Package: courier-authlib
Version: 0.63.0-4
Severity: normal
Note that I don't use Courier myself. I found this bug while
investigating a problem reported against libpam-krb5.
authpam.c makes for rather surreal reading. There's a large comment
that explains a complex and thorough philosophy for how the PAM code
is supposed to work, but then all the code that implements that is
removed with #if 0 and the actual code does something much simpler.
Unfortunately, while the comment and the other code was written by
someone who understands PAM library issues and complexity, the code
that's actually run never calls pam_end. This means that any external
resources allocated by the PAM module, such as the Kerberos ticket
cache created by pam-krb5, are never released.
The #if 0 code does the right thing, but as long as the code works the
way it does now, a call to:
pam_end(pamh, retval);
needs to be inserted after the call to dopam() in the p == 0 block.
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 3.1.0-1-686-pae (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages courier-authlib depends on:
ii expect <none>
ii libc6 2.13-27
ii libgdbm3 1.8.3-10
ii libltdl7 2.4.2-1
ii libpam0g 1.1.3-7
courier-authlib recommends no packages.
courier-authlib suggests no packages.
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
