int
auth2_pam(Authctxt *authctxt)
{
int retval = -1;
if (authctxt->user == NULL)
fatal("auth2_pam: internal error: no user");
conv2.appdata_ptr = authctxt;
do_pam_set_conv(&conv2);
dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE,
&input_userauth_info_response_pam);
retval = (do_pam_authenticate(0) == PAM_SUCCESS);
dispatch_set(SSH2_MSG_USERAUTH_INFO_RESPONSE, NULL);
return retval;
}
int main(int argc, char** argv) {
const char *auth_method = NULL;
const char *service = NULL;
char username[BUF_SIZE];
char password[BUF_SIZE];
int i = 0;
int ret = 0;
error_handler_t error_handler;
int uid = 0;
int gid = 0;
#ifdef WINDOWS
char **ppszUID = NULL;
char **ppszGID = NULL;
char **ppszGroupNames = NULL;
int nGIDs;
#endif
error_handler.error = print_error;
if(argc < 2 ) {
print_error(MSG_AUTUSER_INVAILD_ARG_COUNT);
usage();
}
auth_method = argv[1];
#ifndef WINDOWS
#define SGE_SUPERUSER_UID 0
/* only root can successfull execute this */
if(geteuid() != SGE_SUPERUSER_UID && geteuid() != getuid()) {
print_error(MSG_AUTHUSER_ONLY_ROOT_S, argv[0]);
return 1;
}
#endif
if(strcmp(auth_method, "pam") == 0 ) {
for(i=2; i < argc; i++) {
if( strcmp(argv[i], "-s") == 0 ) {
i++;
if(i >= argc) {
print_error(MSG_AUTUSER_MISSING_PAM_SERVICE);
usage();
}
service = argv[i];
} else {
print_error(MSG_AUTUSER_UNKNOWN_PARAM_S, argv[i]);
usage();
}
}
if (service == NULL) {
print_error(MSG_AUTUSER_MISSING_PAM_SERVICE);
usage();
}
} else if (strcmp(auth_method, "system" ) == 0 ) {
} else {
print_error(MSG_AUTUSER_UNKNOWN_AUTH_METHOD_S, auth_method);
usage();
}
fprintf(stdout, "username: "******"password: "******"\n");
setEcho(1);
if (strcmp(auth_method, "pam") == 0 ) {
#ifndef WINDOWS
ret = do_pam_authenticate(service, username, password, &error_handler);
if(ret == JUTI_AUTH_SUCCESS) {
struct passwd *pw = getpwnam(username);
if(pw == NULL) {
print_error(MSG_AUTHUSER_NO_PW_ENTRY_SS,
username, strerror(errno));
return -1;
}
uid = pw->pw_uid;
gid = pw->pw_gid;
}
#else
ret = JUTI_AUTH_ERROR;
print_error(MSG_AUTHUSER_PAM_NOT_AVAILABLE);
#endif
} else if(strcmp(auth_method, "system") == 0 ) {
#ifndef WINDOWS
ret = do_system_authentication(username, password, &uid, &gid, &error_handler);
#else
ret = do_windows_system_authentication(username, password,
&ppszUID, &ppszGID, &ppszGroupNames,
&nGIDs, &error_handler);
#endif
} else {
ret = -1;
}
if (ret==JUTI_AUTH_SUCCESS) {
int group_count = 0;
gid_t *groups = NULL;
char **group_names = NULL;
#ifndef WINDOWS
fprintf(stdout, "uid %d\n", uid);
fprintf(stdout, "gid ");
if(juti_getgrouplist(username, gid, &groups, &group_names, &group_count) == 0) {
for(i = 0; i < group_count; i++) {
if(i>0) {
fprintf(stdout, ",%s("gid_t_fmt")", group_names[i], groups[i]);
} else {
fprintf(stdout, "%s("gid_t_fmt")", group_names[i], groups[i]);
}
free(group_names[i]);
}
free(groups);
free(group_names);
}
#else
fprintf(stdout, "uid %s\n", *ppszUID);
LocalFree(ppszUID[0]);
free(ppszUID);
fprintf(stdout, "gid ");
for(i=0; i<nGIDs; i++) {
if(i>0) {
fprintf(stdout, ",%s(%s)", ppszGroupNames[i], ppszGID[i]);
} else {
fprintf(stdout, "%s(%s)", ppszGroupNames[i], ppszGID[i]);
}
LocalFree(ppszGID[i]);
free(ppszGroupNames[i]);
}
free(ppszGID);
free(ppszGroupNames);
#endif
fprintf(stdout, "\n");
}
return ret;
}
