Subject: bin/35449: ftpd does not register socket address into PAM
To: None <gnats-admin@netbsd.org, netbsd-bugs@netbsd.org>
From: None <shigeya@wide.ad.jp>
List: netbsd-bugs
Date: 01/20/2007 08:55:00
>Number: 35449
>Category: bin
>Synopsis: ftpd does not register socket address into PAM +FIX
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: bin-bug-people
>State: open
>Class: change-request
>Submitter-Id: net
>Arrival-Date: Sat Jan 20 08:55:00 +0000 2007
>Originator: Shigeya Suzuki
>Release: NetBSD 3.1
>Organization:
USC/ISI
>Environment:
System: NetBSD tallac.isi.edu 3.1 NetBSD 3.1 (GENERIC.MP) #0: Tue Oct 31 04:42:38 UTC 2006 builds@b0.netbsd.org:/home/builds/ab/netbsd-3-1-RELEASE/i386/200610302053Z-obj/home/builds/ab/netbsd-3-1-RELEASE/src/sys/arch/i386/compile/GENERIC.MP i386
Architecture: i386
Machine: i386
>Description:
ftpd does not register socket address into PAM. Thus, it is impossible
to retrieve address from PAM modules. It is possible to retrieve it
by name (RHOST) but it is useful to get socket address.
May be other program need similar change.
>How-To-Repeat:
Try to grab socket address via pam_get_item(pamh, PAM_SOCKADDR,...);
>Fix:
Index: ftpd.c
===================================================================
RCS file: /cvsroot/src/libexec/ftpd/ftpd.c,v
retrieving revision 1.164.2.1
diff -c -r1.164.2.1 ftpd.c
*** ftpd.c 5 Jul 2005 21:48:49 -0000 1.164.2.1
--- ftpd.c 20 Jan 2007 07:34:20 -0000
***************
*** 3580,3585 ****
--- 3580,3596 ----
return -1;
}
+ e = pam_set_item(pamh, PAM_SOCKADDR, &his_addr);
+ if (e != PAM_SUCCESS) {
+ syslog(LOG_ERR, "pam_set_item(PAM_SOCKADDR): %s",
+ pam_strerror(pamh, e));
+ if ((e = pam_end(pamh, e)) != PAM_SUCCESS) {
+ syslog(LOG_ERR, "pam_end: %s", pam_strerror(pamh, e));
+ }
+ pamh = NULL;
+ return -1;
+ }
+
e = pam_authenticate(pamh, 0);
switch (e) {
case PAM_SUCCESS:
>Unformatted: