Package: pure-ftpd
Version: 1.0.19-4
Severity: important
Tags: patch
Hi,
The attached patch adds support for setting of two PAM items - PAM_RUSER
and PAM_RHOST (for remote user and host, respectively). This is needed to
be able to use pam_access with pure-ftpd for non-local login setups. The
changes are simple and don't affect much code, please consider applying it.
thanks,
marek
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.10-ac10-tux3a7-hacks
Locale: LANG=en_US.UTF-8, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8)
Versions of packages pure-ftpd depends on:
ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an
ii libcap1 1:1.10-14support for getting/setting POSIX.
ii libpam0g0.76-22 Pluggable Authentication Modules l
ii libssl0.9.7 0.9.7e-3 SSL shared libraries
ii pure-ftpd-common1.0.19-4 Pure-FTPd FTP server (Common Files
-- no debconf information
--- pure-ftpd-1.0.19.orig/src/log_pam.c
+++ pure-ftpd-1.0.19/src/log_pam.c
@@ -135,7 +135,11 @@
int pam_error;
struct passwd pw, *pw_;
char *dir = NULL;
-
+#ifdef PAM_RHOST
+struct hostent *hent;
+const char *host;
+#endif
+
(void) sa;
(void) peer;
result-auth_ok = 0;
@@ -143,6 +147,31 @@
PAM_username = user;
pam_error = pam_start(pure-ftpd, user, PAM_conversation, pamh);
PAM_BAIL;
+
+/* set PAM_RUSER and PAM_RHOST for modules like pam_env or pam_access */
+#ifdef PAM_RHOST
+logfile(LOG_INFO, PAM_RHOST enabled. Getting the peer address);
+switch (STORAGE_FAMILY(*peer)) {
+ case AF_INET:
+hent = gethostbyaddr(STORAGE_SIN_ADDR(*peer), sizeof(STORAGE_SIN_ADDR(*peer)), AF_INET);
+ break;
+
+ case AF_INET6:
+hent = gethostbyaddr(STORAGE_SIN_ADDR6(*peer), sizeof(STORAGE_SIN_ADDR6(*peer)), AF_INET6);
+ break;
+}
+
+if (!hent)
+ (void)pam_set_item(pamh, PAM_RHOST, NULL);
+else
+ (void)pam_set_item(pamh, PAM_RHOST, hent-h_name);
+#endif
+
+
+#ifdef PAM_RUSER
+(void)pam_set_item(pamh, PAM_RUSER, user);
+#endif
+
# ifdef PAM_TTY
(void) pam_set_item(pamh, PAM_TTY, pure-ftpd);
# endif