Print this page 
First stab at the full Joyent wad (still needs work!!!)
   1 From 71e2185a3a2301f08c845a9cb884280dcb0d2cff Mon Sep 17 00:00:00 2001
   2 From: oracle <solaris@oracle.com>
   3 Date: Mon, 3 Aug 2015 14:36:13 -0700
   4 Subject: [PATCH 09/30] PAM conversation fix
   5 
   6 #
   7 # This patch contains an important bug fix for the PAM password userauth
   8 # conversation function. This bug fix was contributed back to the upstream in
   9 # 2009, but it was not accepted by the upstream.  For more information, see
  10 # https://bugzilla.mindrot.org/show_bug.cgi?id=1681.
  11 #
  12 ---
  13  auth-pam.c | 36 ++++++++++++++++++++++++++++++++++++
  14  1 file changed, 36 insertions(+)
  15 
  16 diff --git a/auth-pam.c b/auth-pam.c
  17 index d94c828..b941991 100644
  18 --- a/auth-pam.c
  19 +++ b/auth-pam.c
  20 @@ -1111,11 +1111,13 @@ free_pam_environment(char **env)
  21         free(env);
  22  }
  23  
  24 +#ifndef PAM_BUGFIX


  83             (const void *)&passwd_conv);
  84         if (sshpam_err != PAM_SUCCESS)
  85 @@ -1205,6 +1231,16 @@ sshpam_auth_passwd(Authctxt *authctxt, const char *password)
  86  
  87         sshpam_err = pam_authenticate(sshpam_handle, flags);
  88         sshpam_password = NULL;
  89 +
  90 +#ifdef PAM_BUGFIX
  91 +        set_item_rtn = pam_set_item(sshpam_handle, PAM_AUTHTOK, NULL);
  92 +       if (set_item_rtn != PAM_SUCCESS) {
  93 +               debug("PAM: %s: failed to set PAM_AUTHTOK: %s", __func__,
  94 +                   pam_strerror(sshpam_handle, set_item_rtn));
  95 +               return 0;
  96 +       }
  97 +#endif
  98 +
  99         if (sshpam_err == PAM_SUCCESS && authctxt->valid) {
 100                 debug("PAM: password authentication accepted for %.100s",
 101                     authctxt->user);
 102 -- 
 103 2.3.2 (Apple Git-55)
 104 

   1 From 4836dba2499f4c161ea7f18bb35535c366a4cdec Mon Sep 17 00:00:00 2001
   2 From: oracle <solaris@oracle.com>
   3 Date: Mon, 3 Aug 2015 14:36:13 -0700
   4 Subject: [PATCH 11/36] PAM conversation fix
   5 
   6 #
   7 # This patch contains an important bug fix for the PAM password userauth
   8 # conversation function. This bug fix was contributed back to the upstream in
   9 # 2009, but it was not accepted by the upstream.  For more information, see
  10 # https://bugzilla.mindrot.org/show_bug.cgi?id=1681.
  11 #
  12 ---
  13  auth-pam.c | 36 ++++++++++++++++++++++++++++++++++++
  14  1 file changed, 36 insertions(+)
  15 
  16 diff --git a/auth-pam.c b/auth-pam.c
  17 index d94c828..b941991 100644
  18 --- a/auth-pam.c
  19 +++ b/auth-pam.c
  20 @@ -1111,11 +1111,13 @@ free_pam_environment(char **env)
  21         free(env);
  22  }
  23  
  24 +#ifndef PAM_BUGFIX


  83             (const void *)&passwd_conv);
  84         if (sshpam_err != PAM_SUCCESS)
  85 @@ -1205,6 +1231,16 @@ sshpam_auth_passwd(Authctxt *authctxt, const char *password)
  86  
  87         sshpam_err = pam_authenticate(sshpam_handle, flags);
  88         sshpam_password = NULL;
  89 +
  90 +#ifdef PAM_BUGFIX
  91 +        set_item_rtn = pam_set_item(sshpam_handle, PAM_AUTHTOK, NULL);
  92 +       if (set_item_rtn != PAM_SUCCESS) {
  93 +               debug("PAM: %s: failed to set PAM_AUTHTOK: %s", __func__,
  94 +                   pam_strerror(sshpam_handle, set_item_rtn));
  95 +               return 0;
  96 +       }
  97 +#endif
  98 +
  99         if (sshpam_err == PAM_SUCCESS && authctxt->valid) {
 100                 debug("PAM: password authentication accepted for %.100s",
 101                     authctxt->user);
 102 -- 
 103 2.5.4 (Apple Git-61)
 104