d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Correctly set PAM_RHOST so e.g. pam_login_access(8) can do its job.

Browse Source 
Sponsored by:	DARPA, NAI Labs
This commit is contained in:
Dag-Erling Smørgrav 2002-03-21 12:55:21 +00:00
parent fe49ecbc93
commit 6b11d510fd
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=92879
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
crypto/openssh/auth-pam.c
View File

@ -577,6 +577,7 @@ ipam_start_auth(const char *service, const char *username) {
ssh_conv,
NULL
};
const char *rhost;
cookie = malloc(sizeof(*cookie));
if (cookie == NULL)
@ -613,6 +614,7 @@ ipam_start_auth(const char *service, const char *username) {
ipam_free_cookie(cookie);
return NULL;
}
rhost = get_canonical_hostname(options.verify_reverse_mapping);
cookie->pid = fork();
if (cookie->pid == -1) {
ipam_free_cookie(cookie);
@ -751,6 +753,9 @@ ipam_start_auth(const char *service, const char *username) {
conv.appdata_ptr = ud;
retval = pam_start(service, username, &conv, &pamh);
fprintf(stderr, "pam_start returned %d\n", retval);
if (retval == PAM_SUCCESS)
retval = pam_set_item(pamh, PAM_RHOST, rhost);
/* Is user really user? */
if (retval == PAM_SUCCESS)
retval = pam_authenticate(pamh, 0);