1 /* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*-
2 *
3 * Copyright (C) 2016 Red Hat, Inc.
4 *
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
9 *
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
14 *
15 * You should have received a copy of the GNU General Public License
16 * along with this program; if not, write to the Free Software
17 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 *
19 */
20 #include <config.h>
21
22 #include <unistd.h>
23
24 #include <security/_pam_macros.h>
25 #include <security/pam_ext.h>
26 #include <security/pam_misc.h>
27 #include <security/pam_modules.h>
28 #include <security/pam_modutil.h>
29
30 #ifdef HAVE_KEYUTILS
31 #include <keyutils.h>
32 #endif
33
34 int
pam_sm_authenticate(pam_handle_t * pamh,int flags,int argc,const char ** argv)35 pam_sm_authenticate (pam_handle_t *pamh,
36 int flags,
37 int argc,
38 const char **argv)
39 {
40 #ifdef HAVE_KEYUTILS
41 int r;
42 void *cached_password = NULL;
43 key_serial_t serial;
44
45 serial = find_key_by_type_and_desc ("user", "cryptsetup", 0);
46 if (serial == 0)
47 return PAM_AUTHINFO_UNAVAIL;
48
49 r = keyctl_read_alloc (serial, &cached_password);
50 if (r < 0 || r != strlen (cached_password))
51 return PAM_AUTHINFO_UNAVAIL;
52
53 r = pam_set_item (pamh, PAM_AUTHTOK, cached_password);
54
55 free (cached_password);
56
57 if (r < 0)
58 return PAM_AUTH_ERR;
59 else
60 return PAM_SUCCESS;
61 #endif
62
63 return PAM_AUTHINFO_UNAVAIL;
64 }
65
66 int
pam_sm_setcred(pam_handle_t * pamh,int flags,int argc,const char ** argv)67 pam_sm_setcred (pam_handle_t *pamh,
68 int flags,
69 int argc,
70 const char **argv)
71 {
72 return PAM_SUCCESS;
73 }
74
75 int
pam_sm_acct_mgmt(pam_handle_t * pamh,int flags,int argc,const char ** argv)76 pam_sm_acct_mgmt (pam_handle_t *pamh,
77 int flags,
78 int argc,
79 const char **argv)
80 {
81 return PAM_SUCCESS;
82 }
83
84 int
pam_sm_chauthtok(pam_handle_t * pamh,int flags,int argc,const char ** argv)85 pam_sm_chauthtok (pam_handle_t *pamh,
86 int flags,
87 int argc,
88 const char **argv)
89 {
90 return PAM_SUCCESS;
91 }
92
93 int
pam_sm_open_session(pam_handle_t * pamh,int flags,int argc,const char ** argv)94 pam_sm_open_session (pam_handle_t *pamh,
95 int flags,
96 int argc,
97 const char **argv)
98 {
99 return PAM_SUCCESS;
100 }
101
102 int
pam_sm_close_session(pam_handle_t * pamh,int flags,int argc,const char ** argv)103 pam_sm_close_session (pam_handle_t *pamh,
104 int flags,
105 int argc,
106 const char **argv)
107 {
108 return PAM_SUCCESS;
109 }
110