суббота, 6 августа 2011 г.

How to check user credentials? 

linux version:
/**============================================================================


 File......: linux_user_validator.c
 Author....: Vyacheslav Kovalyov
 Created...: 8/6/11


 Description: Linux user validator.
 How to make: g++ linux_user_validator.c -lpam -lpam_misc
 Dependence : libpam-dev


 ============================================================================*/


#include <security/pam_appl.h>
#include <security/pam_misc.h>
#include <stdio.h>
#include <dlfcn.h>
#include <ctype.h>
#include <string.h>
#include <stdlib.h>


#define ERR_CODE 1;
#define COPY_STRING(s) (s) ? strdup(s) : NULL;


static char*  user;
static char*  pwd;
static int PAM_conv (int, const struct pam_message**,
                     struct pam_response**, void*);
static struct pam_conv PAM_converse = {
  PAM_conv,
 NULL
};


static int PAM_conv (int num_msg, const struct pam_message **msg,
                     struct pam_response **resp, void *appdata_ptr) {
   int replies = 0;
   struct pam_response *reply = NULL;


   reply = (struct pam_response *) malloc(sizeof(struct pam_response) * num_msg);
   if (!reply) return PAM_CONV_ERR;


   for (replies = 0; replies < num_msg; replies++) {


      //SecurId requires this syntax.
      if (! strcmp(msg[replies]->msg,"Enter PASSCODE: ")) {
         reply[replies].resp = COPY_STRING(pwd);
      }


      if (! strcmp(msg[replies]->msg,"Password: ")) {
         reply[replies].resp = COPY_STRING(pwd);
      }


      //Mac OS X
      if (! strcmp(msg[replies]->msg,"Password:")) {
         reply[replies].resp = COPY_STRING(pwd);
      }


      // HP-UX
      if (! strcmp(msg[replies]->msg,"System Password:")) {
         reply[replies].resp = COPY_STRING(pwd);
      }
   }
   *resp = reply;
   return PAM_SUCCESS;
}


int main(int argc, char** argv)
{
   if (argc < 3) {
      return ERR_CODE;
   }


   user = argv[1];
   pwd = argv[2];


   static struct pam_conv pam_conversation = { misc_conv, NULL };
   pam_handle_t*          pamh;


   int res = pam_start(argv[0], user, &PAM_converse, &pamh);


   if (res == PAM_SUCCESS) {
      res = pam_authenticate(pamh, 0);
   }


   if (res == PAM_SUCCESS) {
      res = pam_acct_mgmt(pamh, 0);
   }


   pam_end(pamh, res);


   return res == PAM_SUCCESS ? 0 : ERR_CODE;
}
Автор: на
Ярлыки: , ,

Комментариев нет:

Отправить комментарий

Подписаться на: Комментарии к сообщению (Atom)