<drankin@bohemians.lexington.ky.us>
- Print whether OpenSSH was compiled with RSARef, patch from
Nalin Dahyabhai <nalin@thermo.stat.ncsu.edu>
+ - Calls to pam_setcred, patch from Nalin Dahyabhai
+ <nalin@thermo.stat.ncsu.edu>
19991228
- Replacement for getpagesize() for systems which lack it
int do_pam_auth(const char *user, const char *password);
void do_pam_account(char *username, char *remote_user);
void do_pam_session(char *username, char *ttyname);
+void do_pam_setcred();
void pam_cleanup_proc(void *context);
static struct pam_conv conv = {
PAM_STRERROR((pam_handle_t *)pamh, pam_retval));
}
+ pam_retval = pam_setcred((pam_handle_t *)pamh, PAM_DELETE_CRED);
+ if (pam_retval != PAM_SUCCESS) {
+ log("Cannot delete credentials: %.200s",
+ PAM_STRERROR((pam_handle_t *)pamh, pam_retval));
+ }
+
pam_retval = pam_end((pam_handle_t *)pamh, pam_retval);
if (pam_retval != PAM_SUCCESS) {
log("Cannot release PAM authentication: %.200s",
if (pam_retval != PAM_SUCCESS)
fatal("PAM session setup failed: %.200s", PAM_STRERROR((pam_handle_t *)pamh, pam_retval));
}
+
+void do_pam_setcred()
+{
+ int pam_retval;
+
+ debug("PAM establishing creds");
+ pam_retval = pam_setcred((pam_handle_t *)pamh, PAM_ESTABLISH_CRED);
+ if (pam_retval != PAM_SUCCESS)
+ fatal("PAM setcred failed: %.200s", PAM_STRERROR((pam_handle_t *)pamh, pam_retval));
+}
#endif /* USE_PAM */
/*
packet_set_interactive(have_pty || display != NULL,
options.keepalives);
+#ifdef USE_PAM
+ do_pam_setcred();
+#endif
if (forced_command != NULL)
goto do_forced_command;
debug("Forking shell.");
packet_set_interactive(have_pty || display != NULL,
options.keepalives);
+#ifdef USE_PAM
+ do_pam_setcred();
+#endif
if (forced_command != NULL)
goto do_forced_command;
/* Get command from the packet. */