<br><br><div class="gmail_quote">On Tue, Jun 17, 2008 at 6:14 PM, Gary Mills <<a href="mailto:mills@cc.umanitoba.ca">mills@cc.umanitoba.ca</a>> wrote:<br><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div class="Ih2E3d">On Tue, Jun 17, 2008 at 02:32:46PM +0530, Ashay Chitnis wrote:<br>
><br>
> On Tue, Jun 17, 2008 at 12:09 AM, Gary Mills<br>
</div><div class="Ih2E3d">> <[1]<a href="mailto:mills@cc.umanitoba.ca">mills@cc.umanitoba.ca</a>> wrote:<br>
><br>
> Gary, thanks for your help.<br>
> I have had one sleepless night trying to read out the sasl manuals<br>
> from SUN :).<br>
><br>
> the pam_acct_mgmt() call must be removed from saslauthd/auth_pam.c<br>
> and<br>
> added to lib/server.c instead.<br>
><br>
> can you elaborate more on how you have acheived it?<br>
<br>
</div>By modifying the SASL source and recompiling it. I can post my patches<br>
if anyone else is interested.</blockquote><div><br>Can you paste you code if poss??<br> </div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<br>
<div class="Ih2E3d"><br>
> first the item<br>
> passed by sasl is the service name (pop) and not the remote network ip<br>
> and this is compared with the actual IP address.<br>
> pam_get_item should be getting the IP address and passing it to pam<br>
> NOT the service name..<br>
<br>
</div>As others have mentioned, the information stored in the PAM handle<br>
depends on the application. Many different types are possible, but<br>
the application has to store the data to make it available to the<br>
PAM module. PAM_RHOST, the remote host name, would be the one that<br>
interests you. That information is not always present. For cyrus<br>
and sasl, it appears not to be present. I haven't confirmed this.<br>
<div class="Ih2E3d"></div></blockquote><div><br>There is a variable defined for ipremoteport in server.c but <br><br><br> result = _sasl_conn_init(*pconn, service, flags, SASL_CONN_SERVER,<br> &server_idle, serverFQDN,<br>
iplocalport, <b>ipremoteport,</b><br> callbacks, &global_callbacks);<br>But this is unused i guess. <br><br><br></div><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
<div class="Ih2E3d"><br>
> I have checked its works beautifully in sshd. Now i need to find a way<br>
> to work it in sasl for pop imap service.<br>
<br>
</div>--<br>
<div><div></div><div class="Wj3C7c">-Gary Mills- -Unix Support- -U of M Academic Computing and Networking-<br>
</div></div></blockquote></div><br>