pam_skey.c revision 1.2
1 /* $NetBSD: pam_skey.c,v 1.2 2005/03/20 16:48:47 christos Exp $ */ 2 3 /*- 4 * Copyright (c) 2005 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Jason R. Thorpe. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 3. All advertising materials mentioning features or use of this software 19 * must display the following acknowledgement: 20 * This product includes software developed by the NetBSD 21 * Foundation, Inc. and its contributors. 22 * 4. Neither the name of The NetBSD Foundation nor the names of its 23 * contributors may be used to endorse or promote products derived 24 * from this software without specific prior written permission. 25 * 26 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 27 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 28 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 29 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 30 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 31 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 32 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 33 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 34 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 35 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 36 * POSSIBILITY OF SUCH DAMAGE. 37 */ 38 39 #include <sys/cdefs.h> 40 __RCSID("$NetBSD: pam_skey.c,v 1.2 2005/03/20 16:48:47 christos Exp $"); 41 42 #include <sys/types.h> 43 #include <string.h> 44 #include <stdio.h> 45 #include <stdlib.h> 46 #include <unistd.h> 47 48 #include <skey.h> 49 50 #define PAM_SM_AUTH 51 52 #include <security/pam_appl.h> 53 #include <security/pam_modules.h> 54 #include <security/pam_mod_misc.h> 55 56 /* 57 * authentication management 58 */ 59 PAM_EXTERN int 60 /*ARGSUSED*/ 61 pam_sm_authenticate(pam_handle_t *pamh, int flags __unused, 62 int argc __unused, const char *argv[] __unused) 63 { 64 const char *user, *skinfo, *pass; 65 char *response; 66 int retval; 67 char skprompt[80]; 68 69 if (openpam_get_option(pamh, PAM_OPT_AUTH_AS_SELF)) { 70 user = getlogin(); 71 } else { 72 retval = pam_get_user(pamh, &user, NULL); 73 if (retval != PAM_SUCCESS) 74 return (retval); 75 PAM_LOG("Got user: %s", user); 76 } 77 78 if (skey_haskey(user) != 0) 79 return (PAM_SERVICE_ERR); /* XXX PAM_AUTHINFO_UNAVAIL? */ 80 81 skinfo = skey_keyinfo(user); 82 if (skinfo == NULL) { 83 PAM_VERBOSE_ERROR("Error getting S/Key challenge"); 84 return (PAM_SERVICE_ERR); 85 } 86 87 (void) snprintf(skprompt, sizeof(skprompt), 88 "Password [ %s ]:", skinfo); 89 90 retval = pam_get_authtok(pamh, PAM_AUTHTOK, &pass, skprompt); 91 if (retval != PAM_SUCCESS) 92 return (retval); 93 94 response = strdup(pass); 95 if (response == NULL) { 96 pam_error(pamh, "Unable to copy S/Key response"); 97 return (PAM_SERVICE_ERR); 98 } 99 100 retval = skey_passcheck(user, response) == -1 ? 101 PAM_AUTH_ERR : PAM_SUCCESS; 102 103 free(response); 104 105 return (retval); 106 } 107 108 PAM_EXTERN int 109 /*ARGSUSED*/ 110 pam_sm_setcred(pam_handle_t *pamh __unused, int flags __unused, 111 int argc __unused, const char *argv[] __unused) 112 { 113 114 return (PAM_SUCCESS); 115 } 116 117 PAM_MODULE_ENTRY("pam_skey"); 118
Indexes created Sun Sep 28 16:09:52 GMT 2025