From 6b11d510fdfd7eb4e3dc7fdac9558b3e80a55c36 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dag-Erling=20Sm=C3=B8rgrav?= <des@FreeBSD.org>
Date: Thu, 21 Mar 2002 12:55:21 +0000
Subject: [PATCH] Correctly set PAM_RHOST so e.g. pam_login_access(8) can do
 its job.

Sponsored by:	DARPA, NAI Labs
---
 crypto/openssh/auth-pam.c | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/crypto/openssh/auth-pam.c b/crypto/openssh/auth-pam.c
index 03a464dcdb7..1b6ee193b30 100644
--- a/crypto/openssh/auth-pam.c
+++ b/crypto/openssh/auth-pam.c
@@ -577,6 +577,7 @@ ipam_start_auth(const char *service, const char *username) {
 		ssh_conv,
 		NULL
 	};
+	const char *rhost;
 
 	cookie = malloc(sizeof(*cookie));
 	if (cookie == NULL)
@@ -613,6 +614,7 @@ ipam_start_auth(const char *service, const char *username) {
 		ipam_free_cookie(cookie);
 		return NULL;
 	}
+	rhost = get_canonical_hostname(options.verify_reverse_mapping);
 	cookie->pid = fork();
 	if (cookie->pid == -1) {
 		ipam_free_cookie(cookie);
@@ -751,6 +753,9 @@ ipam_start_auth(const char *service, const char *username) {
 
 		conv.appdata_ptr = ud;
 		retval = pam_start(service, username, &conv, &pamh);
+		fprintf(stderr, "pam_start returned %d\n", retval);
+		if (retval == PAM_SUCCESS)
+			retval = pam_set_item(pamh, PAM_RHOST, rhost);
 		/* Is user really user? */
 		if (retval == PAM_SUCCESS)
 			retval = pam_authenticate(pamh, 0);