[<prev] [next>] [thread-next>] [month] [year] [list]
Date: Fri, 22 Aug 2003 06:30:40 +0200
From: Jan Rusnak <jr@...erspace.sk>
To: popa3d-users@...ts.openwall.com
Subject: Request for popa3d software developers
Hi,
popa3d don't set pam_item RHOST (remote host) for pam library during
authentication process. It may be good idea pass client ip address
to pam library. I use pam auth module pam_listfile for different
behavior of authentification for some users depends from client ip address.
struct passwd *auth_userpass(char *user, char *pass, int *known)
{
struct passwd *pw;
pam_handle_t *pamh;
pam_userpass_t userpass;
struct pam_conv conv = {pam_userpass_conv, &userpass};
char *template;
int status;
*known = 0;
userpass.user = user;
userpass.pass = pass;
if (pam_start(AUTH_PAM_SERVICE, user, &conv, &pamh) !=
PAM_SUCCESS) {
*known = is_user_known(user);
return NULL;
}
if ((status = pam_set_item(pamh, PAM_RHOST,
(void *) inet_ntoa(client_addr))) != PAM_SUCCESS) {
pam_end(pamh, status);
*known = is_user_known(user);
return NULL;
}
if ((status = pam_authenticate(pamh, 0)) != PAM_SUCCESS) {
pam_end(pamh, status);
*known = is_user_known(user);
return NULL;
--
JR
------------------------------------
J A N R U S N A K
<jr@...erspace.sk>
------------------------------------
Powered by Openwall GNU/*/Linux -
Powered by OpenVZ