aboutsummaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authormiwi <miwi@FreeBSD.org>2011-10-23 23:46:38 +0800
committermiwi <miwi@FreeBSD.org>2011-10-23 23:46:38 +0800
commitf0d605f8a354fffe0527cc81f570841ffc38575c (patch)
tree67071dbfa711f448236f8983a7815b00e2481160 /security
parent52d9b85779b2f2b3e32fbc146ecb552a866b64a4 (diff)
downloadfreebsd-ports-gnome-f0d605f8a354fffe0527cc81f570841ffc38575c.tar.gz
freebsd-ports-gnome-f0d605f8a354fffe0527cc81f570841ffc38575c.tar.zst
freebsd-ports-gnome-f0d605f8a354fffe0527cc81f570841ffc38575c.zip
- Update to 0.9.3
PR: 161473 Submitted by: Corey Smith <corsmith@gmail.com>
Diffstat (limited to 'security')
-rw-r--r--security/pam_ssh_agent_auth/Makefile1
-rw-r--r--security/pam_ssh_agent_auth/files/patch-entropy.c25
-rw-r--r--security/pam_ssh_agent_auth/files/patch-iterate_ssh_agent_keys.c20
-rw-r--r--security/pam_ssh_agent_auth/files/patch-key.c51
-rw-r--r--security/pam_ssh_agent_auth/files/patch-log.c11
-rw-r--r--security/pam_ssh_agent_auth/files/patch-log.h11
-rw-r--r--security/pam_ssh_agent_auth/files/patch-misc.c102
-rw-r--r--security/pam_ssh_agent_auth/files/patch-pam_ssh_agent_auth.c58
-rw-r--r--security/pam_ssh_agent_auth/files/patch-pam_user_key_allowed2.c42
-rw-r--r--security/pam_ssh_agent_auth/files/patch-secure_filename.c29
-rw-r--r--security/pam_ssh_agent_auth/files/patch-ssh-dss.c11
-rw-r--r--security/pam_ssh_agent_auth/files/patch-ssh-rsa.c28
12 files changed, 389 insertions, 0 deletions
diff --git a/security/pam_ssh_agent_auth/Makefile b/security/pam_ssh_agent_auth/Makefile
index 62b14afab939..d746a7cfdfca 100644
--- a/security/pam_ssh_agent_auth/Makefile
+++ b/security/pam_ssh_agent_auth/Makefile
@@ -7,6 +7,7 @@
PORTNAME= pam_ssh_agent_auth
PORTVERSION= 0.9.3
+PORTREVISION= 1
CATEGORIES= security
MASTER_SITES= SF/pamsshagentauth/${PORTNAME}/v${PORTVERSION}/
diff --git a/security/pam_ssh_agent_auth/files/patch-entropy.c b/security/pam_ssh_agent_auth/files/patch-entropy.c
new file mode 100644
index 000000000000..fdee6b3d25eb
--- /dev/null
+++ b/security/pam_ssh_agent_auth/files/patch-entropy.c
@@ -0,0 +1,25 @@
+--- ./entropy.c 2009-08-08 20:54:21.000000000 -0400
++++ ../../pam_ssh_agent_auth-0.9.3.fixed/entropy.c 2011-10-10 13:10:35.864389493 -0400
+@@ -79,11 +79,11 @@
+ mysig_t old_sigchld;
+
+ if (RAND_status() == 1) {
+- verbose("RNG is ready, skipping seeding");
++ pam_ssh_auth_verbose("RNG is ready, skipping seeding");
+ return;
+ }
+
+- verbose("Seeding PRNG from %s", SSH_RAND_HELPER);
++ pam_ssh_auth_verbose("Seeding PRNG from %s", SSH_RAND_HELPER);
+
+ if ((devnull = open("/dev/null", O_RDWR)) == -1)
+ fatal("Couldn't open /dev/null: %s", strerror(errno));
+@@ -187,7 +187,7 @@
+
+ buf = buffer_get_string_ret(m, &len);
+ if (buf != NULL) {
+- verbose("rexec_recv_rng_seed: seeding rng with %u bytes", len);
++ pam_ssh_auth_verbose("rexec_recv_rng_seed: seeding rng with %u bytes", len);
+ RAND_add(buf, len, len);
+ }
+ }
diff --git a/security/pam_ssh_agent_auth/files/patch-iterate_ssh_agent_keys.c b/security/pam_ssh_agent_auth/files/patch-iterate_ssh_agent_keys.c
new file mode 100644
index 000000000000..7d1c341df7a3
--- /dev/null
+++ b/security/pam_ssh_agent_auth/files/patch-iterate_ssh_agent_keys.c
@@ -0,0 +1,20 @@
+--- ./iterate_ssh_agent_keys.c 2010-01-12 21:17:01.000000000 -0500
++++ ../../pam_ssh_agent_auth-0.9.3.fixed/iterate_ssh_agent_keys.c 2011-10-10 13:10:35.864389493 -0400
+@@ -82,7 +82,7 @@
+ session_id2 = session_id2_gen();
+
+ if ((ac = ssh_get_authentication_connection(uid))) {
+- verbose("Contacted ssh-agent of user %s (%u)", getpwuid(uid)->pw_name, uid);
++ pam_ssh_auth_verbose("Contacted ssh-agent of user %s (%u)", getpwuid(uid)->pw_name, uid);
+ for (key = ssh_get_first_identity(ac, &comment, 2); key != NULL; key = ssh_get_next_identity(ac, &comment, 2))
+ {
+ if(key != NULL) {
+@@ -103,7 +103,7 @@
+ ssh_close_authentication_connection(ac);
+ }
+ else {
+- verbose("No ssh-agent could be contacted");
++ pam_ssh_auth_verbose("No ssh-agent could be contacted");
+ }
+ xfree(session_id2);
+ EVP_cleanup();
diff --git a/security/pam_ssh_agent_auth/files/patch-key.c b/security/pam_ssh_agent_auth/files/patch-key.c
new file mode 100644
index 000000000000..1e8ac711fd36
--- /dev/null
+++ b/security/pam_ssh_agent_auth/files/patch-key.c
@@ -0,0 +1,51 @@
+--- ./key.c 2009-08-08 20:54:21.000000000 -0400
++++ ../../pam_ssh_agent_auth-0.9.3.fixed/key.c 2011-10-10 13:10:35.865388224 -0400
+@@ -420,26 +420,26 @@
+ case KEY_DSA:
+ space = strchr(cp, ' ');
+ if (space == NULL) {
+- verbose("key_read: missing whitespace");
++ pam_ssh_auth_verbose("key_read: missing whitespace");
+ return -1;
+ }
+ *space = '\0';
+ type = key_type_from_name(cp);
+ *space = ' ';
+ if (type == KEY_UNSPEC) {
+- verbose("key_read: missing keytype");
++ pam_ssh_auth_verbose("key_read: missing keytype");
+ return -1;
+ }
+ cp = space+1;
+ if (*cp == '\0') {
+- verbose("key_read: short string");
++ pam_ssh_auth_verbose("key_read: short string");
+ return -1;
+ }
+ if (ret->type == KEY_UNSPEC) {
+ ret->type = type;
+ } else if (ret->type != type) {
+ /* is a key, but different type */
+- verbose("key_read: type mismatch");
++ pam_ssh_auth_verbose("key_read: type mismatch");
+ return -1;
+ }
+ len = 2*strlen(cp);
+@@ -656,7 +656,7 @@
+ } else if (strcmp(name, "ssh-dss") == 0) {
+ return KEY_DSA;
+ }
+- verbose("key_type_from_name: unknown key type '%s'", name);
++ pam_ssh_auth_verbose("key_type_from_name: unknown key type '%s'", name);
+ return KEY_UNSPEC;
+ }
+
+@@ -677,7 +677,7 @@
+ return 0;
+ }
+ }
+- verbose("key names ok: [%s]", names);
++ pam_ssh_auth_verbose("key names ok: [%s]", names);
+ xfree(s);
+ return 1;
+ }
diff --git a/security/pam_ssh_agent_auth/files/patch-log.c b/security/pam_ssh_agent_auth/files/patch-log.c
new file mode 100644
index 000000000000..dde5df93a137
--- /dev/null
+++ b/security/pam_ssh_agent_auth/files/patch-log.c
@@ -0,0 +1,11 @@
+--- ./log.c 2009-08-08 20:54:21.000000000 -0400
++++ ../../pam_ssh_agent_auth-0.9.3.fixed/log.c 2011-10-10 13:10:35.865388224 -0400
+@@ -166,7 +166,7 @@
+ /* More detailed messages (information that does not need to go to the log). */
+
+ void
+-verbose(const char *fmt,...)
++pam_ssh_auth_verbose(const char *fmt,...)
+ {
+ va_list args;
+
diff --git a/security/pam_ssh_agent_auth/files/patch-log.h b/security/pam_ssh_agent_auth/files/patch-log.h
new file mode 100644
index 000000000000..9cb1e9160ed0
--- /dev/null
+++ b/security/pam_ssh_agent_auth/files/patch-log.h
@@ -0,0 +1,11 @@
+--- ./log.h 2009-08-08 20:54:21.000000000 -0400
++++ ../../pam_ssh_agent_auth-0.9.3.fixed/log.h 2011-10-10 13:10:38.856166661 -0400
+@@ -55,7 +55,7 @@
+ void logerror(const char *, ...) __attribute__((format(printf, 1, 2)));
+ void sigdie(const char *, ...) __attribute__((format(printf, 1, 2)));
+ void logit(const char *, ...) __attribute__((format(printf, 1, 2)));
+-void verbose(const char *, ...) __attribute__((format(printf, 1, 2)));
++void pam_ssh_auth_verbose(const char *, ...) __attribute__((format(printf, 1, 2)));
+ void debug(const char *, ...) __attribute__((format(printf, 1, 2)));
+ void debug2(const char *, ...) __attribute__((format(printf, 1, 2)));
+ void debug3(const char *, ...) __attribute__((format(printf, 1, 2)));
diff --git a/security/pam_ssh_agent_auth/files/patch-misc.c b/security/pam_ssh_agent_auth/files/patch-misc.c
new file mode 100644
index 000000000000..306aaee19bb1
--- /dev/null
+++ b/security/pam_ssh_agent_auth/files/patch-misc.c
@@ -0,0 +1,102 @@
+--- ./misc.c 2009-08-08 20:54:21.000000000 -0400
++++ ../../pam_ssh_agent_auth-0.9.3.fixed/misc.c 2011-10-10 13:10:35.866387792 -0400
+@@ -84,13 +84,13 @@
+ return (-1);
+ }
+ if (val & O_NONBLOCK) {
+- verbose("fd %d is O_NONBLOCK", fd);
++ pam_ssh_auth_verbose("fd %d is O_NONBLOCK", fd);
+ return (0);
+ }
+- verbose("fd %d setting O_NONBLOCK", fd);
++ pam_ssh_auth_verbose("fd %d setting O_NONBLOCK", fd);
+ val |= O_NONBLOCK;
+ if (fcntl(fd, F_SETFL, val) == -1) {
+- verbose("fcntl(%d, F_SETFL, O_NONBLOCK): %s", fd,
++ pam_ssh_auth_verbose("fcntl(%d, F_SETFL, O_NONBLOCK): %s", fd,
+ strerror(errno));
+ return (-1);
+ }
+@@ -108,13 +108,13 @@
+ return (-1);
+ }
+ if (!(val & O_NONBLOCK)) {
+- verbose("fd %d is not O_NONBLOCK", fd);
++ pam_ssh_auth_verbose("fd %d is not O_NONBLOCK", fd);
+ return (0);
+ }
+- verbose("fd %d clearing O_NONBLOCK", fd);
++ pam_ssh_auth_verbose("fd %d clearing O_NONBLOCK", fd);
+ val &= ~O_NONBLOCK;
+ if (fcntl(fd, F_SETFL, val) == -1) {
+- verbose("fcntl(%d, F_SETFL, ~O_NONBLOCK): %s",
++ pam_ssh_auth_verbose("fcntl(%d, F_SETFL, ~O_NONBLOCK): %s",
+ fd, strerror(errno));
+ return (-1);
+ }
+@@ -138,15 +138,15 @@
+
+ optlen = sizeof opt;
+ if (getsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &opt, &optlen) == -1) {
+- verbose("getsockopt TCP_NODELAY: %.100s", strerror(errno));
++ pam_ssh_auth_verbose("getsockopt TCP_NODELAY: %.100s", strerror(errno));
+ return;
+ }
+ if (opt == 1) {
+- verbose("fd %d is TCP_NODELAY", fd);
++ pam_ssh_auth_verbose("fd %d is TCP_NODELAY", fd);
+ return;
+ }
+ opt = 1;
+- verbose("fd %d setting TCP_NODELAY", fd);
++ pam_ssh_auth_verbose("fd %d setting TCP_NODELAY", fd);
+ if (setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &opt, sizeof opt) == -1)
+ logerror("setsockopt TCP_NODELAY: %.100s", strerror(errno));
+ }
+@@ -367,7 +367,7 @@
+ return(xstrdup(host));
+ if (asprintf(&hoststr, "[%s]:%d", host, (int)port) < 0)
+ fatal("put_host_port: asprintf: %s", strerror(errno));
+- verbose("put_host_port: %s", hoststr);
++ pam_ssh_auth_verbose("put_host_port: %s", hoststr);
+ return hoststr;
+ }
+
+@@ -631,7 +631,7 @@
+ if (buf[strlen(buf) - 1] == '\n' || feof(f)) {
+ return 0;
+ } else {
+- verbose("%s: %s line %lu exceeds size limit", __func__,
++ pam_ssh_auth_verbose("%s: %s line %lu exceeds size limit", __func__,
+ filename, *lineno);
+ /* discard remainder of line */
+ while (fgetc(f) != '\n' && !feof(f))
+@@ -662,16 +662,16 @@
+ break;
+ }
+ } else {
+- verbose("%s: invalid tunnel %u", __func__, tun);
++ pam_ssh_auth_verbose("%s: invalid tunnel %u", __func__, tun);
+ return (-1);
+ }
+
+ if (fd < 0) {
+- verbose("%s: %s open failed: %s", __func__, name, strerror(errno));
++ pam_ssh_auth_verbose("%s: %s open failed: %s", __func__, name, strerror(errno));
+ return (-1);
+ }
+
+- verbose("%s: %s mode %d fd %d", __func__, name, mode, fd);
++ pam_ssh_auth_verbose("%s: %s mode %d fd %d", __func__, name, mode, fd);
+
+ /* Set the tunnel device operation mode */
+ snprintf(ifr.ifr_name, sizeof(ifr.ifr_name), "tun%d", tun);
+@@ -703,7 +703,7 @@
+ close(fd);
+ if (sock >= 0)
+ close(sock);
+- verbose("%s: failed to set %s mode %d: %s", __func__, name,
++ pam_ssh_auth_verbose("%s: failed to set %s mode %d: %s", __func__, name,
+ mode, strerror(errno));
+ return (-1);
+ #else
diff --git a/security/pam_ssh_agent_auth/files/patch-pam_ssh_agent_auth.c b/security/pam_ssh_agent_auth/files/patch-pam_ssh_agent_auth.c
new file mode 100644
index 000000000000..24c384604681
--- /dev/null
+++ b/security/pam_ssh_agent_auth/files/patch-pam_ssh_agent_auth.c
@@ -0,0 +1,58 @@
+--- ./pam_ssh_agent_auth.c 2011-01-26 15:59:21.000000000 -0500
++++ ../../pam_ssh_agent_auth-0.9.3.fixed/pam_ssh_agent_auth.c 2011-10-10 13:10:35.866387792 -0400
+@@ -124,7 +124,7 @@
+ pam_get_item(pamh, PAM_USER, (void *) &user);
+ pam_get_item(pamh, PAM_RUSER, (void *) &ruser_ptr);
+
+- verbose("Beginning pam_ssh_agent_auth for user %s", user);
++ pam_ssh_auth_verbose("Beginning pam_ssh_agent_auth for user %s", user);
+
+ if(ruser_ptr) {
+ strncpy(ruser, ruser_ptr, sizeof(ruser) - 1);
+@@ -139,12 +139,12 @@
+ #ifdef ENABLE_SUDO_HACK
+ if( (strlen(sudo_service_name) > 0) && strncasecmp(servicename, sudo_service_name, sizeof(sudo_service_name) - 1) == 0 && getenv("SUDO_USER") ) {
+ strncpy(ruser, getenv("SUDO_USER"), sizeof(ruser) - 1 );
+- verbose( "Using environment variable SUDO_USER (%s)", ruser );
++ pam_ssh_auth_verbose( "Using environment variable SUDO_USER (%s)", ruser );
+ } else
+ #endif
+ {
+ if( ! getpwuid(getuid()) ) {
+- verbose("Unable to getpwuid(getuid())");
++ pam_ssh_auth_verbose("Unable to getpwuid(getuid())");
+ goto cleanexit;
+ }
+ strncpy(ruser, getpwuid(getuid())->pw_name, sizeof(ruser) - 1);
+@@ -153,11 +153,11 @@
+
+ /* Might as well explicitely confirm the user exists here */
+ if(! getpwnam(ruser) ) {
+- verbose("getpwnam(%s) failed, bailing out", ruser);
++ pam_ssh_auth_verbose("getpwnam(%s) failed, bailing out", ruser);
+ goto cleanexit;
+ }
+ if( ! getpwnam(user) ) {
+- verbose("getpwnam(%s) failed, bailing out", user);
++ pam_ssh_auth_verbose("getpwnam(%s) failed, bailing out", user);
+ goto cleanexit;
+ }
+
+@@ -167,7 +167,7 @@
+ */
+ parse_authorized_key_file(user, authorized_keys_file_input);
+ } else {
+- verbose("Using default file=/etc/security/authorized_keys");
++ pam_ssh_auth_verbose("Using default file=/etc/security/authorized_keys");
+ authorized_keys_file = xstrdup("/etc/security/authorized_keys");
+ }
+
+@@ -177,7 +177,7 @@
+ */
+
+ if(user && strlen(ruser) > 0) {
+- verbose("Attempting authentication: `%s' as `%s' using %s", ruser, user, authorized_keys_file);
++ pam_ssh_auth_verbose("Attempting authentication: `%s' as `%s' using %s", ruser, user, authorized_keys_file);
+
+ /*
+ * this pw_uid is used to validate the SSH_AUTH_SOCK, and so must be the uid of the ruser invoking the program, not the target-user
diff --git a/security/pam_ssh_agent_auth/files/patch-pam_user_key_allowed2.c b/security/pam_ssh_agent_auth/files/patch-pam_user_key_allowed2.c
new file mode 100644
index 000000000000..45dd90a0642c
--- /dev/null
+++ b/security/pam_ssh_agent_auth/files/patch-pam_user_key_allowed2.c
@@ -0,0 +1,42 @@
+--- ./pam_user_key_allowed2.c 2011-06-07 02:32:46.000000000 -0400
++++ ../../pam_ssh_agent_auth-0.9.3.fixed/pam_user_key_allowed2.c 2011-10-10 13:10:35.866387792 -0400
+@@ -63,11 +63,11 @@
+ Key *found;
+ char *fp;
+
+- verbose("trying public key file %s", file);
++ pam_ssh_auth_verbose("trying public key file %s", file);
+
+ /* Fail not so quietly if file does not exist */
+ if (stat(file, &st) < 0) {
+- verbose("File not found: %s", file);
++ pam_ssh_auth_verbose("File not found: %s", file);
+ return 0;
+ }
+ /* Open the file containing the authorized keys. */
+@@ -97,7 +97,7 @@
+ if (key_read(found, &cp) != 1) {
+ /* no key? check if there are options for this key */
+ int quoted = 0;
+- verbose("user_key_allowed: check options: '%s'", cp);
++ pam_ssh_auth_verbose("user_key_allowed: check options: '%s'", cp);
+ key_options = cp;
+ for (; *cp && (quoted || (*cp != ' ' && *cp != '\t')); cp++) {
+ if (*cp == '\\' && cp[1] == '"')
+@@ -109,7 +109,7 @@
+ for (; *cp == ' ' || *cp == '\t'; cp++)
+ ;
+ if (key_read(found, &cp) != 1) {
+- verbose("user_key_allowed: advance: '%s'", cp);
++ pam_ssh_auth_verbose("user_key_allowed: advance: '%s'", cp);
+ /* still no key? advance to next line*/
+ continue;
+ }
+@@ -128,6 +128,6 @@
+ fclose(f);
+ key_free(found);
+ if (!found_key)
+- verbose("key not found");
++ pam_ssh_auth_verbose("key not found");
+ return found_key;
+ }
diff --git a/security/pam_ssh_agent_auth/files/patch-secure_filename.c b/security/pam_ssh_agent_auth/files/patch-secure_filename.c
new file mode 100644
index 000000000000..ca1db1d085c2
--- /dev/null
+++ b/security/pam_ssh_agent_auth/files/patch-secure_filename.c
@@ -0,0 +1,29 @@
+--- ./secure_filename.c 2009-08-08 20:54:21.000000000 -0400
++++ ../../pam_ssh_agent_auth-0.9.3.fixed/secure_filename.c 2011-10-10 13:10:35.867387919 -0400
+@@ -80,7 +80,7 @@
+ int comparehome = 0;
+ struct stat st;
+
+- verbose("secure_filename: checking for uid: %u", uid);
++ pam_ssh_auth_verbose("secure_filename: checking for uid: %u", uid);
+
+ if (realpath(file, buf) == NULL) {
+ snprintf(err, errlen, "realpath %s failed: %s", file,
+@@ -107,7 +107,7 @@
+ }
+ strlcpy(buf, cp, sizeof(buf));
+
+- verbose("secure_filename: checking '%s'", buf);
++ pam_ssh_auth_verbose("secure_filename: checking '%s'", buf);
+ if (stat(buf, &st) < 0 ||
+ (st.st_uid != 0 && st.st_uid != uid) ||
+ (st.st_mode & 022) != 0) {
+@@ -118,7 +118,7 @@
+
+ /* If are passed the homedir then we can stop */
+ if (comparehome && strcmp(homedir, buf) == 0) {
+- verbose("secure_filename: terminating check at '%s'",
++ pam_ssh_auth_verbose("secure_filename: terminating check at '%s'",
+ buf);
+ break;
+ }
diff --git a/security/pam_ssh_agent_auth/files/patch-ssh-dss.c b/security/pam_ssh_agent_auth/files/patch-ssh-dss.c
new file mode 100644
index 000000000000..9c439d60a0b7
--- /dev/null
+++ b/security/pam_ssh_agent_auth/files/patch-ssh-dss.c
@@ -0,0 +1,11 @@
+--- ./ssh-dss.c 2009-08-08 20:54:21.000000000 -0400
++++ ../../pam_ssh_agent_auth-0.9.3.fixed/ssh-dss.c 2011-10-10 13:10:35.867387919 -0400
+@@ -179,7 +179,7 @@
+
+ DSA_SIG_free(sig);
+
+- verbose("ssh_dss_verify: signature %s",
++ pam_ssh_auth_verbose("ssh_dss_verify: signature %s",
+ ret == 1 ? "correct" : ret == 0 ? "incorrect" : "error");
+ return ret;
+ }
diff --git a/security/pam_ssh_agent_auth/files/patch-ssh-rsa.c b/security/pam_ssh_agent_auth/files/patch-ssh-rsa.c
new file mode 100644
index 000000000000..de035d161386
--- /dev/null
+++ b/security/pam_ssh_agent_auth/files/patch-ssh-rsa.c
@@ -0,0 +1,28 @@
+--- ./ssh-rsa.c 2009-08-08 20:54:21.000000000 -0400
++++ ../../pam_ssh_agent_auth-0.9.3.fixed/ssh-rsa.c 2011-10-10 13:10:35.867387919 -0400
+@@ -75,7 +75,7 @@
+ }
+ if (len < slen) {
+ u_int diff = slen - len;
+- verbose("slen %u > len %u", slen, len);
++ pam_ssh_auth_verbose("slen %u > len %u", slen, len);
+ memmove(sig + diff, sig, len);
+ memset(sig, 0, diff);
+ } else if (len > slen) {
+@@ -148,7 +148,7 @@
+ return -1;
+ } else if (len < modlen) {
+ u_int diff = modlen - len;
+- verbose("ssh_rsa_verify: add padding: modlen %u > len %u",
++ pam_ssh_auth_verbose("ssh_rsa_verify: add padding: modlen %u > len %u",
+ modlen, len);
+ sigblob = xrealloc(sigblob, 1, modlen);
+ memmove(sigblob + diff, sigblob, len);
+@@ -169,7 +169,7 @@
+ memset(digest, 'd', sizeof(digest));
+ memset(sigblob, 's', len);
+ xfree(sigblob);
+- verbose("ssh_rsa_verify: signature %scorrect", (ret==0) ? "in" : "");
++ pam_ssh_auth_verbose("ssh_rsa_verify: signature %scorrect", (ret==0) ? "in" : "");
+ return ret;
+ }