aboutsummaryrefslogtreecommitdiff
path: root/crypto
diff options
context:
space:
mode:
authorDag-Erling Smørgrav <des@FreeBSD.org>2002-03-21 12:55:21 +0000
committerDag-Erling Smørgrav <des@FreeBSD.org>2002-03-21 12:55:21 +0000
commit6b11d510fdfd7eb4e3dc7fdac9558b3e80a55c36 (patch)
tree3cc6c161635ac5cf4ec8786678f7dceb17ff118a /crypto
parentfe49ecbc930de27747f0ca7da975677b91bf7108 (diff)
downloadsrc-6b11d510fdfd7eb4e3dc7fdac9558b3e80a55c36.tar.gz
src-6b11d510fdfd7eb4e3dc7fdac9558b3e80a55c36.zip
Correctly set PAM_RHOST so e.g. pam_login_access(8) can do its job.
Sponsored by: DARPA, NAI Labs
Notes
Notes: svn path=/head/; revision=92879
Diffstat (limited to 'crypto')
-rw-r--r--crypto/openssh/auth-pam.c5
1 files changed, 5 insertions, 0 deletions
diff --git a/crypto/openssh/auth-pam.c b/crypto/openssh/auth-pam.c
index 03a464dcdb73..1b6ee193b30d 100644
--- a/crypto/openssh/auth-pam.c
+++ b/crypto/openssh/auth-pam.c
@@ -577,6 +577,7 @@ ipam_start_auth(const char *service, const char *username) {
ssh_conv,
NULL
};
+ const char *rhost;
cookie = malloc(sizeof(*cookie));
if (cookie == NULL)
@@ -613,6 +614,7 @@ ipam_start_auth(const char *service, const char *username) {
ipam_free_cookie(cookie);
return NULL;
}
+ rhost = get_canonical_hostname(options.verify_reverse_mapping);
cookie->pid = fork();
if (cookie->pid == -1) {
ipam_free_cookie(cookie);
@@ -751,6 +753,9 @@ ipam_start_auth(const char *service, const char *username) {
conv.appdata_ptr = ud;
retval = pam_start(service, username, &conv, &pamh);
+ fprintf(stderr, "pam_start returned %d\n", retval);
+ if (retval == PAM_SUCCESS)
+ retval = pam_set_item(pamh, PAM_RHOST, rhost);
/* Is user really user? */
if (retval == PAM_SUCCESS)
retval = pam_authenticate(pamh, 0);
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-14 22:21:58 +0000