From owner-freebsd-stable@FreeBSD.ORG Fri Jul 4 09:08:29 2014 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id C8FF91E0 for ; Fri, 4 Jul 2014 09:08:29 +0000 (UTC) Received: from mout0.freenet.de (mout0.freenet.de [IPv6:2001:748:100:40::2:2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client CN "*.freenet.de", Issuer "TeleSec ServerPass DE-2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 867C521C6 for ; Fri, 4 Jul 2014 09:08:29 +0000 (UTC) Received: from [195.4.92.141] (helo=mjail1.freenet.de) by mout0.freenet.de with esmtpa (ID perox@freenet.de) (port 25) (Exim 4.82 #1) id 1X2zTm-0000ed-Jm for freebsd-stable@freebsd.org; Fri, 04 Jul 2014 11:08:26 +0200 Received: from localhost ([::1]:54786 helo=mjail1.freenet.de) by mjail1.freenet.de with esmtpa (ID perox@freenet.de) (Exim 4.82 #1) id 1X2zTm-0002Eq-Ca for freebsd-stable@freebsd.org; Fri, 04 Jul 2014 11:08:26 +0200 Received: from mx5.freenet.de ([195.4.92.15]:33380) by mjail1.freenet.de with esmtpa (ID perox@freenet.de) (Exim 4.82 #1) id 1X2zQR-0000ZS-DW for freebsd-stable@freebsd.org; Fri, 04 Jul 2014 11:04:59 +0200 Received: from web3.emo.freenet-rz.de ([194.97.107.236]:24113 helo=web9.emo.freenet-rz.de) by mx5.freenet.de with esmtpa (ID perox@freenet.de) (port 587) (Exim 4.82 #1) id 1X2zQR-0003l2-C3 for freebsd-stable@freebsd.org; Fri, 04 Jul 2014 11:04:59 +0200 Received: from localhost ([127.0.0.1] helo=emo.freenet.de) by web9.emo.freenet-rz.de with esmtpa (Exim 4.72 1 (Panther_1)) id 1X2zQR-0007dP-6m for ; Fri, 04 Jul 2014 11:04:59 +0200 Date: Fri, 04 Jul 2014 11:04:59 +0200 From: perox@freenet.de Subject: ANSI Escape sequences in PAM message To: freebsd-stable@freebsd.org X-Priority: 3 MIME-Version: 1.0 X-Abuse: 500871696 / 91.19.5.24 Message-Id: <3fd9d591070e4e0a7afa86ff85a84922@email.freenet.de> User-Agent: freenetMail Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable X-Originated-At: 91.19.5.24!15412 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 04 Jul 2014 09:08:29 -0000 Hi, I recently played around with a custom PAM module for user authentication v= ia ssh. During the authentication process I want to display various messages w= hich I am able to do using a conv() call passing my messages. If the message is si= mple everything works as expected. When I use terminal/ANSI escape codes (e.g. something like =0033[40;37;1m t= o=20 provide colors) however, the output is only correct when I set the pam mess= age type PAM_PROMPT_ECHO_ON. If I choose PAM_TEXT_INFO or PAM_ERROR_MSG=20 the escape sequences have no effect and are printed literally. Using=20 PAM_PROMPT_ECHO_ON as message type is no solution as it requires the=20 user to press a key after each message. Is this a bug or a feature? I could= imagine=20 this being a security feature, but then, why would one message type allow i= t?=20 Skimming through the code of libpam and openssh didn't help. Is there perha= ps=20 a flag or an option to ssh which forbids some things I try to use? Under Ubuntu and RedHat (which don't use openpam but an own PAM implementation) everything works as expected. I am using 10-STABLE=20 but 9.2 shows the same behavior. Thanks! -- My code looks similar to this: int style =3D PAM_PROMPT_ECHO_ON; // don't work //int style =3D PAM_TEXT_INFO; = =20 //int style =3D PAM_ERROR_MSG; =20 r =3D pam_get_item(pamhg, PAM_CONV, &convp); = =20 conv =3D (const struct pam_conv *)convp; vsnprintf(msgbuf, PAM_MAX_MSG_SIZE, fmt, ap); msg.msg_style =3D style; msg.msg =3D msgbuf; msgp =3D &msg; =20 r =3D (conv->conv)(1, &msgp, &rsp, conv->appdata_ptr); =0A=0A---=0AAlle Postf=C3=A4cher an einem Ort. Jetzt wechseln und E-Mail-Ad= resse mitnehmen! http://email.freenet.de/basic/Informationen=0A=0A