[Bug 2408] Expose authentication information to PAM
bugzilla-daemon at bugzilla.mindrot.org
bugzilla-daemon at bugzilla.mindrot.org
Wed Feb 24 21:50:51 AEDT 2016
https://bugzilla.mindrot.org/show_bug.cgi?id=2408
Vincent Brillault <git at lerya.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Attachment #2791|0 |1
is obsolete| |
--- Comment #4 from Vincent Brillault <git at lerya.net> ---
Created attachment 2792
--> https://bugzilla.mindrot.org/attachment.cgi?id=2792&action=edit
Expose successful auth methods via environments (pam and shell)
Dear all,
Sorry for the spamming, but I just realized that it is possible to
expose the 'displayname" of gssapi authentication without a big
modification. This new patch now exposes it but unfortunately I was
only able to test a port of this patch on Centos sources and not this
one directly as the only kerberos-enabled system I have is a Centos
system.
This patch is now feature-complete with the feature I was thinking
about, but if you see an authentication method that I missed and could
also expose relevant information, please tell me.
In the end this patch creates two new functions, both returning a
char* which needs to be freed:
- ssh_gssapi_get_displayname to get the displayname from a gssapi
session
- sshkey_format_oneline to format a ssh key as it was formated in
pubkey_auth_info
I'm not really good at naming and if anyone has better names for these
function, your advice would be appreciated.
Thanks in advance,
Vincent Brillault
PS: individual patches can be found on github:
https://github.com/openssh/openssh-portable/compare/master...CERN-CERT:master
--
You are receiving this mail because:
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list