- (stevesk) [auth-pam.[ch] session.c] pam_getenvlist() must be
freed by the caller; add free_pam_environment() and use it.
diff --git a/ChangeLog b/ChangeLog
index 0bfeedd..b444df9 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -6,6 +6,8 @@
- (bal) [configure.ac] Missing ;; from cray patch.
- (bal) [monitor_mm.c openbsd-compat/xmmap.h] Move xmmap() defines
into it's own header.
+ - (stevesk) [auth-pam.[ch] session.c] pam_getenvlist() must be
+ freed by the caller; add free_pam_environment() and use it.
20020721
- (stevesk) [auth-pam.c] merge cosmetic changes from solar's
@@ -1417,4 +1419,4 @@
- (stevesk) entropy.c: typo in debug message
- (djm) ssh-keygen -i needs seeded RNG; report from markus@
-$Id: ChangeLog,v 1.2391 2002/07/23 00:03:33 mouring Exp $
+$Id: ChangeLog,v 1.2392 2002/07/23 00:44:07 stevesk Exp $
diff --git a/auth-pam.c b/auth-pam.c
index 79af58a..8e14982 100644
--- a/auth-pam.c
+++ b/auth-pam.c
@@ -38,7 +38,7 @@
extern int use_privsep;
-RCSID("$Id: auth-pam.c,v 1.51 2002/07/21 23:59:39 stevesk Exp $");
+RCSID("$Id: auth-pam.c,v 1.52 2002/07/23 00:44:07 stevesk Exp $");
#define NEW_AUTHTOK_MSG \
"Warning: Your password has expired, please change it now."
@@ -421,6 +421,16 @@
#endif /* HAVE_PAM_GETENVLIST */
}
+void free_pam_environment(char **env)
+{
+ int i;
+
+ if (env != NULL) {
+ for (i = 0; env[i] != NULL; i++)
+ xfree(env[i]);
+ }
+}
+
/* Print any messages that have been generated during authentication */
/* or account checking to stderr */
void print_pam_messages(void)
diff --git a/auth-pam.h b/auth-pam.h
index 215e752..7881b6b 100644
--- a/auth-pam.h
+++ b/auth-pam.h
@@ -1,4 +1,4 @@
-/* $Id: auth-pam.h,v 1.15 2002/07/21 23:59:39 stevesk Exp $ */
+/* $Id: auth-pam.h,v 1.16 2002/07/23 00:44:07 stevesk Exp $ */
/*
* Copyright (c) 2000 Damien Miller. All rights reserved.
@@ -35,6 +35,7 @@
void finish_pam(void);
int auth_pam_password(Authctxt *authctxt, const char *password);
char **fetch_pam_environment(void);
+void free_pam_environment(char **env);
int do_pam_authenticate(int flags);
int do_pam_account(char *username, char *remote_user);
void do_pam_session(char *username, const char *ttyname);
diff --git a/session.c b/session.c
index 5fb1ace..3c759e4 100644
--- a/session.c
+++ b/session.c
@@ -1042,8 +1042,17 @@
s->authctxt->krb5_ticket_file);
#endif
#ifdef USE_PAM
- /* Pull in any environment variables that may have been set by PAM. */
- copy_environment(fetch_pam_environment(), &env, &envsize);
+ /*
+ * Pull in any environment variables that may have
+ * been set by PAM.
+ */
+ {
+ char **p;
+
+ p = fetch_pam_environment();
+ copy_environment(p, &env, &envsize);
+ free_pam_environment(p);
+ }
#endif /* USE_PAM */
if (auth_sock_name != NULL)