- (djm) Set PAM_RHOST earlier, patch from Andrew Bartlett

<abartlet@pcug.org.au>
author: Damien Miller <djm@mindrot.org> 2001-02-11 22:35:11 +1100
committer: Damien Miller <djm@mindrot.org> 2001-02-11 22:35:11 +1100
commit: bd5817d4ffcbd6dc29f3003725806f04e6dffe42 (patch)
tree: f316e002477e47f96684275dd05521be92a30f0c
parent: bf83d4b10664a6321d235b5a6a0ca72352f23730 (diff)
2 files changed, 12 insertions, 9 deletions
diff --git a/ChangeLog b/ChangeLog
index 8830ed117..7b62c0d6d 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -102,6 +102,8 @@
 - (bal) sftp-sever.c  '%8lld' to '%8llu' (OpenBSD Sync)
 - (bal) uuencode.c resync w/ OpenBSD tree, plus whitespace.
 - (bal) A bit more whitespace cleanup
+ - (djm) Set PAM_RHOST earlier, patch from Andrew Bartlett 
+   <abartlet@pcug.org.au>
 20010210
 - (djm) Sync sftp and scp stuff from OpenBSD:
@@ -3885,4 +3887,4 @@
 - Wrote replacements for strlcpy and mkdtemp
 - Released 1.0pre1
-$Id: ChangeLog,v 1.739 2001/02/11 00:00:24 mouring Exp $
+$Id: ChangeLog,v 1.740 2001/02/11 11:35:11 djm Exp $
diff --git a/auth-pam.c b/auth-pam.c
index e6fddecc0..4b2347292 100644
--- a/auth-pam.c
+++ b/auth-pam.c
@@ -33,7 +33,7 @@
 #include "canohost.h"
 #include "readpass.h"
-RCSID("$Id: auth-pam.c,v 1.25 2001/02/07 01:58:34 djm Exp $");
+RCSID("$Id: auth-pam.c,v 1.26 2001/02/11 11:35:12 djm Exp $");
 #define NEW_AUTHTOK_MSG \
        "Warning: Your password has expired, please change it now"
@@ -228,13 +228,6 @@ int do_pam_account(char *username, char *remote_user)
        pam_set_conv(&conv);
-        debug("PAM setting rhost to \"%.200s\"",
-            get_canonical_hostname(options.reverse_mapping_check));
-        pam_retval = pam_set_item(pamh, PAM_RHOST,
-                get_canonical_hostname(options.reverse_mapping_check));
-        if (pam_retval != PAM_SUCCESS)
-                fatal("PAM set rhost failed[%d]: %.200s", pam_retval,
-                    PAM_STRERROR(pamh, pam_retval));
        if (remote_user) {
                debug("PAM setting ruser to \"%.200s\"", remote_user);
                pam_retval = pam_set_item(pamh, PAM_RUSER, remote_user);
@@ -347,6 +340,14 @@ void start_pam(const char *user)
        if (pam_retval != PAM_SUCCESS)
                fatal("PAM initialisation failed[%d]: %.200s",
                    pam_retval, PAM_STRERROR(pamh, pam_retval));
+        debug("PAM setting rhost to \"%.200s\"",
+            get_canonical_hostname(options.reverse_mapping_check));
+        pam_retval = pam_set_item(pamh, PAM_RHOST,
+                get_canonical_hostname(options.reverse_mapping_check));
+        if (pam_retval != PAM_SUCCESS)
+                fatal("PAM set rhost failed[%d]: %.200s", pam_retval,
+                    PAM_STRERROR(pamh, pam_retval));
 #ifdef PAM_TTY_KLUDGE
        /*
         * Some PAM modules (e.g. pam_time) require a TTY to operate,
author	Damien Miller <djm@mindrot.org>	2001-02-11 22:35:11 +1100
committer	Damien Miller <djm@mindrot.org>	2001-02-11 22:35:11 +1100
commit	bd5817d4ffcbd6dc29f3003725806f04e6dffe42 (patch)
tree	f316e002477e47f96684275dd05521be92a30f0c
parent	bf83d4b10664a6321d235b5a6a0ca72352f23730 (diff)