[PC-BSD Commits] r18073 - pcbsd-projects/PCDM

svn at pcbsd.org svn at pcbsd.org
Wed Aug 1 11:07:19 PDT 2012 

Author: kenmoore
Date: 2012-08-01 18:07:19 +0000 (Wed, 01 Aug 2012)
New Revision: 18073

Modified:
   pcbsd-projects/PCDM/pcdm-backend.cpp
   pcbsd-projects/PCDM/pcdm-backend.h
Log:
Finish up the PAM integration into PCDM. It now works perfectly if program run with root permissions (will add check for that here soon).



Modified: pcbsd-projects/PCDM/pcdm-backend.cpp
===================================================================
--- pcbsd-projects/PCDM/pcdm-backend.cpp	2012-08-01 18:05:40 UTC (rev 18072)
+++ pcbsd-projects/PCDM/pcdm-backend.cpp	2012-08-01 18:07:19 UTC (rev 18073)
@@ -179,43 +179,30 @@
 
 }
 
-pam_handle_t *pamh;
-struct pam_response *reply;
-    
-int null_conv(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr) {
-        *resp = reply;
-        return PAM_SUCCESS;
-}
- 
-static struct pam_conv pamc = { null_conv, NULL }; //null conversation function
+pam_handle_t *pamh;  //handle for the PAM process structure
+static struct pam_conv pamc = { openpam_nullconv, NULL }; //null conversation function for PAM
 
 bool Backend::verifyUsernamePassword(QString username, QString password){
   //Convert the inputs to C character arrays for use in PAM
-  QByteArray tmp;
-  tmp = username.toUtf8(); 
-  const char* cUser = tmp.constData();
-  tmp = password.toUtf8();
-  char* cPassword = tmp.data();
+  QByteArray tmp = username.toUtf8();
+  char* cUser = tmp.data();
+  QByteArray tmp2 = password.toUtf8();
+  char* cPassword = tmp2.data();
   //initialize variables
   bool result = FALSE;
   int ret;
   //Initialize PAM
-  qDebug() << "Initilize PAM";
   ret = pam_start("login", cUser, &pamc, &pamh);
   if( ret == PAM_SUCCESS ){
-    //Place the user-supplied password into the response structure 
-    qDebug() << "get reply structure";
-    reply = (struct pam_response *)malloc(sizeof(struct pam_response));
-    qDebug() << "fill reply[0] structure";
-    reply[0].resp = cPassword;
-    reply[0].resp_retcode = 0;
+    //Place the user-supplied password into the structure 
+    ret = pam_set_item(pamh, PAM_AUTHTOK, cPassword);
+    //Set the TTY 
+    //ret = pam_set_item(pamh, PAM_TTY, "pcdm-terminal");
     //Authenticate with PAM
-    qDebug() << "Authenticate with PAM";
     ret = pam_authenticate(pamh,0);
     if( ret == PAM_SUCCESS ){
       //Check for valid, unexpired account and verify access restrictions
-      qDebug() << "Check Acct Mgmt with PAM";
-      ret = pam_acct_mgmt(pamh,PAM_DISALLOW_NULL_AUTHTOK);
+      ret = pam_acct_mgmt(pamh,0);
       if( ret == PAM_SUCCESS ){ result = TRUE; }
     
     }else{
@@ -262,7 +249,6 @@
       }
     }
     //Stop PAM   
-    qDebug() << "Stopping PAM";
     pam_end(pamh,ret);  
   }
   //return verification result

Modified: pcbsd-projects/PCDM/pcdm-backend.h
===================================================================
--- pcbsd-projects/PCDM/pcdm-backend.h	2012-08-01 18:05:40 UTC (rev 18072)
+++ pcbsd-projects/PCDM/pcdm-backend.h	2012-08-01 18:07:19 UTC (rev 18073)
@@ -8,6 +8,7 @@
 
 #include <sys/types.h>
 #include <security/pam_appl.h>
+#include <security/openpam.h>
 
 #include "pcdm-config.h"
 #include "pcbsd-utils.h"

More information about the Commits mailing list