On Fri, 2004-07-09 at 04:55, dean gaudet wrote:
to improve forensic log info i want to set the PAM_RHOST value to the remote ip (which pam logs as rhost=foo in failure messages). i didn't look to see if anything has been done in this way on CVS because i'm still on 0.99.10.6.
below is a bit of a hack. in some sense the remote_ip might make more sense in the AUTH_LOGIN_REQUEST_NEW packet rather than the continue packet... but that looked like i'd have to change more code :)
It's done that way in CVS. CVS also sends local ip and protocol information.
btw -- is there anything which stops mech_plain_auth_continue from doing a somewhat unbounded pstrdup if you send "a\0b" for the auth string?
Oh, right, thanks. But I don't think it could be used to do anything bad. Maybe crash dovecot-auth in some circumstances, but it gets restarted automatically then. Fix is anyway: ot-0.99.10.6/src/auth/mech-plain.c --- dovecot-0.99.10.6-orig/src/auth/mech-plain.c 2003-05-18 15:26:28.000000000 +0300 +++ dovecot-0.99.10.6/src/auth/mech-plain.c 2004-07-09 13:47:01.000000000 +0300 @@ -41,7 +41,7 @@ } } - if (authenid == NULL) { + if (count != 2) { /* invalid input */ if (verbose) i_info("mech-plain: no username given");
+dovecot (0.99.10.6-3.dg1) unstable; urgency=low + + * hack a solution to pass PAM_RHOST the remote ip
Looks good.