Date: Fri, 04 Jul 2014 11:04:59 +0200 From: perox@freenet.de To: freebsd-stable@freebsd.org Subject: ANSI Escape sequences in PAM message Message-ID: <3fd9d591070e4e0a7afa86ff85a84922@email.freenet.de>
next in thread | raw e-mail | index | archive | help
Hi, I recently played around with a custom PAM module for user authentication v= ia ssh. During the authentication process I want to display various messages w= hich I am able to do using a conv() call passing my messages. If the message is si= mple everything works as expected. When I use terminal/ANSI escape codes (e.g. something like =0033[40;37;1m t= o=20 provide colors) however, the output is only correct when I set the pam mess= age type PAM_PROMPT_ECHO_ON. If I choose PAM_TEXT_INFO or PAM_ERROR_MSG=20 the escape sequences have no effect and are printed literally. Using=20 PAM_PROMPT_ECHO_ON as message type is no solution as it requires the=20 user to press a key after each message. Is this a bug or a feature? I could= imagine=20 this being a security feature, but then, why would one message type allow i= t?=20 Skimming through the code of libpam and openssh didn't help. Is there perha= ps=20 a flag or an option to ssh which forbids some things I try to use? Under Ubuntu and RedHat (which don't use openpam but an own PAM implementation) everything works as expected. I am using 10-STABLE=20 but 9.2 shows the same behavior. Thanks! -- My code looks similar to this: int style =3D PAM_PROMPT_ECHO_ON; // don't work //int style =3D PAM_TEXT_INFO; = =20 //int style =3D PAM_ERROR_MSG; =20 r =3D pam_get_item(pamhg, PAM_CONV, &convp); = =20 conv =3D (const struct pam_conv *)convp; vsnprintf(msgbuf, PAM_MAX_MSG_SIZE, fmt, ap); msg.msg_style =3D style; msg.msg =3D msgbuf; msgp =3D &msg; =20 r =3D (conv->conv)(1, &msgp, &rsp, conv->appdata_ptr); =0A=0A---=0AAlle Postf=C3=A4cher an einem Ort. Jetzt wechseln und E-Mail-Ad= resse mitnehmen! http://email.freenet.de/basic/Informationen=0A=0A
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3fd9d591070e4e0a7afa86ff85a84922>