Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 11 Jul 2002 09:59:40 -0700 (PDT)
From:      OISHI Masakuni <yamasa@ec.catv.ne.jp>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   bin/40463: pam_ssh is broken - dumps core
Message-ID:  <200207111659.g6BGxeJK047405@www.freebsd.org>
next in thread | raw e-mail | index | archive | help 

>Number:         40463
>Category:       bin
>Synopsis:       pam_ssh is broken - dumps core
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Jul 11 10:00:33 PDT 2002
>Closed-Date:
>Last-Modified:
>Originator:     OISHI Masakuni
>Release:        FreeBSD 4.6-STABLE
>Organization:
>Environment:
>Description:
      After pam_ssh was updated on July 3, it dumps core with the following messages.

Jul  8 00:01:18 genesis /kernel: pid 147 (xdm), uid 0: exited on signal 10 (core dumped)

>How-To-Repeat:
      Try to login with the following pam.conf.

/etc/pam.conf:
xdm     auth    required        pam_unix.so
xdm     auth    optional        pam_ssh.so      use_first_pass
xdm     account required        pam_unix.so
xdm     session optional        pam_ssh.so
xdm     session required        pam_permit.so
xdm     password required       pam_deny.so
>Fix:
      Apply this patch against src/lib/libpam/modules/pam_ssh/pam_ssh.c.

--- pam_ssh.c.orig      Thu Jul 11 01:18:34 2002
+++ pam_ssh.c   Thu Jul 11 01:37:00 2002
@@ -263,7 +263,8 @@
        int authenticated;              /* user authenticated? */
        char *dotdir;                   /* .ssh dir name */
        char *file;                     /* current key file */
-       char *keyfiles;                 /* list of key files to add */
+       char *kfspec;                   /* list of key files to add */
+       char *keyfiles;
        const char *pass;               /* passphrase */
        const struct passwd *pwent;     /* user's passwd entry */
        struct passwd *pwent_keep;      /* our own copy */
@@ -272,8 +273,8 @@
 
        pam_std_option(&options, other_options, argc, argv);
 
-       if (!pam_test_option(&options, PAM_OPT_KEYFILES, &keyfiles)) {
-               keyfiles = DEF_KEYFILES;
+       if (!pam_test_option(&options, PAM_OPT_KEYFILES, &kfspec)) {
+               kfspec = DEF_KEYFILES;
        }
 
        if ((retval = pam_get_user(pamh, &user, NULL)) != PAM_SUCCESS)
@@ -299,11 +300,13 @@
                return (PAM_SERVICE_ERR);
        }
        authenticated = 0;
+       keyfiles = strdup(kfspec);
        for (file = strtok(keyfiles, SEP_KEYFILES); file;
             file = strtok(NULL, SEP_KEYFILES))
                if (auth_via_key(pamh, file, dotdir, pwent, pass, &options) ==
                    PAM_SUCCESS)
                        authenticated++;
+       free(keyfiles);
        free(dotdir);
        if (!authenticated)
                return (PAM_AUTH_ERR);

>Release-Note:
>Audit-Trail:
>Unformatted:

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200207111659.g6BGxeJK047405>