external/cde
1
0
Fork 0
mirror of git://git.code.sf.net/p/cdesktopenv/code synced 2025-02-13 11:42:21 +00:00
Code Issues Releases Wiki Activity

Add PAM support to dtlogin.

Browse source
This commit is contained in:
Liang Chang 2021-01-30 09:41:14 +08:00 committed by Jon Trulson
parent c10684c63c
commit becdbc9816
7 changed files with 125 additions and 12 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
cde/programs/dtlogin/Imakefile
View file

@ -130,6 +130,13 @@ DEPXAUTHLIB =
DEPXDMCPLIB = DEPXDMCPLIB =
#endif #endif
#ifdef HasPamLibrary
DTPAMSVCLIB = -lDtPamSvc
EXTRA_DEFINES += -DHAS_PAM_LIBRARY
#else
DTPAMSVCLIB =
#endif
/************************************************************************** /**************************************************************************
* *
* Source and object modules * Source and object modules
@ -291,7 +298,8 @@ EXTRA_RES_DEFINES = \
$(DEPXTOOLLIB) $(DEPXLIB) $(DEPXTOOLLIB) $(DEPXLIB)
DEPLIBS3 = $(DEPXDMCPLIB) $(DEPXMLIB) $(DEPXTOOLLIB) $(DEPXLIB) DEPLIBS3 = $(DEPXDMCPLIB) $(DEPXMLIB) $(DEPXTOOLLIB) $(DEPXLIB)
BASE_LIBS1 = $(XAUTHLIB) $(LOGINXMULIB) $(XDMCPLIB) $(LOGINXLIB) BASE_LIBS1 = $(XAUTHLIB) $(LOGINXMULIB) $(XDMCPLIB) $(LOGINXLIB) \
$(DTPAMSVCLIB)
BASE_LIBS2 = $(DTWIDGETLIB) $(DTSVCLIB) $(TTLIB) $(XMLIB) \ BASE_LIBS2 = $(DTWIDGETLIB) $(DTSVCLIB) $(TTLIB) $(XMLIB) \
$(XTOOLLIB) $(XLIB) $(XINLIB) $(XTOOLLIB) $(XLIB) $(XINLIB)
BASE_LIBS3 = $(DTWIDGETLIB) $(DTSVCLIB) $(TTLIB) $(XDMCPLIB) $(XMLIB) \ BASE_LIBS3 = $(DTWIDGETLIB) $(DTSVCLIB) $(TTLIB) $(XDMCPLIB) $(XMLIB) \

39
cde/programs/dtlogin/account.c
View file

@ -137,9 +137,14 @@ Account( struct display *d, char *user, char *line, pid_t pid,
#endif /* NeedWidePrototypes */ #endif /* NeedWidePrototypes */
waitType exitcode ) waitType exitcode )
{ {
#if !defined(CSRG_BASED) /* we cannot do this on BSD ... */ #if !defined(CSRG_BASED) || defined(HAS_PAM_LIBRARY)
#if defined(__FreeBSD__) && OSMAJORVERSION > 8
struct utmpx utmp; /* local struct for new entry */
struct utmpx *u; /* pointer to entry in utmp file */
#else
struct utmp utmp; /* local struct for new entry */ struct utmp utmp; /* local struct for new entry */
struct utmp *u; /* pointer to entry in utmp file */ struct utmp *u; /* pointer to entry in utmp file */
#endif
int fd; int fd;
char buf[32]; char buf[32];
char* user_str = user ? user : "NULL"; char* user_str = user ? user : "NULL";
@ -169,6 +174,9 @@ Account( struct display *d, char *user, char *line, pid_t pid,
#ifdef PAM #ifdef PAM
PamAccounting("dtlogin", d->name, d->utmpId, user, PamAccounting("dtlogin", d->name, d->utmpId, user,
line, pid, type, exitcode); line, pid, type, exitcode);
#elif defined(HAS_PAM_LIBRARY)
_DtAccounting("dtlogin", d->name, d->utmpId, user,
line, pid, type, exitcode);
#else #else
# ifdef SUNAUTH # ifdef SUNAUTH
solaris_accounting("dtlogin", d->name, d->utmpId, user, solaris_accounting("dtlogin", d->name, d->utmpId, user,
@ -178,14 +186,23 @@ Account( struct display *d, char *user, char *line, pid_t pid,
#ifdef sun #ifdef sun
return; return;
#else
#if defined(__FreeBSD__) && OSMAJORVERSION > 8
bzero(&utmp, sizeof(struct utmpx));
#else #else
bzero(&utmp, sizeof(struct utmp)); bzero(&utmp, sizeof(struct utmp));
#endif
strncpy(utmp.ut_id, d->utmpId, sizeof(u->ut_id) - 1); strncpy(utmp.ut_id, d->utmpId, sizeof(u->ut_id) - 1);
utmp.ut_type = LOGIN_PROCESS; utmp.ut_type = LOGIN_PROCESS;
#if defined(__FreeBSD__) && OSMAJORVERSION > 8
setutxent();
if ( (u = getutxid(&utmp)) == NULL ) u = &utmp;
#else
setutent(); setutent();
if ( (u = getutid(&utmp)) == NULL ) u = &utmp; if ( (u = getutid(&utmp)) == NULL ) u = &utmp;
#endif
/* /*
* make sure process ID's match if this is DEAD_PROCESS... * make sure process ID's match if this is DEAD_PROCESS...
@ -195,7 +212,11 @@ Account( struct display *d, char *user, char *line, pid_t pid,
if ((type == DEAD_PROCESS && pid != 0 && u->ut_pid != pid) || if ((type == DEAD_PROCESS && pid != 0 && u->ut_pid != pid) ||
(type == DEAD_PROCESS && u->ut_type == DEAD_PROCESS) ) { (type == DEAD_PROCESS && u->ut_type == DEAD_PROCESS) ) {
#if defined(__FreeBSD__) && OSMAJORVERSION > 8
endutxent();
#else
endutent(); endutent();
#endif
return; return;
} }
@ -247,8 +268,10 @@ Account( struct display *d, char *user, char *line, pid_t pid,
if (type) { if (type) {
u->ut_type = type; u->ut_type = type;
if (type == DEAD_PROCESS) { if (type == DEAD_PROCESS) {
#if !(defined(__FreeBSD__) && OSMAJORVERSION > 8)
u->ut_exit.e_termination = waitSig(exitcode); u->ut_exit.e_termination = waitSig(exitcode);
u->ut_exit.e_exit = waitCode(exitcode); u->ut_exit.e_exit = waitCode(exitcode);
#endif
#ifndef SVR4 #ifndef SVR4
(void) memset((char *) u->ut_host, '\0', sizeof(u->ut_host)); (void) memset((char *) u->ut_host, '\0', sizeof(u->ut_host));
#endif #endif
@ -263,11 +286,17 @@ Account( struct display *d, char *user, char *line, pid_t pid,
#endif #endif
} }
#if !(defined(__FreeBSD__) && OSMAJORVERSION > 8)
if (type == USER_PROCESS) if (type == USER_PROCESS)
u->ut_exit.e_exit = (d->displayType.location == Local ? 1 : 0 ); u->ut_exit.e_exit = (d->displayType.location == Local ? 1 : 0 );
#endif
} }
#if defined(__FreeBSD__) && OSMAJORVERSION > 8
(void) time(&u->ut_tv);
#else
(void) time(&u->ut_time); (void) time(&u->ut_time);
#endif
/* /*
* write to utmp... * write to utmp...
@ -277,9 +306,14 @@ Account( struct display *d, char *user, char *line, pid_t pid,
* to wtmp!) * to wtmp!)
*/ */
#if defined(__FreeBSD__) && OSMAJORVERSION > 8
pututxline(u);
#else
pututline(u); pututline(u);
#endif
#if !(defined(__FreeBSD__) && OSMAJORVERSION > 8)
/* /*
* write the same entry to wtmp... * write the same entry to wtmp...
*/ */
@ -297,6 +331,9 @@ Account( struct display *d, char *user, char *line, pid_t pid,
*/ */
endutent(); endutent();
#else
endutxent();
#endif
#ifdef __PASSWD_ETC #ifdef __PASSWD_ETC
/* Now fill in the "rgy utmp" struct */ /* Now fill in the "rgy utmp" struct */

15
cde/programs/dtlogin/config/Imakefile
View file

@ -26,6 +26,14 @@ LOCAL_CPP_DEFINES = -DCDE_CONFIGURATION_TOP=$(CDE_CONFIGURATION_TOP) \
LOCAL_CPP_DEFINES += -DFREEBSD LOCAL_CPP_DEFINES += -DFREEBSD
#endif #endif
#ifdef HasPamLibrary
LOCAL_CPP_DEFINES += -DHAS_PAM_LIBRARY
#ifdef PamAuthenticationModule
PAM_AUTHENTICATION_MODULE=PamAuthenticationModule
LOCAL_CPP_DEFINES += -DPAM_AUTHENTICATION_MODULE=$(PAM_AUTHENTICATION_MODULE)
#endif
#endif
#ifdef SunArchitecture #ifdef SunArchitecture
EXTRA_CPP_TARGETS = \ EXTRA_CPP_TARGETS = \
0015.sun.env \ 0015.sun.env \
@ -48,7 +56,8 @@ CPP_TARGETS = \
Xstartup current.session \ Xstartup current.session \
display.current.session display.home.session \ display.current.session display.home.session \
dtlslocale dtprofile \ dtlslocale dtprofile \
home.session $(EXTRA_CPP_TARGETS) home.session dtlogin.pam.conf \
$(EXTRA_CPP_TARGETS)
AllTarget($(CPP_TARGETS)) AllTarget($(CPP_TARGETS))
@ -81,3 +90,7 @@ CppSourceFile(display.home.session,display.home.session.src,$(LOCAL_CPP_DEFINES)
CppSourceFile(dtlslocale,dtlslocale.src,$(LOCAL_CPP_DEFINES),) CppSourceFile(dtlslocale,dtlslocale.src,$(LOCAL_CPP_DEFINES),)
CppSourceFile(dtprofile,dtprofile.src,$(LOCAL_CPP_DEFINES),) CppSourceFile(dtprofile,dtprofile.src,$(LOCAL_CPP_DEFINES),)
CppSourceFile(home.session,home.session.src,$(LOCAL_CPP_DEFINES),) CppSourceFile(home.session,home.session.src,$(LOCAL_CPP_DEFINES),)
#ifdef HasPamLibrary
CppSourceFile(dtlogin.pam.conf,dtlogin.pam.conf.src,$(LOCAL_CPP_DEFINES),)
#endif

15
cde/programs/dtlogin/config/Xsetup.src
View file

@ -80,3 +80,18 @@ fi
fi fi
fi fi
#endif #endif
#ifdef HAS_PAM_LIBRARY
#ifdef __FreeBSD__
#define PAM_D /usr/local/etc/pam.d
#else
#define PAM_D /etc/pam.d
#endif
if [ ! -f PAM_D/dtlogin ]; then
if [ -f CDE_INSTALLATION_TOP/config/dtlogin.pam.conf ]; then
/bin/cp CDE_INSTALLATION_TOP/config/dtlogin.pam.conf PAM_D/dtlogin
/bin/chmod 644 PAM_D/dtlogin
fi
fi
#endif

11
cde/programs/dtlogin/config/dtlogin.pam.conf.src Normal file
View file

@ -0,0 +1,11 @@
#ifdef PAM_AUTHENTICATION_MODULE
auth sufficient PAM_AUTHENTICATION_MODULE
#endif
auth required pam_unix.so
account required pam_nologin.so
account required pam_unix.so
session required pam_lastlog.so
password required pam_deny.so

29
cde/programs/dtlogin/session.c
View file

@ -166,6 +166,7 @@ struct greet_state {
}; };
char *globalDisplayName; char *globalDisplayName;
extern char *progName; /* Global argv[0]; dtlogin name and path */
/*************************************************************************** /***************************************************************************
* *
@ -276,9 +277,10 @@ SessionPingFailed( struct display *d )
AbortClient (clientPid); AbortClient (clientPid);
source (&verify, d->reset); source (&verify, d->reset);
char* user = getEnv (verify.userEnviron, "USER");
#if defined (PAM) || defined(SUNAUTH) #if defined (PAM) || defined(SUNAUTH)
{ {
char* user = getEnv (verify.userEnviron, "USER");
char* ttyLine = d->gettyLine; char* ttyLine = d->gettyLine;
#ifdef DEF_NETWORK_DEV #ifdef DEF_NETWORK_DEV
@ -310,6 +312,9 @@ SessionPingFailed( struct display *d )
} }
#endif #endif
#if !defined(sun) && defined(HAS_PAM_LIBRARY)
Account(d, user, NULL, clientPid, DEAD_PROCESS, NULL);
#endif
} }
SessionExit (d, RESERVER_DISPLAY); SessionExit (d, RESERVER_DISPLAY);
} }
@ -597,9 +602,10 @@ ManageSession( struct display *d )
Debug ("Source reset program %s\n", d->reset); Debug ("Source reset program %s\n", d->reset);
source (&verify, d->reset); source (&verify, d->reset);
char* user = getEnv (verify.userEnviron, "USER");
#if defined(PAM) || defined(SUNAUTH) #if defined(PAM) || defined(SUNAUTH)
{ {
char* user = getEnv (verify.userEnviron, "USER");
char* ttyLine = d->gettyLine; char* ttyLine = d->gettyLine;
# ifdef DEF_NETWORK_DEV # ifdef DEF_NETWORK_DEV
@ -631,6 +637,10 @@ ManageSession( struct display *d )
} }
#endif #endif
#if !defined(sun) && defined(HAS_PAM_LIBRARY)
Account(d, user, NULL, clientPid, DEAD_PROCESS, NULL);
#endif
SessionExit (d, OBEYSESS_DISPLAY); SessionExit (d, OBEYSESS_DISPLAY);
} }
@ -1262,7 +1272,7 @@ StartClient( struct verify_info *verify, struct display *d, int *pidp )
} }
#endif #endif
#if !defined(sun) && !defined(CSRG_BASED) #if !defined(sun) && (!defined(CSRG_BASED) || defined(HAS_PAM_LIBRARY))
Account(d, user, NULL, getpid(), USER_PROCESS, status); Account(d, user, NULL, getpid(), USER_PROCESS, status);
#endif #endif
@ -1344,6 +1354,18 @@ StartClient( struct verify_info *verify, struct display *d, int *pidp )
Debug("Can't set User's Credentials (user=%s)\n",user); Debug("Can't set User's Credentials (user=%s)\n",user);
return(0); return(0);
} }
#elif defined(HAS_PAM_LIBRARY)
char *prog_name = strrchr(progName, '/');
if (!prog_name || _DtSetCred(prog_name + 1, user, verify->uid,
#ifdef NGROUPS
verify->groups[0]
#else
verify->gid
#endif
) > 0 ) {
Debug("Can't set User's Credentials (user=%s)\n",user);
return(0);
}
#endif #endif
#ifdef SUNAUTH #ifdef SUNAUTH
@ -1843,7 +1865,6 @@ execute(char **argv, char **environ )
#define MSGSIZE 512 #define MSGSIZE 512
extern int session_set; extern int session_set;
extern char *progName; /* Global argv[0]; dtlogin name and path */
int response[2], request[2]; int response[2], request[2];

16
cde/programs/dtlogin/sysauth.c
View file

@ -84,7 +84,7 @@
#include <stdlib.h> #include <stdlib.h>
#include <pwd.h> #include <pwd.h>
#ifdef PAM #if defined(PAM) || defined(HAS_PAM_LIBRARY)
#include <security/pam_appl.h> #include <security/pam_appl.h>
#endif #endif
@ -114,7 +114,8 @@
/* /*
* Define as generic those without platform specific code. * Define as generic those without platform specific code.
*/ */
#if !(defined(__hpux) || defined(_AIX) || defined(sun)) #if !(defined(__hpux) || defined(_AIX) || defined(sun) || \
defined(HAS_PAM_LIBRARY))
#define generic #define generic
#endif #endif
@ -1061,7 +1062,8 @@ WriteBtmp( char *name )
***************************************************************************/ ***************************************************************************/
#ifdef sun #if defined(sun) || defined(HAS_PAM_LIBRARY)
/*************************************************************************** /***************************************************************************
* *
* Start authentication routines (SUN) * Start authentication routines (SUN)
@ -1150,8 +1152,14 @@ Authenticate( struct display *d, char *name, char *passwd, char **msg )
* Authenticate user and return status * Authenticate user and return status
*/ */
#if defined(PAM) || defined(HAS_PAM_LIBRARY)
status =
#ifdef PAM #ifdef PAM
status = PamAuthenticate("dtlogin", d->name, passwd, name, ttyLine); PamAuthenticate
#else
_DtAuthentication
#endif
("dtlogin", d->name, passwd, name, ttyLine);
switch(status) { switch(status) {
case PAM_SUCCESS: case PAM_SUCCESS: