AIX authenticate()
Jan-Frode Myklebust
janfrode at ii.uib.no
Tue Aug 13 03:07:54 EST 2002
Hi,
I just got a comment from one of my IBM support engineeres that there
is a problem with auth-passwd.c only calling authenticate() once. He
claims it should potentially be called several times, in case several
authetication methods are defined in /etc/security/user. F.ex.:
SYSTEM = "NIS and DCE"
Suggested (untested) patch should look like:
----------------- cut --------------------
% diff -u auth-passwd.c-original auth-passwd.c
--- auth-passwd.c-original 2002-08-12 18:43:25.000000000 +0200
+++ auth-passwd.c 2002-08-12 19:02:43.000000000 +0200
@@ -114,6 +114,7 @@
#ifdef WITH_AIXAUTHENTICATE
char *authmsg;
char *loginmsg;
+ int rc;
int reenter = 1;
#endif
@@ -145,7 +146,11 @@
}
#endif
#ifdef WITH_AIXAUTHENTICATE
- return (authenticate(pw->pw_name,password,&reenter,&authmsg) == 0);
+ while (reenter) {
+ rc = authenticate (pw->pw_name,password,&reenter,&authmsg)
+ }
+ return (rc);
#endif
#ifdef KRB4
if (options.kerberos_authentication == 1) {
----------------- /cut -------------------
It kind of looks like it's a slip that this isn't fixed in
auth-passwd.c, as 'int reenter = 1;' is already available inside
WITH_AIXAUTHENTICATE.
-jf
More information about the openssh-unix-dev
mailing list