Date: Tue, 8 May 2001 17:14:19 -0700 From: Alfred Perlstein <bright@wintelcom.net> To: Brian Feldman <green@FreeBSD.org> Cc: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/crypto/openssh auth-pam.c Message-ID: <20010508171418.P18676@fw.wintelcom.net> In-Reply-To: <200105082230.f48MUJH20777@freefall.freebsd.org>; from green@FreeBSD.org on Tue, May 08, 2001 at 03:30:18PM -0700 References: <200105082230.f48MUJH20777@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
* Brian Feldman <green@FreeBSD.org> [010508 15:30] wrote: > green 2001/05/08 15:30:18 PDT > > Modified files: > crypto/openssh auth-pam.c > Log: > Since PAM is broken, let pam_setcred() failure be non-fatal. Basically the new PAM code has the idea of cached credentials. Besideds being a really fun fun thing to get right, the API does some funky things. Basically, setcreds expects to be able to use cached credentials from some previous call. My guess is that it expects to use them from pam_authenticate(). I'm not sure if sshd calls pam_authenticate() when doing RSA/DSA keys which is why the cached credentials are bogus. I'm going to work on a quick fix and possibly email around to help figure out if my fix is correct. -- -Alfred Perlstein - [alfred@freebsd.org] Daemon News Magazine in your snail-mail! http://magazine.daemonnews.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010508171418.P18676>