diff options
| author | Wolfgang Draxinger <code+github@datenwolf.net> | 2011-06-09 16:56:22 +0200 |
|---|---|---|
| committer | Wolfgang Draxinger <code+github@datenwolf.net> | 2011-06-09 16:56:22 +0200 |
| commit | fa10addf169a14085d004603a17022413a7a16a3 (patch) | |
| tree | 523b74e7e1df38c396d4cd8787ea57e02da86f92 | |
| download | pam_propperpwnam-fa10addf169a14085d004603a17022413a7a16a3.tar.gz pam_propperpwnam-fa10addf169a14085d004603a17022413a7a16a3.tar.bz2 | |
initial commit
| -rw-r--r-- | Makefile | 9 | ||||
| -rw-r--r-- | pam_propperpwnam.c | 94 |
2 files changed, 103 insertions, 0 deletions
diff --git a/Makefile b/Makefile new file mode 100644 index 0000000..12f2a77 --- /dev/null +++ b/Makefile @@ -0,0 +1,9 @@ +pam_propperpwnam.so: pam_propperpwnam.c + $(CC) -shared -fPIC -o pam_propperpwnam.so pam_propperpwnam.c -lpam + + +.PHONY: clean + +clean: + rm *.o *.so + diff --git a/pam_propperpwnam.c b/pam_propperpwnam.c new file mode 100644 index 0000000..49b9769 --- /dev/null +++ b/pam_propperpwnam.c @@ -0,0 +1,94 @@ +/* +* pam_propperpwnam +* +* 2011-06-09 +* +* Wolfgang Draxinger +* Wolfgang.Draxinger@physik.uni-muenchen.de +* +* a PAM module that sets the user loginname to the username +* stored in the user databased using the loginname passed +* as access key. +* +* Example usage scenario is adjusting the usernames' characters +* case in environments where case sensitive and case insensitive +* services are mixed (the module was initially developed for +* this very usage scenario). +*/ + +#include <stdlib.h> +#include <sys/types.h> +#include <unistd.h> +#include <pwd.h> + +#if DEBUG +#include <stdio.h> +#endif + +#define PAM_SM_AUTH + +#include <security/pam_modules.h> +#include <security/_pam_macros.h> + +PAM_EXTERN int +pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv) +{ + return PAM_SUCCESS; +} + +PAM_EXTERN int pam_sm_authenticate( + pam_handle_t *pamh, + int flags, + int argc, + char const *argv[] ) +{ + int error; + char *entered_username; + + struct passwd pwd; + struct passwd *pwd_result; + char *pwd_buf; + size_t pwd_bufsize; + +#if DEBUG + fprintf(stderr, "pam_propperpwnam called\n"); +#endif + + error = pam_get_user(pamh, (char const **)&entered_username, 0); + if(PAM_SUCCESS != error) + return PAM_USER_UNKNOWN; + +#if DEBUG + fprintf(stderr, "pam_propperpwnam entered username is %s\n", entered_username); +#endif + + pwd_bufsize = sysconf(_SC_GETPW_R_SIZE_MAX); + if( -1 == pwd_bufsize ) /* Value was indeterminate */ + pwd_bufsize = 16384; /* Should be more than enough */ + + pwd_buf = malloc( pwd_bufsize ); + if( !pwd_buf ) { + return PAM_AUTH_ERR; + } + + error = getpwnam_r(entered_username, &pwd, pwd_buf, pwd_bufsize, &pwd_result); + if( !pwd_result ) { + free(pwd_buf); + if( !error ) + return PAM_USER_UNKNOWN; + return PAM_AUTH_ERR; + } + +#if DEBUG + fprintf(stderr, "pam_propperpwnam propper username is %s\n", pwd_result->pw_name); +#endif + + error = pam_set_item(pamh, PAM_USER, pwd_result->pw_name); + free( pwd_buf ); + if( PAM_SUCCESS != error ) { + return PAM_AUTH_ERR; + } + + return PAM_SUCCESS; +} + |