On Tue, Jun 17, 2008 at 6:14 PM, Gary Mills <[EMAIL PROTECTED]> wrote:
> On Tue, Jun 17, 2008 at 02:32:46PM +0530, Ashay Chitnis wrote:
> >
> > On Tue, Jun 17, 2008 at 12:09 AM, Gary Mills
> > <[EMAIL PROTECTED]> wrote:
> >
> > Gary, thanks for your help.
> > I have had one sleepless night trying to read out the sasl manuals
> > from SUN :).
> >
> > the pam_acct_mgmt() call must be removed from saslauthd/auth_pam.c
> > and
> > added to lib/server.c instead.
> >
> > can you elaborate more on how you have acheived it?
>
> By modifying the SASL source and recompiling it. I can post my patches
> if anyone else is interested.
Can you paste you code if poss??
>
>
> > first the item
> > passed by sasl is the service name (pop) and not the remote network ip
> > and this is compared with the actual IP address.
> > pam_get_item should be getting the IP address and passing it to pam
> > NOT the service name..
>
> As others have mentioned, the information stored in the PAM handle
> depends on the application. Many different types are possible, but
> the application has to store the data to make it available to the
> PAM module. PAM_RHOST, the remote host name, would be the one that
> interests you. That information is not always present. For cyrus
> and sasl, it appears not to be present. I haven't confirmed this.
>
There is a variable defined for ipremoteport in server.c but
result = _sasl_conn_init(*pconn, service, flags, SASL_CONN_SERVER,
&server_idle, serverFQDN,
iplocalport, *ipremoteport,*
callbacks, &global_callbacks);
But this is unused i guess.
> > I have checked its works beautifully in sshd. Now i need to find a way
> > to work it in sasl for pop imap service.
>
> --
> -Gary Mills- -Unix Support- -U of M Academic Computing and
> Networking-
>
----
Cyrus Home Page: http://cyrusimap.web.cmu.edu/
Cyrus Wiki/FAQ: http://cyrusimap.web.cmu.edu/twiki
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
