Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:42.1
openssh
openssh-6.6p1-pam_privsep_dont_resend_username....
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File openssh-6.6p1-pam_privsep_dont_resend_username.patch of Package openssh
# HG changeset patch # Parent 1b03a5c443175b105364bd35540f629fd94bf28f Don't resend username to PAM - it already has it and sending again messes up the previous one and then the whole login process. CVE-2015-6563 bsc#943010 diff --git a/openssh-6.6p1/monitor.c b/openssh-6.6p1/monitor.c --- a/openssh-6.6p1/monitor.c +++ b/openssh-6.6p1/monitor.c @@ -1068,19 +1068,17 @@ mm_answer_pam_account(int sock, Buffer * } static void *sshpam_ctxt, *sshpam_authok; extern KbdintDevice sshpam_device; int mm_answer_pam_init_ctx(int sock, Buffer *m) { - debug3("%s", __func__); - authctxt->user = buffer_get_string(m, NULL); sshpam_ctxt = (sshpam_device.init_ctx)(authctxt); sshpam_authok = NULL; buffer_clear(m); if (sshpam_ctxt != NULL) { monitor_permit(mon_dispatch, MONITOR_REQ_PAM_FREE_CTX, 1); buffer_put_int(m, 1); } else { buffer_put_int(m, 0); diff --git a/openssh-6.6p1/monitor_wrap.c b/openssh-6.6p1/monitor_wrap.c --- a/openssh-6.6p1/monitor_wrap.c +++ b/openssh-6.6p1/monitor_wrap.c @@ -831,17 +831,16 @@ mm_do_pam_account(void) void * mm_sshpam_init_ctx(Authctxt *authctxt) { Buffer m; int success; debug3("%s", __func__); buffer_init(&m); - buffer_put_cstring(&m, authctxt->user); mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_INIT_CTX, &m); debug3("%s: waiting for MONITOR_ANS_PAM_INIT_CTX", __func__); mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PAM_INIT_CTX, &m); success = buffer_get_int(&m); if (success == 0) { debug3("%s: pam_init_ctx failed", __func__); buffer_free(&m); return (NULL);
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor