Thu Sep 18 18:10:30 2008 UTC ()
Pull up following revision(s) (requested by lukem in ticket #1199):
	libexec/ftpd/ftpd.c: revision 1.179
PR/35449: Shigeya Suzuki: ftpd does not register socket address into PAM +FIX


(bouyer)
diff -r1.177 -r1.177.2.1 src/libexec/ftpd/ftpd.c
cvs diff -r1.177 -r1.177.2.1 src/libexec/ftpd/ftpd.c (expand / switch to unified diff)

--- src/libexec/ftpd/ftpd.c 2006/09/26 06:47:20 1.177
+++ src/libexec/ftpd/ftpd.c 2008/09/18 18:10:30 1.177.2.1
@@ -1,14 +1,14 @@ @@ -1,14 +1,14 @@
1/* $NetBSD: ftpd.c,v 1.177 2006/09/26 06:47:20 lukem Exp $ */ 1/* $NetBSD: ftpd.c,v 1.177.2.1 2008/09/18 18:10:30 bouyer Exp $ */
2 2
3/* 3/*
4 * Copyright (c) 1997-2004 The NetBSD Foundation, Inc. 4 * Copyright (c) 1997-2004 The NetBSD Foundation, Inc.
5 * All rights reserved. 5 * All rights reserved.
6 * 6 *
7 * This code is derived from software contributed to The NetBSD Foundation 7 * This code is derived from software contributed to The NetBSD Foundation
8 * by Luke Mewburn. 8 * by Luke Mewburn.
9 * 9 *
10 * Redistribution and use in source and binary forms, with or without 10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions 11 * modification, are permitted provided that the following conditions
12 * are met: 12 * are met:
13 * 1. Redistributions of source code must retain the above copyright 13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer. 14 * notice, this list of conditions and the following disclaimer.
@@ -95,27 +95,27 @@ @@ -95,27 +95,27 @@
95 */ 95 */
96 96
97#include <sys/cdefs.h> 97#include <sys/cdefs.h>
98#ifndef lint 98#ifndef lint
99__COPYRIGHT( 99__COPYRIGHT(
100"@(#) Copyright (c) 1985, 1988, 1990, 1992, 1993, 1994\n\ 100"@(#) Copyright (c) 1985, 1988, 1990, 1992, 1993, 1994\n\
101 The Regents of the University of California. All rights reserved.\n"); 101 The Regents of the University of California. All rights reserved.\n");
102#endif /* not lint */ 102#endif /* not lint */
103 103
104#ifndef lint 104#ifndef lint
105#if 0 105#if 0
106static char sccsid[] = "@(#)ftpd.c 8.5 (Berkeley) 4/28/95"; 106static char sccsid[] = "@(#)ftpd.c 8.5 (Berkeley) 4/28/95";
107#else 107#else
108__RCSID("$NetBSD: ftpd.c,v 1.177 2006/09/26 06:47:20 lukem Exp $"); 108__RCSID("$NetBSD: ftpd.c,v 1.177.2.1 2008/09/18 18:10:30 bouyer Exp $");
109#endif 109#endif
110#endif /* not lint */ 110#endif /* not lint */
111 111
112/* 112/*
113 * FTP server. 113 * FTP server.
114 */ 114 */
115#include <sys/param.h> 115#include <sys/param.h>
116#include <sys/stat.h> 116#include <sys/stat.h>
117#include <sys/ioctl.h> 117#include <sys/ioctl.h>
118#include <sys/socket.h> 118#include <sys/socket.h>
119#include <sys/wait.h> 119#include <sys/wait.h>
120#include <sys/mman.h> 120#include <sys/mman.h>
121#include <sys/resource.h> 121#include <sys/resource.h>
@@ -3728,26 +3728,37 @@ auth_pam(struct passwd **ppw, const char @@ -3728,26 +3728,37 @@ auth_pam(struct passwd **ppw, const char
3728 } 3728 }
3729 3729
3730 e = pam_set_item(pamh, PAM_RHOST, remotehost); 3730 e = pam_set_item(pamh, PAM_RHOST, remotehost);
3731 if (e != PAM_SUCCESS) { 3731 if (e != PAM_SUCCESS) {
3732 syslog(LOG_ERR, "pam_set_item(PAM_RHOST): %s", 3732 syslog(LOG_ERR, "pam_set_item(PAM_RHOST): %s",
3733 pam_strerror(pamh, e)); 3733 pam_strerror(pamh, e));
3734 if ((e = pam_end(pamh, e)) != PAM_SUCCESS) { 3734 if ((e = pam_end(pamh, e)) != PAM_SUCCESS) {
3735 syslog(LOG_ERR, "pam_end: %s", pam_strerror(pamh, e)); 3735 syslog(LOG_ERR, "pam_end: %s", pam_strerror(pamh, e));
3736 } 3736 }
3737 pamh = NULL; 3737 pamh = NULL;
3738 return -1; 3738 return -1;
3739 } 3739 }
3740 3740
 3741 e = pam_set_item(pamh, PAM_SOCKADDR, &his_addr);
 3742 if (e != PAM_SUCCESS) {
 3743 syslog(LOG_ERR, "pam_set_item(PAM_SOCKADDR): %s",
 3744 pam_strerror(pamh, e));
 3745 if ((e = pam_end(pamh, e)) != PAM_SUCCESS) {
 3746 syslog(LOG_ERR, "pam_end: %s", pam_strerror(pamh, e));
 3747 }
 3748 pamh = NULL;
 3749 return -1;
 3750 }
 3751
3741 e = pam_authenticate(pamh, 0); 3752 e = pam_authenticate(pamh, 0);
3742 switch (e) { 3753 switch (e) {
3743 case PAM_SUCCESS: 3754 case PAM_SUCCESS:
3744 /* 3755 /*
3745 * With PAM we support the concept of a "template" 3756 * With PAM we support the concept of a "template"
3746 * user. The user enters a login name which is 3757 * user. The user enters a login name which is
3747 * authenticated by PAM, usually via a remote service 3758 * authenticated by PAM, usually via a remote service
3748 * such as RADIUS or TACACS+. If authentication 3759 * such as RADIUS or TACACS+. If authentication
3749 * succeeds, a different but related "template" name 3760 * succeeds, a different but related "template" name
3750 * is used for setting the credentials, shell, and 3761 * is used for setting the credentials, shell, and
3751 * home directory. The name the user enters need only 3762 * home directory. The name the user enters need only
3752 * exist on the remote authentication server, but the 3763 * exist on the remote authentication server, but the
3753 * template name must be present in the local password 3764 * template name must be present in the local password