search for: sshpam_ctxt

...the solaris package builder to turn allow pam to be automatically turned on for install. --- auth-pam.c 2004/02/26 19:35:52 1.1.1.1 +++ auth-pam.c 2004/02/27 00:26:00 @@ -124,7 +124,10 @@ int pam_csock; int pam_done; }; +static struct pam_ctxt *sshpam_ctxt; /* hack for pam library not passing back + ctxt */ + static void sshpam_free_ctx(void *); /* @@ -142,6 +145,10 @@ *resp = NULL; ctxt = data; + if ( ctxt == NULL ) + { + ctxt = sshpam_ctxt; + } if (...

...id input_userauth_info_response_pam(int type, u_int32_t seqnr, void *ctxt); - -struct { - int finished, num_received, num_expected; - int *prompts; - struct pam_response *responses; -} context_pam2 = {0, 0, 0, NULL}; - -static struct pam_conv conv2 = { - do_pam_conversation_kbd_int, - NULL, +struct sshpam_ctxt { + char *user; + pid_t pid; + int sock; + int done; }; -int -auth2_pam(Authctxt *authctxt) +/* + * Send message to parent or child. + */ +static int +sshpam_send(struct sshpam_ctxt *ctxt, char *fmt, ...) { - int retval = -1; - - if (authctxt->user == NULL) - fatal("auth2_pam: i...

...id input_userauth_info_response_pam(int type, u_int32_t seqnr, void *ctxt); - -struct { - int finished, num_received, num_expected; - int *prompts; - struct pam_response *responses; -} context_pam2 = {0, 0, 0, NULL}; - -static struct pam_conv conv2 = { - do_pam_conversation_kbd_int, - NULL, +struct sshpam_ctxt { + char *user; + pid_t pid; + int sock; + int done; }; -int -auth2_pam(Authctxt *authctxt) +/* + * Send message to parent or child. + */ +static int +sshpam_send(struct sshpam_ctxt *ctxt, char *fmt, ...) { - int retval = -1; - - if (authctxt->user == NULL) - fatal("auth2_pam: i...

...wer_pam_query(int sock, Buffer *m) { char *name, *info, **prompts; u_int i, num, *echo_on; <== num is not initialized and could be a random large number int ret; debug3("%s", __func__); sshpam_authok = NULL; ret = (sshpam_device.query)(sshpam_ctxt, &name, &info, &num, &prompts, &echo_on); <== num may not be altered in this call if (ret == 0 && num == 0) sshpam_authok = sshpam_ctxt; if (num > 1 || name == NULL || info == NULL) ret = -1; buffer_clear(m)...

...mm_answer_pam_respond(int sock, Buffer * sshpam_authok = NULL; num = buffer_get_int(m); if (num > 0) { - resp = xmalloc(num * sizeof(char *)); + resp = xcalloc(num, sizeof(char *)); for (i = 0; i < num; ++i) resp[i] = buffer_get_string(m, NULL); ret = (sshpam_device.respond)(sshpam_ctxt, num, resp); Index: monitor_wrap.c =================================================================== RCS file: /usr/local/src/security/openssh/cvs/openssh_cvs/monitor_wrap.c,v retrieving revision 1.59 diff -u -p -r1.59 monitor_wrap.c --- monitor_wrap.c 31 Mar 2006 12:13:02 -0000 1.59 +++ monitor_...

...Buffer * buffer_clear(m); buffer_put_int(m, ret); mm_request_send(sock, MONITOR_ANS_PAM_RESPOND, m); - auth_method = "keyboard-interactive/pam"; + auth_method = compat20 ? "keyboard-interactive/pam" : + "challenge-response"; if (ret == 0) sshpam_authok = sshpam_ctxt; return (0); @@ -980,17 +981,20 @@ mm_answer_keyallowed(int sock, Buffer *m case MM_USERKEY: allowed = options.pubkey_authentication && user_key_allowed(authctxt->pw, key); + auth_method = "publickey"; break; case MM_HOSTKEY: allowed = options.host...