Displaying 7 results from an estimated 7 matches for "pam_password_change_requir".
Did you mean:
pam_password_change_required
2004 Mar 29
2
Flags in pam_password_change_required() (auth-pam.c)
Hi
I just "stumbled" over the flags settings in
pam_password_change_required().
As far as I looked over the OpenSSH code, setting/resetting the 2nd bit
in those flags from auth-options.c whould only make sense if the flags
are checked to be 0/1 in the remaining OpenSSH code.
Frank
2003 Dec 07
0
[PATCH] Do PAM chauthtok via keyboard-interactive.
...ated = 0;
static int sshpam_new_authtok_reqd = 0;
static int sshpam_session_open = 0;
static int sshpam_cred_established = 0;
+static int sshpam_account_status = -1;
static char **sshpam_env = NULL;
struct pam_ctxt {
@@ -144,6 +146,21 @@ pam_getenvlist(pam_handle_t *pamh)
}
#endif
+void
+pam_password_change_required(int reqd)
+{
+ sshpam_new_authtok_reqd = reqd;
+ if (reqd) {
+ no_port_forwarding_flag |= 2;
+ no_agent_forwarding_flag |= 2;
+ no_x11_forwarding_flag |= 2;
+ } else {
+ no_port_forwarding_flag &= ~2;
+ no_agent_forwarding_flag &= ~2;
+ no_x11_forwarding_flag &= ~2;
+
+ }
+}
/*...
2001 Jan 30
1
PAM namespace.
auth-pam.c declares some new functions in the pam_ namespace that are not
part of PAM.
pam_password_change_required()
pam_msg_cat()
pam_cleanup_proc()
Purely to avoid any possible future problems I would suggest changing
these so they do not being with pam_, suggestions include:
__ssh_pam_msg_cat()
ssh_pam_msg_cat()
do_pam_msg_cat()
cat_pam_msg()
Please don't take this as a hint that any of these fu...
2004 Mar 04
3
[Bug 808] segfault if not using pam/keyboard-interactive mech and password's expired
...Severity: normal
Priority: P2
Component: PAM support
AssignedTo: openssh-bugs at mindrot.org
ReportedBy: buckh at pobox.com
if you don't authenticate via pam/keyboard-interactive, then when
do_pam_account figures out your password is expired and calls
pam_password_change_required, the latter will probably segfault when it
dereferences the uninitialized int *force_pwchange. this is b/c, if you
don't authenticate using the PRIVSEP(sshpam_device), sshpam_init_ctx is
never called, so force_pwchange isn't properly initialized
i'll attach a workaround patch, but no...
2004 May 04
3
Error with USE_POSIX_THREADS and OpenSSH-3.8p1
...ommendation in the list,
we enabled USE_POSIX_THREADS and we got the following buffer error on the
server side when ssh connection is attempted. This is not the case with
OpenSSH-3.7.1p2. It works when USE_POSIX_THREADS is enabled.But, 3.8p1
closed with this error in the server side.
------
debug3: pam_password_change_required 0
debug3: PAM: num env strings 0
buffer_get: trying to get more bytes 4 than in buffer 0
debug1: do_cleanup
debug1: PAM: cleanup
debug3: PAM: sshpam_thread_cleanup entering
-------
To fix this, we have done some changes in auth-pam.c and session.c [1]. We
are not sure that this is the exact fix...
2004 Feb 27
1
Minor Thread Bug In OpenSSH 3.8p1
...ue Feb 17 05:20:08 2004
--- new/auth-pam.c Thu Feb 26 23:18:05 2004
***************
*** 201,206 ****
--- 201,207 ----
debug3("PAM: %s entering", __func__);
+ #ifndef USE_POSIX_THREADS
/* Import variables set by do_pam_account */
sshpam_account_status = buffer_get_int(b);
pam_password_change_required(buffer_get_int(b));
***************
*** 228,233 ****
--- 229,235 ----
}
#endif
}
+ #endif
}
/*
-----------------------------------------------------------------------
Antoine Verheijen Email: antoine.verheijen at ualberta.ca
CNS Network Services Pho...
2004 Apr 23
1
Solaris core dumps
...expiry and I need public key authentication this is a problem. I know
it looks like an odd combination, but regardless of how I choose to
authenticate, my account is still accessible via a password in so many
ways, and so that password must be changed regularly.
sshd appears to be crashing in pam_password_change_required(). I can
only assume that force_pwchange is not initialised. I'll know soon
after I get a version of openssh built with debugging symbols, but
that'll have to wait until Monday.
Lloyd