pam pop issue

Ashay Chitnis chitnis.ashay at gmail.com
Tue Jun 17 09:27:03 EDT 2008 

On Tue, Jun 17, 2008 at 6:14 PM, Gary Mills <mills at cc.umanitoba.ca> wrote:

> On Tue, Jun 17, 2008 at 02:32:46PM +0530, Ashay Chitnis wrote:
> >
> >    On Tue, Jun 17, 2008 at 12:09 AM, Gary Mills
> >    <[1]mills at cc.umanitoba.ca> wrote:
> >
> >    Gary, thanks for your help.
> >      I have had one sleepless night  trying to read out the sasl manuals
> >    from SUN :).
> >
> >      the pam_acct_mgmt() call must be removed from saslauthd/auth_pam.c
> >      and
> >      added to lib/server.c instead.
> >
> >    can you elaborate more on how you have acheived it?
>
> By modifying the SASL source and recompiling it.  I can post my patches
> if anyone else is interested.


Can you paste you code if poss??


>
>
> >    first the item
> >    passed by sasl is the service name (pop) and not the remote network ip
> >    and this is compared with the actual IP address.
> >    pam_get_item should be getting the IP address and passing it to pam
> >    NOT the service name..
>
> As others have mentioned, the information stored in the PAM handle
> depends on the application.  Many different types are possible, but
> the application has to store the data to make it available to the
> PAM module.  PAM_RHOST, the remote host name, would be the one that
> interests you.  That information is not always present.  For cyrus
> and sasl, it appears not to be present.  I haven't confirmed this.
>

There is a variable defined for ipremoteport in server.c but


   result = _sasl_conn_init(*pconn, service, flags, SASL_CONN_SERVER,
                             &server_idle, serverFQDN,
                            iplocalport, *ipremoteport,*
                            callbacks, &global_callbacks);
But this is unused i guess.



> >    I have checked its works beautifully in sshd. Now i need to find a way
> >    to work it in sasl for pop imap service.
>
> --
> -Gary Mills-    -Unix Support-    -U of M Academic Computing and
> Networking-
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.andrew.cmu.edu/pipermail/info-cyrus/attachments/20080617/42a03ee3/attachment-0001.html

More information about the Info-cyrus mailing list