[Bug 1087] SSH fails to show PAM password expiry message from LDAP on login

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Wed Sep 28 20:31:10 EST 2005


http://bugzilla.mindrot.org/show_bug.cgi?id=1087





------- Additional Comments From dtucker at zip.com.au  2005-09-28 20:31 -------
(From update of attachment 962)
> userauth_finish(Authctxt *authctxt, int authenticated, char *method)
> {
>        char *methods;
>+       int ret;

A minor style point: this will cause "unused variable" warnings when compiling
without PAM.  To avoid this put the variable declaration inside an #ifdef,
where possible at the start of an existing {} block.

>        if (options.use_pam && authenticated) {
>-               if (!PRIVSEP(do_pam_account())) {
>+               ret = PRIVSEP(do_pam_account());
>+
>+               if(use_privsep)
>                        /* if PAM returned a message, send it to the user */

Using use_privsep for this means you'll get different behaviour with and
without privsep.  I prefer to avoid this where possible, so I would just clear
loginmsg after sending the message to the user.

Will attach an updated patch shortly.




------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.




More information about the openssh-bugs mailing list