C++ (Cpp) skeyaccess Examples

Programming Language: C++ (Cpp)

Method/Function: skeyaccess

Examples at hotexamples.com: 2

C++ (Cpp) skeyaccess - 2 examples found. These are the top rated real world C++ (Cpp) examples of skeyaccess extracted from open source projects. You can rate examples to help us improve the quality of examples.

Example #1

Show file

int
passwd_init(struct passwd *pw, sudo_auth *auth)
{
#ifdef HAVE_SKEYACCESS
    if (skeyaccess(pw, user_tty, NULL, NULL) == 0)
	return AUTH_FAILURE;
#endif
    sudo_setspent();
    auth->data = sudo_getepw(pw);
    sudo_endspent();
    return AUTH_SUCCESS;
}

Example #2

Show file

File: pam_skey_access.c Project: dkorunic/pam_skey

PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags,
  int argc, const char **argv)
{
  char *username = NULL; /* will point to username */
  unsigned mod_opt = _MOD_NONE_ON; /* module options */
  char *host; /* will point to host */
  char *port; /* will point to port */
  struct passwd *pwuser;

  /* Get module options */
  mod_getopt(&mod_opt, argc, argv);

  /* Get username */
  if (pam_get_user(pamh, (_PAM_CONST char **)&username, "login:"******"cannot determine username\n");
    if (mod_opt & _MOD_DEBUG)
      syslog(LOG_DEBUG, "cannot determine username");
    return PAM_USER_UNKNOWN;
  }

  if (mod_opt & _MOD_DEBUG)
    syslog(LOG_DEBUG, "got username %s", username);

  /* Check S/Key access permissions - user, host and port. Also include
   * sanity checks */
  /* Get host.. */
    if (pam_get_item(pamh, PAM_RHOST, (_PAM_CONST void **)&host)
        != PAM_SUCCESS)
      host = NULL;
  /* ..and port */
    if (pam_get_item(pamh, PAM_TTY, (_PAM_CONST void **)&port)
        != PAM_SUCCESS)
      port = NULL;

  if (mod_opt & _MOD_DEBUG)
    syslog(LOG_DEBUG, "checking s/key access for user %s,"
      " host %s, port %s", username,
      (host != NULL) ? host : "*unknown*",
      (port != NULL) ? port : "*unknown*");

  /* Get information from passwd file */
  if ((pwuser = getpwnam(username)) == NULL)
  {
    fprintf(stderr, "no such user\n");
    syslog(LOG_NOTICE, "cannot find user %s",
      username);
    return PAM_USER_UNKNOWN; /* perhaps even return PAM_ABORT here? */
  }

#ifdef HAVE_SKEYACCESS

  /* Do actual checking - we assume skeyaccess() returns PERMIT which is
   * by default 1. Notice 4th argument is NULL - we will not perform
   * address checks on host itself */
  if (skeyaccess(pwuser, port, host, NULL) != 1)
  {
    fprintf(stderr, "no s/key access permissions\n");
    syslog(LOG_NOTICE, "no s/key access permissions for %s",
        username);
    return PAM_AUTH_ERR;
  }

#endif /* HAVE_SKEYACCESS */

  return PAM_SUCCESS;
}