labs-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From pque...@apache.org
Subject svn commit: r744813 - in /labs/orthrus/trunk: SConstruct src/ui/pam/ src/ui/pam/pam_orthrus.c
Date Mon, 16 Feb 2009 05:50:03 GMT
Author: pquerna
Date: Mon Feb 16 05:50:02 2009
New Revision: 744813

URL: http://svn.apache.org/viewvc?rev=744813&view=rev
Log:
Bull in a skeleton pam_unix.c to base pam_orthrus on.

Modified:
    labs/orthrus/trunk/SConstruct
    labs/orthrus/trunk/src/ui/pam/   (props changed)
    labs/orthrus/trunk/src/ui/pam/pam_orthrus.c

Modified: labs/orthrus/trunk/SConstruct
URL: http://svn.apache.org/viewvc/labs/orthrus/trunk/SConstruct?rev=744813&r1=744812&r2=744813&view=diff
==============================================================================
--- labs/orthrus/trunk/SConstruct (original)
+++ labs/orthrus/trunk/SConstruct Mon Feb 16 05:50:02 2009
@@ -74,7 +74,9 @@
 tests = appenv.Program(target='orthrustest', source = ['src/tests/orthrustest.c'])
 ortcalc = appenv.Program(target='ortcalc', source = ['src/ui/ortcalc/ortcalc.c'])
 
-pamorthrus = appenv.LoadableModule(target = "pam_orthrus.so",
+pamenv = appenv.Clone()
+pamenv.AppendUnique(LIBS='pam')
+pamorthrus = pamenv.LoadableModule(target = "pam_orthrus.so",
                                    source = ['src/ui/pam/pam_orthrus.c'], SHLIBPREFIX='')
 
 

Propchange: labs/orthrus/trunk/src/ui/pam/
------------------------------------------------------------------------------
--- svn:ignore (added)
+++ svn:ignore Mon Feb 16 05:50:02 2009
@@ -0,0 +1 @@
+*.os

Modified: labs/orthrus/trunk/src/ui/pam/pam_orthrus.c
URL: http://svn.apache.org/viewvc/labs/orthrus/trunk/src/ui/pam/pam_orthrus.c?rev=744813&r1=744812&r2=744813&view=diff
==============================================================================
--- labs/orthrus/trunk/src/ui/pam/pam_orthrus.c (original)
+++ labs/orthrus/trunk/src/ui/pam/pam_orthrus.c Mon Feb 16 05:50:02 2009
@@ -17,6 +17,47 @@
 #include "orthrus.h"
 #include "private/config.h"
 
+/* Skeleton for this module is based upton pam_unix.c from FreeBSD/OpenPAM:
+ * http://svn.des.no/svn/openpam/trunk/modules/pam_unix/pam_unix.c 
+ */
+
+/*-
+ * Copyright (c) 2002-2003 Networks Associates Technology, Inc.
+ * Copyright (c) 2004-2008 Dag-Erling Smørgrav
+ * All rights reserved.
+ *
+ * This software was developed for the FreeBSD Project by ThinkSec AS and
+ * Network Associates Laboratories, the Security Research Division of
+ * Network Associates, Inc.  under DARPA/SPAWAR contract N66001-01-C-8035
+ * ("CBOSS"), as part of the DARPA CHATS research program.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ *    products derived from this software without specific prior written
+ *    permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ */
+
+
 #if HAVE_SECURITY_PAM_MODULES_H
 #include <security/pam_modules.h>
 #endif
@@ -32,3 +73,155 @@
 #if HAVE_PAM_PAM_APPL_H
 #include <pam/pam_appl.h>
 #endif
+
+
+#include <pwd.h>
+#include <stdlib.h>
+#include <unistd.h>
+
+#ifndef PAM_EXTERN
+#define PAM_EXTERN
+#endif
+
+#ifndef OPENPAM
+static char password_prompt[] = "Response:";
+#endif
+
+PAM_EXTERN int
+pam_sm_authenticate(pam_handle_t *pamh, int flags,
+                    int argc, const char *argv[])
+{
+#ifndef OPENPAM
+	struct pam_conv *conv;
+	struct pam_message msg;
+	const struct pam_message *msgp;
+	struct pam_response *resp;
+#endif
+	struct passwd *pwd;
+	const char *user;
+	char *crypt_password, *password;
+	int pam_err, retry;
+  
+	(void)argc;
+	(void)argv;
+  
+	/* identify user */
+	if ((pam_err = pam_get_user(pamh, &user, NULL)) != PAM_SUCCESS) {
+		return (pam_err);
+  }
+
+	if ((pwd = getpwnam(user)) == NULL) {
+		return (PAM_USER_UNKNOWN);
+  }
+  
+	/* get password */
+#ifndef OPENPAM
+	pam_err = pam_get_item(pamh, PAM_CONV, (const void **)&conv);
+	if (pam_err != PAM_SUCCESS)
+		return (PAM_SYSTEM_ERR);
+	msg.msg_style = PAM_PROMPT_ECHO_OFF;
+	msg.msg = password_prompt;
+	msgp = &msg;
+#endif
+	for (retry = 0; retry < 3; ++retry) {
+#ifdef OPENPAM
+		pam_err = pam_get_authtok(pamh, PAM_AUTHTOK,
+                              (const char **)&password, NULL);
+#else
+		resp = NULL;
+		pam_err = (*conv->conv)(1, &msgp, &resp, conv->appdata_ptr);
+		if (resp != NULL) {
+			if (pam_err == PAM_SUCCESS)
+				password = resp->resp;
+			else
+				free(resp->resp);
+			free(resp);
+		}
+#endif
+		if (pam_err == PAM_SUCCESS)
+			break;
+	}
+	if (pam_err == PAM_CONV_ERR)
+		return (pam_err);
+	if (pam_err != PAM_SUCCESS)
+		return (PAM_AUTH_ERR);
+  
+	/* compare passwords */
+	if ((!pwd->pw_passwd[0] && (flags & PAM_DISALLOW_NULL_AUTHTOK)) ||
+	    (crypt_password = crypt(password, pwd->pw_passwd)) == NULL ||
+	    strcmp(crypt_password, pwd->pw_passwd) != 0) {
+		pam_err = PAM_AUTH_ERR;
+  }
+	else {
+		pam_err = PAM_SUCCESS;
+  }
+#ifndef OPENPAM
+	free(password);
+#endif
+	return (pam_err);
+}
+
+PAM_EXTERN int
+pam_sm_setcred(pam_handle_t *pamh, int flags,
+               int argc, const char *argv[])
+{
+  
+	(void)pamh;
+	(void)flags;
+	(void)argc;
+	(void)argv;
+	return (PAM_SUCCESS);
+}
+
+PAM_EXTERN int
+pam_sm_acct_mgmt(pam_handle_t *pamh, int flags,
+                 int argc, const char *argv[])
+{
+  
+	(void)pamh;
+	(void)flags;
+	(void)argc;
+	(void)argv;
+	return (PAM_SUCCESS);
+}
+
+PAM_EXTERN int
+pam_sm_open_session(pam_handle_t *pamh, int flags,
+                    int argc, const char *argv[])
+{
+  
+	(void)pamh;
+	(void)flags;
+	(void)argc;
+	(void)argv;
+	return (PAM_SUCCESS);
+}
+
+PAM_EXTERN int
+pam_sm_close_session(pam_handle_t *pamh, int flags,
+                     int argc, const char *argv[])
+{
+  
+	(void)pamh;
+	(void)flags;
+	(void)argc;
+	(void)argv;
+	return (PAM_SUCCESS);
+}
+
+PAM_EXTERN int
+pam_sm_chauthtok(pam_handle_t *pamh, int flags,
+                 int argc, const char *argv[])
+{
+  
+	(void)pamh;
+	(void)flags;
+	(void)argc;
+	(void)argv;
+	return (PAM_SERVICE_ERR);
+}
+
+#ifdef PAM_MODULE_ENTRY
+PAM_MODULE_ENTRY("pam_orthrus");
+#endif
+



---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@labs.apache.org
For additional commands, e-mail: commits-help@labs.apache.org


Mime
View raw message