- (dtucker) [auth-pam.c] Store output from pam_session and pam_setcred for

author dtucker <dtucker>

Tue, 17 Feb 2004 12:20:07 +0000 (12:20 +0000)

committer dtucker <dtucker>

Tue, 17 Feb 2004 12:20:07 +0000 (12:20 +0000)
author dtucker <dtucker>
Tue, 17 Feb 2004 12:20:07 +0000 (12:20 +0000)
committer dtucker <dtucker>
Tue, 17 Feb 2004 12:20:07 +0000 (12:20 +0000)
diff --git a/ChangeLog b/ChangeLog

index e695dc60f27d7f0955702071ba2141bcae6b07a0..6a6af20d978e3b0555ab82e772e05fa626c153ef 100644 (file)
--- a/ChangeLog
+++ b/ChangeLog
@@ -8,6 +8,9 @@
   - (djm) Bug #698: Specify FILE: for KRB5CCNAME; patch from 
     stadal@suse.cz and simon@sxw.org.uk
   - (dtucker) [auth-pam.c] Tidy up PAM debugging.  ok djm@
+ - (dtucker) [auth-pam.c] Store output from pam_session and pam_setcred for
+   display after login.  Should fix problems like pam_motd not displaying
+   anything, noticed by cjwatson at debian.org.  ok djm@
  
  20040212
   - (tim) [Makefile.in regress/sftp-badcmds.sh regress/test-exec.sh]
diff --git a/auth-pam.c b/auth-pam.c

index 27aacedc3d90fcb0445e175425a0591ff21a5a22..7157e726420a7bdedc72abfcf955bc8333926d80 100644 (file)
--- a/auth-pam.c
+++ b/auth-pam.c
@@ -823,12 +823,57 @@ do_pam_chauthtok(void)
                     pam_strerror(sshpam_handle, sshpam_err));
  }
  
+static int
+pam_store_conv(int n, const struct pam_message **msg,
+    struct pam_response **resp, void *data)
+{
+       struct pam_response *reply;
+       int i;
+       size_t len;
+
+       debug3("PAM: %s called with %d messages", __func__, n);
+       *resp = NULL;
+
+       if (n <= 0 || n > PAM_MAX_NUM_MSG)
+               return (PAM_CONV_ERR);
+
+       if ((reply = malloc(n * sizeof(*reply))) == NULL)
+               return (PAM_CONV_ERR);
+       memset(reply, 0, n * sizeof(*reply));
+
+       for (i = 0; i < n; ++i) {
+               switch (PAM_MSG_MEMBER(msg, i, msg_style)) {
+               case PAM_ERROR_MSG:
+               case PAM_TEXT_INFO:
+                       len = strlen(PAM_MSG_MEMBER(msg, i, msg));
+                       buffer_append(&loginmsg, PAM_MSG_MEMBER(msg, i, msg), len);
+                       buffer_append(&loginmsg, "\n", 1 );
+                       reply[i].resp_retcode = PAM_SUCCESS;
+                       break;
+               default:
+                       goto fail;
+               }
+       }
+       *resp = reply;
+       return (PAM_SUCCESS);
+
+ fail:
+       for(i = 0; i < n; i++) {
+               if (reply[i].resp != NULL)
+                       xfree(reply[i].resp);
+       }
+       xfree(reply);
+       return (PAM_CONV_ERR);
+}
+
+static struct pam_conv store_conv = { pam_store_conv, NULL };
+
  void
  do_pam_session(void)
  {
         debug3("PAM: opening session");
         sshpam_err = pam_set_item(sshpam_handle, PAM_CONV,
-           (const void *)&tty_conv);
+           (const void *)&store_conv);
         if (sshpam_err != PAM_SUCCESS)
                 fatal("PAM: failed to set PAM_CONV: %s",
                     pam_strerror(sshpam_handle, sshpam_err));
author	dtucker <dtucker>
	Tue, 17 Feb 2004 12:20:07 +0000 (12:20 +0000)
committer	dtucker <dtucker>
	Tue, 17 Feb 2004 12:20:07 +0000 (12:20 +0000)
ChangeLog		patch \| blob \| blame \| history
auth-pam.c		patch \| blob \| blame \| history