Fix for USE_POSIX_THREADS in auth-pam.c

[Damien Miller]

Steven Michaud wrote:

> For example, Christian Pfaffel posted a patch to this list on 9-17
> with hacks to force Kerberos credentials to disk and to use
> ssh_msg_send() to send the PAM environment from the child process to
> the parent.  (His patch was in an attachment and got dropped.  But
> fortunately he re-posted his message to the MIT Kerberos newsgroup a
> few days later, and this time the attachment came through --
> http://diswww.mit.edu:8008/menelaus.mit.edu/kerberos/19973.)

Please try the one at http://bugzilla.mindrot.org/show_bug.cgi?id=717

It has been sitting there with little feedback for a while.

> In fact this solution works just fine (as long as your OS has support
> for POSIX threads).  But a small change was required to the "thread"
> code in auth-pam.c:  The man pages for Linux PAM (also used on
> Darwin/OS X) and Solaris PAM say that PAM isn't thread safe unless
> each thread uses a different PAM handle.  But that's useless for us --
> we need both threads to share a single PAM handle.  Instead we should
> use a mutex to prevent the single handle from being used by more than
> a single thread at a time.

We won't be supporting threads, they add way more complexity then they 
solve. The code is still ethere because some people may want to use it, 
at their own risk.

I'd prefer to explicitly export state from the PAM child back to the 
parent (hidden state is a bad idea, especially in a security API). 
Getting the above patch reviewed would be a start in this direction.

-d