[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: rhost hack needed



Steven Pokrandt wrote:
> I need help writing a hack!  I have an agreement with an ISP that allows
> me to use there terminal server for ppp traffic and rhost login to my
> machine.  My users have to put .pokey after the login name to access my
> system.  the problem I have is my system doesn't have the .pokey after
> the users login name in the passwd file, and I don't want them to!.   is
> there a way to strip it off?  I tried the following in 
> pam_rhosts_auth.c

Could you be a little more clear? Is this what your users see?

ISP Login: user7.pokey
ISP Password: [XXX]
[Then ISP runs, 'rlogin your-host'?]

>     retval = pam_get_item (pamh, PAM_RUSER, (const void **)&current);
>     if (retval != PAM_SUCCESS)
>         return retval;
> 
>     if (current == NULL) {
>         return PAM_AUTH_ERR;
>     }
> 
> /*  ******************* */
>     ps=strstr(current,".pokey");
>     if(ps) *ps='\0';
> /*  ******************* */
>     *ruser = current;

1. What you've done is very bad :( . The object placed in current is a
"const char *" which means _you_are_not_allowed_ to change its contents!

2. You should also reset the PAM_RUSER item when you're done stripping it.

I'd try something like [a sketch.. fix the prototypes etc., yourself]

	pam_get_item(pamh, PAM_RUSER, &present);
	if (present) {
		char *new = strdup(present);
		char *ps = strstr(new,".pokey");
		if(ps) *ps='\0';
		pam_set_item(pamh, PAM_RUSER, new);
		free(new);
		pam_get_item(pamh, PAM_RUSER, &present);
	}

I've not looked at the code, but how is PAM_USER getting set? You may need
to fix this too.

Cheers

Andrew
-- 
               Linux-PAM, libpwdb, Orange-Linux and Linux-GSS
                  http://parc.power.net/morgan/index.html
       [ For those that prefer FTP  ---  ftp://ftp.lalug.org/morgan ]



[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index] []