1 /*
2 * Copyright (C) 2006 Martin Koegler
3 * Copyright (C) 2010 TigerVNC Team
4 *
5 * This is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This software is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this software; if not, write to the Free Software
17 * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307,
18 * USA.
19 */
20
21 #ifdef HAVE_CONFIG_H
22 #include <config.h>
23 #endif
24
25 #include <stdlib.h>
26 #include <string.h>
27 #include <security/pam_appl.h>
28
29 #include <rfb/pam.h>
30
31 typedef struct
32 {
33 const char *username;
34 const char *password;
35 } AuthData;
36
37 #if defined(__sun)
pam_callback(int count,struct pam_message ** in,struct pam_response ** out,void * ptr)38 static int pam_callback(int count, struct pam_message **in,
39 struct pam_response **out, void *ptr)
40 #else
41 static int pam_callback(int count, const struct pam_message **in,
42 struct pam_response **out, void *ptr)
43 #endif
44 {
45 int i;
46 AuthData *auth = (AuthData *) ptr;
47 struct pam_response *resp =
48 (struct pam_response *) malloc (sizeof (struct pam_response) * count);
49
50 if (!resp && count)
51 return PAM_CONV_ERR;
52
53 for (i = 0; i < count; i++) {
54 resp[i].resp_retcode = PAM_SUCCESS;
55 switch (in[i]->msg_style) {
56 case PAM_TEXT_INFO:
57 case PAM_ERROR_MSG:
58 resp[i].resp = 0;
59 break;
60 case PAM_PROMPT_ECHO_ON: /* Send Username */
61 resp[i].resp = strdup(auth->username);
62 break;
63 case PAM_PROMPT_ECHO_OFF: /* Send Password */
64 resp[i].resp = strdup(auth->password);
65 break;
66 default:
67 free(resp);
68 return PAM_CONV_ERR;
69 }
70 }
71
72 *out = resp;
73 return PAM_SUCCESS;
74 }
75
76
do_pam_auth(const char * service,const char * username,const char * password)77 int do_pam_auth(const char *service, const char *username, const char *password)
78 {
79 int ret;
80 AuthData auth = { username, password };
81 struct pam_conv conv = {
82 pam_callback,
83 &auth
84 };
85 pam_handle_t *h = 0;
86 ret = pam_start(service, username, &conv, &h);
87 if (ret == PAM_SUCCESS)
88 ret = pam_authenticate(h, 0);
89 if (ret == PAM_SUCCESS)
90 ret = pam_acct_mgmt(h, 0);
91 pam_end(h, ret);
92
93 return ret == PAM_SUCCESS ? 1 : 0;
94 }
95
96