diff options
author | Dag-Erling Smørgrav <des@FreeBSD.org> | 2002-03-21 12:55:21 +0000 |
---|---|---|
committer | Dag-Erling Smørgrav <des@FreeBSD.org> | 2002-03-21 12:55:21 +0000 |
commit | 6b11d510fdfd7eb4e3dc7fdac9558b3e80a55c36 (patch) | |
tree | 3cc6c161635ac5cf4ec8786678f7dceb17ff118a /crypto | |
parent | fe49ecbc930de27747f0ca7da975677b91bf7108 (diff) | |
download | src-6b11d510fdfd7eb4e3dc7fdac9558b3e80a55c36.tar.gz src-6b11d510fdfd7eb4e3dc7fdac9558b3e80a55c36.zip |
Correctly set PAM_RHOST so e.g. pam_login_access(8) can do its job.
Sponsored by: DARPA, NAI Labs
Notes
Notes:
svn path=/head/; revision=92879
Diffstat (limited to 'crypto')
-rw-r--r-- | crypto/openssh/auth-pam.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/crypto/openssh/auth-pam.c b/crypto/openssh/auth-pam.c index 03a464dcdb73..1b6ee193b30d 100644 --- a/crypto/openssh/auth-pam.c +++ b/crypto/openssh/auth-pam.c @@ -577,6 +577,7 @@ ipam_start_auth(const char *service, const char *username) { ssh_conv, NULL }; + const char *rhost; cookie = malloc(sizeof(*cookie)); if (cookie == NULL) @@ -613,6 +614,7 @@ ipam_start_auth(const char *service, const char *username) { ipam_free_cookie(cookie); return NULL; } + rhost = get_canonical_hostname(options.verify_reverse_mapping); cookie->pid = fork(); if (cookie->pid == -1) { ipam_free_cookie(cookie); @@ -751,6 +753,9 @@ ipam_start_auth(const char *service, const char *username) { conv.appdata_ptr = ud; retval = pam_start(service, username, &conv, &pamh); + fprintf(stderr, "pam_start returned %d\n", retval); + if (retval == PAM_SUCCESS) + retval = pam_set_item(pamh, PAM_RHOST, rhost); /* Is user really user? */ if (retval == PAM_SUCCESS) retval = pam_authenticate(pamh, 0); |