Re: (ITS#6485) nssov pam_authz fixes - openldap-bugs

3 Mar 2010


      crispy@cluenet.org wrote:
...
Full_Name: Chris Breneman
Version: 2.4.21
OS: Debian Lenny
URL:
Submission from: (NULL) (98.212.227.43)
In pam_authz(), in pam.c, in nssov, there are two problems:

Values in the service buffer are overwritten, and values in several other

buffers are never stored, preventing authorizedService checking from working.
2. pam_authz() fails if nssov is not first used for authentication.
Thanks for reporting these, fixes are in HEAD.
-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/