summaryrefslogtreecommitdiff
path: root/Linux-PAM/modules/pam_pwdb/pam_unix_auth.-c
diff options
context:
space:
mode:
Diffstat (limited to 'Linux-PAM/modules/pam_pwdb/pam_unix_auth.-c')
-rw-r--r--Linux-PAM/modules/pam_pwdb/pam_unix_auth.-c131
1 files changed, 131 insertions, 0 deletions
diff --git a/Linux-PAM/modules/pam_pwdb/pam_unix_auth.-c b/Linux-PAM/modules/pam_pwdb/pam_unix_auth.-c
new file mode 100644
index 00000000..14d74b74
--- /dev/null
+++ b/Linux-PAM/modules/pam_pwdb/pam_unix_auth.-c
@@ -0,0 +1,131 @@
+/*
+ * $Id: pam_unix_auth.-c,v 1.1.1.1 2001/04/29 04:17:28 hartmans Exp $
+ *
+ * See end of file for Copyright information.
+ */
+
+static const char rcsid_auth[] =
+"$Id: pam_unix_auth.-c,v 1.1.1.1 2001/04/29 04:17:28 hartmans Exp $: pam_unix_auth.-c,v 1.2 1996/09/05 06:46:53 morgan Exp morgan $\n"
+" - PAM_PWDB authentication functions. <morgan@parc.power.net>";
+
+/*
+ * _unix_auth() is a front-end for UNIX/shadow authentication
+ *
+ * First, obtain the password from the user. Then use a
+ * routine in 'support.-c' to authenticate the user.
+ */
+
+#define _UNIX_AUTHTOK "-UN*X-PASS"
+
+static int _unix_auth(pam_handle_t *pamh, unsigned int ctrl)
+{
+ int retval;
+ const char *name, *p;
+
+ D(("called."));
+
+ /* get the user'name' */
+
+ retval = _unix_get_user(pamh, ctrl, NULL, &name);
+ if (retval != PAM_SUCCESS ) {
+ if (retval != PAM_CONV_AGAIN) {
+ if ( on(UNIX_DEBUG,ctrl) ) {
+ _log_err(LOG_DEBUG, "auth could not identify user");
+ }
+ } else {
+ D(("pam_get_user/conv() function is not ready yet"));
+ /* it is safe to resume this function so we translate this
+ retval to the value that indicates we're happy to resume. */
+ retval = PAM_INCOMPLETE;
+ }
+ return retval;
+ }
+
+ /* if this user does not have a password... */
+
+ if ( _unix_blankpasswd(ctrl, name) ) {
+ D(("user '%s' has blank passwd", name));
+ name = NULL;
+ return PAM_SUCCESS;
+ }
+
+ /* get this user's authentication token */
+
+ retval = _unix_read_password(pamh, ctrl, NULL, "Password: ", NULL
+ , _UNIX_AUTHTOK, &p);
+ if (retval != PAM_SUCCESS) {
+ if (retval != PAM_CONV_AGAIN) {
+ _log_err(LOG_CRIT, "auth could not identify password for [%s]"
+ , name);
+ } else {
+ D(("conversation function is not ready yet"));
+ /* it is safe to resume this function so we translate this
+ retval to the value that indicates we're happy to resume. */
+ retval = PAM_INCOMPLETE;
+ }
+ name = NULL;
+ return retval;
+ }
+ D(("user=%s, password=[%s]", name, p));
+
+ /* verify the password of this user */
+ retval = _unix_verify_password(pamh, name, p, ctrl);
+ name = p = NULL;
+
+ D(("done [%d]", retval));
+
+ return retval;
+}
+
+/*
+ * This function is for setting unix credentials. Sun has indicated
+ * that there are *NO* authentication credentials for unix. The
+ * obvious credentials would be the group membership of the user as
+ * listed in the /etc/group file. However, Sun indicates that it is
+ * the responsibility of the application to set these.
+ */
+
+static int _unix_set_credentials(pam_handle_t *pamh, unsigned int ctrl)
+{
+ D(("called <empty function> returning."));
+
+ return PAM_SUCCESS;
+}
+
+/********************************************************************
+ * Copyright (c) Alexander O. Yuriev, 1996.
+ * Copyright (c) Andrew G. Morgan <morgan@parc.power.net> 1996
+ * Copyright (c) Cristian Gafton <gafton@redhat.com> 1996, 1997
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ * notice, and the entire permission notice in its entirety,
+ * including the disclaimer of warranties.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ * 3. The name of the author may not be used to endorse or promote
+ * products derived from this software without specific prior
+ * written permission.
+ *
+ * ALTERNATIVELY, this product may be distributed under the terms of
+ * the GNU Public License, in which case the provisions of the GPL are
+ * required INSTEAD OF the above restrictions. (This clause is
+ * necessary due to a potential bad interaction between the GPL and
+ * the restrictions contained in a BSD-style copyright.)
+ *
+ * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
+ * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
+ * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
+ * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
+ * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
+ * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
+ * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-26 09:46:27 +0000