summaryrefslogtreecommitdiff
path: root/modules
diff options
context:
space:
mode:
authorThorsten Kukuk <kukuk@thkukuk.de>2005-09-01 13:59:20 +0000
committerThorsten Kukuk <kukuk@thkukuk.de>2005-09-01 13:59:20 +0000
commit3a265f6249e17882cf0195dd1fe7abb94cd3160f (patch)
treed3ca5c748d2b14b4ccf5eb0b9b6d33eafb0d9184 /modules
parent50c04bd94ce573a123a1a92f713646e00bc77b39 (diff)
Relevant BUGIDs: none
Purpose of commit: new feature Commit summary: --------------- Add PAM extensions pam_*prompt, pam_*error and pam_*info for usage by modules to libpam, add new pam_ext.h header file with prototypes.
Diffstat (limited to 'modules')
-rw-r--r--modules/pam_debug/pam_debug.c47
-rw-r--r--modules/pam_ftp/pam_ftp.c79
2 files changed, 30 insertions, 96 deletions
diff --git a/modules/pam_debug/pam_debug.c b/modules/pam_debug/pam_debug.c
index e7ac8861..45edc82e 100644
--- a/modules/pam_debug/pam_debug.c
+++ b/modules/pam_debug/pam_debug.c
@@ -9,6 +9,8 @@
#define DEFAULT_USER "nobody"
+#include "config.h"
+
#include <stdio.h>
/*
@@ -28,6 +30,7 @@
#include <security/pam_modules.h>
#include <security/_pam_macros.h>
+#include <security/pam_ext.h>
#define _PAM_ACTION_UNDEF (-10)
#include "../../libpam/pam_tokens.h"
@@ -37,27 +40,11 @@
static int state(pam_handle_t *pamh, const char *text)
{
int retval;
- const void *void_conv;
- const struct pam_conv *conv;
- struct pam_message msg[1], *mesg[1];
- struct pam_response *response;
-
- retval = pam_get_item(pamh, PAM_CONV, &void_conv);
- conv = (const struct pam_conv *) void_conv;
-
- if ((retval != PAM_SUCCESS) || (conv == NULL)) {
- D(("failed to obtain conversation function"));
- return PAM_ABORT;
- }
- msg[0].msg_style = PAM_TEXT_INFO;
- msg[0].msg = text;
- mesg[0] = &msg[0];
+ retval = pam_info (pamh, "%s", text);
- retval = conv->conv(1, (const struct pam_message **) mesg,
- &response, conv->appdata_ptr);
if (retval != PAM_SUCCESS) {
- D(("conversation failed"));
+ D(("pam_info failed"));
}
return retval;
@@ -89,8 +76,8 @@ static int parse_args(int retval, const char *event,
}
PAM_EXTERN
-int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc,
- const char **argv)
+int pam_sm_authenticate(pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
{
int retval;
const char *user=NULL;
@@ -117,8 +104,8 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc,
}
PAM_EXTERN
-int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc,
- const char **argv)
+int pam_sm_setcred(pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
{
return parse_args(PAM_SUCCESS, "cred", pamh, argc, argv);
}
@@ -126,8 +113,8 @@ int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc,
/* --- account management functions --- */
PAM_EXTERN
-int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc,
- const char **argv)
+int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
{
return parse_args(PAM_SUCCESS, "acct", pamh, argc, argv);
}
@@ -135,8 +122,8 @@ int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc,
/* --- password management --- */
PAM_EXTERN
-int pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc,
- const char **argv)
+int pam_sm_chauthtok(pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
{
if (flags & PAM_PRELIM_CHECK) {
return parse_args(PAM_SUCCESS, "prechauthtok", pamh, argc, argv);
@@ -148,15 +135,15 @@ int pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc,
/* --- session management --- */
PAM_EXTERN
-int pam_sm_open_session(pam_handle_t *pamh,int flags,int argc,
- const char **argv)
+int pam_sm_open_session(pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
{
return parse_args(PAM_SUCCESS, "open_session", pamh, argc, argv);
}
PAM_EXTERN
-int pam_sm_close_session(pam_handle_t *pamh,int flags,int argc
- ,const char **argv)
+int pam_sm_close_session(pam_handle_t *pamh, int flags UNUSED,
+ int argc, const char **argv)
{
return parse_args(PAM_SUCCESS, "close_session", pamh, argc, argv);
}
diff --git a/modules/pam_ftp/pam_ftp.c b/modules/pam_ftp/pam_ftp.c
index fe581c8f..552858ba 100644
--- a/modules/pam_ftp/pam_ftp.c
+++ b/modules/pam_ftp/pam_ftp.c
@@ -34,6 +34,7 @@
#include <security/pam_modules.h>
#include <security/_pam_macros.h>
+#include <security/pam_ext.h>
/* some syslogging */
@@ -48,42 +49,6 @@ static void _pam_log(int err, const char *format, ...)
closelog();
}
-static int converse(pam_handle_t *pamh, int nargs
- , struct pam_message **message
- , struct pam_response **response)
-{
- int retval;
- const void *void_conv;
- const struct pam_conv *conv;
-
- D(("begin to converse\n"));
-
- retval = pam_get_item(pamh, PAM_CONV, &void_conv);
- conv = (const struct pam_conv *)void_conv;
- if ( retval == PAM_SUCCESS && conv ) {
-
- retval = conv->conv(nargs, ( const struct pam_message ** ) message
- , response, conv->appdata_ptr);
-
- D(("returned from application's conversation function\n"));
-
- if ((retval != PAM_SUCCESS) && (retval != PAM_CONV_AGAIN)) {
- _pam_log(LOG_DEBUG, "conversation failure [%s]"
- , pam_strerror(pamh, retval));
- }
-
- } else {
- _pam_log(LOG_ERR, "couldn't obtain coversation function [%s]"
- , pam_strerror(pamh, retval));
- if (retval == PAM_SUCCESS)
- retval = PAM_BAD_ITEM; /* conv was NULL */
- }
-
- D(("ready to return from module conversation\n"));
-
- return retval; /* propagate error status */
-}
-
/* argument parsing */
#define PAM_DEBUG_ARG 01
@@ -198,46 +163,28 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED,
*/
{
- struct pam_message msg[1], *mesg[1];
- struct pam_response *resp=NULL;
+ char *resp = NULL;
const char *token;
- char *prompt=NULL;
- int i=0;
-
- if (!anon) {
- prompt = malloc(strlen(PLEASE_ENTER_PASSWORD) + strlen(user));
- if (prompt == NULL) {
- D(("out of memory!?"));
- return PAM_BUF_ERR;
- } else {
- sprintf(prompt, PLEASE_ENTER_PASSWORD, user);
- msg[i].msg = prompt;
- }
- } else {
- msg[i].msg = GUEST_LOGIN_PROMPT;
- }
- msg[i].msg_style = PAM_PROMPT_ECHO_OFF;
- mesg[i] = &msg[i];
-
- retval = converse(pamh, ++i, mesg, &resp);
- if (prompt) {
- _pam_overwrite(prompt);
- _pam_drop(prompt);
- }
+ if (!anon)
+ retval = pam_prompt (pamh, PAM_PROMPT_ECHO_OFF, &resp,
+ PLEASE_ENTER_PASSWORD, user);
+ else
+ retval = pam_prompt (pamh, PAM_PROMPT_ECHO_OFF, &resp,
+ GUEST_LOGIN_PROMPT);
if (retval != PAM_SUCCESS) {
if (resp != NULL)
- _pam_drop_reply(resp,i);
+ _pam_drop (resp);
return ((retval == PAM_CONV_AGAIN)
? PAM_INCOMPLETE:PAM_AUTHINFO_UNAVAIL);
}
if (anon) {
- /* XXX: Some effort should be made to verify this email address! */
+ /* XXX: Some effort should be made to verify this email address! */
if (!(ctrl & PAM_IGNORE_EMAIL)) {
- token = strtok(resp->resp, "@");
+ token = strtok(resp, "@");
retval = pam_set_item(pamh, PAM_RUSER, token);
if ((token) && (retval == PAM_SUCCESS)) {
@@ -254,7 +201,7 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED,
* we have a password so set AUTHTOK
*/
- (void) pam_set_item(pamh, PAM_AUTHTOK, resp->resp);
+ pam_set_item(pamh, PAM_AUTHTOK, resp);
/*
* this module failed, but the next one might succeed with
@@ -265,7 +212,7 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED,
}
if (resp) { /* clean up */
- _pam_drop_reply(resp, i);
+ _pam_drop(resp);
}
/* success or failure */