diff options
| -rw-r--r-- | ChangeLog | 2 | ||||
| -rw-r--r-- | sshd.c | 43 |
2 files changed, 32 insertions, 13 deletions
@@ -2,6 +2,8 @@ - sshd Redhat init script patch from Jim Knoble <jmknoble@pobox.com> fixes compatability with 4.x and 5.x - Fixed default SSH_ASKPASS + - Fix PAM account and session being called multiple times. Problem + reported by Adrian Baugh <adrian@merlin.keble.ox.ac.uk> 19991204 - Small cleanup of PAM code in sshd.c @@ -11,7 +11,7 @@ */ #include "includes.h" -RCSID("$Id: sshd.c,v 1.33 1999/12/04 09:24:48 damien Exp $"); +RCSID("$Id: sshd.c,v 1.34 1999/12/07 03:56:27 damien Exp $"); #include "xmalloc.h" #include "rsa.h" @@ -1551,24 +1551,41 @@ do_authloop(struct passwd * pw) get_remote_port(), user); -#ifdef HAVE_LIBPAM - do_pam_account_and_session(pw->pw_name, client_user); +#ifndef HAVE_LIBPAM + if (authenticated) + return; - /* Clean up */ - if (client_user != NULL) - xfree(client_user); + if (attempt > AUTH_FAIL_MAX) + packet_disconnect(AUTH_FAIL_MSG, pw->pw_name); +#else /* HAVE_LIBPAM */ + if (authenticated) { + do_pam_account_and_session(pw->pw_name, client_user); - if (password != NULL) { - memset(password, 0, strlen(password)); - xfree(password); - } -#endif /* HAVE_LIBPAM */ + /* Clean up */ + if (client_user != NULL) + xfree(client_user); - if (authenticated) + if (password != NULL) { + memset(password, 0, strlen(password)); + xfree(password); + } + return; + } - if (attempt > AUTH_FAIL_MAX) + if (attempt > AUTH_FAIL_MAX) { + /* Clean up */ + if (client_user != NULL) + xfree(client_user); + + if (password != NULL) { + memset(password, 0, strlen(password)); + xfree(password); + } + packet_disconnect(AUTH_FAIL_MSG, pw->pw_name); + } +#endif /* HAVE_LIBPAM */ /* Send a message indicating that the authentication attempt failed. */ packet_start(SSH_SMSG_FAILURE); |