pam changes

1 files changed, 98 insertions, 0 deletions

diff --git a/sesman/verify_user_pam.c b/sesman/verify_user_pam.c
new file mode 100644
index 00000000..2bf19f64
--- /dev/null
+++ b/sesman/verify_user_pam.c
@@ -0,0 +1,98 @@
+/*
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+   xrdp: A Remote Desktop Protocol server.
+   Copyright (C) Jay Sorg 2005
+
+   authenticate user
+
+*/
+
+#include "arch.h"
+#include "os_calls.h"
+
+#include <security/pam_appl.h>
+
+struct t_user_pass
+{
+  char* user;
+  char* pass;
+};
+
+/******************************************************************************/
+static int DEFAULT_CC
+verify_pam_conv(int num_msg, const struct pam_message** msg,
+                struct pam_response** resp, void* appdata_ptr)
+{
+  int i;
+  struct pam_response* reply;
+  struct t_user_pass* user_pass;
+
+  reply = g_malloc(sizeof(struct pam_response) * num_msg, 1);
+  for (i = 0; i < num_msg; i++)
+  {
+    switch (msg[i]->msg_style)
+    {
+      case PAM_PROMPT_ECHO_ON: /* username */
+        user_pass = appdata_ptr;
+        reply[i].resp = g_strdup(user_pass->user);
+        reply[i].resp_retcode = PAM_SUCCESS;
+        break;
+      case PAM_PROMPT_ECHO_OFF: /* password */
+        user_pass = appdata_ptr;
+        reply[i].resp = g_strdup(user_pass->pass);
+        reply[i].resp_retcode = PAM_SUCCESS;
+        break;
+      default:
+        g_printf("unknown in verify_pam_conv\n\r");
+        g_free(reply);
+        return PAM_CONV_ERR;
+    }
+  }
+  *resp = reply;
+  return PAM_SUCCESS;
+}
+
+/******************************************************************************/
+/* returns boolean */
+int DEFAULT_CC
+auth_userpass(char* user, char* pass)
+{
+  int error;
+  int null_tok;
+  struct t_user_pass user_pass;
+  struct pam_conv pamc;
+  pam_handle_t* ph;
+
+  user_pass.user = user;
+  user_pass.pass = pass;
+  pamc.conv = &verify_pam_conv;
+  pamc.appdata_ptr = &user_pass;
+  error = pam_start("gdm", 0, &pamc, &ph);
+  if (error != PAM_SUCCESS)
+  {
+    g_printf("pam_start failed\n\r");
+    return 0;
+  }
+  null_tok = 0;
+  error = pam_authenticate(ph, null_tok);
+  if (error != PAM_SUCCESS)
+  {
+    pam_end(ph, PAM_SUCCESS);
+    return 0;
+  }
+  pam_end(ph, PAM_SUCCESS);
+  return 1;
+}