[Bug 892] Send output from PAM account modules to user

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Mon Jul 5 17:25:46 EST 2004


http://bugzilla.mindrot.org/show_bug.cgi?id=892





------- Additional Comments From dtucker at zip.com.au  2004-07-05 17:25 -------
Created an attachment (id=681)
 --> (http://bugzilla.mindrot.org/attachment.cgi?id=681&action=view)
Collect PAM auth messages and send with SSH2_BANNER

This patch collects the messages from pam_acct_mgmt (using the existing
store_conv), copies it from the monitor and sends it to the user using a
SSH2_MSG_USERAUTH_BANNER message.  auth-pam.c used to do something like this in
the pre-privsep days.

This does not leak information to unauthenticated users since a user must
successfully authenticate via some method before that can occur.

(The diff is smaller than it looks, most of the bulk is the relocation of
sshpam_store_conv so that it can be used earlier, it was not changed.)



------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.




More information about the openssh-bugs mailing list