All, I am having a problem setting password from the http application. It is getting reset to NULL inside pam_authenticate somehow. The only place I can see password is set to NULL is in the function
 void _pam_sanitize(pam_handle_t *pamh) in pam_misc.c file. I've also commented out the invocation of _pam_sanitize from pam api. Also I have syslog trace in the pam_sanitize function. However, for some reason I am losing the password inside pam_authenticate inspite of all the changes and also I don't see any trace from the function pam_sanitize. If anybody has any idea about this, please reply.

                            retval = pam_start("http", auth_userpass, &conv, &pamh);

                            syslog(LOG_INFO, "before pam_set_item..........................\n");
                            pam_set_item(pamh, PAM_AUTHTOK, pwd);
       
                            if (retval == PAM_SUCCESS) {
                                retval = pam_authenticate(pamh, 0);    /* is user really user? */
                            }
                            else {
                                 syslog(LOG_INFO, "--Not authenticated - pam start failed\n");
                            }

                           /* This is where we have been authorized or not. */

                            if (retval == PAM_SUCCESS) {
                                 syslog(LOG_INFO, "Authentication successful for %s from %s\n", auth_userpass, req->remote_ip_addr);

                                    strncpy(req->user, auth_userpass, 15);
                                req->user[15] = '\0';
                               if (pam_end(pamh,retval) != PAM_SUCCESS) {     /* close Linux-PAM */
                                      pamh = NULL;
                               syslog(LOG_ERR, "http: failed to release pam authenticator\n");                                    
                            }
                                return 1; 
                           }

Thanks,

N

 

 

- 
List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html

Reply via email to