aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--include/security/pam_mod_misc.h8
-rw-r--r--modules/pam_securetty/pam_securetty.c1
-rw-r--r--modules/pam_unix/pam_unix.c23
3 files changed, 19 insertions, 13 deletions
diff --git a/include/security/pam_mod_misc.h b/include/security/pam_mod_misc.h
index 418fb1b..2f944e7 100644
--- a/include/security/pam_mod_misc.h
+++ b/include/security/pam_mod_misc.h
@@ -7,10 +7,6 @@
* an easier logging interface and some additional options for OpenPAM.
*/
-#ifndef __linux__
-# include <sys/cdefs.h>
-#endif
-
/*
* Common option names
@@ -19,8 +15,8 @@
#define PAM_OPT_AUTH_AS_SELF "auth_as_self"
#define PAM_OPT_ECHO_PASS "echo_pass"
#define PAM_OPT_DEBUG "debug"
-#define PAM_OPT_PRELIM_CHECK "prelim_check"
-#define PAM_OPT_UPDATE_AUTHTOK "update_authtok"
+//#define PAM_OPT_PRELIM_CHECK "prelim_check"
+//#define PAM_OPT_UPDATE_AUTHTOK "update_authtok"
#define PAM_OPT_MD5 "md5"
diff --git a/modules/pam_securetty/pam_securetty.c b/modules/pam_securetty/pam_securetty.c
index f6d7bc2..aa2d717 100644
--- a/modules/pam_securetty/pam_securetty.c
+++ b/modules/pam_securetty/pam_securetty.c
@@ -69,7 +69,6 @@ PAM_EXTERN int
pam_sm_setcred(pam_handle_t *pamh , int flags ,
int argc , const char *argv[])
{
-
return (PAM_SUCCESS);
}
diff --git a/modules/pam_unix/pam_unix.c b/modules/pam_unix/pam_unix.c
index 97e7145..fd0ce59 100644
--- a/modules/pam_unix/pam_unix.c
+++ b/modules/pam_unix/pam_unix.c
@@ -52,6 +52,7 @@ void makesalt(char salt[SALTSIZE]);
PAM_EXTERN int
pam_sm_authenticate(pam_handle_t *pamh, int flags,
int argc , const char *argv[] ) {
+ puts("AUTH");
struct passwd *pwd;
const char *pass, *crypt_pass, *real_hash, *user;
int pam_err;
@@ -127,6 +128,7 @@ pam_sm_setcred(pam_handle_t *pamh , int flags ,
* will be completed. For now, it's not very urgent.
*/
+ puts("SETCRED!");
return (PAM_SUCCESS);
}
@@ -139,12 +141,12 @@ PAM_EXTERN int
pam_sm_acct_mgmt(pam_handle_t *pamh, int flags ,
int argc , const char *argv[] ) {
+ puts("ACCT_MGMT");
struct spwd *pwd;
int pam_err;
const char *user;
time_t curtime;
- /* Sanity checks for uname,pwd,tty,host etc */
pam_err = pam_get_user(pamh, &user, NULL);
@@ -220,6 +222,9 @@ pam_sm_chauthtok(pam_handle_t *pamh, int flags,
int argc, const char *argv[])
{
+ puts("CHAUTHTOK");
+ fprintf(stdout, "flags :%d\n" , flags);
+ fprintf(stdout, "flags :0x%x\n" , flags);
/*
* NIS support will be left for future implementation.
* This is standard unix passwd changing function.
@@ -270,7 +275,11 @@ pam_sm_chauthtok(pam_handle_t *pamh, int flags,
- if ( openpam_get_option(pamh,PAM_OPT_PRELIM_CHECK) ) {
+ if ( flags & PAM_CHANGE_EXPIRED_AUTHTOK ) {
+ puts("EXPIRED AUTHTOK!");
+ }
+ if ( flags & PAM_PRELIM_CHECK ) {
+ puts("CHAUTHTOK_PRELIM");
PAM_LOG("Doing preliminary actions.");
if (getuid() == 0 ) {
/* root doesn't need old passwd */
@@ -278,8 +287,8 @@ pam_sm_chauthtok(pam_handle_t *pamh, int flags,
}
if ( (old_pwd->pw_passwd[0] == '\0' ) &&
- ( openpam_get_option(pamh, PAM_OPT_NULLOK) ) ) {
-// !(flags & PAM_DISALLOW_NULL_AUTHTOK) ) {
+ ( openpam_get_option(pamh, PAM_OPT_NULLOK) ) &&
+ !(flags & PAM_DISALLOW_NULL_AUTHTOK) ) {
/*
* Something funny could happen here since we don't
* ask for a password.
@@ -303,7 +312,8 @@ pam_sm_chauthtok(pam_handle_t *pamh, int flags,
if (strcmp(hashedpwd, old_pwd->pw_passwd) != 0)
return (PAM_PERM_DENIED);
- } else if ( openpam_get_option(pamh, PAM_OPT_UPDATE_AUTHTOK ) ) {
+ } else if ( flags & PAM_UPDATE_AUTHTOK ) {
+ puts("CHAUTHTOK_UPDATE");
PAM_LOG("Doing actual update.");
pam_err= pam_get_authtok(pamh, PAM_OLDAUTHTOK ,&old_pass, NULL);
@@ -370,7 +380,7 @@ PAM_EXTERN int
pam_sm_open_session( pam_handle_t * pamh, int flags,
int argc, const char * argv[])
{
-
+ puts("OPEN_SESSION");
char *user, *service;
int pam_err;
@@ -397,6 +407,7 @@ PAM_EXTERN int
pam_sm_close_session( pam_handle_t * pamh, int flags,
int argc, const char * argv[])
{
+ puts("CLOSE_SESSION");
char *user, *service;
int pam_err;
pam_err = pam_get_item(pamh, PAM_USER, (void *) &user);