What is print_pam_messages() used for ?
Darren Tucker
dtucker at zip.com.au
Fri Jan 16 11:13:44 EST 2004
Ralf Hack wrote:
> I was investigating why I don't see any warnings from pam_ldap
> indicating the pending expiration of passwords as well as for
> PAM_NEW_AUTHTOK_REQD. Eventually, I found that do_pam_account() does not
> have a conversation function.
NEW_AUTHTOK_REQD should be fixed in -current for SSHv2
keyboard-interactive authentication (it works for me on my test
platforms, but you may not get all of the messages on Solaris or HP-UX yet).
> Also, there is a function
> print_pam_messages (currently empty) which look suspiciously like it is
> ear marked to show just those error messages:
>
> /* auth-pam.c */
> void print_pam_messages(void)
> {
> /* XXX */
> }
print_pam_messages had been more or less superceded by the generic
Buffer loginmsg. There's still a couple more loginmsg changes I hope to
make, after which print_pam_messages() should be gone altogether.
> By any chance, is someone working on a patch to show these warning
> messages ?
There have been changes since 3.7.1p2 to allow the display of messages
from session modules, and the remaining messages after
challenge-response authentication. I'm not sure if those will include
your messages from pam_ldap, but if you haven't already, please try a
recent snapshot.
(ftp://ftp.ca.openbsd.org/pub/OpenBSD/OpenSSH/portable/snapshot/)
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list