New password echoes on Sol8
Kevin Steves
stevesk at pobox.com
Sat Oct 27 12:24:06 EST 2001
On Sat, 27 Oct 2001, Markus Friedl wrote:
:the call is wrong:
: 1) read_passphrase() does already call xstrdup
: 2) 1 is passed as a flag to read_passphrase(), and
: 1 means: RP_ECHO so echo is not turned off.
thanks for strdup() not needed. can PAM users test this? i think
RP_ALLOW_STDIN is what we want vs. 0.
Index: auth-pam.c
===================================================================
RCS file: /var/cvs/openssh/auth-pam.c,v
retrieving revision 1.37
diff -u -r1.37 auth-pam.c
--- auth-pam.c 2001/04/23 18:38:37 1.37
+++ auth-pam.c 2001/10/27 02:17:57
@@ -87,7 +87,7 @@
* messages with into __pam_msg. This is used during initial
* authentication to bypass the normal PAM password prompt.
*
- * OTHER mode handles PAM_PROMPT_ECHO_OFF with read_passphrase(prompt, 1)
+ * OTHER mode handles PAM_PROMPT_ECHO_OFF with read_passphrase()
* and outputs messages to stderr. This mode is used if pam_chauthtok()
* is called to update expired passwords.
*/
@@ -146,9 +146,9 @@
reply[count].resp_retcode = PAM_SUCCESS;
break;
case PAM_PROMPT_ECHO_OFF:
- reply[count].resp = xstrdup(
- read_passphrase(PAM_MSG_MEMBER(msg, count,
- msg), 1));
+ reply[count].resp =
+ read_passphrase(PAM_MSG_MEMBER(msg,
+ count, msg), RP_ALLOW_STDIN);
reply[count].resp_retcode = PAM_SUCCESS;
break;
case PAM_ERROR_MSG:
More information about the openssh-unix-dev
mailing list