Date: Mon, 21 Jan 2002 16:11:40 +0300 From: "Andrey A. Chernov" <ache@nagual.pp.ru> To: Dag-Erling Smorgrav <des@ofug.org> Cc: Mark Murray <mark@grondar.za>, current@FreeBSD.ORG Subject: Re: Step5, pam_opie OPIE auth fix for review Message-ID: <20020121131139.GA35330@nagual.pp.ru> In-Reply-To: <xzp8zarzwxm.fsf@flood.ping.uio.no> References: <20020120233050.GA26913@nagual.pp.ru> <xzpvgdw1sqp.fsf@flood.ping.uio.no> <20020121000446.GB27206@nagual.pp.ru> <xzpn0z81rrr.fsf@flood.ping.uio.no> <20020121002557.GB27831@nagual.pp.ru> <xzpelkk1qnb.fsf@flood.ping.uio.no> <20020121004906.GA28231@nagual.pp.ru> <xzp665w1otd.fsf@flood.ping.uio.no> <20020121025009.GA30673@nagual.pp.ru> <xzp8zarzwxm.fsf@flood.ping.uio.no>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jan 21, 2002 at 13:54:29 +0100, Dag-Erling Smorgrav wrote: > > Umm, you can't use opiechallenge() for that. You're not supposed to > call opiechallenge() without also calling opieverify() (plus, I think No, it is possible, when opieunlock() called afterwards (as I do). BTW, the same way pam_opie does, see opieunlock() inside prompts loop. > opiechallenge() "consumes" a challenge). No, it is opieverify() who consumes it. You can call opiechallenge() several times with appropriate opieunlock()'s and challenge will not changed. In fact our ftpd does it, first opiechallenge() called to generate prompt in the form pam_opie can't generate and the second is opiechallenge() called from pam_opie (invisible). > Use opielookup() instead. Ok. It will be faster then opiechallenge() for this case. I'll send modified patch. -- Andrey A. Chernov http://ache.pp.ru/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020121131139.GA35330>