New password echoes on Sol8
Markus Friedl
markus at openbsd.org
Sat Oct 27 08:04:30 EST 2001
On Fri, Oct 26, 2001 at 04:44:25PM -0400, Nicolas Williams wrote:
> PAM is using the "conversation" function passed to it by OpenSSH.
>
> That "conversation" function must be using read_passphrase().
so we are talking about this:
case PAM_PROMPT_ECHO_OFF:
reply[count].resp = xstrdup(
read_passphrase(PAM_MSG_MEMBER(msg, count,
msg), 1));
reply[count].resp_retcode = PAM_SUCCESS;
break;
the call is wrong:
1) read_passphrase() does already call xstrdup
2) 1 is passed as a flag to read_passphrase(), and
1 means: RP_ECHO so echo is not turned off.
i suggest:
reply[count].resp =
read_passphrase(PAM_MSG_MEMBER(msg, count,
msg), RP_ALLOW_STDIN);
or
reply[count].resp =
read_passphrase(PAM_MSG_MEMBER(msg, count,
msg), 0);
-m
More information about the openssh-unix-dev
mailing list