/* accounting packets may be directed to any TACACS+ server, * independent from those used for authentication and authorization; * it may be also directed to all specified servers */ PAM_EXTERN int pam_sm_open_session (pam_handle_t * pamh, int flags, int argc, const char **argv) { task_id=(short int) magic(); return _pam_account(pamh, argc, argv, TAC_PLUS_ACCT_FLAG_START, NULL); } /* pam_sm_open_session */
/* sends STOP accounting request to the remote TACACS+ server * returns PAM error only if the request was refused or there * were problems connection to the server */ PAM_EXTERN int pam_sm_close_session (pam_handle_t * pamh, int flags, int argc, const char **argv) { /* Retrieve cmd pam_env */ const char* cmd = pam_getenv(pamh, "cmd"); return _pam_account(pamh, argc, argv, TAC_PLUS_ACCT_FLAG_STOP, cmd); } /* pam_sm_close_session */
/* sends STOP accounting request to the remote TACACS+ server * returns PAM error only if the request was refused or there * were problems connection to the server */ PAM_EXTERN int pam_sm_close_session (pam_handle_t * pamh, int flags, int argc, const char **argv) { int rc; char *user; _pam_get_user(pamh, &user); task_id = session_taskid; /* task_id must match start */ rc = _pam_account(pamh, argc, argv, TAC_PLUS_ACCT_FLAG_STOP, NULL); __update_loguid(user); /* now dead, cleanup mapping */ return rc; } /* pam_sm_close_session */
/* * send START accounting request to the remote TACACS+ server * returns PAM error only if the request was refused or there * were problems connection to the server * sets sess_taskid so it can be used in close_session, so that * accounting start and stop records have the same task_id, as * the specification requires. */ PAM_EXTERN int pam_sm_open_session (pam_handle_t * pamh, int flags, int argc, const char **argv) { if (!task_id) #if defined(HAVE_OPENSSL_RAND_H) && defined(HAVE_LIBCRYPTO) RAND_pseudo_bytes((unsigned char *) &task_id, sizeof(task_id)); #else task_id=(short int) tac_magic(); #endif session_taskid = task_id; return _pam_account(pamh, argc, argv, TAC_PLUS_ACCT_FLAG_START, NULL); } /* pam_sm_open_session */
/* sends STOP accounting request to the remote TACACS+ server * returns PAM error only if the request was refused or there * were problems connection to the server */ PAM_EXTERN int pam_sm_close_session (pam_handle_t * pamh, int flags, int argc, const char **argv) { return _pam_account(pamh, argc, argv, TAC_PLUS_ACCT_FLAG_STOP, NULL); } /* pam_sm_close_session */