GitLab/ocserv
1
0
Fork 0
mirror of https://gitlab.com/openconnect/ocserv.git synced 2026-02-19 21:36:59 +08:00
Code Issues Packages Projects Releases Wiki Activity

set PAM_RHOST variable using the clients's IP.

Browse Source
This commit is contained in:
Nikos Mavrogiannopoulos
2013-06-21 20:37:09 +02:00
parent f1d96bdd0a
commit e63913a8a7
3 changed files with 11 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/main-auth.c
View File

@@ -205,12 +205,17 @@ int handle_auth_req(main_server_st *s, struct proc_st* proc,
const struct cmd_auth_req_st * req)
{
int ret = -1;
char ipbuf[128];
const char* ip;
unsigned username_set = 0;
ip = human_addr((void*)&proc->remote_addr, proc->remote_addr_len,
ipbuf, sizeof(ipbuf));
if (req->user_pass_present != 0) {
#ifdef HAVE_PAM
if ((s->config->auth_types & AUTH_TYPE_PAM) == AUTH_TYPE_PAM) {
ret = pam_auth_user(req->user, req->pass, proc->groupname, sizeof(proc->groupname));
ret = pam_auth_user(req->user, req->pass, proc->groupname, sizeof(proc->groupname), ip);
if (ret != 0)
ret = -1;

5
src/pam.c
View File

@@ -64,7 +64,7 @@ struct pam_response *replies;
/* Returns 0 if the user is successfully authenticated
*/
int pam_auth_user(const char* user, const char* pass, char *groupname, int groupname_size)
int pam_auth_user(const char* user, const char* pass, char *groupname, int groupname_size, const char* ip)
{
pam_handle_t * ph;
int ret, pret;
@@ -81,6 +81,9 @@ struct passwd * pwd;
return -1;
}
if (ip != NULL)
pam_set_item(ph, PAM_RHOST, ip);
pret = pam_authenticate(ph, PAM_SILENT);
if (pret != PAM_SUCCESS) {
syslog(LOG_AUTH, "Error in PAM authentication: %s", pam_strerror(ph, pret));

2
src/pam.h
View File

@@ -1,6 +1,6 @@
#ifndef PAM_H
#define PAM_H
int pam_auth_user(const char* user, const char* pass, char *groupname, int groupname_size);
int pam_auth_user(const char* user, const char* pass, char *groupname, int groupname_size, const char* ip);
#endif