search for: num_msg

If the info_response code is going to test that the # of responses is < 100, then the info_request code should check that < 100 prompts are sent. It would be rude to send 101 prompts and then fail when the responses come back. I actually think the test should be removed altogether, the limit seems quite arbitrary, but here is a patch to not send > 100 prompts. With this patch, the test

...@@ RCSID("$Id: auth-pam.c,v 1.1 2000/09/06 22:29:58 stevev Exp stevev $"); #define NEW_AUTHTOK_MSG \ - "Warning: You password has expired, please change it now" + "Warning: Your password has expired, please change it now" /* Callbacks */ static int pamconv(int num_msg, const struct pam_message **msg, @@ -50,40 +50,72 @@ pamconv, NULL }; -static struct pam_handle_t *pamh = NULL; +static pam_handle_t *pamh = NULL; static const char *pampasswd = NULL; static char *pam_msg = NULL; -/* PAM conversation function. This is really a kludge to get the password */...

...t; -#include "ssh2.h" #include "auth.h" -#include "auth-pam.h" -#include "packet.h" #include "xmalloc.h" -#include "dispatch.h" #include "log.h" +#include "monitor_wrap.h" -static int do_pam_conversation_kbd_int(int num_msg, - const struct pam_message **msg, struct pam_response **resp, - void *appdata_ptr); -void input_userauth_info_response_pam(int type, u_int32_t seqnr, void *ctxt); - -struct { - int finished, num_received, num_expected; - int *prompts; - struct pam_response *responses; -} context_pam2 = {0, 0...

...t; #include "auth.h" -#include "auth-pam.h" -#include "packet.h" #include "xmalloc.h" -#include "dispatch.h" #include "log.h" +#include "monitor_wrap.h" + +extern char *__progname; -static int do_pam_conversation_kbd_int(int num_msg, - const struct pam_message **msg, struct pam_response **resp, - void *appdata_ptr); -void input_userauth_info_response_pam(int type, u_int32_t seqnr, void *ctxt); - -struct { - int finished, num_received, num_expected; - int *prompts; - struct pam_response *responses; -} context_pam2 = {0,...

...t; #include "auth.h" -#include "auth-pam.h" -#include "packet.h" #include "xmalloc.h" -#include "dispatch.h" #include "log.h" +#include "monitor_wrap.h" + +extern char *__progname; -static int do_pam_conversation_kbd_int(int num_msg, - const struct pam_message **msg, struct pam_response **resp, - void *appdata_ptr); -void input_userauth_info_response_pam(int type, u_int32_t seqnr, void *ctxt); - -struct { - int finished, num_received, num_expected; - int *prompts; - struct pam_response *responses; -} context_pam2 = {0,...

...ct pam_passdb_module *module = (struct pam_passdb_module *)_module; + string_t *username = t_str_new(256); + var_expand(username, module->username_format, + auth_request_get_var_expand_table(request, auth_request_str_escape)); + return str_c(username); +} + static int pam_userpass_conv(int num_msg, pam_const struct pam_message **msg, struct pam_response **resp_r, void *appdata_ptr) @@ -82,7 +95,7 @@ pam_userpass_conv(int num_msg, pam_const struct pam_message **msg, case PAM_PROMPT_ECHO_ON: /* Assume we're asking for user. We might not ever get here because PAM already...

We have a couple of Asterisk boxes with one being the main system with everyone's voicemail and the other a slave used merely to link a couple of remote phones to the main system using IAX. How can one propagate message waiting indication from the main system to the remote phones? g.

...130.151.17.163 and I get this when it is not succesful: Name registration for name ADMON(3) at 130.151.17.163 - found Name registration for name RAV(0) at 130.151.17.163 - found Name registration for name ADMON(0) at 130.151.17.163 - found Removing dead netbios entry for 130.151.17.162 ADMON(3) (num_msgs=0) Added netbios name ADMON(3) at 130.151.17.163 ttl=14400 nb_flags= 0 WINS server did not respond to name registration! unknown netbios response (received late or from nmblookup?) Removing dead netbios entry for 130.151.17.162 ADMON(0) (num_msgs=0) Added netbios name ADMON(0) at 130.151.17.163 tt...

..."packet.h" RCSID("$Id: auth-pam.c,v 1.11 2000/07/09 12:42:33 djm Exp $"); #define NEW_AUTHTOK_MSG \ "Warning: You password has expired, please change it now" +static void start_pam2(struct passwd *pw, int auth_type); + /* Callbacks */ static int pamconv(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr); @@ -53,6 +56,7 @@ static struct pam_handle_t *pamh = NULL; static const char *pampasswd = NULL; static char *pam_msg = NULL; +static int current_auth_type=-1; /* PAM conversation function. This is really a kl...

-----BEGIN PGP SIGNED MESSAGE----- Hi, I''ve got several replies, thank you for them. Let me summarize: o Many people say there is a PAMified version of ssh available at ftp://ftp.replay.com/pub/crypto/redhat/SRPMS (the source) ftp://ftp.replay.com/pub/crypto/redhat/i386 (Intel binaries) (there are analogous paths for the other architectures). The packages are made by Jan

...auth-pam.c =================================================================== RCS file: /var/cvs/openssh/auth-pam.c,v retrieving revision 1.34 diff -u -r1.34 auth-pam.c --- auth-pam.c 2001/03/27 06:12:24 1.34 +++ auth-pam.c 2001/03/30 16:46:12 @@ -41,6 +41,10 @@ static int do_pam_conversation(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr); +/* XXX: move to header file */ +const char * +get_remote_name_or_ip(void); + /* module-local variables */ static struct pam_conv conv = { do_pam_conversation, @@ -356,9 +360,9 @@ pam_retval, PAM_STRERROR...

...11 18:03:43 2000 +++ auth-pam.c Wed Oct 11 18:03:44 2000 @@ -36,9 +36,6 @@ RCSID("$Id: auth-pam.c,v 1.12 2000/08/29 22:57:50 djm Exp $"); -#define NEW_AUTHTOK_MSG \ - "Warning: You password has expired, please change it now" - /* Callbacks */ static int pamconv(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr); @@ -175,11 +172,17 @@ pam_retval = pam_acct_mgmt((pam_handle_t *)pamh, 0); switch (pam_retval) { - case PAM_SUCCESS: + case PAM_SUCCESS: /...

...ar *string; int i; + const struct var_expand_table *table; + string_t *username; + + username = t_str_new(256); + table = auth_request_get_var_expand_table(ctx->request, auth_request_str_escape); + var_expand(username, passdb->username_format, table); + *resp_r = NULL; resp = calloc(num_msg, sizeof(struct pam_response)); @@ -82,7 +90,7 @@ case PAM_PROMPT_ECHO_ON: /* Assume we're asking for user. We might not ever get here because PAM already knows the user. */ - string = strdup(ctx->request->user); + string = strdup(str_c(username)); if (string == NULL)...

...tation fault. 0x400b0ef2 in chunk_alloc (ar_ptr=0x40149ba0, nb=16) at malloc.c:2707 2707 malloc.c: No such file or directory. (gdb) where #0 0x400b0ef2 in chunk_alloc (ar_ptr=0x40149ba0, nb=16) at malloc.c:2707 #1 0x400b0e14 in __libc_malloc (bytes=8) at malloc.c:2651 #2 0x804ec58 in pamconv (num_msg=1, msg=0xbfffeca0, resp=0xbfffeca4, appdata_ptr=0x0) at auth-pam.c:43 #3 0x40019911 in __get_authtok () from /lib/security/pam_unix.so #4 0x40017a5d in pam_sm_authenticate () from /lib/security/pam_unix.so #5 0x4004f648 in pam_fail_delay () from /lib/libpam.so.0 #6 0x4004f9ce in _pam_dispa...

Hi, I am getting this log entry in the nmb.log file. Any ideas why I am getting it? query_name_response: Multiple (2) responses received for a query on subnet 9.36. 220.43 for name WHITE<1d>. This response was from IP 9.36.223.255 Thanks Chip

Here is a patch that does TIS auth via PAM. It's controlled by a switch in the sshd_config. You'd use it by having a PAM module that sets PAM_PROMPT_ECHO_ON. eg, you could use it with pam_skey or pam_smxs. The patch is against the 2.9.9p2 distribution. I'm not on the list, a reply if this patch is accepted would be great. (But not required, I know some folks have a distaste for

...) returned PAM_NEWAUTHTOK_REQD */ static int password_change_required = 0; /* remember whether the last pam_authenticate() succeeded or not */ @@ -98,6 +102,10 @@ int count; char buf[1024]; + u_int dlen; + int plen, type; + char *response; + /* PAM will free this later */ reply = malloc(num_msg * sizeof(*reply)); if (reply == NULL) @@ -111,10 +119,40 @@ */ switch(PAM_MSG_MEMBER(msg, count, msg_style)) { case PAM_PROMPT_ECHO_ON: - free(reply); - return PAM_CONV_ERR; + if (pamprompt != PAM_PROMPT_ECHO_ON || + (*msg)[count].msg == NULL) { + free(reply); +...

...auth-pam.c 21 Dec 2002 11:39:05 -0000 @@ -42,8 +42,6 @@ #define NEW_AUTHTOK_MSG \ "Warning: Your password has expired, please change it now." -#define NEW_AUTHTOK_MSG_PRIVSEP \ - "Your password has expired, the session cannot proceed." static int do_pam_conversation(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr); @@ -186,12 +184,15 @@ pam_retval, PAM_STRERROR(__pamh, pam_retval)); } +/* HP-UX doesn't like credentials to be deleted. Skip and rely on pam_end() */ +#ifndef __hpux if (__pamh && creds_set...

...9.10.6.deborig/src/auth/passdb-pam.c dovecot-0.99.10.6/src/auth/passdb-pam.c --- dovecot-0.99.10.6.deborig/src/auth/passdb-pam.c 2003-11-08 06:17:51.000000000 -0800 +++ dovecot-0.99.10.6/src/auth/passdb-pam.c 2004-07-08 18:32:52.000000000 -0700 @@ -166,13 +166,23 @@ static int pam_userpass_conv(int num_msg return PAM_SUCCESS; } -static int pam_auth(pam_handle_t *pamh, const char *user, const char **error) +static int pam_auth(pam_handle_t *pamh, const char *user, + const struct ip_addr *remote_ip, const char **error) { void *item; int status; + const char *addr; *error = NULL; + if ((ad...

...erver configuration options. */ ServerOptions options; @@ -620,7 +631,56 @@ void do_child(const char *command, struct passwd *pw, const char *term, const char *display, const char *auth_proto, const char *auth_data, const char *ttyname); +#ifdef HAVE_PAM +static int pamconv (int num_msg, + const struct pam_message **msg, + struct pam_response **resp, + void *appdata_ptr) { + int count = 0, replies = 0; + struct pam_response *reply = NULL; + int size = sizeof(struct pam_response); + + for (count = 0; count < num_msg...