From bd5817d4ffcbd6dc29f3003725806f04e6dffe42 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Sun, 11 Feb 2001 22:35:11 +1100 Subject: [PATCH] - (djm) Set PAM_RHOST earlier, patch from Andrew Bartlett --- ChangeLog | 4 +++- auth-pam.c | 17 +++++++++-------- 2 files changed, 12 insertions(+), 9 deletions(-) diff --git a/ChangeLog b/ChangeLog index 8830ed117..7b62c0d6d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -102,6 +102,8 @@ - (bal) sftp-sever.c '%8lld' to '%8llu' (OpenBSD Sync) - (bal) uuencode.c resync w/ OpenBSD tree, plus whitespace. - (bal) A bit more whitespace cleanup + - (djm) Set PAM_RHOST earlier, patch from Andrew Bartlett + 20010210 - (djm) Sync sftp and scp stuff from OpenBSD: @@ -3885,4 +3887,4 @@ - Wrote replacements for strlcpy and mkdtemp - Released 1.0pre1 -$Id: ChangeLog,v 1.739 2001/02/11 00:00:24 mouring Exp $ +$Id: ChangeLog,v 1.740 2001/02/11 11:35:11 djm Exp $ diff --git a/auth-pam.c b/auth-pam.c index e6fddecc0..4b2347292 100644 --- a/auth-pam.c +++ b/auth-pam.c @@ -33,7 +33,7 @@ #include "canohost.h" #include "readpass.h" -RCSID("$Id: auth-pam.c,v 1.25 2001/02/07 01:58:34 djm Exp $"); +RCSID("$Id: auth-pam.c,v 1.26 2001/02/11 11:35:12 djm Exp $"); #define NEW_AUTHTOK_MSG \ "Warning: Your password has expired, please change it now" @@ -228,13 +228,6 @@ int do_pam_account(char *username, char *remote_user) pam_set_conv(&conv); - debug("PAM setting rhost to \"%.200s\"", - get_canonical_hostname(options.reverse_mapping_check)); - pam_retval = pam_set_item(pamh, PAM_RHOST, - get_canonical_hostname(options.reverse_mapping_check)); - if (pam_retval != PAM_SUCCESS) - fatal("PAM set rhost failed[%d]: %.200s", pam_retval, - PAM_STRERROR(pamh, pam_retval)); if (remote_user) { debug("PAM setting ruser to \"%.200s\"", remote_user); pam_retval = pam_set_item(pamh, PAM_RUSER, remote_user); @@ -347,6 +340,14 @@ void start_pam(const char *user) if (pam_retval != PAM_SUCCESS) fatal("PAM initialisation failed[%d]: %.200s", pam_retval, PAM_STRERROR(pamh, pam_retval)); + + debug("PAM setting rhost to \"%.200s\"", + get_canonical_hostname(options.reverse_mapping_check)); + pam_retval = pam_set_item(pamh, PAM_RHOST, + get_canonical_hostname(options.reverse_mapping_check)); + if (pam_retval != PAM_SUCCESS) + fatal("PAM set rhost failed[%d]: %.200s", pam_retval, + PAM_STRERROR(pamh, pam_retval)); #ifdef PAM_TTY_KLUDGE /* * Some PAM modules (e.g. pam_time) require a TTY to operate,