pam support in sasl2 (solved)
Matt Selsky
selsky at columbia.edu
Fri Dec 13 15:10:27 EST 2002
I found the problem with doing PAM auth against saslauthd. My local pam
authentication module passed a NULL appdata_ptr to the conversation
function. We have fixed our pam to pass this pointer correctly and now
PAM auth works :-) Sorry for all the trouble.
I looked through the old sasl 1.5.28 code which we were using before and
it checked for appdata_ptr being null in lib/checkpw.c around line 630:
struct sasl_pam_data *pd = (struct sasl_pam_data *) appdata_ptr;
if (pd == NULL) {
/* solaris bug? */
return PAM_CONV_ERR;
}
This check wasn't in saslauthd/auth_pam.c Perhaps we can add a check
for a null pointer to avoid saslauthd core dumping because of sucky PAM
modules.
--- auth_pam.c.orig Mon Mar 11 09:52:59 2002
+++ auth_pam.c Fri Dec 13 15:09:19 2002
@@ -92,6 +92,9 @@
int rc; /* return code holder */
/* END VARIABLES */
+ if (appdata_ptr == NULL)
+ return PAM_CONV_ERR;
+
my_appdata = appdata_ptr;
my_resp = malloc(sizeof(struct pam_response) * num_msg);
More information about the Info-cyrus
mailing list