Hi,
On Sat, Dec 16, 2017 at 1:57 PM, Michael Karvan
<michael.kar...@gmail.com> wrote:
> ---
> src/plugins/auth-pam/auth-pam.c | 9 ++++++++-
> 1 file changed, 8 insertions(+), 1 deletion(-)
>
> diff --git a/src/plugins/auth-pam/auth-pam.c b/src/plugins/auth-pam/auth-pam.c
> index ae514d7..c64e14b 100644
> --- a/src/plugins/auth-pam/auth-pam.c
> +++ b/src/plugins/auth-pam/auth-pam.c
> @@ -637,9 +637,16 @@ my_conv(int n, const struct pam_message **msg_array,
> ret = PAM_CONV_ERR;
> }
> break;
> +
> + case PAM_TEXT_INFO:
> + aresp[i].resp = strdup(up->common_name);
> + if (aresp[i].resp == NULL)
> + {
> + ret = PAM_CONV_ERR;
> + }
> + break;
The purpose of PAM_TEXT_INFO is for the module to send an info message
to the user. Using it to send the common name back to the module is
hackish. Yes, it can work in a custom module but its not right to
interpret every
PAM_TEXT_INFO msg as a request for common name.
Why not prompt for it just like username and have the plugin return it?
Selva
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Openvpn-devel mailing list
Openvpn-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/openvpn-devel
