[openssh-commits] [openssh] 01/01: Expose SSH_AUTH_INFO_0 to PAM auth modules
git+noreply at mindrot.org
git+noreply at mindrot.org
Fri Apr 6 14:12:52 AEST 2018
This is an automated email from the git hooks/post-receive script.
djm pushed a commit to branch master
in repository openssh.
commit e8f474554e3bda102a797a2fbab0594ccc66f097
Author: Damien Miller <djm at mindrot.org>
Date: Fri Apr 6 14:11:44 2018 +1000
Expose SSH_AUTH_INFO_0 to PAM auth modules
bz#2408, patch from Radoslaw Ejsmont; ok dtucker@
---
auth-pam.c | 42 ++++++++++++++++++++++--------------------
1 file changed, 22 insertions(+), 20 deletions(-)
diff --git a/auth-pam.c b/auth-pam.c
index 00ba8777..45625957 100644
--- a/auth-pam.c
+++ b/auth-pam.c
@@ -674,6 +674,27 @@ sshpam_init(Authctxt *authctxt)
return (0);
}
+static void
+expose_authinfo(const char *caller)
+{
+ char *auth_info;
+
+ /*
+ * Expose authentication information to PAM.
+ * The environment variable is versioned. Please increment the
+ * version suffix if the format of session_info changes.
+ */
+ if (sshpam_authctxt->session_info == NULL)
+ auth_info = xstrdup("");
+ else if ((auth_info = sshbuf_dup_string(
+ sshpam_authctxt->session_info)) == NULL)
+ fatal("%s: sshbuf_dup_string failed", __func__);
+
+ debug2("%s: auth information in SSH_AUTH_INFO_0", caller);
+ do_pam_putenv("SSH_AUTH_INFO_0", auth_info);
+ free(auth_info);
+}
+
static void *
sshpam_init_ctx(Authctxt *authctxt)
{
@@ -694,6 +715,7 @@ sshpam_init_ctx(Authctxt *authctxt)
return (NULL);
}
+ expose_authinfo(__func__);
ctxt = xcalloc(1, sizeof *ctxt);
/* Start the authentication thread */
@@ -935,26 +957,6 @@ finish_pam(void)
sshpam_cleanup();
}
-static void
-expose_authinfo(const char *caller)
-{
- char *auth_info;
-
- /*
- * Expose authentication information to PAM.
- * The enviornment variable is versioned. Please increment the
- * version suffix if the format of session_info changes.
- */
- if (sshpam_authctxt->session_info == NULL)
- auth_info = xstrdup("");
- else if ((auth_info = sshbuf_dup_string(
- sshpam_authctxt->session_info)) == NULL)
- fatal("%s: sshbuf_dup_string failed", __func__);
-
- debug2("%s: auth information in SSH_AUTH_INFO_0", caller);
- do_pam_putenv("SSH_AUTH_INFO_0", auth_info);
- free(auth_info);
-}
u_int
do_pam_account(void)
--
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
More information about the openssh-commits
mailing list