/*
* This replaces auth-pam.c
*/
void
start_pam(Authctxt *authctxt)
{
if (!options.use_pam)
fatal("PAM: initialisation requested when UsePAM=no");
if (sshpam_init(authctxt) == -1)
fatal("PAM: initialisation failed");
}
static void *
sshpam_init_ctx(Authctxt *authctxt)
{
struct pam_ctxt *ctxt;
int socks[2];
debug3("PAM: %s entering", __func__);
/*
* Refuse to start if we don't have PAM enabled or do_pam_account
* has previously failed.
*/
if (!options.use_pam || sshpam_account_status == 0)
return NULL;
/* Initialize PAM */
if (sshpam_init(authctxt) == -1) {
error("PAM: initialization failed");
return (NULL);
}
expose_authinfo(__func__);
ctxt = xcalloc(1, sizeof *ctxt);
/* Start the authentication thread */
if (socketpair(AF_UNIX, SOCK_STREAM, PF_UNSPEC, socks) == -1) {
error("PAM: failed create sockets: %s", strerror(errno));
free(ctxt);
return (NULL);
}
ctxt->pam_psock = socks[0];
ctxt->pam_csock = socks[1];
if (pthread_create(&ctxt->pam_thread, NULL, sshpam_thread, ctxt) == -1) {
error("PAM: failed to start authentication thread: %s",
strerror(errno));
close(socks[0]);
close(socks[1]);
free(ctxt);
return (NULL);
}
cleanup_ctxt = ctxt;
return (ctxt);
}
