I’m trying to create a pam module to be used for authorization with SSH.
Unfortunately every goroutine does not start within the PAM module, if it was used within SSH flow. It does indeed work with pamtester without any issues.
Here is the code:
<code>package main
/*
#include <security/pam_modules.h>
typedef const char cchar_t;
*/
import "C"
import (
"log"
"time"
)
func main() {}
//export pam_sm_authenticate
func pam_sm_authenticate(pamh *C.pam_handle_t, flags C.int, argc C.int, argv **C.cchar_t) C.int {
log.Printf("golib.so: begin")
defer log.Printf("golib.so: end")
log.Printf("golib.so: before start goroutine")
go func() {
log.Printf("golib.so: goroutine begin")
defer log.Printf("golib.so: goroutine end")
for i := 0; i < 5; i++ {
log.Printf("golib.so: from goroutine: %d", i)
time.Sleep(10 * time.Millisecond)
}
}()
log.Printf("golib.so: after start goroutine")
for i := 0; i < 5; i++ {
log.Printf("golib.so: from method: %d", i)
time.Sleep(10 * time.Millisecond)
}
return C.PAM_SUCCESS
}
</code>
<code>package main
/*
#include <security/pam_modules.h>
typedef const char cchar_t;
*/
import "C"
import (
"log"
"time"
)
func main() {}
//export pam_sm_authenticate
func pam_sm_authenticate(pamh *C.pam_handle_t, flags C.int, argc C.int, argv **C.cchar_t) C.int {
log.Printf("golib.so: begin")
defer log.Printf("golib.so: end")
log.Printf("golib.so: before start goroutine")
go func() {
log.Printf("golib.so: goroutine begin")
defer log.Printf("golib.so: goroutine end")
for i := 0; i < 5; i++ {
log.Printf("golib.so: from goroutine: %d", i)
time.Sleep(10 * time.Millisecond)
}
}()
log.Printf("golib.so: after start goroutine")
for i := 0; i < 5; i++ {
log.Printf("golib.so: from method: %d", i)
time.Sleep(10 * time.Millisecond)
}
return C.PAM_SUCCESS
}
</code>
package main
/*
#include <security/pam_modules.h>
typedef const char cchar_t;
*/
import "C"
import (
"log"
"time"
)
func main() {}
//export pam_sm_authenticate
func pam_sm_authenticate(pamh *C.pam_handle_t, flags C.int, argc C.int, argv **C.cchar_t) C.int {
log.Printf("golib.so: begin")
defer log.Printf("golib.so: end")
log.Printf("golib.so: before start goroutine")
go func() {
log.Printf("golib.so: goroutine begin")
defer log.Printf("golib.so: goroutine end")
for i := 0; i < 5; i++ {
log.Printf("golib.so: from goroutine: %d", i)
time.Sleep(10 * time.Millisecond)
}
}()
log.Printf("golib.so: after start goroutine")
for i := 0; i < 5; i++ {
log.Printf("golib.so: from method: %d", i)
time.Sleep(10 * time.Millisecond)
}
return C.PAM_SUCCESS
}
Environment
- OS: Ubuntu 22.04.4 LTS
- SSH: OpenSSH_8.9p1 Ubuntu-3ubuntu0.10, OpenSSL 3.0.2 15 Mar 2022
- Go: go version go1.22.5 linux/amd64
- pemtester: 0.1.2
Similar issues
- golang/go#57394
- golang/go#15538
- golang/go#15556
So far non of those tickets helped me to solve the issue.
My main problem is not that I even intent to use goroutines but if I’m using http.Client goroutines are everywhere.
So: I’m happy for proposals to make the goroutines in the context of a PAM modules within SSH work or to do HTTP requests without goroutines. ????
Thanks for your support!