-#ifdef WITH_AIXAUTHENTICATE
-char *aixloginmsg;
-#endif /* WITH_AIXAUTHENTICATE */
+void do_tty_change_password(struct passwd *);
#ifdef HAVE_LOGIN_CAP
login_cap_t *lc;
@@ -456,10 +457,11 @@
#if defined(USE_PAM)
do_pam_session(s->pw->pw_name, NULL);
do_pam_setcred(1);
- if (is_pam_password_change_required())
+#endif /* USE_PAM */
+
+ if (password_change_required)
packet_disconnect("Password change required but no "
"TTY available");
-#endif /* USE_PAM */
/* Fork the child. */
if ((pid = fork()) == 0) {
@@ -723,6 +725,7 @@
socklen_t fromlen;
struct sockaddr_sto...
2002 Dec 10
5
[PATCH] Password expiry with Privsep and PAM
...;, strerror(errno));
+ if (dup2(ttyfd, 1) < 0)
+ error("dup2 stdout: %s", strerror(errno));
+ if (dup2(ttyfd, 2) < 0)
+ error("dup2 stderr: %s", strerror(errno));
+ close(ttyfd);
+ /* execl("/bin/sh", "sh", NULL); */
+ do_pam_chauthtok();
+ if(is_pam_password_change_required())
+ exit(1); /* failed */
+ else
+ exit(0); /* success */
+ }
+ close(ttyfd);
+
+ if (waitpid(pid, &status, 0) == -1)
+ fatal("Couldn't wait for child: %s", strerror(errno));
+
+ if (WEXITSTATUS(status))
+ fatal("do_pam_chauthtok() failed, child returned %d",...
2002 Jul 16
2
HP-UX PAM with Trusted System patch
...16 07:54:05 2002
@@ -12,6 +12,7 @@
int do_pam_authenticate(int flags);
int do_pam_account(char *username, char *remote_user);
void do_pam_session(char *username, const char *ttyname);
+void do_pam_set_tty(const char *ttyname);
void do_pam_setcred(int init);
void print_pam_messages(void);
int is_pam_password_change_required(void);
Only in openssh-3.4p1-dw: auth-pam.h.orig
diff -u -r openssh-3.4p1/session.c openssh-3.4p1-dw/session.c
--- openssh-3.4p1/session.c Wed Jun 26 08:51:06 2002
+++ openssh-3.4p1-dw/session.c Tue Jul 16 07:54:06 2002
@@ -461,7 +461,6 @@
session_proctitle(s);
#if defined(USE_PAM)
- do_pam_se...
2003 Aug 24
12
[Bug 423] Workaround for pw change in privsep mode (3.5.p1)
http://bugzilla.mindrot.org/show_bug.cgi?id=423
dtucker at zip.com.au changed:
What |Removed |Added
----------------------------------------------------------------------------
OtherBugsDependingO| |627
nThis| |
Status|NEW |ASSIGNED
------- Additional
2002 Oct 13
1
[PATCH] AIX password expiration
...atal_remove_all_cleanups();
@@ -757,6 +766,13 @@
}
#endif
+#ifdef WITH_AIXAUTHENTICATE
+ if (is_aix_password_change_required()) {
+ printf("%s\n", aixexpiremsg);
+ do_aix_change_password(pw);
+ }
+#endif
+
if (check_quietlogin(s, command))
return;
@@ -764,7 +780,10 @@
if (!is_pam_password_change_required())
print_pam_messages();
#endif /* USE_PAM */
+
#ifdef WITH_AIXAUTHENTICATE
+ if (!is_aix_password_change_required() && aixexpiremsg && *aixexpiremsg)
+ printf("%s\n", aixexpiremsg);
if (aixloginmsg && *aixloginmsg)
printf("%s\n", aixloginmsg);...
2002 Oct 05
1
a patch for 3.4, please
Hello all,
I'd greatly appreciate a patch that will stop PAM mucking around after
I log in with a Kerberos 4 ticket and forward an AFS ticket (KTH
Kerberos 1.1.1 used for libkrb/libkafs). The trouble is, I need
pam_krb4, so that folks, who log in with without tickets using
tunnelled plaintext password, would get Kerberos 4 tickets for the
box. I rebuilt sshd without PAM in order to verify
2003 Nov 13
0
[PATCH] Make PAM chauthtok_conv function into tty_conv
...;
- sshpam_err = pam_open_session(sshpam_handle, 0);
- if (sshpam_err != PAM_SUCCESS)
- fatal("PAM: pam_open_session(): %s",
- pam_strerror(sshpam_handle, sshpam_err));
- sshpam_session_open = 1;
-}
-
-void
do_pam_set_tty(const char *tty)
{
if (tty != NULL) {
@@ -611,7 +594,7 @@ is_pam_password_change_required(void)
}
static int
-pam_chauthtok_conv(int n, const struct pam_message **msg,
+pam_tty_conv(int n, const struct pam_message **msg,
struct pam_response **resp, void *data)
{
char input[PAM_MAX_MSG_SIZE];
@@ -620,7 +603,7 @@ pam_chauthtok_conv(int n, const struct p
*resp = NULL;
- i...
2003 Jul 30
7
[Bug 564] new PAM code only calls pam_acct_mgmt for challenge-response clients
http://bugzilla.mindrot.org/show_bug.cgi?id=564
------- Additional Comments From djm at mindrot.org 2003-07-30 11:48 -------
Maybe UsePAM should be a tri-state: "kbd-int", "no" or "always". This is ugly -
suggestions wanted.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2003 Jul 05
0
[PATCH] Replace AIX loginmsg with generic Buffer loginmsg
...r *original_command = NULL;
@@ -103,10 +104,6 @@
#define MAX_SESSIONS 10
Session sessions[MAX_SESSIONS];
-#ifdef WITH_AIXAUTHENTICATE
-char *aixloginmsg;
-#endif /* WITH_AIXAUTHENTICATE */
-
#ifdef HAVE_LOGIN_CAP
login_cap_t *lc;
#endif
@@ -770,10 +767,13 @@
if (options.use_pam && !is_pam_password_change_required())
print_pam_messages();
#endif /* USE_PAM */
-#ifdef WITH_AIXAUTHENTICATE
- if (aixloginmsg && *aixloginmsg)
- printf("%s\n", aixloginmsg);
-#endif /* WITH_AIXAUTHENTICATE */
+
+ /* display post-login message */
+ if (buffer_len(&loginmsg) > 0) {
+ buffer_append(&...
2003 Jul 09
0
[PATCH] Add expired password handling for AIX.
...", 1);
+ if (password_change_required) {
+ printf("%s\n", (char *)buffer_ptr(&expiremsg));
+ fflush(stdout);
+ password_changed = do_tty_change_password(pw);
+ }
#endif
if (check_quietlogin(s, command))
@@ -766,6 +779,9 @@
#ifdef USE_PAM
if (options.use_pam && !is_pam_password_change_required())
print_pam_messages();
+#else
+ if (!password_changed)
+ printf("%s\n", (char *)buffer_ptr(&expiremsg));
#endif /* USE_PAM */
/* display post-login message */
Index: sshd.c
===================================================================
RCS file: /usr/local/src/security...
2003 Jul 30
1
[PATCH] Password expiry merge (AIX parts)
...", 1);
+ if (password_change_required) {
+ printf("%s\n", (char *)buffer_ptr(&expiremsg));
+ fflush(stdout);
+ password_changed = do_tty_change_password(pw);
+ }
#endif
if (check_quietlogin(s, command))
@@ -766,6 +779,9 @@
#ifdef USE_PAM
if (options.use_pam && !is_pam_password_change_required())
print_pam_messages();
+#else
+ if (!password_changed)
+ printf("%s\n", (char *)buffer_ptr(&expiremsg));
#endif /* USE_PAM */
/* display post-login message */
Index: sshd.c
===================================================================
RCS file: /usr/local/src/security...