Bug#802212: Patch

2022-01-09 Thread Jerome BENOIT 

Dear Chad, thanks for your report and your patches.
The issue will be fixed in package 2.3+ds-5.
Thanks for your patience, Jerome

On Sun, 27 Dec 2015 12:23:14 -0800 Chad Wallace  
wrote:


Here's another version of that patch...  with a free(dotdir) after
we're done with it.


--

C. Chad Wallace, B.Sc.
The Lodging Company
http://www.lodgingcompany.com/
OpenPGP Public Key ID: 0x262208A0



--
Jerome BENOIT | calculus+at-rezozer^dot*net
https://qa.debian.org/developer.php?login=calcu...@rezozer.net
AE28 AE15 710D FF1D 87E5  A762 3F92 19A6 7F36 C68B



OpenPGP_signature
Description: OpenPGP digital signature

Bug#802212: Patch

2015-12-27 Thread Chad Wallace 

Here's another version of that patch...  with a free(dotdir) after
we're done with it.


-- 

C. Chad Wallace, B.Sc.
The Lodging Company
http://www.lodgingcompany.com/
OpenPGP Public Key ID: 0x262208A0

Description: avoid NO_MODULE_DATA error
Author: Chad Wallace 
Last-Update: 2015-12-27

--- a/pam_ssh.c	2015-12-27 12:08:42.851136447 -0800
+++ b/pam_ssh.c	2015-12-27 12:12:47.619240920 -0800
@@ -1089,6 +1089,7 @@
 	const struct passwd *pwent;	/* user's passwd entry */
 	struct stat sb;			/* to check st_nlink */
 	const char *user;   /* username */
+	char *dotdir;		/* .ssh dir name */
 
 	pam_ssh_log(LOG_DEBUG, "close session");
 
@@ -1108,6 +1109,21 @@
 		return retval;
 	}
 
+	/* handle the per-user configuration directory and check its existence */
+
+	if (asprintf(, "%s/%s", pwent->pw_dir, SSH_DIR) == -1) {
+		pam_ssh_log(LOG_CRIT, "out of memory");
+		openpam_restore_cred(pamh);
+		return PAM_SERVICE_ERR;
+	}
+	if ((access(dotdir,F_OK)) == -1) {
+		pam_ssh_log(LOG_DEBUG, "inexistent configuration directory");
+		free(dotdir);
+		openpam_restore_cred(pamh);
+		return PAM_SUCCESS;
+	}
+	free(dotdir);
+
 	if (pam_get_data(pamh, "ssh_agent_env_session",
 	(const void **)(void *)_file) == PAM_SUCCESS && env_file)
 		unlink(env_file);

Bug#802212: Patch

2015-12-27 Thread Chad Wallace 
Hello,

I've created a patch that seems to fix this for me.  All I did was copy
the code that checks for ".ssh" from pam_sm_open_session() into
pam_sm_close_session() so it can just not do anything, and return 
PAM_SUCCESS.

I don't know if that's the right solution, but it seems appropriate to
me.  I've only tested that it works for me:  it avoids printing "su: No
module specific data is present" when I run /etc/cron.daily/dwww 
and logging in remotely using my SSH key still works.

Thanks!

-- 

C. Chad Wallace, B.Sc.
The Lodging Company
http://www.lodgingcompany.com/
OpenPGP Public Key ID: 0x262208A0

Description: avoid NO_MODULE_DATA error
Author: Chad Wallace 
Last-Update: 2015-12-27

--- a/pam_ssh.c	2015-12-27 10:54:47.985792204 -0800
+++ b/pam_ssh.c	2015-12-27 10:54:08.231097492 -0800
@@ -1089,6 +1089,7 @@
 	const struct passwd *pwent;	/* user's passwd entry */
 	struct stat sb;			/* to check st_nlink */
 	const char *user;   /* username */
+	char *dotdir;		/* .ssh dir name */
 
 	pam_ssh_log(LOG_DEBUG, "close session");
 
@@ -1108,6 +1109,20 @@
 		return retval;
 	}
 
+	/* handle the per-user configuration directory and check its existence */
+
+	if (asprintf(, "%s/%s", pwent->pw_dir, SSH_DIR) == -1) {
+		pam_ssh_log(LOG_CRIT, "out of memory");
+		openpam_restore_cred(pamh);
+		return PAM_SERVICE_ERR;
+	}
+	if ((access(dotdir,F_OK)) == -1) {
+		pam_ssh_log(LOG_DEBUG, "inexistent configuration directory");
+		free(dotdir);
+		openpam_restore_cred(pamh);
+		return PAM_SUCCESS;
+	}
+
 	if (pam_get_data(pamh, "ssh_agent_env_session",
 	(const void **)(void *)_file) == PAM_SUCCESS && env_file)
 		unlink(env_file);