Bug#292440: pure-ftpd: Patch to set PAM_RHOST and PAM_RUSER for pam authentication

Wed, 26 Jan 2005 17:23:07 -0800 

Package: pure-ftpd
Version: 1.0.19-4
Severity: important
Tags: patch

Hi,

 The attached patch adds support for setting of two PAM items - PAM_RUSER
and PAM_RHOST (for remote user and host, respectively). This is needed to
be able to use pam_access with pure-ftpd for non-local login setups. The
changes are simple and don't affect much code, please consider applying it.

thanks,

marek

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.10-ac10-tux3a7-hacks
Locale: LANG=en_US.UTF-8, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8)

Versions of packages pure-ftpd depends on:
ii  libc6                       2.3.2.ds1-20 GNU C Library: Shared libraries an
ii  libcap1                     1:1.10-14    support for getting/setting POSIX.
ii  libpam0g                    0.76-22      Pluggable Authentication Modules l
ii  libssl0.9.7                 0.9.7e-3     SSL shared libraries
ii  pure-ftpd-common            1.0.19-4     Pure-FTPd FTP server (Common Files

-- no debconf information

--- pure-ftpd-1.0.19.orig/src/log_pam.c
+++ pure-ftpd-1.0.19/src/log_pam.c
@@ -135,7 +135,11 @@
     int pam_error;
     struct passwd pw, *pw_;
     char *dir = NULL;
-    
+#ifdef PAM_RHOST    
+    struct hostent *hent;
+    const char *host;
+#endif
+
     (void) sa;
     (void) peer;
     result->auth_ok = 0;
@@ -143,6 +147,31 @@
     PAM_username = user;
     pam_error = pam_start("pure-ftpd", user, &PAM_conversation, &pamh);
     PAM_BAIL;
+
+    /* set PAM_RUSER and PAM_RHOST for modules like pam_env or pam_access */
+#ifdef PAM_RHOST
+    logfile(LOG_INFO, "PAM_RHOST enabled. Getting the peer address");
+    switch (STORAGE_FAMILY(*peer)) {
+      case AF_INET:
+        hent = gethostbyaddr(&STORAGE_SIN_ADDR(*peer), sizeof(STORAGE_SIN_ADDR(*peer)), AF_INET);
+	break;
+	
+      case AF_INET6:
+        hent = gethostbyaddr(&STORAGE_SIN_ADDR6(*peer), sizeof(STORAGE_SIN_ADDR6(*peer)), AF_INET6);
+	break;
+    }
+    
+    if (!hent)
+      (void)pam_set_item(pamh, PAM_RHOST, NULL);
+    else
+      (void)pam_set_item(pamh, PAM_RHOST, hent->h_name);
+#endif
+
+
+#ifdef PAM_RUSER
+    (void)pam_set_item(pamh, PAM_RUSER, user);
+#endif
+
 # ifdef PAM_TTY
     (void) pam_set_item(pamh, PAM_TTY, "pure-ftpd");
 # endif

Reply via email to