From 6cc1cf81c1211f74219d43e36f91ab82642c027f Mon Sep 17 00:00:00 2001
From: Howard Chu <hyc@openldap.org>
Date: Wed, 3 Jun 2009 01:40:03 +0000
Subject: [PATCH] Added ruser and rhost to authz params

---
 .../slapd-modules/nssov/nss-ldapd/nss/pam.c    | 18 ++++++++++++++----
 contrib/slapd-modules/nssov/pam.c              | 10 +++++++++-
 2 files changed, 23 insertions(+), 5 deletions(-)

diff --git a/contrib/slapd-modules/nssov/nss-ldapd/nss/pam.c b/contrib/slapd-modules/nssov/nss-ldapd/nss/pam.c
index 2d9c8d1bda..77d00a134f 100644
--- a/contrib/slapd-modules/nssov/nss-ldapd/nss/pam.c
+++ b/contrib/slapd-modules/nssov/nss-ldapd/nss/pam.c
@@ -358,12 +358,15 @@ static enum nss_status pam_read_authz(
 }
 
 static enum nss_status pam_do_authz(
-	pld_ctx *ctx, const char *svc,int *errnop)
+	pld_ctx *ctx, const char *svc, const char *ruser, const char *rhost,
+	int *errnop)
 {
 	NSS_BYGEN(NSLCD_ACTION_PAM_AUTHZ,
 		WRITE_STRING(fp,ctx->user);
 		WRITE_STRING(fp,ctx->dn);
-		WRITE_STRING(fp,svc),
+		WRITE_STRING(fp,svc);
+		WRITE_STRING(fp,ruser);
+		WRITE_STRING(fp,rhost),
 		pam_read_authz(fp,ctx,errnop));
 }
 
@@ -371,7 +374,7 @@ int pam_sm_acct_mgmt(
 	pam_handle_t *pamh, int flags, int argc, const char **argv)
 {
 	int rc, err;
-	const char *username, *svc;
+	const char *username, *svc, *ruser, *rhost;
 	int no_warn = 0, ignore_flags = 0;
 	int i;
 	struct pam_conv *appconv;
@@ -417,9 +420,16 @@ int pam_sm_acct_mgmt(
 	if (rc != PAM_SUCCESS)
 		return rc;
 
+	rc = pam_get_item (pamh, PAM_RUSER, (CONST_ARG void **) &ruser);
+	if (rc != PAM_SUCCESS)
+		return rc;
+
+	rc = pam_get_item (pamh, PAM_RHOST, (CONST_ARG void **) &rhost);
+	if (rc != PAM_SUCCESS)
+		return rc;
 	ctx2.dn = ctx->dn;
 	ctx2.user = ctx->user;
-	rc = pam_do_authz(&ctx2, svc, &err);
+	rc = pam_do_authz(&ctx2, svc, ruser, rhost, &err);
 	NSS2PAM_RC(rc, ignore_flags, PAM_SUCCESS);
 	if (rc != PAM_SUCCESS) {
 		if (rc != PAM_IGNORE)
diff --git a/contrib/slapd-modules/nssov/pam.c b/contrib/slapd-modules/nssov/pam.c
index 1578075e93..a87d6c444a 100644
--- a/contrib/slapd-modules/nssov/pam.c
+++ b/contrib/slapd-modules/nssov/pam.c
@@ -255,12 +255,14 @@ static struct berval uidmsg =
 
 int pam_authz(nssov_info *ni,TFILE *fp,Operation *op)
 {
-	struct berval dn, uid, svc;
+	struct berval dn, uid, svc, ruser, rhost;
 	struct berval authzmsg = BER_BVNULL;
 	int32_t tmpint32;
 	char dnc[1024];
 	char uidc[32];
 	char svcc[256];
+	char ruserc[32];
+	char rhostc[256];
 	int rc = NSLCD_PAM_SUCCESS;
 	Entry *e = NULL;
 	Attribute *a;
@@ -276,6 +278,12 @@ int pam_authz(nssov_info *ni,TFILE *fp,Operation *op)
 	READ_STRING_BUF2(fp,svcc,sizeof(svcc));
 	svc.bv_val = svcc;
 	svc.bv_len = tmpint32;
+	READ_STRING_BUF2(fp,svcc,sizeof(ruserc));
+	ruser.bv_val = ruserc;
+	ruser.bv_len = tmpint32;
+	READ_STRING_BUF2(fp,svcc,sizeof(rhostc));
+	rhost.bv_val = rhostc;
+	rhost.bv_len = tmpint32;
 
 	Debug(LDAP_DEBUG_TRACE,"nssov_pam_authz(%s)\n",dn.bv_val,0,0);
 
-- 
2.39.5