Serious Bug Report: OpenSSH

Damien Miller djm at
Wed Dec 8 08:42:54 EST 1999

Hash: SHA1

On Tue, 7 Dec 1999, Ben Taylor wrote:

> On Tue, 7 Dec 1999, Damien Miller wrote:
> Actually, while debugging another problem, I realized that the 
> do_pam_accounting_and_session was getting called multiple times
> until the authorization finally succeeded.  Since I'm in the middle
> of a work around for the PAM bug in Solaris, and have split functionality
> for do_pam_account and do_pam_session, I was able to move the code
> to call do_pam_account into the segment [ if (authenticated) { return; } ]
> around line 1277 in sshd.c.  The effect is that do_pam_account is called
> only after the user has been authenticated.

Yes, this is exactly what I did in 1.2pre16.

> I've got patches for Solaris in the works to use PTMX, utmpx instead of
> utmp, and a fix to the PAM library to prevent the segfault.  It all
> works and I'm in the middle of cleaning up the patch.  Solaris for
> some reason ends up printing MOTD twice, but I think I can just
> turn off MOTD in the config file.

1.2pre16 detects and uses PTMX, can you test this?

utmpx support would be nice.


- --
| "Bombay is 250ms from New York in the new world order" - Alan Cox
| Damien Miller -
| Email: djm at (home) -or- djm at (work)

Version: GnuPG v1.0.0 (GNU/Linux)
Comment: For info see


More information about the openssh-unix-dev mailing list