upstream/openldap
1
0
Fork 0
mirror of https://git.openldap.org/openldap/openldap.git synced 2025-12-22 15:49:34 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions

Added ruser and rhost to authz params

Browse source
This commit is contained in:
Howard Chu 2009-06-03 01:40:03 +00:00
parent 8c5be2376c
commit 6cc1cf81c1
2 changed files with 23 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

18
contrib/slapd-modules/nssov/nss-ldapd/nss/pam.c
View file

@ -358,12 +358,15 @@ static enum nss_status pam_read_authz(
} }
static enum nss_status pam_do_authz( static enum nss_status pam_do_authz(
pld_ctx *ctx, const char *svc,int *errnop) pld_ctx *ctx, const char *svc, const char *ruser, const char *rhost,
int *errnop)
{ {
NSS_BYGEN(NSLCD_ACTION_PAM_AUTHZ, NSS_BYGEN(NSLCD_ACTION_PAM_AUTHZ,
WRITE_STRING(fp,ctx->user); WRITE_STRING(fp,ctx->user);
WRITE_STRING(fp,ctx->dn); WRITE_STRING(fp,ctx->dn);
WRITE_STRING(fp,svc), WRITE_STRING(fp,svc);
WRITE_STRING(fp,ruser);
WRITE_STRING(fp,rhost),
pam_read_authz(fp,ctx,errnop)); pam_read_authz(fp,ctx,errnop));
} }
@ -371,7 +374,7 @@ int pam_sm_acct_mgmt(
pam_handle_t *pamh, int flags, int argc, const char **argv) pam_handle_t *pamh, int flags, int argc, const char **argv)
{ {
int rc, err; int rc, err;
const char *username, *svc; const char *username, *svc, *ruser, *rhost;
int no_warn = 0, ignore_flags = 0; int no_warn = 0, ignore_flags = 0;
int i; int i;
struct pam_conv *appconv; struct pam_conv *appconv;
@ -417,9 +420,16 @@ int pam_sm_acct_mgmt(
if (rc != PAM_SUCCESS) if (rc != PAM_SUCCESS)
return rc; return rc;
rc = pam_get_item (pamh, PAM_RUSER, (CONST_ARG void **) &ruser);
if (rc != PAM_SUCCESS)
return rc;
rc = pam_get_item (pamh, PAM_RHOST, (CONST_ARG void **) &rhost);
if (rc != PAM_SUCCESS)
return rc;
ctx2.dn = ctx->dn; ctx2.dn = ctx->dn;
ctx2.user = ctx->user; ctx2.user = ctx->user;
rc = pam_do_authz(&ctx2, svc, &err); rc = pam_do_authz(&ctx2, svc, ruser, rhost, &err);
NSS2PAM_RC(rc, ignore_flags, PAM_SUCCESS); NSS2PAM_RC(rc, ignore_flags, PAM_SUCCESS);
if (rc != PAM_SUCCESS) { if (rc != PAM_SUCCESS) {
if (rc != PAM_IGNORE) if (rc != PAM_IGNORE)

10
contrib/slapd-modules/nssov/pam.c
View file

@ -255,12 +255,14 @@ static struct berval uidmsg =
int pam_authz(nssov_info *ni,TFILE *fp,Operation *op) int pam_authz(nssov_info *ni,TFILE *fp,Operation *op)
{ {
struct berval dn, uid, svc; struct berval dn, uid, svc, ruser, rhost;
struct berval authzmsg = BER_BVNULL; struct berval authzmsg = BER_BVNULL;
int32_t tmpint32; int32_t tmpint32;
char dnc[1024]; char dnc[1024];
char uidc[32]; char uidc[32];
char svcc[256]; char svcc[256];
char ruserc[32];
char rhostc[256];
int rc = NSLCD_PAM_SUCCESS; int rc = NSLCD_PAM_SUCCESS;
Entry *e = NULL; Entry *e = NULL;
Attribute *a; Attribute *a;
@ -276,6 +278,12 @@ int pam_authz(nssov_info *ni,TFILE *fp,Operation *op)
READ_STRING_BUF2(fp,svcc,sizeof(svcc)); READ_STRING_BUF2(fp,svcc,sizeof(svcc));
svc.bv_val = svcc; svc.bv_val = svcc;
svc.bv_len = tmpint32; svc.bv_len = tmpint32;
READ_STRING_BUF2(fp,svcc,sizeof(ruserc));
ruser.bv_val = ruserc;
ruser.bv_len = tmpint32;
READ_STRING_BUF2(fp,svcc,sizeof(rhostc));
rhost.bv_val = rhostc;
rhost.bv_len = tmpint32;
Debug(LDAP_DEBUG_TRACE,"nssov_pam_authz(%s)\n",dn.bv_val,0,0); Debug(LDAP_DEBUG_TRACE,"nssov_pam_authz(%s)\n",dn.bv_val,0,0);