[Bug 114] New: Invalid users vs. PAM (protocol 1 only (?))

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Wed Feb 13 12:10:59 EST 2002


http://bugzilla.mindrot.org/show_bug.cgi?id=114

           Summary: Invalid users vs. PAM (protocol 1 only (?))
           Product: Portable OpenSSH
           Version: -current
          Platform: All
        OS/Version: Linux
            Status: NEW
          Severity: minor
          Priority: P2
         Component: sshd
        AssignedTo: openssh-unix-dev at mindrot.org
        ReportedBy: peak at argo.troja.mff.cuni.cz


do_authentication() in auth1.c does not call start_pam() for invalid users but
auth_pam_password() calls do_pam_set_conv() before it checks user validity. This
means pam_set_item() is called will NULL pamh and Linux PAM is unhappy and
syslogs a complaint (see
http://archives.neohapsis.com/archives/pam-list/2001-04/0111.html).



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.



More information about the openssh-unix-dev mailing list