PAM and -u0
Kevin Steves
stevesk at sweden.hp.com
Sat Apr 21 07:22:31 EST 2001
On Sat, 31 Mar 2001, Damien Miller wrote:
: > is this change ok? goal is that PAM with -u0 does not use DNS (like
: > without PAM).
:
: You should also remove the 'extern ServerOptions options;' from the
: beginning of the function.
:
: > +/* XXX: move to header file */
: > +const char *
: > +get_remote_name_or_ip(void);
:
: Either that or add the remote host/address as an argument to start_pam()
get_remote_name_or_ip() is now public, so we can do this:
ok?
Index: auth-pam.c
===================================================================
RCS file: /var/cvs/openssh/auth-pam.c,v
retrieving revision 1.35
diff -u -r1.35 auth-pam.c
--- auth-pam.c 2001/04/20 17:43:47 1.35
+++ auth-pam.c 2001/04/20 21:19:07
@@ -348,6 +348,8 @@
{
int pam_retval;
extern ServerOptions options;
+ extern int utmp_len;
+ const char *rhost;
debug("Starting up PAM with username \"%.200s\"", user);
@@ -357,10 +359,10 @@
fatal("PAM initialisation failed[%d]: %.200s",
pam_retval, PAM_STRERROR(__pamh, pam_retval));
- debug("PAM setting rhost to \"%.200s\"",
- get_canonical_hostname(options.reverse_mapping_check));
- pam_retval = pam_set_item(__pamh, PAM_RHOST,
- get_canonical_hostname(options.reverse_mapping_check));
+ rhost = get_remote_name_or_ip(utmp_len, options.reverse_mapping_check);
+ debug("PAM setting rhost to \"%.200s\"", rhost);
+
+ pam_retval = pam_set_item(__pamh, PAM_RHOST, rhost);
if (pam_retval != PAM_SUCCESS)
fatal("PAM set rhost failed[%d]: %.200s", pam_retval,
PAM_STRERROR(__pamh, pam_retval));
More information about the openssh-unix-dev
mailing list