openvpn icon indicating copy to clipboard operation
openvpn copied to clipboard

Published 20 hours ago verified publisher icon OpenVPN

[PATCH v2] Insert client connection data into PAM environment

Open wardragon opened this issue 5 years ago • 1 comments

Without this patch, the PAM enviornment lacks any information about the remote client address.

syslog output for auth and authpriv facilities changes from: Oct 25 11:52:02 openvpndev openvpn: pam_unix(openvpn:auth): authentication failure; logname=root uid=0 euid=0 tty= ruser= rhost= Oct 25 11:52:33 openvpndev openvpn: pam_unix(openvpn:auth): authentication failure; logname=root uid=0 euid=0 tty= ruser= rhost= user=**** to: Oct 25 10:56:11 openvpndev openvpn: pam_unix(openvpn:auth): authentication failure; logname=root uid=0 euid=0 tty= ruser= rhost=198.51.100.10 Oct 25 10:57:02 openvpndev openvpn: pam_unix(openvpn:auth): authentication failure; logname=root uid=0 euid=0 tty= ruser= rhost=198.51.100.10 user=****

Furthermore, the presence of the remote client address in PAM environment, enables usage of pam modules like pam_recent [https://github.com/az143/pam_recent].

Replaces #71

wardragon avatar Oct 25 '19 10:10 wardragon

What's the status of this? I also woke up the thread in #71. See link.

pulecp avatar May 24 '22 12:05 pulecp

Closing as it seems to be superseded by #175

ordex avatar Sep 17 '22 13:09 ordex

Hi,

On Tue, May 24, 2022 at 05:57:07AM -0700, Pavel Pulec wrote:

What's the status of this? I also woke up the thread in #71. See link.

Looking at the mailing list, we seem to be still waiting for a patch that arrives in one piece (sent by "git send-email", not as an attachment

  • too many mail clients break whitespace badly, making the patch not applicable anymore) and takes review feedback into account.

Until then, it cannot progress.

gert

"If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress

Gert Doering - Munich, Germany @.***

cron2 avatar Oct 11 '22 07:10 cron2

This is same as what was merged the other day, isn't it?

commit 8e9f9d031f7f2dbf2a505af297b808f22430a381
Author: Paolo Cerrito <[email protected]>
Date:   Mon Oct 10 14:27:46 2022 +0200

    Insert client connection data into PAM environment

selvanair avatar Oct 11 '22 15:10 selvanair

Hi,

On Tue, Oct 11, 2022 at 08:09:37AM -0700, Selva Nair wrote:

This is same as what was merged the other day, isn't it?

commit 8e9f9d031f7f2dbf2a505af297b808f22430a381
Author: Paolo Cerrito ***@***.***>
Date:   Mon Oct 10 14:27:46 2022 +0200

    Insert client connection data into PAM environment

Yes, that patch hit the list and github a few times :-) - so all occurences that you can find can be closed now.

thanks

gert

"If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress

Gert Doering - Munich, Germany @.***

cron2 avatar Oct 11 '22 15:10 cron2

Hi

Get Outlook for Androidhttps://aka.ms/AAb9ysg

From: Gert Doering @.> Sent: Tuesday, October 11, 2022 10:23:18 AM To: OpenVPN/openvpn @.> Cc: Subscribed @.***> Subject: Re: [OpenVPN/openvpn] [PATCH v2] Insert client connection data into PAM environment (#132)

Hi,

On Tue, Oct 11, 2022 at 08:09:37AM -0700, Selva Nair wrote:

This is same as what was merged the other day, isn't it?

commit 8e9f9d031f7f2dbf2a505af297b808f22430a381
Author: Paolo Cerrito ***@***.***>
Date: Mon Oct 10 14:27:46 2022 +0200

Insert client connection data into PAM environment

Yes, that patch hit the list and github a few times :-) - so all occurences that you can find can be closed now.

thanks

gert

"If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress

Gert Doering - Munich, Germany @.***

— Reply to this email directly, view it on GitHubhttps://github.com/OpenVPN/openvpn/pull/132#issuecomment-1274875188, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AXP2KF5OZ3ZQWL3XOA544ZLWCWA6NANCNFSM4JFBOURQ. You are receiving this because you are subscribed to this thread.Message ID: @.***>

Rojov1vo avatar Oct 11 '22 23:10 Rojov1vo

What merge

Get Outlook for Androidhttps://aka.ms/AAb9ysg

From: Anthony Gonzales @.> Sent: Tuesday, October 11, 2022 6:32:13 PM To: OpenVPN/openvpn @.>; OpenVPN/openvpn @.> Cc: Subscribed @.> Subject: Re: [OpenVPN/openvpn] [PATCH v2] Insert client connection data into PAM environment (#132)

Hi

Get Outlook for Androidhttps://aka.ms/AAb9ysg

From: Gert Doering @.> Sent: Tuesday, October 11, 2022 10:23:18 AM To: OpenVPN/openvpn @.> Cc: Subscribed @.***> Subject: Re: [OpenVPN/openvpn] [PATCH v2] Insert client connection data into PAM environment (#132)

Hi,

On Tue, Oct 11, 2022 at 08:09:37AM -0700, Selva Nair wrote:

This is same as what was merged the other day, isn't it?

commit 8e9f9d031f7f2dbf2a505af297b808f22430a381
Author: Paolo Cerrito ***@***.***>
Date: Mon Oct 10 14:27:46 2022 +0200

Insert client connection data into PAM environment

Yes, that patch hit the list and github a few times :-) - so all occurences that you can find can be closed now.

thanks

gert

"If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress

Gert Doering - Munich, Germany @.***

— Reply to this email directly, view it on GitHubhttps://github.com/OpenVPN/openvpn/pull/132#issuecomment-1274875188, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AXP2KF5OZ3ZQWL3XOA544ZLWCWA6NANCNFSM4JFBOURQ. You are receiving this because you are subscribed to this thread.Message ID: @.***>

Rojov1vo avatar Oct 11 '22 23:10 Rojov1vo

Why

Get Outlook for Androidhttps://aka.ms/AAb9ysg

From: Anthony Gonzales @.> Sent: Tuesday, October 11, 2022 6:32:13 PM To: OpenVPN/openvpn @.>; OpenVPN/openvpn @.> Cc: Subscribed @.> Subject: Re: [OpenVPN/openvpn] [PATCH v2] Insert client connection data into PAM environment (#132)

Hi

Get Outlook for Androidhttps://aka.ms/AAb9ysg

From: Gert Doering @.> Sent: Tuesday, October 11, 2022 10:23:18 AM To: OpenVPN/openvpn @.> Cc: Subscribed @.***> Subject: Re: [OpenVPN/openvpn] [PATCH v2] Insert client connection data into PAM environment (#132)

Hi,

On Tue, Oct 11, 2022 at 08:09:37AM -0700, Selva Nair wrote:

This is same as what was merged the other day, isn't it?

commit 8e9f9d031f7f2dbf2a505af297b808f22430a381
Author: Paolo Cerrito ***@***.***>
Date: Mon Oct 10 14:27:46 2022 +0200

Insert client connection data into PAM environment

Yes, that patch hit the list and github a few times :-) - so all occurences that you can find can be closed now.

thanks

gert

"If was one thing all people took for granted, was conviction that if you feed honest figures into a computer, honest figures come out. Never doubted it myself till I met a computer with a sense of humor." Robert A. Heinlein, The Moon is a Harsh Mistress

Gert Doering - Munich, Germany @.***

— Reply to this email directly, view it on GitHubhttps://github.com/OpenVPN/openvpn/pull/132#issuecomment-1274875188, or unsubscribehttps://github.com/notifications/unsubscribe-auth/AXP2KF5OZ3ZQWL3XOA544ZLWCWA6NANCNFSM4JFBOURQ. You are receiving this because you are subscribed to this thread.Message ID: @.***>

Rojov1vo avatar Oct 11 '22 23:10 Rojov1vo