--- src/auth.c.cve-2007-2165-fix_pam 2007-06-20 12:49:02.000000000 -0600 +++ src/auth.c 2007-06-20 12:50:50.000000000 -0600 @@ -429,6 +429,32 @@ int pr_auth_authenticate(pool *p, const cmd = make_cmd(p, 2, name, pw); + /* First, check for the mod_auth_pam.c module. + * + * PAM is a bit of hack in this Auth API, because PAM only provides + * yes/no checks, and is not a source of user information. + */ + m = pr_module_get("mod_auth_pam.c"); + if (m) { + pr_log_debug(DEBUG4, + "using module 'mod_auth_pam.c' to authenticate user '%s'", name); + + mr = dispatch_auth(cmd, "auth", &m); + + if (MODRET_ISHANDLED(mr)) { + res = MODRET_HASDATA(mr) ? PR_AUTH_RFC2228_OK : PR_AUTH_OK; + + if (cmd->tmp_pool) { + destroy_pool(cmd->tmp_pool); + cmd->tmp_pool = NULL; + } + + return res; + } + + m = NULL; + } + if (auth_tab) { /* Fetch the specific module to be used for authenticating this user. */ @@ -466,6 +492,32 @@ int pr_auth_check(pool *p, const char *c cmd = make_cmd(p, 3, cpw, name, pw); + /* First, check for the mod_auth_pam.c module. + * + * PAM is a bit of hack in this Auth API, because PAM only provides + * yes/no checks, and is not a source of user information. + */ + m = pr_module_get("mod_auth_pam.c"); + if (m) { + pr_log_debug(DEBUG4, + "using module 'mod_auth_pam.c' to authenticate user '%s'", name); + + mr = dispatch_auth(cmd, "check", &m); + + if (MODRET_ISHANDLED(mr)) { + res = MODRET_HASDATA(mr) ? PR_AUTH_RFC2228_OK : PR_AUTH_OK; + + if (cmd->tmp_pool) { + destroy_pool(cmd->tmp_pool); + cmd->tmp_pool = NULL; + } + + return res; + } + + m = NULL; + } + if (auth_tab) { /* Fetch the specific module to be used for authenticating this user. */