Displaying 10 results from an estimated 10 matches for "pam_msg_member".
2003 Mar 27
0
[Bug 524] Keyboard-interactive PAM back end hides information
...(""); /* Instructions */
+
packet_put_cstring(""); /* Language */
packet_put_int(context_pam2.num_expected);
@@ -96,12 +103,7 @@
continue;
context_pam2.prompts[j++] = i;
- if (text) {
- message_cat(&text, PAM_MSG_MEMBER(msg, i, msg));
- packet_put_cstring(text);
- text = NULL;
- } else
- packet_put_cstring(PAM_MSG_MEMBER(msg, i, msg));
+ packet_put_cstring(PAM_MSG_MEMBER(msg, i, msg));
packet_put_char(style == PAM_PROMPT_ECHO_ON);
}
packet_send();...
2003 Sep 23
5
PAM sessions and conversation functions
In OpenSSH 3.6.1p2, pam_open_session() ran with a conversation function,
do_pam_conversation(), that fed text to the client. In OpenSSH 3.7.1p2,
this is no longer the case: session modules run with a conversation
function that just returns PAM_CONV_ERR. This means that simple session
modules whose job involves printing text on the user's terminal no
longer work: pam_lastlog, pam_mail, and
2001 Oct 26
5
New password echoes on Sol8
I tried replacing readpassphrase() for v2.9.9p2 on Sol8 with a different
version that just calls getpassphrase(). It appears to solve the echo
problem when the user tries to login in interactive mode and needs to
change their password.
Can anyone else try this with v2.9.9p2 on Solaris? Be sure to add:
#define HAVE_GETPASSPHRASE
... to config.h when compiling (since it's not a configurable
2016 Feb 13
2
[Bug 2539] New: Add missing sanity check for read_passphrase() in auth-pam.c
...NULL, indicating failure. The
patch
file below should address/correct this issue:
--- auth-pam.c.orig 2016-02-13 09:44:14.656582235 -0800
+++ auth-pam.c 2016-02-13 09:46:14.583824370 -0800
@@ -982,6 +982,8 @@
reply[i].resp =
read_passphrase(PAM_MSG_MEMBER(msg, i,
msg),
RP_ALLOW_STDIN);
+ if (reply[i].resp == NULL)
+ goto fail;
reply[i].resp_retcode = PAM_SUCCESS;
break;
case PAM_PROMPT_ECHO_ON:
============...
2002 Apr 26
0
PAM keyboard-interactive
...t_pam2.prompts = xmalloc(sizeof(int) * num_msg);
- context_pam2.responses = xmalloc(sizeof(struct pam_response) * num_msg);
- memset(context_pam2.responses, 0, sizeof(struct pam_response) * num_msg);
-
- text = NULL;
- for (i = 0, context_pam2.num_expected = 0; i < num_msg; i++) {
- int style = PAM_MSG_MEMBER(msg, i, msg_style);
- switch (style) {
- case PAM_PROMPT_ECHO_ON:
+ ctxt = data;
+ if (n <= 0 || n > PAM_MAX_NUM_MSG)
+ return (PAM_CONV_ERR);
+ if ((*resp = calloc(n, sizeof **resp)) == NULL)
+ return (PAM_BUF_ERR);
+ for (i = 0; i < n; ++i) {
+ resp[i]->resp_retcode = 0;
+ resp[...
2002 Jul 02
3
New PAM kbd-int diff
...t_pam2.prompts = xmalloc(sizeof(int) * num_msg);
- context_pam2.responses = xmalloc(sizeof(struct pam_response) * num_msg);
- memset(context_pam2.responses, 0, sizeof(struct pam_response) * num_msg);
-
- text = NULL;
- for (i = 0, context_pam2.num_expected = 0; i < num_msg; i++) {
- int style = PAM_MSG_MEMBER(msg, i, msg_style);
- switch (style) {
- case PAM_PROMPT_ECHO_ON:
+ ctxt = data;
+ if (n <= 0 || n > PAM_MAX_NUM_MSG)
+ return (PAM_CONV_ERR);
+ if ((*resp = calloc(n, sizeof(struct pam_response))) == NULL)
+ return (PAM_BUF_ERR);
+ for (i = 0; i < n; ++i) {
+ resp[i]->resp_retcode...
2002 Jun 25
4
PAM kbd-int with privsep
...t_pam2.prompts = xmalloc(sizeof(int) * num_msg);
- context_pam2.responses = xmalloc(sizeof(struct pam_response) * num_msg);
- memset(context_pam2.responses, 0, sizeof(struct pam_response) * num_msg);
-
- text = NULL;
- for (i = 0, context_pam2.num_expected = 0; i < num_msg; i++) {
- int style = PAM_MSG_MEMBER(msg, i, msg_style);
- switch (style) {
- case PAM_PROMPT_ECHO_ON:
+ ctxt = data;
+ if (n <= 0 || n > PAM_MAX_NUM_MSG)
+ return (PAM_CONV_ERR);
+ if ((*resp = calloc(n, sizeof **resp)) == NULL)
+ return (PAM_BUF_ERR);
+ for (i = 0; i < n; ++i) {
+ resp[i]->resp_retcode = 0;
+ resp[...
2007 Apr 10
6
[PATCH 0/6] openssh V_4_6: minor fixes/cleanups
This patch series consists of minor fixes and cleanups I made during
update to openssh V_4_6 branch.
openssh/auth-pam.c | 9 ++++-----
openssh/auth2.c | 2 --
openssh/readconf.c | 7 ++++---
openssh/servconf.c | 14 ++++++++------
openssh/sftp-server.c | 9 ++++++---
openssh/sshd.c | 2 +-
6 files changed, 23 insertions(+), 20 deletions(-)
--
ldv
2001 Oct 09
1
TISviaPAM patch
Here is a patch that does TIS auth via PAM. It's controlled by a switch
in the sshd_config. You'd use it by having a PAM module that sets
PAM_PROMPT_ECHO_ON. eg, you could use it with pam_skey or pam_smxs.
The patch is against the 2.9.9p2 distribution.
I'm not on the list, a reply if this patch is accepted would be great.
(But not required, I know some folks have a distaste for
2002 Feb 15
0
[Bug 118] New: Implement TIS (protocol 1) via PAM
...whether the last pam_authenticate() succeeded or not */
@@ -98,6 +102,10 @@
int count;
char buf[1024];
+ u_int dlen;
+ int plen, type;
+ char *response;
+
/* PAM will free this later */
reply = malloc(num_msg * sizeof(*reply));
if (reply == NULL)
@@ -111,10 +119,40 @@
*/
switch(PAM_MSG_MEMBER(msg, count, msg_style)) {
case PAM_PROMPT_ECHO_ON:
- free(reply);
- return PAM_CONV_ERR;
+ if (pamprompt != PAM_PROMPT_ECHO_ON ||
+ (*msg)[count].msg == NULL) {
+ free(reply);
+ return PAM_CONV_ERR;
+ }
+
+ /* handle challenge/response (ssh1 TIS) */
+ /* Send th...