Bug 22614

Summary: pam_ssh dumps core
Product: Base System Reporter: SANETO Takanori <sanewo>
Component: binAssignee: bill fumerola <billf>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: Unspecified   
Hardware: Any   
OS: Any   

Description SANETO Takanori 2000-11-05 09:40:00 UTC 
Whan pam_ssh.so is invoked (somehow) by xdm, it will dump core because of incorrect argument
passing in pam_sm_open_session for ssh_add_identity (as compiler warns as follows).

cc -O -pipe -Wall -I/usr/src/lib/libpam/modules/pam_ssh/../../../../crypto/openssh -c /usr/src/lib/libpam/modules/pam_ssh/../../../../crypto/openssh/pam_ssh/pam_ssh.c -o pam_ssh.o
/usr/src/lib/libpam/modules/pam_ssh/../../../../crypto/openssh/pam_ssh/pam_ssh.c: In function `pam_sm_open_session':
/usr/src/lib/libpam/modules/pam_ssh/../../../../crypto/openssh/pam_ssh/pam_ssh.c:446: warning: passing arg 2 of `ssh_add_identity' from incompatible pointer type

Fix: Following patch will fix the problem. (both -stable and -current)



BTW, I found that ports/security/openssh/files/pam_ssh.c is already fixed this way.--YRpllbLdpyIwVLmXtNNlbESWXbVzyB0KoHcavlkK9U5KxW28
Content-Type: text/plain; name="file.diff"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment; filename="file.diff"

Index: crypto/openssh/pam_ssh/pam_ssh.c
===================================================================
RCS file: /export/cvsup/cvs/src/crypto/openssh/pam_ssh/pam_ssh.c,v
retrieving revision 1.3.2.2
diff -u -r1.3.2.2 pam_ssh.c
--- crypto/openssh/pam_ssh/pam_ssh.c    2000/10/28 23:01:02     1.3.2.2
+++ crypto/openssh/pam_ssh/pam_ssh.c    2000/11/05 07:24:45
@@ -443,7 +443,7 @@
                env_destroy(ssh_env);
                return PAM_SESSION_ERR;
        }
-       retval = ssh_add_identity(ac, key.rsa, comment);
+       retval = ssh_add_identity(ac, &key, comment);
        ssh_close_authentication_connection(ac);
        env_swap(ssh_env, 0);
        return retval ? PAM_SUCCESS : PAM_SESSION_ERR;
How-To-Repeat: 
After applying patch which I sent as another PR ("fix for xdm to cope with PAM") and
modifying /etc/pam.conf as follows:

xdm	account	required	pam_unix.so			try_first_pass
xdm	auth	requisite	pam_cleartext_pass_ok.so
xdm	auth	sufficient	pam_ssh.so			try_first_pass
xdm	auth	required	pam_unix.so
xdm	password required	pam_deny.so
xdm	session	optional	pam_ssh.so
xdm	session	required	pam_deny.so

logging in with xdm cause immediate core dump.
Comment 1 bill fumerola freebsd_committer freebsd_triage 2000-11-25 01:40:59 UTC 
Responsible Changed
From-To: freebsd-bugs->green

green is investigating this one
Comment 2 bill fumerola freebsd_committer freebsd_triage 2000-11-25 01:42:06 UTC 
Responsible Changed
From-To: green->billf

I'm committing this one with green's approval, rather.
Comment 3 bill fumerola freebsd_committer freebsd_triage 2004-03-31 10:58:45 UTC 
State Changed
From-To: open->closed

overcome by events.