[openssh-commits] [openssh] 01/01: Expose SSH_AUTH_INFO_0 to PAM auth modules

git+noreply at mindrot.org git+noreply at mindrot.org
Fri Apr 6 14:12:52 AEST 2018


This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit e8f474554e3bda102a797a2fbab0594ccc66f097
Author: Damien Miller <djm at mindrot.org>
Date:   Fri Apr 6 14:11:44 2018 +1000

    Expose SSH_AUTH_INFO_0 to PAM auth modules
    
    bz#2408, patch from Radoslaw Ejsmont; ok dtucker@
---
 auth-pam.c | 42 ++++++++++++++++++++++--------------------
 1 file changed, 22 insertions(+), 20 deletions(-)

diff --git a/auth-pam.c b/auth-pam.c
index 00ba8777..45625957 100644
--- a/auth-pam.c
+++ b/auth-pam.c
@@ -674,6 +674,27 @@ sshpam_init(Authctxt *authctxt)
 	return (0);
 }
 
+static void
+expose_authinfo(const char *caller)
+{
+	char *auth_info;
+
+	/*
+	 * Expose authentication information to PAM.
+	 * The environment variable is versioned. Please increment the
+	 * version suffix if the format of session_info changes.
+	 */
+	if (sshpam_authctxt->session_info == NULL)
+		auth_info = xstrdup("");
+	else if ((auth_info = sshbuf_dup_string(
+	    sshpam_authctxt->session_info)) == NULL)
+		fatal("%s: sshbuf_dup_string failed", __func__);
+
+	debug2("%s: auth information in SSH_AUTH_INFO_0", caller);
+	do_pam_putenv("SSH_AUTH_INFO_0", auth_info);
+	free(auth_info);
+}
+
 static void *
 sshpam_init_ctx(Authctxt *authctxt)
 {
@@ -694,6 +715,7 @@ sshpam_init_ctx(Authctxt *authctxt)
 		return (NULL);
 	}
 
+	expose_authinfo(__func__);
 	ctxt = xcalloc(1, sizeof *ctxt);
 
 	/* Start the authentication thread */
@@ -935,26 +957,6 @@ finish_pam(void)
 	sshpam_cleanup();
 }
 
-static void
-expose_authinfo(const char *caller)
-{
-	char *auth_info;
-
-	/*
-	 * Expose authentication information to PAM.
-	 * The enviornment variable is versioned. Please increment the
-	 * version suffix if the format of session_info changes.
-	 */
-	if (sshpam_authctxt->session_info == NULL)
-		auth_info = xstrdup("");
-	else if ((auth_info = sshbuf_dup_string(
-	    sshpam_authctxt->session_info)) == NULL)
-		fatal("%s: sshbuf_dup_string failed", __func__);
-
-	debug2("%s: auth information in SSH_AUTH_INFO_0", caller);
-	do_pam_putenv("SSH_AUTH_INFO_0", auth_info);
-	free(auth_info);
-}
 
 u_int
 do_pam_account(void)

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.


More information about the openssh-commits mailing list