OSF_SIA bug in 2.3.0p1
Mike Battersby
mib at unimelb.edu.au
Mon Feb 12 16:14:39 EST 2001
Is anyone maintaining the OSF_SIA support in openssh? This seems to be an
obvious bug triggered if you try to connect as a non-existant user.
>From auth1.c line 459
#elif defined(HAVE_OSF_SIA)
(sia_validate_user(NULL, saved_argc, saved_argv,
get_canonical_hostname(), pw->pw_name, NULL, 0,
NULL, "") == SIASUCCESS)) {
#else /* !HAVE_OSF_SIA && !USE_PAM */
At this stage pw could be NULL so obviously pw->pw_name isn't a valid
thing to do. Should this just be 'user'? I'm not even 100% sure of the
validity of passing NULL as collect function (acceptable in 4.0g manpage,
not mentioned in 4.0d manpage).
- Mike
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 979 bytes
Desc: not available
Url : http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20010212/9e65098d/attachment.bin
More information about the openssh-unix-dev
mailing list