--- cyrus-sasl-1.5.24/lib/checkpw.c	Mon Jul  9 15:40:59 2001
+++ cyrus-sasl-1.5.24/lib/checkpw.c	Mon Jul  9 16:19:18 2001
@@ -85,6 +85,8 @@
 
 #ifdef HAVE_PAM
 #include <security/pam_appl.h>
+#include <netinet/in.h>
+#include <arpa/inet.h>
 #endif
 
 #ifdef HAVE_PWCHECK
@@ -440,7 +442,11 @@
 }
 #endif /* HAVE_GETPWNAM */
 
+
 #ifdef HAVE_PAM
+
+
+
 struct sasl_pam_data {
     const char *userid;
     const char *password;
@@ -511,6 +517,9 @@
 {
     pam_handle_t *pamh;
     struct sasl_pam_data pd;
+    struct sockaddr_in *addr;
+    char *host;
+    
     int pam_error;
 
     if (!userid || !password) {
@@ -523,6 +532,12 @@
 
     if (reply) { *reply = NULL; }
 
+    /* Get the remote host */
+    if (sasl_getprop(conn, SASL_IP_REMOTE, (void **) &addr) != SASL_OK)
+        host = NULL;
+    else
+        host = inet_ntoa((*addr).sin_addr);
+                
     my_conv.appdata_ptr = &pd;
 
     pd.userid = userid;
@@ -533,6 +548,11 @@
     if (pam_error != PAM_SUCCESS) {
 	goto pam_err;
     }
+    
+    pam_error = pam_set_item(pamh, PAM_RHOST, host);
+    if (pam_error != PAM_SUCCESS) {
+	goto pam_err;
+    }         
     pam_error = pam_authenticate(pamh, PAM_SILENT);
     if (pam_error != PAM_SUCCESS) {
 	goto pam_err;