summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDarren Tucker <dtucker@dtucker.net>2019-05-17 13:14:12 +1000
committerDarren Tucker <dtucker@dtucker.net>2019-05-17 13:14:12 +1000
commit606077ee1e77af5908431d003fb28461ef7be092 (patch)
treefb1d182fb9853804612e5b7e47609b9ee2f1503b
parent1ac98be8724c9789d770ddb8e7f0dbf1b55e05a0 (diff)
Add no-op implementation of pam_putenv.
Some platforms such as HP-UX do not have pam_putenv. Currently the calls are ifdef'ed out, but a new one was recently added. Remove the ifdefs and add a no-op implementation. bz#3008, ok djm.
-rw-r--r--auth-pam.c12
1 files changed, 8 insertions, 4 deletions
diff --git a/auth-pam.c b/auth-pam.c
index bde0a8f5..289d9f4f 100644
--- a/auth-pam.c
+++ b/auth-pam.c
@@ -266,6 +266,14 @@ pam_getenvlist(pam_handle_t *pamh)
}
#endif
+#ifndef HAVE_PAM_PUTENV
+static int
+pam_putenv(pam_handle_t *pamh, const char *name_value)
+{
+ return PAM_SUCCESS;
+}
+#endif /* HAVE_PAM_PUTENV */
+
/*
* Some platforms, notably Solaris, do not enforce password complexity
* rules during pam_chauthtok() if the real uid of the calling process
@@ -360,13 +368,11 @@ import_environments(struct sshbuf *b)
for (i = 0; i < num_env; i++) {
if ((r = sshbuf_get_cstring(b, &env, NULL)) != 0)
fatal("%s: buffer error: %s", __func__, ssh_err(r));
-#ifdef HAVE_PAM_PUTENV
/* Errors are not fatal here */
if ((r = pam_putenv(sshpam_handle, env)) != PAM_SUCCESS) {
error("PAM: pam_putenv: %s",
pam_strerror(sshpam_handle, r));
}
-#endif
/* XXX leak env? */
}
#endif
@@ -1205,7 +1211,6 @@ int
do_pam_putenv(char *name, char *value)
{
int ret = 1;
-#ifdef HAVE_PAM_PUTENV
char *compound;
size_t len;
@@ -1215,7 +1220,6 @@ do_pam_putenv(char *name, char *value)
snprintf(compound, len, "%s=%s", name, value);
ret = pam_putenv(sshpam_handle, compound);
free(compound);
-#endif
return (ret);
}