Red Hat Bugzilla – Bug 110453
OpenSSH calls pam_end() incorrectly when it should return PAM_CONV_ERR
Last modified: 2007-11-30 17:06:59 EST
From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; .NET
CLR 1.0.3705; .NET CLR 1.1.4322)
Description of problem:
For a full description but basically PAM is exited uncleanly which
could lead to things like failure to scrub memory or maybe other
things with unusual pam modules.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. Install otpw and run via OpenSSH/PAM
2. or write a simple test script and test pam module and run them.
I'm sorry but this bug cannot be easily fixed for RHEL 3 (it is fixed in RHEL 4).
The upstream patch is applicable only to the openssh-3.7p1 and the patch for
openssh-3.6.1p2 would be very invasive with a high risk of regressing other