- (djm) Add new UsePAM configuration directive to allow runtime control
over usage of PAM. This allows non-root use of sshd when built with
--with-pam
diff --git a/servconf.c b/servconf.c
index 8e28390..fbdc4d8 100644
--- a/servconf.c
+++ b/servconf.c
@@ -59,8 +59,10 @@
{
memset(options, 0, sizeof(*options));
+#ifdef USE_PAM
/* Portable-specific options */
- options->pam_authentication_via_kbd_int = -1;
+ options->use_pam = -1;
+#endif
/* Standard Options */
options->num_ports = 0;
@@ -136,8 +138,10 @@
fill_default_server_options(ServerOptions *options)
{
/* Portable-specific options */
- if (options->pam_authentication_via_kbd_int == -1)
- options->pam_authentication_via_kbd_int = 0;
+#ifdef USE_PAM
+ if (options->use_pam == -1)
+ options->use_pam = 1;
+#endif
/* Standard Options */
if (options->protocol == SSH_PROTO_UNKNOWN)
@@ -279,7 +283,7 @@
typedef enum {
sBadOption, /* == unknown option */
/* Portable-specific options */
- sPAMAuthenticationViaKbdInt,
+ sUsePAM,
/* Standard Options */
sPort, sHostKeyFile, sServerKeyBits, sLoginGraceTime, sKeyRegenerationTime,
sPermitRootLogin, sLogFacility, sLogLevel,
@@ -315,7 +319,7 @@
ServerOpCodes opcode;
} keywords[] = {
/* Portable-specific options */
- { "PAMAuthenticationViaKbdInt", sPAMAuthenticationViaKbdInt },
+ { "UsePAM", sUsePAM },
/* Standard Options */
{ "port", sPort },
{ "hostkey", sHostKeyFile },
@@ -462,8 +466,8 @@
opcode = parse_token(arg, filename, linenum);
switch (opcode) {
/* Portable-specific options */
- case sPAMAuthenticationViaKbdInt:
- intptr = &options->pam_authentication_via_kbd_int;
+ case sUsePAM:
+ intptr = &options->use_pam;
goto parse_flag;
/* Standard Options */