ref: 5ca0f0875e0762d2c34ce0f5450ffba585e413f0
dir: tlsclient/pam.c
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <security/pam_appl.h>
#include <security/pam_modules.h>
#include <security/pam_ext.h>
#include <u.h>
#include <args.h>
#include <libc.h>
#include <auth.h>
#include <authsrv.h>
#include <libsec.h>
#include "fncs.h"
/* pasword change TODO */
PAM_EXTERN int
pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv )
{
return PAM_SUCCESS;
}
/* For checking if the user has expired, has access to specific machine etc */
PAM_EXTERN int
pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv)
{
return PAM_SUCCESS;
}
char *authserver;
/* expected hook, this is where custom stuff happens */
PAM_EXTERN int
pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv )
{
char *username;
char *password;
int fd;
AuthInfo *ai;
if(pam_get_user(pamh, &username, NULL) != PAM_SUCCESS)
return PAM_AUTH_ERR;
if(pam_get_authtok(pamh, PAM_AUTHTOK, &password, NULL) != PAM_SUCCESS)
return PAM_AUTH_ERR;
if(argc != 1)
return PAM_AUTH_ERR;
authserver = argv[0];
fd = unix_dial(authserver, "17019");
if(fd < 0)
return PAM_AUTH_ERR;
ai = p9any(username, password, fd);
if(ai == nil)
return PAM_AUTH_ERR;
return PAM_SUCCESS;
}