diff options
Diffstat (limited to 'src/pam_unix/pam_unix.c')
-rw-r--r-- | src/pam_unix/pam_unix.c | 47 |
1 files changed, 37 insertions, 10 deletions
diff --git a/src/pam_unix/pam_unix.c b/src/pam_unix/pam_unix.c index c246fd7..c65ec10 100644 --- a/src/pam_unix/pam_unix.c +++ b/src/pam_unix/pam_unix.c @@ -1,4 +1,3 @@ - /* #include <pwd.h> */ #include <netdb.h> #include <shadow.h> @@ -23,6 +22,9 @@ #include <security/pam_appl.h> #include <pam_mod_misc.h> +/* + * User authentication + */ PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags, @@ -38,27 +40,30 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, /* identify user */ if (openpam_get_option(pamh, PAM_OPT_AUTH_AS_SELF)) { - puts("POULOS1"); - PAM_LOG("Authenticating as self"); + PAM_LOG("Authenticating as self."); pwd = getspnam(getlogin()); } else { if ((pam_err = pam_get_user(pamh, &user, NULL)) != PAM_SUCCESS) { - puts("POULOS2"); - PAM_LOG("Authenticating with uname failed"); + PAM_ERROR("Authenticating with uname %s failed.", user); return (pam_err); } pwd = getspnam(user); } - puts("POULOS3"); + + PAM_LOG("Authenticating user: %s", user); + /* get password */ if (pwd != NULL) { + PAM_LOG("Doing real authentication"); pass = pwd->sp_pwdp; if (pass[0] == '\0') { if (!(flags & PAM_DISALLOW_NULL_AUTHTOK) && - openpam_get_option(pamh, PAM_OPT_NULLOK)) + openpam_get_option(pamh, PAM_OPT_NULLOK)){ + PAM_ERROR("Authentication failed. Empty passwd not allowed"); return (PAM_SUCCESS); + } pass = "*"; } @@ -66,6 +71,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, lc = login_getpwclass(pwd); #endif } else { + PAM_LOG("Doing dummy authentication"); pass = "*"; #ifndef __linux__ lc = login_getpwclass(NULL); @@ -79,6 +85,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, #else pam_err = pam_get_authtok(pamh, PAM_AUTHTOK, (const char **) &pass, NULL); #endif + PAM_LOG("Got password for user %s", user); if (pam_err == PAM_CONV_ERR) return (pam_err); @@ -88,11 +95,14 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags, /* check shadow */ crypt_pass = crypt(pass, pwd->sp_pwdp); - if ( strcmp(crypt_pass, pwd->sp_pwdp) != 0 ) + if ( strcmp(crypt_pass, pwd->sp_pwdp) != 0 ) { + PAM_ERROR("Wrong password. Authentication failed."); pam_err = PAM_AUTH_ERR; - else + } else { + PAM_LOG("Authentication completed succesfully"); pam_err = PAM_SUCCESS; - + } + return (pam_err); } @@ -110,6 +120,10 @@ pam_sm_setcred(pam_handle_t *pamh , int flags , } +/* + * Account Management + */ + PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags , int argc , const char *argv[] ) { @@ -226,5 +240,18 @@ pam_sm_acct_mgmt(pam_handle_t *pamh, int flags , } +/* + * Password Management + */ + +PAM_EXTERN int +pam_sm_chautok(pam_handle_t *pamh, int flags, + int argc, const char *argv[]) +{ + + + +} + PAM_MODULE_ENTRY("pam_unix") |