Displaying 3 results from an estimated 3 matches for "sshpam_authok".
2010 Jul 13
5
[Bug 1795] New: An integer variable "num" in mm_answer_pam_query() is not initialized before used
...do default initialization.
------ code ------
int
mm_answer_pam_query(int sock, Buffer *m)
{
char *name, *info, **prompts;
u_int i, num, *echo_on; <== num is not initialized and could
be a random large number
int ret;
debug3("%s", __func__);
sshpam_authok = NULL;
ret = (sshpam_device.query)(sshpam_ctxt, &name, &info, &num,
&prompts, &echo_on); <== num may not be altered in this call
if (ret == 0 && num == 0)
sshpam_authok = sshpam_ctxt;
if (num > 1 || name == NULL || info ==...
2006 May 04
2
xmalloc(foo*bar) -> xcalloc(foo, bar) for Portable
...========================
RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/monitor.c,v
retrieving revision 1.102
diff -u -p -r1.102 monitor.c
--- monitor.c 31 Mar 2006 12:14:24 -0000 1.102
+++ monitor.c 4 May 2006 01:56:40 -0000
@@ -924,7 +924,7 @@ mm_answer_pam_respond(int sock, Buffer *
sshpam_authok = NULL;
num = buffer_get_int(m);
if (num > 0) {
- resp = xmalloc(num * sizeof(char *));
+ resp = xcalloc(num, sizeof(char *));
for (i = 0; i < num; ++i)
resp[i] = buffer_get_string(m, NULL);
ret = (sshpam_device.respond)(sshpam_ctxt, num, resp);
Index: monitor_wrap.c
=========...
2006 Feb 12
1
sshd double-logging
...spond(int sock, Buffer *
buffer_clear(m);
buffer_put_int(m, ret);
mm_request_send(sock, MONITOR_ANS_PAM_RESPOND, m);
- auth_method = "keyboard-interactive/pam";
+ auth_method = compat20 ? "keyboard-interactive/pam" :
+ "challenge-response";
if (ret == 0)
sshpam_authok = sshpam_ctxt;
return (0);
@@ -980,17 +981,20 @@ mm_answer_keyallowed(int sock, Buffer *m
case MM_USERKEY:
allowed = options.pubkey_authentication &&
user_key_allowed(authctxt->pw, key);
+ auth_method = "publickey";
break;
case MM_HOSTKEY:
allowed...