setting password from an application

[Nagaraj Venkatapuram]

All, I am having a problem setting password from the http application. It is
getting reset to NULL inside pam_authenticate somehow. The only place I can
see password is set to NULL is in the function
 *void _pam_sanitize(pam_handle_t *pamh)* in pam_misc.c file. I've also
commented out the invocation of _pam_sanitize from pam api. Also I have
syslog trace in the *pam_sanitize *function. However, for some reason I am
losing the password inside pam_authenticate inspite of all the changes and
also I don't see any trace from the function *pam_sanitize. *If anybody has
any idea about this, please reply.

retval = pam_start("http", auth_userpass, &conv, &pamh);

syslog(LOG_INFO, "before pam_set_item..........................\n");
pam_set_item(pamh, PAM_AUTHTOK, pwd);

if (retval == PAM_SUCCESS) {
retval = pam_authenticate(pamh, 0); /* is user really user? */
}
else {
syslog(LOG_INFO, "--Not authenticated - pam start failed\n");
}

/* This is where we have been authorized or not. */

if (retval == PAM_SUCCESS) {
syslog(LOG_INFO, "Authentication successful for %s from %s\n",
auth_userpass, req->remote_ip_addr);

strncpy(req->user, auth_userpass, 15);
req->user[15] = '\0';
if (pam_end(pamh,retval) != PAM_SUCCESS) { /* close Linux-PAM */
pamh = NULL;
syslog(LOG_ERR, "http: failed to release pam authenticator\n");
}
return 1;
}

Thanks,

N
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freeradius.org/pipermail/freeradius-users/attachments/20050929/a92a972b/attachment.html>