Hi,
On Sat, Sep 17, 2022 at 04:08:18PM +0200, Antonio Quartulli wrote:
> From: Michael Karvan <michael.kar...@gmail.com>
>
> Signed-off-by: Michael Karvan <michael.kar...@gmail.com>
> ---
> src/plugins/auth-pam/auth-pam.c | 9 ++++++++-
> 1 file changed, 8 insertions(+), 1 deletion(-)
>
> diff --git a/src/plugins/auth-pam/auth-pam.c b/src/plugins/auth-pam/auth-pam.c
> index 70339445..9f37c8c0 100644
> --- a/src/plugins/auth-pam/auth-pam.c
> +++ b/src/plugins/auth-pam/auth-pam.c
> @@ -746,8 +746,15 @@ my_conv(int n, const struct pam_message **msg_array,
> }
> break;
>
> - case PAM_ERROR_MSG:
> case PAM_TEXT_INFO:
> + aresp[i].resp = strdup(up->common_name);
> + if (aresp[i].resp == NULL)
> + {
> + ret = PAM_CONV_ERR;
> + }
> + break;
> +
Not sure I understand the intricaticies of PAM enough, but this seems
hackish and not really correct to me.
Linux' "man pam_conv" suggests that PAM_TEXT_INFO is to "Display some text",
but just having the common_name there only makes sense if you have a PAM
module that actually knows what to do with it, and displays this in a
nice way. No?
Can you elaborate more on this patch, how it is interacting with specific
PAM modules, and what is happening where?
gert
--
"If was one thing all people took for granted, was conviction that if you
feed honest figures into a computer, honest figures come out. Never doubted
it myself till I met a computer with a sense of humor."
Robert A. Heinlein, The Moon is a Harsh Mistress
Gert Doering - Munich, Germany g...@greenie.muc.de
signature.asc
Description: PGP signature
_______________________________________________ Openvpn-devel mailing list Openvpn-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-devel
