Displaying 1 result from an estimated 1 matches for "sshpam_set_maxtries_reached".
2025 Feb 13
1
[PATCH] auth-pam: Check the user didn't change during PAM transaction
...txt->user, pam_user) != 0) {
+ debug("PAM: User '%s' does not match expected '%s'",
+ pam_user, authctxt->user);
+ return PAM_USER_UNKNOWN;
+ }
+
+ return PAM_SUCCESS;
+}
+
/*
* Authentication thread.
*/
@@ -521,6 +543,9 @@ sshpam_thread(void *ctxtp)
sshpam_set_maxtries_reached(1);
if (sshpam_err != PAM_SUCCESS)
goto auth_fail;
+ sshpam_err = check_pam_user(sshpam_authctxt);
+ if (sshpam_err != PAM_SUCCESS)
+ goto auth_fail;
if (!do_pam_account()) {
sshpam_err = PAM_ACCT_EXPIRED;
@@ -686,8 +711,7 @@ sshpam_cleanup(void)
static int
sshpam_init(struct ssh *ss...