Added ruser and rhost to authz params

author Howard Chu <hyc@openldap.org>

Wed, 3 Jun 2009 01:40:03 +0000 (01:40 +0000)

committer Howard Chu <hyc@openldap.org>

Wed, 3 Jun 2009 01:40:03 +0000 (01:40 +0000)
author Howard Chu <hyc@openldap.org>
Wed, 3 Jun 2009 01:40:03 +0000 (01:40 +0000)
committer Howard Chu <hyc@openldap.org>
Wed, 3 Jun 2009 01:40:03 +0000 (01:40 +0000)
diff --git a/contrib/slapd-modules/nssov/nss-ldapd/nss/pam.c b/contrib/slapd-modules/nssov/nss-ldapd/nss/pam.c

index 2d9c8d1bdabfbd21bd964ceceaeceb9bf594e123..77d00a134f32e69bdf74cc162722dd860bb16651 100644 (file)
--- a/contrib/slapd-modules/nssov/nss-ldapd/nss/pam.c
+++ b/contrib/slapd-modules/nssov/nss-ldapd/nss/pam.c
@@ -358,12 +358,15 @@ static enum nss_status pam_read_authz(
  }
  
  static enum nss_status pam_do_authz(
-       pld_ctx *ctx, const char *svc,int *errnop)
+       pld_ctx *ctx, const char *svc, const char *ruser, const char *rhost,
+       int *errnop)
  {
         NSS_BYGEN(NSLCD_ACTION_PAM_AUTHZ,
                 WRITE_STRING(fp,ctx->user);
                 WRITE_STRING(fp,ctx->dn);
-               WRITE_STRING(fp,svc),
+               WRITE_STRING(fp,svc);
+               WRITE_STRING(fp,ruser);
+               WRITE_STRING(fp,rhost),
                 pam_read_authz(fp,ctx,errnop));
  }
  
@@ -371,7 +374,7 @@ int pam_sm_acct_mgmt(
         pam_handle_t *pamh, int flags, int argc, const char **argv)
  {
         int rc, err;
-       const char *username, *svc;
+       const char *username, *svc, *ruser, *rhost;
         int no_warn = 0, ignore_flags = 0;
         int i;
         struct pam_conv *appconv;
@@ -417,9 +420,16 @@ int pam_sm_acct_mgmt(
         if (rc != PAM_SUCCESS)
                 return rc;
  
+       rc = pam_get_item (pamh, PAM_RUSER, (CONST_ARG void **) &ruser);
+       if (rc != PAM_SUCCESS)
+               return rc;
+
+       rc = pam_get_item (pamh, PAM_RHOST, (CONST_ARG void **) &rhost);
+       if (rc != PAM_SUCCESS)
+               return rc;
         ctx2.dn = ctx->dn;
         ctx2.user = ctx->user;
-       rc = pam_do_authz(&ctx2, svc, &err);
+       rc = pam_do_authz(&ctx2, svc, ruser, rhost, &err);
         NSS2PAM_RC(rc, ignore_flags, PAM_SUCCESS);
         if (rc != PAM_SUCCESS) {
                 if (rc != PAM_IGNORE)
diff --git a/contrib/slapd-modules/nssov/pam.c b/contrib/slapd-modules/nssov/pam.c

index 1578075e930c256e3938eaaa9fd989cd620913dc..a87d6c444aaa304b76ca55941b0f532cfae51709 100644 (file)
--- a/contrib/slapd-modules/nssov/pam.c
+++ b/contrib/slapd-modules/nssov/pam.c
@@ -255,12 +255,14 @@ static struct berval uidmsg =
  
  int pam_authz(nssov_info *ni,TFILE *fp,Operation *op)
  {
-       struct berval dn, uid, svc;
+       struct berval dn, uid, svc, ruser, rhost;
         struct berval authzmsg = BER_BVNULL;
         int32_t tmpint32;
         char dnc[1024];
         char uidc[32];
         char svcc[256];
+       char ruserc[32];
+       char rhostc[256];
         int rc = NSLCD_PAM_SUCCESS;
         Entry *e = NULL;
         Attribute *a;
@@ -276,6 +278,12 @@ int pam_authz(nssov_info *ni,TFILE *fp,Operation *op)
         READ_STRING_BUF2(fp,svcc,sizeof(svcc));
         svc.bv_val = svcc;
         svc.bv_len = tmpint32;
+       READ_STRING_BUF2(fp,svcc,sizeof(ruserc));
+       ruser.bv_val = ruserc;
+       ruser.bv_len = tmpint32;
+       READ_STRING_BUF2(fp,svcc,sizeof(rhostc));
+       rhost.bv_val = rhostc;
+       rhost.bv_len = tmpint32;
  
         Debug(LDAP_DEBUG_TRACE,"nssov_pam_authz(%s)\n",dn.bv_val,0,0);
author	Howard Chu <hyc@openldap.org>
	Wed, 3 Jun 2009 01:40:03 +0000 (01:40 +0000)
committer	Howard Chu <hyc@openldap.org>
	Wed, 3 Jun 2009 01:40:03 +0000 (01:40 +0000)
contrib/slapd-modules/nssov/nss-ldapd/nss/pam.c		patch \| blob \| history
contrib/slapd-modules/nssov/pam.c		patch \| blob \| history