- (djm) Add new UsePAM configuration directive to allow runtime control

over usage of PAM. This allows non-root use of sshd when built with --with-pam
author: djm <djm> 2003-05-14 05:11:48 +0000
committer: djm <djm> 2003-05-14 05:11:48 +0000
commit: a57327190a1c0fe3e456b7c3ca6d550bb2172056 (patch)
tree: bcbef19aa3a83f9b4ffd5556a9d917654b944dee /auth-pam.c
parent: b084f3eb966ff2100a6c545d9d9c6ade5c27f0a8 (diff)
download: openssh-a57327190a1c0fe3e456b7c3ca6d550bb2172056.tar.gz
1 files changed, 6 insertions, 1 deletions
diff --git a/auth-pam.c b/auth-pam.c
index f4718035..234e8f43 100644
--- a/auth-pam.c
+++ b/auth-pam.c
@@ -49,6 +49,8 @@ RCSID("$FreeBSD: src/crypto/openssh/auth2-pam-freebsd.c,v 1.11 2003/03/31 13:48:
 #include "ssh2.h"
 #include "xmalloc.h"
 
+extern ServerOptions options;
+
 #define __unused
 
 #ifdef USE_POSIX_THREADS
@@ -276,7 +278,6 @@ sshpam_cleanup(void *arg)
 static int
 sshpam_init(const char *user)
 {
-	extern ServerOptions options;
 	extern u_int utmp_len;
 	const char *pam_rhost, *pam_user;
 
@@ -313,6 +314,10 @@ sshpam_init_ctx(Authctxt *authctxt)
 	struct pam_ctxt *ctxt;
 	int socks[2];
 
+	/* Refuse to start if we don't have PAM enabled */
+	if (!options.use_pam)
+		return NULL;
+
 	/* Initialize PAM */
 	if (sshpam_init(authctxt->user) == -1) {
 		error("PAM: initialization failed");
author	djm <djm>	2003-05-14 05:11:48 +0000
committer	djm <djm>	2003-05-14 05:11:48 +0000
commit	a57327190a1c0fe3e456b7c3ca6d550bb2172056 (patch)
tree	bcbef19aa3a83f9b4ffd5556a9d917654b944dee /auth-pam.c
parent	b084f3eb966ff2100a6c545d9d9c6ade5c27f0a8 (diff)
download	openssh-a57327190a1c0fe3e456b7c3ca6d550bb2172056.tar.gz