Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 613231 Details for
Bug 815127
Changes to Openswan to support PAM authentication
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
Feasibility test patch to Openswan
openswan-2.6.38.diff (text/plain), 3.56 KB, created by
Philippe Vouters
on 2012-09-15 10:45:55 UTC
(
hide
)
Description:
Feasibility test patch to Openswan
Filename:
MIME Type:
Creator:
Philippe Vouters
Created:
2012-09-15 10:45:55 UTC
Size:
3.56 KB
patch
obsolete
>diff -Naur openswan-2.6.38/Makefile.inc ../openswan-2.6.38/Makefile.inc >--- openswan-2.6.38/Makefile.inc 2012-03-23 22:33:43.000000000 +0100 >+++ ../openswan-2.6.38/Makefile.inc 2012-09-15 11:56:22.000000000 +0200 >@@ -361,7 +361,7 @@ > USE_XAUTHPAM?=false > > ifeq ($(USE_XAUTHPAM),true) >-HAVE_THREADS=true >+#HAVE_THREADS=true > endif > > # Support for integrity check for binaries (requires USE_LIBNSS and fipscheck-devel) >diff -Naur openswan-2.6.38/contrib/pam.d/pluto ../openswan-2.6.38/contrib/pam.d/pluto >--- openswan-2.6.38/contrib/pam.d/pluto 2012-03-23 22:33:43.000000000 +0100 >+++ ../openswan-2.6.38/contrib/pam.d/pluto 2012-09-14 19:33:01.000000000 +0200 >@@ -1,8 +1,15 @@ >-auth required /lib/security/pam_securetty.so >-auth required /lib/security/pam_stack.so service=system-auth >-auth required /lib/security/pam_nologin.so >-auth required /lib/security/pam_env.so debug >-account required /lib/security/pam_stack.so service=system-auth >-password required /lib/security/pam_stack.so service=system-auth >-session required /lib/security/pam_stack.so service=system-auth >- >+#auth required /lib/security/pam_securetty.so >+#auth required /lib/security/pam_stack.so service=system-auth >+#auth required /lib/security/pam_nologin.so >+#auth required /lib/security/pam_env.so debug >+#account required /lib/security/pam_stack.so service=system-auth >+#password required /lib/security/pam_stack.so service=system-auth >+#session required /lib/security/pam_stack.so service=system-auth >+#%PAM-1.0 >+auth include system-auth >+account required pam_nologin.so >+account include system-auth >+password include system-auth >+session optional pam_keyinit.so force revoke >+session include system-auth >+session required pam_loginuid.so >diff -Naur openswan-2.6.38/programs/pluto/xauth.c ../openswan-2.6.38/programs/pluto/xauth.c >--- openswan-2.6.38/programs/pluto/xauth.c 2012-03-23 22:33:43.000000000 +0100 >+++ ../openswan-2.6.38/programs/pluto/xauth.c 2012-09-14 19:52:52.000000000 +0200 >@@ -900,11 +900,11 @@ > switch (msgm[count]->msg_style) { > case PAM_PROMPT_ECHO_OFF: > string = alloc_bytes(arg->password.len+1, "pam_echo_off"); >- strcpy(string,arg->password.ptr); >+ strcpy(string,(const char *)arg->password.ptr); > break; > case PAM_PROMPT_ECHO_ON: > string = alloc_bytes(arg->name.len+1,"pam_echo_on"); >- strcpy(string,arg->name.ptr); >+ strcpy(string,(const char *)arg->name.ptr); > break; > } > >@@ -935,10 +935,12 @@ > struct thread_arg *arg = varg; > pam_handle_t *pamh=NULL; > int retval; >+ struct pam_conv conv; > >+ conv.conv = xauth_pam_conv; > conv.appdata_ptr = varg; > >- retval = pam_start("pluto", arg->name.ptr, &conv, &pamh); >+ retval = pam_start("pluto", (const char *)arg->name.ptr, &conv, &pamh); > > /* Send the remote host address to PAM */ > if (retval == PAM_SUCCESS) >@@ -1146,24 +1148,30 @@ > , chunk_t password > , chunk_t connname) > { >+/* > #ifdef HAVE_THREADS > pthread_attr_t pattr; > pthread_t tid; > #endif >+*/ > struct thread_arg *arg; > arg = alloc_thing(struct thread_arg,"ThreadArg"); > arg->st = st; > arg->password = password; > arg->name = name; > arg->connname = connname; >+/* > #ifdef HAVE_THREADS > pthread_attr_init(&pattr); > pthread_attr_setdetachstate(&pattr,PTHREAD_CREATE_DETACHED); > pthread_create(&tid,&pattr,do_authentication, (void*) arg); > pthread_attr_destroy(&pattr); > #else >+*/ > do_authentication(arg); >+/* > #endif >+*/ > return 0; > } >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=613231">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 815127
:
584067
| 613231 |
613361
|
615286
|
621003