From patchwork Mon Jun 6 00:31:43 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Paolo Cerrito X-Patchwork-Id: 2505 Return-Path: Delivered-To: patchwork@openvpn.net Delivered-To: patchwork@openvpn.net Received: from director7.mail.ord1d.rsapps.net ([172.31.255.6]) by backend41.mail.ord1d.rsapps.net with LMTP id GE7MNvTXnWLWCwAAqwncew (envelope-from ) for ; Mon, 06 Jun 2022 06:33:24 -0400 Received: from proxy17.mail.iad3b.rsapps.net ([172.31.255.6]) by director7.mail.ord1d.rsapps.net with LMTP id GNQdCvXXnWJEdAAAovjBpQ (envelope-from ) for ; Mon, 06 Jun 2022 06:33:25 -0400 Received: from smtp37.gate.iad3b ([172.31.255.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by proxy17.mail.iad3b.rsapps.net with LMTPS id gNNnA/XXnWJYOQAA5ccGVQ (envelope-from ) for ; Mon, 06 Jun 2022 06:33:25 -0400 X-Spam-Threshold: 95 X-Spam-Score: 0 X-Spam-Flag: NO X-Virus-Scanned: OK X-Orig-To: openvpnslackdevel@openvpn.net X-Originating-Ip: [216.105.38.7] Authentication-Results: smtp37.gate.iad3b.rsapps.net; iprev=pass policy.iprev="216.105.38.7"; spf=pass smtp.mailfrom="openvpn-devel-bounces@lists.sourceforge.net" smtp.helo="lists.sourceforge.net"; dkim=fail (signature verification failed) header.d=sourceforge.net; dkim=fail (signature verification failed) header.d=sf.net; dkim=fail (signature verification failed) header.d=gmail.com; dmarc=fail (p=none; dis=none) header.from=gmail.com X-Suspicious-Flag: YES X-Classification-ID: 17a7d112-e584-11ec-9c36-5254002ca64a-1-1 Received: from [216.105.38.7] ([216.105.38.7:32926] helo=lists.sourceforge.net) by smtp37.gate.iad3b.rsapps.net (envelope-from ) (ecelerity 4.2.38.62370 r(:)) with ESMTPS (cipher=DHE-RSA-AES256-GCM-SHA384) id 52/0C-01277-4F7DD926; Mon, 06 Jun 2022 06:33:24 -0400 Received: from [127.0.0.1] (helo=sfs-ml-2.v29.lw.sourceforge.com) by sfs-ml-2.v29.lw.sourceforge.com with esmtp (Exim 4.94.2) (envelope-from ) id 1nyA1e-0000uK-QD; Mon, 06 Jun 2022 10:31:59 +0000 Received: from [172.30.20.202] (helo=mx.sourceforge.net) by sfs-ml-2.v29.lw.sourceforge.com with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from ) id 1nyA1b-0000uA-Ig for openvpn-devel@lists.sourceforge.net; Mon, 06 Jun 2022 10:31:57 +0000 DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sourceforge.net; s=x; h=Content-Transfer-Encoding:MIME-Version:Message-Id: Date:Subject:Cc:To:From:Sender:Reply-To:Content-Type:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=srdRxvwmebc5gJak2z7R9RinoAg4LSg8K4sLtBb1lQA=; b=LrJJG9W8N1z8qY456xkk9jjFd/ GkKpR930jIzbYOMxQYXaM+OwJ6derWTbUPgh4mrCzi5ltw6YyqHaBdUWLnokA3HL/Sn+77VRTQjL6 6iyAyhwlOMn5SUwXcvuJFNzn872N2ElAE4SeTrDVYguCWcYxA6qNWdL5/d+nTZhvhsDU=; DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=sf.net; s=x ; h=Content-Transfer-Encoding:MIME-Version:Message-Id:Date:Subject:Cc:To:From :Sender:Reply-To:Content-Type:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:In-Reply-To: References:List-Id:List-Help:List-Unsubscribe:List-Subscribe:List-Post: List-Owner:List-Archive; bh=srdRxvwmebc5gJak2z7R9RinoAg4LSg8K4sLtBb1lQA=; b=T 5ciFDTJZCLNTzYqwONCAnELZ/kJfhz2E9b7XPkIHRbefpsonbYNl2AM1+fajm518DCHvep5q6bMI/ KRq9/HKqU8OHcamr4l+yAAOs6bCPh8x7VF3NgyfJfBSrgUs67MpT1uQwo1Fwqqw+gLVB9kCzykvv8 3rchivoWloOEc2b4=; Received: from mail-ej1-f47.google.com ([209.85.218.47]) by sfi-mx-1.v28.lw.sourceforge.com with esmtps (TLS1.2:ECDHE-RSA-AES128-GCM-SHA256:128) (Exim 4.94.2) id 1nyA1b-006yNP-N0 for openvpn-devel@lists.sourceforge.net; Mon, 06 Jun 2022 10:31:56 +0000 Received: by mail-ej1-f47.google.com with SMTP id me5so27511753ejb.2 for ; Mon, 06 Jun 2022 03:31:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=srdRxvwmebc5gJak2z7R9RinoAg4LSg8K4sLtBb1lQA=; b=LJVU0yDnOr7uxkGKUDE2kb4t59rXDYSWXPGRnTARB/x6qnFqs7bTo3QQKfA19tWvNz R50Qyzti+yTiwssCX5BWt3MHd/KqGHaZtnzoRvJzhDKSBioeOJg4QU3Dif9FbbzLE+3P 5EbZw3yQ7/BoDXOuyFzzOKirQtglXi0cnwRpFVBKu/087Pl/KgtdN5i1HY/tkJkPpw6r RoDW8+15Lc11H87HTfT2KS9T9H5oNIOqxBiYbQNgggfBrIJoAeEFKaZTCQspqUQE1NkO S4OQG3huRH110nmyGJDAaQF9kaoeCFnwXaB6PMyQskVBjPoMBdw9ZbsLKGg1jha2cQtZ jgDw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version :content-transfer-encoding; bh=srdRxvwmebc5gJak2z7R9RinoAg4LSg8K4sLtBb1lQA=; b=7EMmwOHmX9X7mur38Juvmk7Bz2QCEQr8lm0xOye/c9aV+WToK2iJtP2YjSr/Mi3ToJ BP8kCe0z+vk/cuufvZFcL6E6UzdSc9Mt32ZONsjS0tzMM5WmiZZq5yZAI3a7rTk2DNiH GaO9ssI+gHyw6KPTueYMzFG9MMofXFJNBSh51kCDn5LLaHonfMSkQXKCIxd8A5BVgcdi OiR+15T9kxmquWPKS2kzr4oDuLf73eVr3KItUfYBdQWyvnFGwcalTM/7Qoo7+0/yNSB3 5oYz+yDhnzWAnaOV3kV8GAgq/4XPQgUlqg8OYf+aAQJOCwa6CpYW6qwC7nLp8i9TX92J paYQ== X-Gm-Message-State: AOAM531A3b1FY+7vVKGN6h9I5pFhheAUKFwZLrZ889Utq34gCSv3uTrQ 4oJYChfuIQhut4cXGfk2yOBLTLDBez3o9g== X-Google-Smtp-Source: ABdhPJyCQra4edym4QknAEAL26arQMggPxXcl2N2P9uVEEf8b1x8PK3Wl7P1L+Cg6uwflDh10nklLw== X-Received: by 2002:a17:906:d7bc:b0:70a:99ef:d0b8 with SMTP id pk28-20020a170906d7bc00b0070a99efd0b8mr20081637ejb.624.1654511508889; Mon, 06 Jun 2022 03:31:48 -0700 (PDT) Received: from wardragon.ccd.uniroma2.it (wardragon-m.ccd.uniroma2.it. [160.80.8.176]) by smtp.gmail.com with ESMTPSA id e18-20020a1709062d5200b006f3ef214da6sm6195797eji.12.2022.06.06.03.31.48 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 06 Jun 2022 03:31:48 -0700 (PDT) From: Paolo Cerrito To: openvpn-devel@lists.sourceforge.net Date: Mon, 6 Jun 2022 12:31:43 +0200 Message-Id: <20220606103144.1988077-1-wardragon78@gmail.com> X-Mailer: git-send-email 2.36.1 MIME-Version: 1.0 X-Spam-Report: Spam detection software, running on the system "util-spamd-2.v13.lw.sourceforge.com", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: 1) changed lenght of remote to 46 2) refactored call to get_env --- src/plugins/auth-pam/auth-pam.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/src/plugins/auth-pam/auth-pam.c b/src/plugins/auth-pam/auth-pam.c index 9d8dfb95..c03e178b 100644 --- a/src/plugins/auth-pam/auth-pam.c +++ b/src/plugins/auth-pam/auth-pam.c @@ -48,7 +48, [...] Content analysis details: (0.0 points, 6.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- 0.0 SPF_HELO_NONE SPF: HELO does not publish an SPF Record 0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in digit [wardragon78[at]gmail.com] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider [wardragon78[at]gmail.com] -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_EF Message has a valid DKIM or DK signature from envelope-from domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at https://www.dnswl.org/, no trust [209.85.218.47 listed in list.dnswl.org] -0.0 RCVD_IN_MSPIKE_H2 RBL: Average reputation (+2) [209.85.218.47 listed in wl.mailspike.net] -0.0 T_SCC_BODY_TEXT_LINE No description available. X-Headers-End: 1nyA1b-006yNP-N0 Subject: [Openvpn-devel] [PATCH 1/2] Single patch: X-BeenThere: openvpn-devel@lists.sourceforge.net X-Mailman-Version: 2.1.21 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: openvpn-devel-bounces@lists.sourceforge.net X-getmail-retrieved-from-mailbox: Inbox 1) changed lenght of remote to 46 2) refactored call to get_env --- src/plugins/auth-pam/auth-pam.c | 10 +++++++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/src/plugins/auth-pam/auth-pam.c b/src/plugins/auth-pam/auth-pam.c index 9d8dfb95..c03e178b 100644 --- a/src/plugins/auth-pam/auth-pam.c +++ b/src/plugins/auth-pam/auth-pam.c @@ -48,7 +48,7 @@ #include #include #include "utils.h" - +#include #include #define DEBUG(verb) ((verb) >= 4) @@ -115,7 +115,7 @@ struct user_pass { char password[128]; char common_name[128]; char response[128]; - char remote[128]; + char remote[INET6_ADDRSTRLEN]; const struct name_value_list *name_value_list; }; @@ -518,7 +518,11 @@ openvpn_plugin_func_v1(openvpn_plugin_handle_t handle, const int type, const cha const char *username = get_env("username", envp); const char *password = get_env("password", envp); const char *common_name = get_env("common_name", envp) ? get_env("common_name", envp) : ""; - const char *remote = get_env("untrusted_ip", envp) ? get_env("untrusted_ip", envp) : get_env("untrusted_ip6", envp); + const char *remote = get_env("untrusted_ip6", envp); + + if (remote == NULL){ + remote = get_env("untrusted_ip", envp); //if Null, try to take ipv4 if not set ipv6 + } if (username && strlen(username) > 0 && password) {