Bug#292440: pure-ftpd: Patch to set PAM_RHOST and PAM_RUSER for pam authentication

2005-01-27 Thread Frank Denis (Jedi/Sector One) 
On Thu, Jan 27, 2005 at 02:05:20AM +0100, Marek Habersack wrote:
  The attached patch adds support for setting of two PAM items - PAM_RUSER
 and PAM_RHOST (for remote user and host, respectively). This is needed to
 be able to use pam_access with pure-ftpd for non-local login setups. The
 changes are simple and don't affect much code, please consider applying it.

  Your patch looks ok, I'm going to merge it.
  
  Thanks a lot for your help, Marek.

-- 
Frank - my stupid blog: http://00f.net


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Bug#292440: pure-ftpd: Patch to set PAM_RHOST and PAM_RUSER for pam authentication

2005-01-26 Thread Marek Habersack 
Package: pure-ftpd
Version: 1.0.19-4
Severity: important
Tags: patch

Hi,

 The attached patch adds support for setting of two PAM items - PAM_RUSER
and PAM_RHOST (for remote user and host, respectively). This is needed to
be able to use pam_access with pure-ftpd for non-local login setups. The
changes are simple and don't affect much code, please consider applying it.

thanks,

marek

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.10-ac10-tux3a7-hacks
Locale: LANG=en_US.UTF-8, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8)

Versions of packages pure-ftpd depends on:
ii  libc6   2.3.2.ds1-20 GNU C Library: Shared libraries an
ii  libcap1 1:1.10-14support for getting/setting POSIX.
ii  libpam0g0.76-22  Pluggable Authentication Modules l
ii  libssl0.9.7 0.9.7e-3 SSL shared libraries
ii  pure-ftpd-common1.0.19-4 Pure-FTPd FTP server (Common Files

-- no debconf information
--- pure-ftpd-1.0.19.orig/src/log_pam.c
+++ pure-ftpd-1.0.19/src/log_pam.c
@@ -135,7 +135,11 @@
 int pam_error;
 struct passwd pw, *pw_;
 char *dir = NULL;
-
+#ifdef PAM_RHOST
+struct hostent *hent;
+const char *host;
+#endif
+
 (void) sa;
 (void) peer;
 result-auth_ok = 0;
@@ -143,6 +147,31 @@
 PAM_username = user;
 pam_error = pam_start(pure-ftpd, user, PAM_conversation, pamh);
 PAM_BAIL;
+
+/* set PAM_RUSER and PAM_RHOST for modules like pam_env or pam_access */
+#ifdef PAM_RHOST
+logfile(LOG_INFO, PAM_RHOST enabled. Getting the peer address);
+switch (STORAGE_FAMILY(*peer)) {
+  case AF_INET:
+hent = gethostbyaddr(STORAGE_SIN_ADDR(*peer), sizeof(STORAGE_SIN_ADDR(*peer)), AF_INET);
+	break;
+	
+  case AF_INET6:
+hent = gethostbyaddr(STORAGE_SIN_ADDR6(*peer), sizeof(STORAGE_SIN_ADDR6(*peer)), AF_INET6);
+	break;
+}
+
+if (!hent)
+  (void)pam_set_item(pamh, PAM_RHOST, NULL);
+else
+  (void)pam_set_item(pamh, PAM_RHOST, hent-h_name);
+#endif
+
+
+#ifdef PAM_RUSER
+(void)pam_set_item(pamh, PAM_RUSER, user);
+#endif
+
 # ifdef PAM_TTY
 (void) pam_set_item(pamh, PAM_TTY, pure-ftpd);
 # endif