- Reorder PAM initialisation so it does not mess up lastlog. Reported
by Andre Lucas <andre.lucas@dial.pipex.com>
diff --git a/ChangeLog b/ChangeLog
index f09fa8a..3ce0978 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,6 +1,8 @@
20000125
- Fix NULL pointer dereference in login.c. Fix from Andre Lucas
<andre.lucas@dial.pipex.com>
+ - Reorder PAM initialisation so it does not mess up lastlog. Reported
+ by Andre Lucas <andre.lucas@dial.pipex.com>
20000124
- Pick up version 1.2.2 from OpenBSD CVS (no changes, just version number
diff --git a/sshd.c b/sshd.c
index a5cbbfc..f122797 100644
--- a/sshd.c
+++ b/sshd.c
@@ -1740,12 +1740,6 @@
/* Indicate that we now have a pty. */
have_pty = 1;
-
-#ifdef USE_PAM
- /* do the pam_open_session since we have the pty */
- do_pam_session(pw->pw_name, ttyname);
-#endif /* USE_PAM */
-
break;
case SSH_CMSG_X11_REQUEST_FORWARDING:
@@ -1821,9 +1815,6 @@
packet_set_interactive(have_pty || display != NULL,
options.keepalives);
-#ifdef USE_PAM
- do_pam_setcred();
-#endif /* USE_PAM */
if (forced_command != NULL)
goto do_forced_command;
debug("Forking shell.");
@@ -1839,9 +1830,6 @@
packet_set_interactive(have_pty || display != NULL,
options.keepalives);
-#ifdef USE_PAM
- do_pam_setcred();
-#endif /* USE_PAM */
if (forced_command != NULL)
goto do_forced_command;
/* Get command from the packet. */
@@ -1929,6 +1917,10 @@
setproctitle("%s@notty", pw->pw_name);
+#ifdef USE_PAM
+ do_pam_setcred();
+#endif /* USE_PAM */
+
/* Fork the child. */
if ((pid = fork()) == 0) {
/* Child. Reinitialize the log since the pid has changed. */
@@ -2067,6 +2059,11 @@
}
setproctitle("%s@%s", pw->pw_name, strrchr(ttyname, '/') + 1);
+#ifdef USE_PAM
+ do_pam_session(pw->pw_name, ttyname);
+ do_pam_setcred();
+#endif /* USE_PAM */
+
/* Fork the child. */
if ((pid = fork()) == 0) {
pid = getpid();