pam support in sasl2 (solved)

Matt Selsky selsky at
Fri Dec 13 15:10:27 EST 2002

I found the problem with doing PAM auth against saslauthd.  My local pam
authentication module passed a NULL appdata_ptr to the conversation
function.  We have fixed our pam to pass this pointer correctly and now 
PAM auth works :-)  Sorry for all the trouble.

I looked through the old sasl 1.5.28 code which we were using before and 
it checked for appdata_ptr being null in lib/checkpw.c around line 630:

    struct sasl_pam_data *pd = (struct sasl_pam_data *) appdata_ptr;

    if (pd == NULL) {
        /* solaris bug? */
        return PAM_CONV_ERR;

This check wasn't in saslauthd/auth_pam.c  Perhaps we can add a check 
for a null pointer to avoid saslauthd core dumping because of sucky PAM 

--- auth_pam.c.orig	Mon Mar 11 09:52:59 2002
+++ auth_pam.c	Fri Dec 13 15:09:19 2002
@@ -92,6 +92,9 @@
     int rc;				/* return code holder */
     /* END VARIABLES */
+    if (appdata_ptr == NULL)
+	return PAM_CONV_ERR;
     my_appdata = appdata_ptr;
     my_resp = malloc(sizeof(struct pam_response) * num_msg);

More information about the Info-cyrus mailing list