diff options
author | dtucker <dtucker> | 2005-07-16 01:33:06 +0000 |
---|---|---|
committer | dtucker <dtucker> | 2005-07-16 01:33:06 +0000 |
commit | 9ee4482271c4c8098e3d5554bd0f9089d9351467 (patch) | |
tree | 62da4a9a01941a2de7e4f46b530c3a4299fa713c | |
parent | 8d995a474d39827f2e8b9c304463f90f9dc51d72 (diff) | |
download | openssh-9ee4482271c4c8098e3d5554bd0f9089d9351467.tar.gz |
- (dtucker) [auth-pam.c] Ensure that only one side of the authentication
socketpair stays open on in both the monitor and PAM process. Patch from
Joerg Sonnenberger.
-rw-r--r-- | ChangeLog | 7 | ||||
-rw-r--r-- | auth-pam.c | 7 |
2 files changed, 12 insertions, 2 deletions
@@ -1,3 +1,8 @@ +20050716 + - (dtucker) [auth-pam.c] Ensure that only one side of the authentication + socketpair stays open on in both the monitor and PAM process. Patch from + Joerg Sonnenberger. + 20050714 - (dtucker) OpenBSD CVS Sync - dtucker@cvs.openbsd.org 2005/07/06 09:33:05 @@ -2825,4 +2830,4 @@ - (djm) Trim deprecated options from INSTALL. Mention UsePAM - (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu -$Id: ChangeLog,v 1.3845 2005/07/14 07:22:11 dtucker Exp $ +$Id: ChangeLog,v 1.3846 2005/07/16 01:33:06 dtucker Exp $ @@ -47,7 +47,7 @@ /* Based on $FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:18 des Exp $ */ #include "includes.h" -RCSID("$Id: auth-pam.c,v 1.123 2005/05/26 09:59:48 dtucker Exp $"); +RCSID("$Id: auth-pam.c,v 1.124 2005/07/16 01:33:06 dtucker Exp $"); #ifdef USE_PAM #if defined(HAVE_SECURITY_PAM_APPL_H) @@ -157,6 +157,7 @@ pthread_create(sp_pthread_t *thread, const void *attr __unused, void *(*thread_start)(void *), void *arg) { pid_t pid; + struct pam_ctxt *ctx = arg; sshpam_thread_status = -1; switch ((pid = fork())) { @@ -164,10 +165,14 @@ pthread_create(sp_pthread_t *thread, const void *attr __unused, error("fork(): %s", strerror(errno)); return (-1); case 0: + close(ctx->pam_psock); + ctx->pam_psock = -1; thread_start(arg); _exit(1); default: *thread = pid; + close(ctx->pam_csock); + ctx->pam_csock = -1; sshpam_oldsig = signal(SIGCHLD, sshpam_sigchld_handler); return (0); } |