Hi, On Sat, Sep 17, 2022 at 04:08:18PM +0200, Antonio Quartulli wrote: > From: Michael Karvan <[email protected]> > > Signed-off-by: Michael Karvan <[email protected]> > --- > src/plugins/auth-pam/auth-pam.c | 9 ++++++++- > 1 file changed, 8 insertions(+), 1 deletion(-) > > diff --git a/src/plugins/auth-pam/auth-pam.c b/src/plugins/auth-pam/auth-pam.c > index 70339445..9f37c8c0 100644 > --- a/src/plugins/auth-pam/auth-pam.c > +++ b/src/plugins/auth-pam/auth-pam.c > @@ -746,8 +746,15 @@ my_conv(int n, const struct pam_message **msg_array, > } > break; > > - case PAM_ERROR_MSG: > case PAM_TEXT_INFO: > + aresp[i].resp = strdup(up->common_name); > + if (aresp[i].resp == NULL) > + { > + ret = PAM_CONV_ERR; > + } > + break; > +
Not sure I understand the intricaticies of PAM enough, but this seems
hackish and not really correct to me.
Linux' "man pam_conv" suggests that PAM_TEXT_INFO is to "Display some text",
but just having the common_name there only makes sense if you have a PAM
module that actually knows what to do with it, and displays this in a
nice way. No?
Can you elaborate more on this patch, how it is interacting with specific
PAM modules, and what is happening where?
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany [email protected]
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/openvpn-devel
