static void
set_account_password_cb (GObject *source,
    GAsyncResult *result,
    gpointer user_data)
{
  TpAccount *tp_account = (TpAccount *) source;
  AuthContext *ctx = user_data;
  AuthContext *new_ctx;
  GError *error = NULL;

  if (!tpaw_keyring_set_account_password_finish (tp_account, result, &error))
    {
      DEBUG ("Failed to set empty password on UOA account: %s", error->message);
      auth_context_done (ctx);
      return;
    }

  new_ctx = auth_context_new (ctx->channel, ctx->service);
  auth_context_free (ctx);

  if (new_ctx->session != NULL)
    {
      /* The trick worked! */
      request_password (new_ctx);
      return;
    }

  DEBUG ("Still can't get a signon session, even after setting empty pwd");
  auth_context_done (new_ctx);
}
示例#2
0
OPENVPN_EXPORT int
openvpn_plugin_func_v2 (openvpn_plugin_handle_t handle,
                        const int type,
                        const char *argv[],
                        const char *envp[],
                        void *per_client_context,
                        struct openvpn_plugin_string_list **return_list)
{
  ldap_context_t *context = (ldap_context_t *) handle;
  auth_context_t *auth_context = NULL;
  action_t *action = NULL;


  int res = OPENVPN_PLUGIN_FUNC_ERROR;

  if (type == OPENVPN_PLUGIN_AUTH_USER_PASS_VERIFY){
    /* get username/password/auth_control_file from envp string array */
    const char *username = get_env ("username", envp);
    const char *password = get_env ("password", envp);
    const char *auth_control_file = get_env ( "auth_control_file", envp );
    const char *pf_file = get_env ("pf_file", envp);



    /* required parameters check */
    if (!username){
      LOGERROR("No username supplied to OpenVPN plugin");
      return OPENVPN_PLUGIN_FUNC_ERROR;
    }

    auth_context = auth_context_new( );
    if( !auth_context ){
      LOGERROR( "Could not allocate auth_context before calling thread" );
      return res;
    }
    if( username ) auth_context->username = strdup( username );
    if( password ) auth_context->password = strdup( password );
    if( pf_file ) auth_context->pf_file = strdup( pf_file );
    if( auth_control_file ) auth_context->auth_control_file = strdup( auth_control_file );
    /* If some argument were missing or could not be duplicate */
    if( !(auth_context->username && auth_context->password && auth_context->auth_control_file ) ){
      auth_context_free( auth_context );
      return res;
    }
    action = action_new( );
    action->type = LDAP_AUTH_ACTION_AUTH;
    action->context = auth_context;
    action->client_context = per_client_context;
    action->context_free_func = (void *)auth_context_free;
    action_push( context->action_list, action );
    return OPENVPN_PLUGIN_FUNC_DEFERRED;
  }
  else if (type == OPENVPN_PLUGIN_ENABLE_PF){
    /* unfortunately, at this stage we dont know anything about the client
     * yet. Let assume it is enabled, we will define default somewhere
     */
    return OPENVPN_PLUGIN_FUNC_SUCCESS;
  }else if( type == OPENVPN_PLUGIN_CLIENT_CONNECT_V2 ){
    /* on client connect, we return conf options through return list
     */
    const char *username = get_env ("username", envp);
    client_context_t *cc = per_client_context;
    char *ccd_options = NULL;
    /* sanity check */
    if (!username){
      LOGERROR("No username supplied to OpenVPN plugin");
      return OPENVPN_PLUGIN_FUNC_ERROR;
    }
    if (!cc || !cc->profile){
      LOGERROR("No profile found for user");
      return OPENVPN_PLUGIN_FUNC_ERROR;
    }
#ifdef ENABLE_LDAPUSERCONF
    ccd_options = ldap_account_get_options_to_string( cc->ldap_account );
#endif
    if( cc->profile->redirect_gateway_prefix && strlen( cc->profile->redirect_gateway_prefix ) > 0 ){
      /* do the username start with prefix? */
      if( strncmp( cc->profile->redirect_gateway_prefix, username, strlen( cc->profile->redirect_gateway_prefix ) ) == 0 ){
        char *tmp_ccd = ccd_options;
        ccd_options = strdupf("push \"redirect-gateway %s\"\n%s",
                            cc->profile->redirect_gateway_flags ? cc->profile->redirect_gateway_flags : DFT_REDIRECT_GATEWAY_FLAGS,
                            tmp_ccd ? tmp_ccd : "");
        if( tmp_ccd ) la_free( tmp_ccd );
      }
    }
    if( ccd_options ){
      *return_list = la_malloc( sizeof( struct openvpn_plugin_string_list ) );
      if( *return_list != NULL){
        (*return_list)->next = NULL;
        (*return_list)->name = strdup( "config" );
        (*return_list)->value = ccd_options;
      }
    }
    return OPENVPN_PLUGIN_FUNC_SUCCESS;
  }
#ifdef ENABLE_LDAPUSERCONF
  else if( type == OPENVPN_PLUGIN_CLIENT_DISCONNECT ){
    /* nothing done for now
     * potentially, session could be logged
     */
    return OPENVPN_PLUGIN_FUNC_SUCCESS;
  }
#endif
  return res;
}
static void
auth_context_done (AuthContext *ctx)
{
  tp_channel_close_async (ctx->channel, NULL, NULL);
  auth_context_free (ctx);
}