diff options
| author | sjg <sjg@FreeBSD.org> | 2014-11-19 01:07:58 +0000 |
|---|---|---|
| committer | sjg <sjg@FreeBSD.org> | 2014-11-19 01:07:58 +0000 |
| commit | b137080f19736ee33fede2e88bb54438604cf86b (patch) | |
| tree | 377ac0ac449528621eb192cd245adadb5fd53668 /lib/libpam/modules | |
| parent | ab21a29eb607d4dfe389b965fbdee27558e791aa (diff) | |
| parent | 4a8d07956d121238d006d34ffe7d6269744e8b1a (diff) | |
| download | FreeBSD-src-b137080f19736ee33fede2e88bb54438604cf86b.zip FreeBSD-src-b137080f19736ee33fede2e88bb54438604cf86b.tar.gz | |
Merge from head@274682
Diffstat (limited to 'lib/libpam/modules')
| -rw-r--r-- | lib/libpam/modules/pam_login_access/pam_login_access.c | 21 | ||||
| -rw-r--r-- | lib/libpam/modules/pam_opie/pam_opie.c | 2 | ||||
| -rw-r--r-- | lib/libpam/modules/pam_ssh/Makefile | 2 |
3 files changed, 16 insertions, 9 deletions
diff --git a/lib/libpam/modules/pam_login_access/pam_login_access.c b/lib/libpam/modules/pam_login_access/pam_login_access.c index 945d5eb..fe16662 100644 --- a/lib/libpam/modules/pam_login_access/pam_login_access.c +++ b/lib/libpam/modules/pam_login_access/pam_login_access.c @@ -79,20 +79,27 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags __unused, gethostname(hostname, sizeof hostname); - if (rhost == NULL || *(const char *)rhost == '\0') { + if (rhost != NULL && *(const char *)rhost != '\0') { + PAM_LOG("Checking login.access for user %s from host %s", + (const char *)user, (const char *)rhost); + if (login_access(user, rhost) != 0) + return (PAM_SUCCESS); + PAM_VERBOSE_ERROR("%s is not allowed to log in from %s", + (const char *)user, (const char *)rhost); + } else if (tty != NULL && *(const char *)tty != '\0') { PAM_LOG("Checking login.access for user %s on tty %s", (const char *)user, (const char *)tty); if (login_access(user, tty) != 0) return (PAM_SUCCESS); PAM_VERBOSE_ERROR("%s is not allowed to log in on %s", - user, tty); + (const char *)user, (const char *)tty); } else { - PAM_LOG("Checking login.access for user %s from host %s", - (const char *)user, (const char *)rhost); - if (login_access(user, rhost) != 0) + PAM_LOG("Checking login.access for user %s", + (const char *)user); + if (login_access(user, "***unknown***") != 0) return (PAM_SUCCESS); - PAM_VERBOSE_ERROR("%s is not allowed to log in from %s", - user, rhost); + PAM_VERBOSE_ERROR("%s is not allowed to log in", + (const char *)user); } return (PAM_AUTH_ERR); diff --git a/lib/libpam/modules/pam_opie/pam_opie.c b/lib/libpam/modules/pam_opie/pam_opie.c index bfb875f..9625373 100644 --- a/lib/libpam/modules/pam_opie/pam_opie.c +++ b/lib/libpam/modules/pam_opie/pam_opie.c @@ -62,7 +62,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, struct passwd *pwd; int retval, i; const char *(promptstr[]) = { "%s\nPassword: ", "%s\nPassword [echo on]: "}; - char challenge[OPIE_CHALLENGE_MAX]; + char challenge[OPIE_CHALLENGE_MAX + 1]; char principal[OPIE_PRINCIPAL_MAX]; const char *user; char *response; diff --git a/lib/libpam/modules/pam_ssh/Makefile b/lib/libpam/modules/pam_ssh/Makefile index 886610a..5643f32 100644 --- a/lib/libpam/modules/pam_ssh/Makefile +++ b/lib/libpam/modules/pam_ssh/Makefile @@ -14,7 +14,7 @@ WARNS?= 3 CFLAGS+= -I${SSHDIR} -include ssh_namespace.h DPADD= ${LIBSSH} ${LIBCRYPTO} ${LIBCRYPT} -LDADD= -lssh -lcrypto -lcrypt +LDADD= ${LDSSH} -lcrypto -lcrypt USEPRIVATELIB= ssh .include <bsd.lib.mk> |
