diff options
Diffstat (limited to 'Linux-PAM/modules/pam_debug/pam_debug.c')
| -rw-r--r-- | Linux-PAM/modules/pam_debug/pam_debug.c | 175 |
1 files changed, 175 insertions, 0 deletions
diff --git a/Linux-PAM/modules/pam_debug/pam_debug.c b/Linux-PAM/modules/pam_debug/pam_debug.c new file mode 100644 index 00000000..6226c829 --- /dev/null +++ b/Linux-PAM/modules/pam_debug/pam_debug.c @@ -0,0 +1,175 @@ +/* pam_permit module */ + +/* + * $Id: pam_debug.c,v 1.1.1.1 2002/09/15 20:08:45 hartmans Exp $ + * + * Written by Andrew Morgan <morgan@kernel.org> 2001/02/04 + * + */ + +#define DEFAULT_USER "nobody" + +#include <stdio.h> + +/* + * This module is intended as a debugging aide for determining how + * the PAM stack is operating. + * + * here, we make definitions for the externally accessible functions + * in this file (these definitions are required for static modules + * but strongly encouraged generally) they are used to instruct the + * modules include file to define their prototypes. + */ + +#define PAM_SM_AUTH +#define PAM_SM_ACCOUNT +#define PAM_SM_SESSION +#define PAM_SM_PASSWORD + +#include <security/pam_modules.h> +#include <security/_pam_macros.h> + +#define _PAM_ACTION_UNDEF (-10) +#include "../../libpam/pam_tokens.h" + +/* --- authentication management functions --- */ + +static int state(pam_handle_t *pamh, const char *text) +{ + int retval; + struct pam_conv *conv; + struct pam_message msg[1], *mesg[1]; + struct pam_response *response; + + retval = pam_get_item(pamh, PAM_CONV, (const void **)&conv); + if ((retval != PAM_SUCCESS) || (conv == NULL)) { + D(("failed to obtain conversation function")); + return PAM_ABORT; + } + + msg[0].msg_style = PAM_TEXT_INFO; + msg[0].msg = text; + mesg[0] = &msg[0]; + + retval = conv->conv(1, (const struct pam_message **) mesg, + &response, conv->appdata_ptr); + if (retval != PAM_SUCCESS) { + D(("conversation failed")); + } + + return retval; +} + +static int parse_args(int retval, const char *event, + pam_handle_t *pamh, int argc, const char **argv) +{ + int i; + + for (i=0; i<argc; ++i) { + int length = strlen(event); + if (!strncmp(event, argv[i], length) && (argv[i][length] == '=')) { + int j; + const char *return_string = argv[i] + (length+1); + + for (j=0; j<_PAM_RETURN_VALUES; ++j) { + if (!strcmp(return_string, _pam_token_returns[j])) { + retval = j; + state(pamh, argv[i]); + break; + } + } + break; + } + } + + return retval; +} + +PAM_EXTERN +int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, + const char **argv) +{ + int retval; + const char *user=NULL; + + /* + * authentication requires we know who the user wants to be + */ + retval = pam_get_user(pamh, &user, NULL); + if (retval != PAM_SUCCESS) { + D(("get user returned error: %s", pam_strerror(pamh,retval))); + return retval; + } + if (user == NULL || *user == '\0') { + D(("username not known")); + pam_set_item(pamh, PAM_USER, (const void *) DEFAULT_USER); + } + user = NULL; /* clean up */ + + retval = parse_args(PAM_SUCCESS, "auth", pamh, argc, argv); + + return retval; +} + +PAM_EXTERN +int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, + const char **argv) +{ + return parse_args(PAM_SUCCESS, "cred", pamh, argc, argv); +} + +/* --- account management functions --- */ + +PAM_EXTERN +int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, + const char **argv) +{ + return parse_args(PAM_SUCCESS, "acct", pamh, argc, argv); +} + +/* --- password management --- */ + +PAM_EXTERN +int pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc, + const char **argv) +{ + if (flags & PAM_PRELIM_CHECK) { + return parse_args(PAM_SUCCESS, "prechauthtok", pamh, argc, argv); + } else { + return parse_args(PAM_SUCCESS, "chauthtok", pamh, argc, argv); + } +} + +/* --- session management --- */ + +PAM_EXTERN +int pam_sm_open_session(pam_handle_t *pamh,int flags,int argc, + const char **argv) +{ + return parse_args(PAM_SUCCESS, "open_session", pamh, argc, argv); +} + +PAM_EXTERN +int pam_sm_close_session(pam_handle_t *pamh,int flags,int argc + ,const char **argv) +{ + return parse_args(PAM_SUCCESS, "close_session", pamh, argc, argv); +} + +/* end of module definition */ + +#ifdef PAM_STATIC + +/* static module data */ + +struct pam_module _pam_permit_modstruct = { + "pam_debug", + pam_sm_authenticate, + pam_sm_setcred, + pam_sm_acct_mgmt, + pam_sm_open_session, + pam_sm_close_session, + pam_sm_chauthtok +}; + +#endif |