File openssh-6.6p1-pam_privsep_dont_resend_username.patch of Package openssh.10219

# HG changeset patch
# Parent  b2bc5bccdfeade69a33df93d2b66b09577fd4aa6
Don't resend username to PAM - it already has it and sending again messes up
the previous one and then the whole login process.

CVE-2015-6563
bsc#943010

diff --git a/openssh-6.6p1/monitor.c b/openssh-6.6p1/monitor.c
--- a/openssh-6.6p1/monitor.c
+++ b/openssh-6.6p1/monitor.c
@@ -1068,19 +1068,17 @@ mm_answer_pam_account(int sock, Buffer *
 }
 
 static void *sshpam_ctxt, *sshpam_authok;
 extern KbdintDevice sshpam_device;
 
 int
 mm_answer_pam_init_ctx(int sock, Buffer *m)
 {
-
 	debug3("%s", __func__);
-	authctxt->user = buffer_get_string(m, NULL);
 	sshpam_ctxt = (sshpam_device.init_ctx)(authctxt);
 	sshpam_authok = NULL;
 	buffer_clear(m);
 	if (sshpam_ctxt != NULL) {
 		monitor_permit(mon_dispatch, MONITOR_REQ_PAM_FREE_CTX, 1);
 		buffer_put_int(m, 1);
 	} else {
 		buffer_put_int(m, 0);
diff --git a/openssh-6.6p1/monitor_wrap.c b/openssh-6.6p1/monitor_wrap.c
--- a/openssh-6.6p1/monitor_wrap.c
+++ b/openssh-6.6p1/monitor_wrap.c
@@ -831,17 +831,16 @@ mm_do_pam_account(void)
 void *
 mm_sshpam_init_ctx(Authctxt *authctxt)
 {
 	Buffer m;
 	int success;
 
 	debug3("%s", __func__);
 	buffer_init(&m);
-	buffer_put_cstring(&m, authctxt->user);
 	mm_request_send(pmonitor->m_recvfd, MONITOR_REQ_PAM_INIT_CTX, &m);
 	debug3("%s: waiting for MONITOR_ANS_PAM_INIT_CTX", __func__);
 	mm_request_receive_expect(pmonitor->m_recvfd, MONITOR_ANS_PAM_INIT_CTX, &m);
 	success = buffer_get_int(&m);
 	if (success == 0) {
 		debug3("%s: pam_init_ctx failed", __func__);
 		buffer_free(&m);
 		return (NULL);
openSUSE Build Service is sponsored by