Displaying 19 results from an estimated 19 matches for "pam_msg".
Did you mean:
num_msg
2000 Aug 27
0
patch for TIS (skey/opie) *and* passwd auth via PAM
...void start_pam2(struct passwd *pw, int auth_type);
+
/* Callbacks */
static int pamconv(int num_msg, const struct pam_message **msg,
struct pam_response **resp, void *appdata_ptr);
@@ -53,6 +56,7 @@
static struct pam_handle_t *pamh = NULL;
static const char *pampasswd = NULL;
static char *pam_msg = NULL;
+static int current_auth_type=-1;
/* PAM conversation function. This is really a kludge to get the password */
/* into PAM and to pick up any messages generated by PAM into pamconv_msg */
@@ -61,6 +65,7 @@
{
struct pam_response *reply;
int count;
+ int dlen, plen, type;...
2000 Jul 07
1
Potentially insecure format string handling in PAM support
...t string processing isn't needed here, so it should be painless to
remove.
Here's the patch.
-- Aaron
- --- auth-pam.c~ Thu Jun 22 04:44:54 2000
+++ auth-pam.c Fri Jul 7 14:57:16 2000
@@ -277,7 +277,7 @@
void print_pam_messages(void)
{
if (pam_msg != NULL)
- - fprintf(stderr, pam_msg);
+ fputs(pam_msg, stderr);
}
/* Append a message to the PAM message buffer */
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iQCVAwUBOWZUP0fJWHAEvsjBAQErLQQAq9VEEOS5sjB...
2000 Sep 05
3
[2.2.0p1] patch: generic detection of correct getpgrp() invocation
...nOS wasn't. This
provides a generic solution through autoconf.
Charles
========================================================================
--- configure.in.orig-2.2.0p1 Wed Aug 30 18:20:05 2000
+++ configure.in Tue Sep 5 10:48:20 2000
@@ -284,6 +284,8 @@
)
fi
+AC_FUNC_GETPGRP
+
PAM_MSG="no"
AC_ARG_WITH(pam,
[ --without-pam Disable PAM support ],
--- config.h.in.orig-2.2.0p1 Fri Sep 1 19:08:44 2000
+++ config.h.in Tue Sep 5 11:01:57 2000
@@ -46,6 +46,9 @@
/* Define if your snprintf is busted */
#undef BROKEN_SNPRINTF
+/* Define if getpgrp takes no arg...
2014 Feb 10
0
[PATCH] Basic SCTP support for OpenSSH client and server
...nfig | 1 +
ssh_config.5 | 8 ++++++++
sshd_config | 3 +++
sshd_config.5 | 8 ++++++++
11 files changed, 144 insertions(+), 15 deletions(-)
diff --git a/configure.ac b/configure.ac
index a350a2a..42438b2 100644
--- a/configure.ac
+++ b/configure.ac
@@ -2867,6 +2867,33 @@ if test "x$PAM_MSG" = "xyes" ; then
])
fi
+# Check for SCTP support
+AC_CHECK_DECL([IPPROTO_SCTP], [have_sctp=yes], , [
+ #include <netinet/in.h>
+ #include <netinet/sctp.h>
+])
+
+SCTP_MSG="$have_sctp"
+AC_ARG_WITH([sctp],
+ [ --with-sctp Enable SCTP support ],...
2002 Jun 25
1
use libcrypt before libcrypto
..., crypt, LIBS="$LIBS -lcrypt")
+
# Search for OpenSSL
saved_CPPFLAGS="$CPPFLAGS"
saved_LDFLAGS="$LDFLAGS"
@@ -761,12 +769,6 @@
]
)
-# Some Linux systems (Slackware) need crypt() from libcrypt, *not* the
-# version in OpenSSL. Skip this for PAM
-if test "x$PAM_MSG" = "xno" -a "x$check_for_libcrypt_later" = "x1"; then
- AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
-fi
-
### Configure cryptographic random number support
2007 Mar 24
0
configure/makefile cleanup: remove LIBSELINUX, LIBWRAP and LIBPAM
...[
@@ -1126,7 +1125,7 @@ AC_ARG_WITH(tcp-wrappers,
AC_DEFINE(LIBWRAP, 1,
[Define if you want
TCP Wrappers support])
- AC_SUBST(LIBWRAP)
+ SSHDLIBS="$SSHDLIBS -lwrap"
TCPW_MSG="yes"
],
[
@@ -2028,7 +2027,7 @@ AC_ARG_WITH(pam,
PAM_MSG="yes"
- LIBPAM="-lpam"
+ SSHDLIBS="$SSHDLIBS -lpam"
AC_DEFINE(USE_PAM, 1,
[Define if you want to enable PAM support])
@@ -2038,11 +2037,10 @@ AC_ARG_WITH(pam,
# libdl already in LIBS
;;
*)
- LIBPAM="$LIBPAM -ldl"
+ SS...
2001 Feb 20
1
_PATH_STDPATH and @bindir@
Sorry if this is stuff that's been talked about before. If it is, just
ignore me.
I'm curious to know why Portable OpenSSH doesn't include @bindir@ in
the _PATH_STDPATH. This would save most installers of portable OpenSSH
from having to --with-default-path=$PREFIX/bin in order to ensure that
scp will work properly. This would also, I imagine, save quite a lot
of hassle for
2000 Sep 13
2
auth-pam.c support for pam_chauthtok()
...word has expired, please change it now"
/* Callbacks */
static int pamconv(int num_msg, const struct pam_message **msg,
@@ -50,40 +50,72 @@
pamconv,
NULL
};
-static struct pam_handle_t *pamh = NULL;
+static pam_handle_t *pamh = NULL;
static const char *pampasswd = NULL;
static char *pam_msg = NULL;
-/* PAM conversation function. This is really a kludge to get the password */
-/* into PAM and to pick up any messages generated by PAM into pamconv_msg */
+/* states for pamconv() */
+typedef enum { INITIAL_LOGIN, OTHER } pamstates;
+static pamstates pamstate = INITIAL_LOGIN;
+/* remembe...
2023 Jun 17
2
[PATCH] ssh-agent: add systemd socket-based activation
...socket activation
+ saved_LIBS="$LIBS"
+ AC_CHECK_LIB([systemd], [sd_listen_fds], [
+ LIBS="-lsystemd $LIBS"
+ AGENTLIBS="-lsystemd $AGENTLIBS"
+ ])
+ AC_CHECK_FUNCS([sd_listen_fds])
+ LIBS="$saved_LIBS"
+ AC_SUBST([AGENTLIBS])
+fi
+
# Check for PAM libs
PAM_MSG="no"
AC_ARG_WITH([pam],
@@ -5632,6 +5654,9 @@ fi
if test ! -z "${SSHDLIBS}"; then
echo " +for sshd: ${SSHDLIBS}"
fi
+if test ! -z "${AGENTLIBS}"; then
+echo " +for ssh-agent: ${AGENTLIBS}"
+fi
echo ""
diff --git a/ssh-a...
2001 Feb 12
3
add scp path to _PATH_STDPATH
what do you think about this patch to add the path to scp to
_PATH_STDPATH? is there a better or cleaner way to do this? i'm hoping
to ward off 'scp doesn't work' questions for the next release.
i did *not* add this to a --with-default-path path, because if a user
specifies that, they should control its value completely.
Index: Makefile.in
2002 Jul 01
3
patch: readline support for sftp
..._MSG="no"
AC_ARG_WITH(skey,
@@ -2398,6 +2445,7 @@
echo " sshd superuser user PATH: $J"
fi
echo " Manpage format: $MANTYPE"
+echo " readline support: $READLINE"
echo " PAM support: ${PAM_MSG}"
echo " KerberosIV support: $KRB4_MSG"
echo " KerberosV support: $KRB5_MSG"
@@ -2423,6 +2471,7 @@
echo "Preprocessor flags: ${CPPFLAGS}"
echo " Linker flags: ${LDFLAGS}"
echo " Libraries: ${LIBWRAP}...
2001 Feb 13
1
configure.in reorder patch
...;123456789");return(b[4]!='\0');}
- ],
- [AC_MSG_RESULT(yes)],
- [
- AC_MSG_RESULT(no)
- AC_DEFINE(BROKEN_SNPRINTF)
- AC_MSG_WARN([****** Your snprintf() function is broken, complain to your vendor])
- ]
- )
-fi
-
-AC_FUNC_GETPGRP
-
-AC_FUNC_STRFTIME
-
# Check for PAM libs
PAM_MSG="no"
AC_ARG_WITH(pam,
@@ -452,7 +400,7 @@
LDFLAGS="$saved_LDFLAGS"
fi
- LIBS="$saved_LIBS -lcrypto"
+ LIBS="-lcrypto $saved_LIBS"
# Basic test to check for compatible version and correct linking
# *does not* test for RSA - that comes later...
2004 Sep 07
0
Please review openssh patch for selinux
...CK_HEADERS(selinux.h)
+ LIBS="$LIBS -lselinux"
+ fi
+ ])
+
# Check whether user wants Kerberos 5 support
KRB5_MSG="no"
AC_ARG_WITH(kerberos5,
@@ -2973,6 +2985,7 @@
echo " Manpage format: $MANTYPE"
echo " PAM support: $PAM_MSG"
echo " KerberosV support: $KRB5_MSG"
+echo " SELinux support: $SELINUX_MSG"
echo " Smartcard support: $SCARD_MSG"
echo " S/KEY support: $SKEY_MSG"
echo " TCP Wra...
2001 Feb 07
2
Patch for unformatted manpages
..."
@@ -1680,7 +1631,6 @@
echo " Manual pages: $F"
echo " PID file: $G"
echo " Random number collection: $RAND_MSG"
-echo " Manpage format: $MAN_MSG"
echo " PAM support: ${PAM_MSG}"
echo " KerberosIV support: $KRB4_MSG"
echo " AFS support: $AFS_MSG"
diff -urN openssh_cvs/mdoc2man.pl openssh_work/mdoc2man.pl
--- openssh_cvs/mdoc2man.pl Wed Dec 31 18:00:00 1969
+++ openssh_work/mdoc2man.pl Tue Feb 6 23:17:10 2001
@@ -0,0...
2000 Aug 24
0
patch for a few things
...l which the particular binary was looking for. Doing a
'strings' on the binary didn't help. :) So, I added a message to log
this on startup, when compiled with PAM support.
- in auth-pam.c:pamconv(), add support for PAM_ERROR_MSG. Also, in
addition to appending messages to pam_msg, it sends errors and
text_infos to the client as debug messages, and also log()'s error
messages. I had a situation where a PAM module was trying to send an
error to the user, but it was never being displayed. I also figured
it'd be nice to see them _immediately_ (when connect...
2012 Mar 11
2
[patch] Threading support in ssh-agent
...AC_MSG_RESULT([yes])
+ ssh_agent_options="$ssh_agent_options nthreads:auto"
+ ] , [
+ AC_MSG_RESULT([no])
+ AC_MSG_WARN([ssh-agent: do not use threading by default])
+ ssh_agent_options="$ssh_agent_options nthreads:manual,default=0"
+ ]
+ )
+fi
+
# Check for PAM libs
PAM_MSG="no"
AC_ARG_WITH([pam],
@@ -4285,6 +4362,7 @@
echo " BSD Auth support: $BSD_AUTH_MSG"
echo " Random number source: $RAND_MSG"
echo " Privsep sandbox style: $SANDBOX_STYLE"
+echo " ssh-...
2001 Oct 07
3
Using -lssh as shared library
..._MSG_ERROR([*** libpam missing]))
+ AC_CHECK_LIB(dl, dlopen, AUTH_LIBS="-ldl $AUTH_LIBS", )
+ AC_CHECK_LIB(pam, pam_set_item, AUTH_LIBS="-lpam $AUTH_LIBS", AC_MSG_ERROR([*** libpam missing]), $AUTH_LIBS)
AC_CHECK_FUNCS(pam_getenvlist)
@@ -743,3 +747,3 @@
if test "x$PAM_MSG" = "xno" -a "x$check_for_libcrypt_later" = "x1"; then
- AC_CHECK_LIB(crypt, crypt, LIBS="$LIBS -lcrypt")
+ AC_CHECK_LIB(crypt, crypt, AUTH_LIBS="$AUTH_LIBS -lcrypt")
fi
@@ -2047,2 +2051,4 @@
AC_EXEEXT
+
+AC_SUBST(AUTH_LIBS)
2002 Jun 25
4
PAM kbd-int with privsep
...t_pam2.prompts = xmalloc(sizeof(int) * num_msg);
- context_pam2.responses = xmalloc(sizeof(struct pam_response) * num_msg);
- memset(context_pam2.responses, 0, sizeof(struct pam_response) * num_msg);
-
- text = NULL;
- for (i = 0, context_pam2.num_expected = 0; i < num_msg; i++) {
- int style = PAM_MSG_MEMBER(msg, i, msg_style);
- switch (style) {
- case PAM_PROMPT_ECHO_ON:
+ ctxt = data;
+ if (n <= 0 || n > PAM_MAX_NUM_MSG)
+ return (PAM_CONV_ERR);
+ if ((*resp = calloc(n, sizeof **resp)) == NULL)
+ return (PAM_BUF_ERR);
+ for (i = 0; i < n; ++i) {
+ resp[i]->resp_retcode = 0;
+...
2020 Jul 21
11
[RFC PATCH 0/4] PAM module for ssh-agent user authentication
Hi,
The main (and probably the only) use case of this PAM module is to let
sudo authenticate users via their ssh-agent, therefore without having
to type any password and without being tempted to use the NOPASSWD sudo
option for such convenience.
The principle is originally implemented by an existing module [0][1]
and many pages that explain how to use it for such purpose can be
found online.