All, I am having a problem setting password from the http application. It is getting reset to NULL inside pam_authenticate somehow. The only place I can see password is set to NULL is in the function *void _pam_sanitize(pam_handle_t *pamh)* in pam_misc.c file. I've also commented out the invocation of _pam_sanitize from pam api. Also I have syslog trace in the *pam_sanitize *function. However, for some reason I am losing the password inside pam_authenticate inspite of all the changes and also I don't see any trace from the function *pam_sanitize. *If anybody has any idea about this, please reply. retval = pam_start("http", auth_userpass, &conv, &pamh); syslog(LOG_INFO, "before pam_set_item..........................\n"); pam_set_item(pamh, PAM_AUTHTOK, pwd); if (retval == PAM_SUCCESS) { retval = pam_authenticate(pamh, 0); /* is user really user? */ } else { syslog(LOG_INFO, "--Not authenticated - pam start failed\n"); } /* This is where we have been authorized or not. */ if (retval == PAM_SUCCESS) { syslog(LOG_INFO, "Authentication successful for %s from %s\n", auth_userpass, req->remote_ip_addr); strncpy(req->user, auth_userpass, 15); req->user[15] = '\0'; if (pam_end(pamh,retval) != PAM_SUCCESS) { /* close Linux-PAM */ pamh = NULL; syslog(LOG_ERR, "http: failed to release pam authenticator\n"); } return 1; } Thanks, N
participants (1)
-
Nagaraj Venkatapuram