search for: pam_response

...in a single conversation, hence more than one response, auth-pam.c will start trashing the stack. This was run on Solaris 8 with patch 108993-22. This had been noticed as we were experiencing SIGBUS faults from sshd. The problem seems to be in sshpam_thread_conv() in that the 3rd argument (struct pam_response **resp) is treated as a array of pointers to struct pam_response and not a pointer to an array of struct pam_response. This only occurs if the PAM module has more than one response. Obviously, as the responses are from the unauthenticated user and in effect start trampling on the stack (first to...

...h" -#include "auth-pam.h" -#include "packet.h" #include "xmalloc.h" -#include "dispatch.h" #include "log.h" +#include "monitor_wrap.h" -static int do_pam_conversation_kbd_int(int num_msg, - const struct pam_message **msg, struct pam_response **resp, - void *appdata_ptr); -void input_userauth_info_response_pam(int type, u_int32_t seqnr, void *ctxt); - -struct { - int finished, num_received, num_expected; - int *prompts; - struct pam_response *responses; -} context_pam2 = {0, 0, 0, NULL}; - -static struct pam_conv conv2 = { - do_pam_c...

-----BEGIN PGP SIGNED MESSAGE----- Hi, I''ve got several replies, thank you for them. Let me summarize: o Many people say there is a PAMified version of ssh available at ftp://ftp.replay.com/pub/crypto/redhat/SRPMS (the source) ftp://ftp.replay.com/pub/crypto/redhat/i386 (Intel binaries) (there are analogous paths for the other architectures). The packages are made by Jan

...am.h" -#include "packet.h" #include "xmalloc.h" -#include "dispatch.h" #include "log.h" +#include "monitor_wrap.h" + +extern char *__progname; -static int do_pam_conversation_kbd_int(int num_msg, - const struct pam_message **msg, struct pam_response **resp, - void *appdata_ptr); -void input_userauth_info_response_pam(int type, u_int32_t seqnr, void *ctxt); - -struct { - int finished, num_received, num_expected; - int *prompts; - struct pam_response *responses; -} context_pam2 = {0, 0, 0, NULL}; - -static struct pam_conv conv2 = { - do_pam_...

...ng passdb/machine_sid.c Compiling passdb/pdb_smbpasswd.c Compiling passdb/pampass.c "passdb/pampass.c", line 422: warning: assignment type mismatch: pointer to function(int, pointer to pointer to struct pam_message {int msg_style, pointer to char msg}, pointer to pointer to struct pam_response {pointer to char resp, int resp_retcode}, pointer to void) returning int "=" pointer to function(int, pointer to pointer to const struct pam_message {int msg_style, pointer to char msg}, pointer to pointer to struct pam_response {pointer to char resp, int resp_retcode}, pointer to void) r...

If the info_response code is going to test that the # of responses is < 100, then the info_request code should check that < 100 prompts are sent. It would be rude to send 101 prompts and then fail when the responses come back. I actually think the test should be removed altogether, the limit seems quite arbitrary, but here is a patch to not send > 100 prompts. With this patch, the test

...am.h" -#include "packet.h" #include "xmalloc.h" -#include "dispatch.h" #include "log.h" +#include "monitor_wrap.h" + +extern char *__progname; -static int do_pam_conversation_kbd_int(int num_msg, - const struct pam_message **msg, struct pam_response **resp, - void *appdata_ptr); -void input_userauth_info_response_pam(int type, u_int32_t seqnr, void *ctxt); - -struct { - int finished, num_received, num_expected; - int *prompts; - struct pam_response *responses; -} context_pam2 = {0, 0, 0, NULL}; - -static struct pam_conv conv2 = { - do_pam_...

...rmal PAM password prompt. + * + * OTHER mode handles PAM_PROMPT_ECHO_OFF with read_passphrase(prompt, 1) + * and outputs messages to stderr. This mode is used if pam_chauthtok() + * is called to update expired passwords. + */ static int pamconv(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr) { struct pam_response *reply; int count; + char buf[1024]; /* PAM will free this later */ reply = malloc(num_msg * sizeof(*reply)); if (reply == NULL) return PAM_CONV_ERR; - for(count = 0; count < num_msg; count++) { - switch (msg[count]->msg_sty...

...d(const char *command, struct passwd *pw, const char *term, const char *display, const char *auth_proto, const char *auth_data, const char *ttyname); +#ifdef HAVE_PAM +static int pamconv (int num_msg, + const struct pam_message **msg, + struct pam_response **resp, + void *appdata_ptr) { + int count = 0, replies = 0; + struct pam_response *reply = NULL; + int size = sizeof(struct pam_response); + + for (count = 0; count < num_msg; count++) { + switch (msg[count]->msg_style) { + case PAM_PROMPT_ECHO_ON: + case...

...]) # Solaris PAM has (incorrectly) underdone const AC_MSG_CHECKING(for missing const in PAM headers) AC_TRY_COMPILE([#include <security/pam_appl.h>], [ struct pam_conv *conv = NULL; struct pam_message *msg; struct pam_response *resp; conv->conv(1, &msg, &resp, conv->appdata_ptr); ], [ AC_MSG_RESULT(yes) DEFINES="$DEFINES -DPAM_CONV_CONST=" ], [ AC_MSG_RESULT(no)...

...============================ RCS file: /var/cvs/openssh/auth-pam.c,v retrieving revision 1.34 diff -u -r1.34 auth-pam.c --- auth-pam.c 2001/03/27 06:12:24 1.34 +++ auth-pam.c 2001/03/30 16:46:12 @@ -41,6 +41,10 @@ static int do_pam_conversation(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr); +/* XXX: move to header file */ +const char * +get_remote_name_or_ip(void); + /* module-local variables */ static struct pam_conv conv = { do_pam_conversation, @@ -356,9 +360,9 @@ pam_retval, PAM_STRERROR(__pamh, pam_retval)); debug("PAM setting rhost...

...@@ -36,9 +36,6 @@ RCSID("$Id: auth-pam.c,v 1.12 2000/08/29 22:57:50 djm Exp $"); -#define NEW_AUTHTOK_MSG \ - "Warning: You password has expired, please change it now" - /* Callbacks */ static int pamconv(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr); @@ -175,11 +172,17 @@ pam_retval = pam_acct_mgmt((pam_handle_t *)pamh, 0); switch (pam_retval) { - case PAM_SUCCESS: + case PAM_SUCCESS: /* This is what we want */ break; -...

...*)_module; + string_t *username = t_str_new(256); + var_expand(username, module->username_format, + auth_request_get_var_expand_table(request, auth_request_str_escape)); + return str_c(username); +} + static int pam_userpass_conv(int num_msg, pam_const struct pam_message **msg, struct pam_response **resp_r, void *appdata_ptr) @@ -82,7 +95,7 @@ pam_userpass_conv(int num_msg, pam_const struct pam_message **msg, case PAM_PROMPT_ECHO_ON: /* Assume we're asking for user. We might not ever get here because PAM already knows the user. */ - string = strdup(ctx->request->use...

...rr)); - sshpam_session_open = 1; -} - -void do_pam_set_tty(const char *tty) { if (tty != NULL) { @@ -611,7 +594,7 @@ is_pam_password_change_required(void) } static int -pam_chauthtok_conv(int n, const struct pam_message **msg, +pam_tty_conv(int n, const struct pam_message **msg, struct pam_response **resp, void *data) { char input[PAM_MAX_MSG_SIZE]; @@ -620,7 +603,7 @@ pam_chauthtok_conv(int n, const struct p *resp = NULL; - if (n <= 0 || n > PAM_MAX_NUM_MSG) + if (n <= 0 || n > PAM_MAX_NUM_MSG || !isatty(STDIN_FILENO)) return (PAM_CONV_ERR); if ((reply = malloc(n...

...pam_ldap.c:3226: error: dereferencing pointer to incomplete type pam_ldap.c:3235: error: `flags' undeclared (first use in this function) pam_ldap.c:3235: error: `PAM_DISALLOW_NULL_AUTHTOK' undeclared (first use in this function) pam_ldap.c:3235: error: invalid use of undefined type `struct pam_response' pam_ldap.c:3235: error: dereferencing pointer to incomplete type pam_ldap.c:3238: error: `PAM_AUTH_ERR' undeclared (first use in this function) pam_ldap.c:3241: error: invalid use of undefined type `struct pam_response' pam_ldap.c:3241: error: dereferencing pointer to incomplete type p...

...v 1.11 2000/07/09 12:42:33 djm Exp $"); #define NEW_AUTHTOK_MSG \ "Warning: You password has expired, please change it now" +static void start_pam2(struct passwd *pw, int auth_type); + /* Callbacks */ static int pamconv(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr); @@ -53,6 +56,7 @@ static struct pam_handle_t *pamh = NULL; static const char *pampasswd = NULL; static char *pam_msg = NULL; +static int current_auth_type=-1; /* PAM conversation function. This is really a kludge to get the password */ /* into PAM and to pick up a...

...+ const struct var_expand_table *table; + string_t *username; + + username = t_str_new(256); + table = auth_request_get_var_expand_table(ctx->request, auth_request_str_escape); + var_expand(username, passdb->username_format, table); + *resp_r = NULL; resp = calloc(num_msg, sizeof(struct pam_response)); @@ -82,7 +90,7 @@ case PAM_PROMPT_ECHO_ON: /* Assume we're asking for user. We might not ever get here because PAM already knows the user. */ - string = strdup(ctx->request->user); + string = strdup(str_c(username)); if (string == NULL) i_fatal_status(FATAL_O...

...2,6 @@ #define NEW_AUTHTOK_MSG \ "Warning: Your password has expired, please change it now." -#define NEW_AUTHTOK_MSG_PRIVSEP \ - "Your password has expired, the session cannot proceed." static int do_pam_conversation(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr); @@ -186,12 +184,15 @@ pam_retval, PAM_STRERROR(__pamh, pam_retval)); } +/* HP-UX doesn't like credentials to be deleted. Skip and rely on pam_end() */ +#ifndef __hpux if (__pamh && creds_set) { pam_retval = pam_setcred(__pamh, PAM_DELETE_CRED...

...2,6 @@ #define NEW_AUTHTOK_MSG \ "Warning: Your password has expired, please change it now." -#define NEW_AUTHTOK_MSG_PRIVSEP \ - "Your password has expired, the session cannot proceed." static int do_pam_conversation(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr); @@ -186,12 +184,15 @@ pam_retval, PAM_STRERROR(__pamh, pam_retval)); } +/* HP-UX doesn't like credentials to be deleted. Skip and rely on pam_end() */ +#ifndef __hpux if (__pamh && creds_set) { pam_retval = pam_setcred(__pamh, PAM_DELETE_CRED...

...quot;include/proto.h", line 1328 argument : pointer to pointer to char "passdb/pampass.c", line 418: warning: assignment type mismatch: pointer to function(int, pointer to pointer to struct pam_message {int msg_style, pointer to char msg}, pointer to pointer to struct pam_response { pointer to char resp, int resp_retcode}, pointer to void) returning int "=" pointer to function(int, pointer to pointer to const struct pam_message {int ms g_style, pointer to char msg}, pointer to pointer to struct pam_response {pointer to char resp, int resp_retcode}, pointer to void)...