--- src/auth.c.cve-2007-2165-fix_pam	2007-06-20 12:49:02.000000000 -0600
+++ src/auth.c	2007-06-20 12:50:50.000000000 -0600
@@ -429,6 +429,32 @@ int pr_auth_authenticate(pool *p, const 
 
   cmd = make_cmd(p, 2, name, pw);
 
+  /* First, check for the mod_auth_pam.c module.
+   *
+   * PAM is a bit of hack in this Auth API, because PAM only provides
+   * yes/no checks, and is not a source of user information.
+   */
+  m = pr_module_get("mod_auth_pam.c");
+  if (m) {
+    pr_log_debug(DEBUG4,
+      "using module 'mod_auth_pam.c' to authenticate user '%s'", name);
+
+    mr = dispatch_auth(cmd, "auth", &m);
+
+    if (MODRET_ISHANDLED(mr)) {
+      res = MODRET_HASDATA(mr) ? PR_AUTH_RFC2228_OK : PR_AUTH_OK;
+
+      if (cmd->tmp_pool) {
+        destroy_pool(cmd->tmp_pool);
+        cmd->tmp_pool = NULL;
+      }
+
+      return res;
+    }
+
+    m = NULL;
+  }
+
   if (auth_tab) {
 
     /* Fetch the specific module to be used for authenticating this user. */
@@ -466,6 +492,32 @@ int pr_auth_check(pool *p, const char *c
 
   cmd = make_cmd(p, 3, cpw, name, pw);
 
+  /* First, check for the mod_auth_pam.c module.  
+   *
+   * PAM is a bit of hack in this Auth API, because PAM only provides
+   * yes/no checks, and is not a source of user information.
+   */
+  m = pr_module_get("mod_auth_pam.c");
+  if (m) {
+    pr_log_debug(DEBUG4,
+      "using module 'mod_auth_pam.c' to authenticate user '%s'", name);
+
+    mr = dispatch_auth(cmd, "check", &m);
+
+    if (MODRET_ISHANDLED(mr)) {
+      res = MODRET_HASDATA(mr) ? PR_AUTH_RFC2228_OK : PR_AUTH_OK;
+
+      if (cmd->tmp_pool) {
+        destroy_pool(cmd->tmp_pool);
+        cmd->tmp_pool = NULL;
+      }
+
+      return res;
+    }
+
+    m = NULL;
+  }
+
   if (auth_tab) {
 
     /* Fetch the specific module to be used for authenticating this user. */