external/cde
1
0
Fork 0
mirror of git://git.code.sf.net/p/cdesktopenv/code synced 2025-02-13 11:42:21 +00:00
Code Issues Releases Wiki Activity

Add PAM support to dtlogin.

Browse source
This commit is contained in:
Liang Chang 2021-01-30 09:41:14 +08:00 committed by Jon Trulson
parent c10684c63c
commit becdbc9816
7 changed files with 125 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
cde/programs/dtlogin/Imakefile
View file

@ -130,6 +130,13 @@ DEPXAUTHLIB =
DEPXDMCPLIB =
#endif
#ifdef HasPamLibrary
DTPAMSVCLIB = -lDtPamSvc
EXTRA_DEFINES += -DHAS_PAM_LIBRARY
#else
DTPAMSVCLIB =
#endif
/**************************************************************************
*
* Source and object modules
@ -291,7 +298,8 @@ EXTRA_RES_DEFINES = \
$(DEPXTOOLLIB) $(DEPXLIB)
DEPLIBS3 = $(DEPXDMCPLIB) $(DEPXMLIB) $(DEPXTOOLLIB) $(DEPXLIB)
BASE_LIBS1 = $(XAUTHLIB) $(LOGINXMULIB) $(XDMCPLIB) $(LOGINXLIB)
BASE_LIBS1 = $(XAUTHLIB) $(LOGINXMULIB) $(XDMCPLIB) $(LOGINXLIB) \
$(DTPAMSVCLIB)
BASE_LIBS2 = $(DTWIDGETLIB) $(DTSVCLIB) $(TTLIB) $(XMLIB) \
$(XTOOLLIB) $(XLIB) $(XINLIB)
BASE_LIBS3 = $(DTWIDGETLIB) $(DTSVCLIB) $(TTLIB) $(XDMCPLIB) $(XMLIB) \

39
cde/programs/dtlogin/account.c
View file

@ -137,9 +137,14 @@ Account( struct display *d, char *user, char *line, pid_t pid,
#endif /* NeedWidePrototypes */
waitType exitcode )
{
#if !defined(CSRG_BASED) /* we cannot do this on BSD ... */
#if !defined(CSRG_BASED) || defined(HAS_PAM_LIBRARY)
#if defined(__FreeBSD__) && OSMAJORVERSION > 8
struct utmpx utmp; /* local struct for new entry */
struct utmpx *u; /* pointer to entry in utmp file */
#else
struct utmp utmp; /* local struct for new entry */
struct utmp *u; /* pointer to entry in utmp file */
#endif
int fd;
char buf[32];
char* user_str = user ? user : "NULL";
@ -169,6 +174,9 @@ Account( struct display *d, char *user, char *line, pid_t pid,
#ifdef PAM
PamAccounting("dtlogin", d->name, d->utmpId, user,
line, pid, type, exitcode);
#elif defined(HAS_PAM_LIBRARY)
_DtAccounting("dtlogin", d->name, d->utmpId, user,
line, pid, type, exitcode);
#else
# ifdef SUNAUTH
solaris_accounting("dtlogin", d->name, d->utmpId, user,
@ -178,14 +186,23 @@ Account( struct display *d, char *user, char *line, pid_t pid,
#ifdef sun
return;
#else
#if defined(__FreeBSD__) && OSMAJORVERSION > 8
bzero(&utmp, sizeof(struct utmpx));
#else
bzero(&utmp, sizeof(struct utmp));
#endif
strncpy(utmp.ut_id, d->utmpId, sizeof(u->ut_id) - 1);
utmp.ut_type = LOGIN_PROCESS;
#if defined(__FreeBSD__) && OSMAJORVERSION > 8
setutxent();
if ( (u = getutxid(&utmp)) == NULL ) u = &utmp;
#else
setutent();
if ( (u = getutid(&utmp)) == NULL ) u = &utmp;
#endif
/*
* make sure process ID's match if this is DEAD_PROCESS...
@ -195,7 +212,11 @@ Account( struct display *d, char *user, char *line, pid_t pid,
if ((type == DEAD_PROCESS && pid != 0 && u->ut_pid != pid) ||
(type == DEAD_PROCESS && u->ut_type == DEAD_PROCESS) ) {
#if defined(__FreeBSD__) && OSMAJORVERSION > 8
endutxent();
#else
endutent();
#endif
return;
}
@ -247,8 +268,10 @@ Account( struct display *d, char *user, char *line, pid_t pid,
if (type) {
u->ut_type = type;
if (type == DEAD_PROCESS) {
#if !(defined(__FreeBSD__) && OSMAJORVERSION > 8)
u->ut_exit.e_termination = waitSig(exitcode);
u->ut_exit.e_exit = waitCode(exitcode);
#endif
#ifndef SVR4
(void) memset((char *) u->ut_host, '\0', sizeof(u->ut_host));
#endif
@ -263,11 +286,17 @@ Account( struct display *d, char *user, char *line, pid_t pid,
#endif
}
#if !(defined(__FreeBSD__) && OSMAJORVERSION > 8)
if (type == USER_PROCESS)
u->ut_exit.e_exit = (d->displayType.location == Local ? 1 : 0 );
#endif
}
#if defined(__FreeBSD__) && OSMAJORVERSION > 8
(void) time(&u->ut_tv);
#else
(void) time(&u->ut_time);
#endif
/*
* write to utmp...
@ -277,9 +306,14 @@ Account( struct display *d, char *user, char *line, pid_t pid,
* to wtmp!)
*/
#if defined(__FreeBSD__) && OSMAJORVERSION > 8
pututxline(u);
#else
pututline(u);
#endif
#if !(defined(__FreeBSD__) && OSMAJORVERSION > 8)
/*
* write the same entry to wtmp...
*/
@ -297,6 +331,9 @@ Account( struct display *d, char *user, char *line, pid_t pid,
*/
endutent();
#else
endutxent();
#endif
#ifdef __PASSWD_ETC
/* Now fill in the "rgy utmp" struct */

15
cde/programs/dtlogin/config/Imakefile
View file

@ -26,6 +26,14 @@ LOCAL_CPP_DEFINES = -DCDE_CONFIGURATION_TOP=$(CDE_CONFIGURATION_TOP) \
LOCAL_CPP_DEFINES += -DFREEBSD
#endif
#ifdef HasPamLibrary
LOCAL_CPP_DEFINES += -DHAS_PAM_LIBRARY
#ifdef PamAuthenticationModule
PAM_AUTHENTICATION_MODULE=PamAuthenticationModule
LOCAL_CPP_DEFINES += -DPAM_AUTHENTICATION_MODULE=$(PAM_AUTHENTICATION_MODULE)
#endif
#endif
#ifdef SunArchitecture
EXTRA_CPP_TARGETS = \
0015.sun.env \
@ -48,7 +56,8 @@ CPP_TARGETS = \
Xstartup current.session \
display.current.session display.home.session \
dtlslocale dtprofile \
home.session $(EXTRA_CPP_TARGETS)
home.session dtlogin.pam.conf \
$(EXTRA_CPP_TARGETS)
AllTarget($(CPP_TARGETS))
@ -81,3 +90,7 @@ CppSourceFile(display.home.session,display.home.session.src,$(LOCAL_CPP_DEFINES)
CppSourceFile(dtlslocale,dtlslocale.src,$(LOCAL_CPP_DEFINES),)
CppSourceFile(dtprofile,dtprofile.src,$(LOCAL_CPP_DEFINES),)
CppSourceFile(home.session,home.session.src,$(LOCAL_CPP_DEFINES),)
#ifdef HasPamLibrary
CppSourceFile(dtlogin.pam.conf,dtlogin.pam.conf.src,$(LOCAL_CPP_DEFINES),)
#endif

15
cde/programs/dtlogin/config/Xsetup.src
View file

@ -80,3 +80,18 @@ fi
fi
fi
#endif
#ifdef HAS_PAM_LIBRARY
#ifdef __FreeBSD__
#define PAM_D /usr/local/etc/pam.d
#else
#define PAM_D /etc/pam.d
#endif
if [ ! -f PAM_D/dtlogin ]; then
if [ -f CDE_INSTALLATION_TOP/config/dtlogin.pam.conf ]; then
/bin/cp CDE_INSTALLATION_TOP/config/dtlogin.pam.conf PAM_D/dtlogin
/bin/chmod 644 PAM_D/dtlogin
fi
fi
#endif

11
cde/programs/dtlogin/config/dtlogin.pam.conf.src Normal file
View file

@ -0,0 +1,11 @@
#ifdef PAM_AUTHENTICATION_MODULE
auth sufficient PAM_AUTHENTICATION_MODULE
#endif
auth required pam_unix.so
account required pam_nologin.so
account required pam_unix.so
session required pam_lastlog.so
password required pam_deny.so

29
cde/programs/dtlogin/session.c
View file

@ -166,6 +166,7 @@ struct greet_state {
};
char *globalDisplayName;
extern char *progName; /* Global argv[0]; dtlogin name and path */
/***************************************************************************
*
@ -276,9 +277,10 @@ SessionPingFailed( struct display *d )
AbortClient (clientPid);
source (&verify, d->reset);
char* user = getEnv (verify.userEnviron, "USER");
#if defined (PAM) || defined(SUNAUTH)
{
char* user = getEnv (verify.userEnviron, "USER");
char* ttyLine = d->gettyLine;
#ifdef DEF_NETWORK_DEV
@ -310,6 +312,9 @@ SessionPingFailed( struct display *d )
}
#endif
#if !defined(sun) && defined(HAS_PAM_LIBRARY)
Account(d, user, NULL, clientPid, DEAD_PROCESS, NULL);
#endif
}
SessionExit (d, RESERVER_DISPLAY);
}
@ -597,9 +602,10 @@ ManageSession( struct display *d )
Debug ("Source reset program %s\n", d->reset);
source (&verify, d->reset);
char* user = getEnv (verify.userEnviron, "USER");
#if defined(PAM) || defined(SUNAUTH)
{
char* user = getEnv (verify.userEnviron, "USER");
char* ttyLine = d->gettyLine;
# ifdef DEF_NETWORK_DEV
@ -631,6 +637,10 @@ ManageSession( struct display *d )
}
#endif
#if !defined(sun) && defined(HAS_PAM_LIBRARY)
Account(d, user, NULL, clientPid, DEAD_PROCESS, NULL);
#endif
SessionExit (d, OBEYSESS_DISPLAY);
}
@ -1262,7 +1272,7 @@ StartClient( struct verify_info *verify, struct display *d, int *pidp )
}
#endif
#if !defined(sun) && !defined(CSRG_BASED)
#if !defined(sun) && (!defined(CSRG_BASED) || defined(HAS_PAM_LIBRARY))
Account(d, user, NULL, getpid(), USER_PROCESS, status);
#endif
@ -1344,6 +1354,18 @@ StartClient( struct verify_info *verify, struct display *d, int *pidp )
Debug("Can't set User's Credentials (user=%s)\n",user);
return(0);
}
#elif defined(HAS_PAM_LIBRARY)
char *prog_name = strrchr(progName, '/');
if (!prog_name || _DtSetCred(prog_name + 1, user, verify->uid,
#ifdef NGROUPS
verify->groups[0]
#else
verify->gid
#endif
) > 0 ) {
Debug("Can't set User's Credentials (user=%s)\n",user);
return(0);
}
#endif
#ifdef SUNAUTH
@ -1843,7 +1865,6 @@ execute(char **argv, char **environ )
#define MSGSIZE 512
extern int session_set;
extern char *progName; /* Global argv[0]; dtlogin name and path */
int response[2], request[2];

18
cde/programs/dtlogin/sysauth.c
View file

@ -84,7 +84,7 @@
#include <stdlib.h>
#include <pwd.h>
#ifdef PAM
#if defined(PAM) || defined(HAS_PAM_LIBRARY)
#include <security/pam_appl.h>
#endif
@ -114,7 +114,8 @@
/*
* Define as generic those without platform specific code.
*/
#if !(defined(__hpux) || defined(_AIX) || defined(sun))
#if !(defined(__hpux) || defined(_AIX) || defined(sun) || \
defined(HAS_PAM_LIBRARY))
#define generic
#endif
@ -1061,7 +1062,8 @@ WriteBtmp( char *name )
***************************************************************************/
#ifdef sun
#if defined(sun) || defined(HAS_PAM_LIBRARY)
/***************************************************************************
*
* Start authentication routines (SUN)
@ -1150,8 +1152,14 @@ Authenticate( struct display *d, char *name, char *passwd, char **msg )
* Authenticate user and return status
*/
#ifdef PAM
status = PamAuthenticate("dtlogin", d->name, passwd, name, ttyLine);
#if defined(PAM) || defined(HAS_PAM_LIBRARY)
status =
#ifdef PAM
PamAuthenticate
#else
_DtAuthentication
#endif
("dtlogin", d->name, passwd, name, ttyLine);
switch(status) {
case PAM_SUCCESS: