Allow src_ip to be set

2 files changed, 12 insertions, 2 deletions

diff --git a/src/pam_radius_auth.c b/src/pam_radius_auth.c
index 4f165ed..210dbcc 100644
--- a/src/pam_radius_auth.c
+++ b/src/pam_radius_auth.c
@@ -605,6 +605,7 @@ static int initialize(radius_conf_t *conf, int accounting)
 	struct sockaddr_in * s_in;
 	int timeout;
 	int line = 0;
+	char src_ip[MAX_IP_LEN];
 
 	/* the first time around, read the configuration file */
 	if ((fserver = fopen (conf_file, "r")) == (FILE*)NULL) {
@@ -632,7 +633,8 @@ static int initialize(radius_conf_t *conf, int accounting)
 		}
 
 		timeout = 3;
-		if (sscanf(p, "%s %s %d", hostname, secret, &timeout) < 2) {
+		src_ip[0] = 0;
+		if (sscanf(p, "%s %s %d %s", hostname, secret, &timeout, src_ip) < 2) {
 			_pam_log(LOG_ERR, "ERROR reading %s, line %d: Could not read hostname or secret\n",
 				 conf_file, line);
 			continue;			/* invalid line */
@@ -681,7 +683,11 @@ static int initialize(radius_conf_t *conf, int accounting)
 	s_in = (struct sockaddr_in *) &salocal;
 	memset ((char *) s_in, '\0', sizeof(struct sockaddr));
 	s_in->sin_family = AF_INET;
-	s_in->sin_addr.s_addr = INADDR_ANY;
+	if (!*src_ip) {
+		s_in->sin_addr.s_addr = INADDR_ANY;
+	} else {
+		if (!inet_aton(src_ip, (struct in_addr *) &(s_in->sin_addr.s_addr))) s_in->sin_addr.s_addr = INADDR_ANY;
+	}
 	s_in->sin_port = 0;
 	
 
diff --git a/src/pam_radius_auth.h b/src/pam_radius_auth.h
index 894d3fe..4594eef 100644
--- a/src/pam_radius_auth.h
+++ b/src/pam_radius_auth.h
@@ -20,6 +20,7 @@
 #include <netinet/in.h>
 #include <netdb.h>
 #include <fcntl.h>
+#include <arpa/inet.h>
 
 #if defined(HAVE_SECURITY_PAM_APPL_H)
 #  include <security/pam_appl.h>
@@ -119,6 +120,9 @@ typedef struct radius_conf_t {
 #define PAM_RUSER_ARG      16
 
 
+/* buffer size for IP address in string form */
+#define MAX_IP_LEN 16
+
 /* Module defines */
 #ifndef BUFFER_SIZE
 #define BUFFER_SIZE      1024