/*
-** Copyright 1998 - 2006 Double Precision, Inc. See COPYING for
+** Copyright 1998 - 2012 Double Precision, Inc. See COPYING for
** distribution information.
*/
#endif
#include "auth.h"
#include "authwait.h"
-#include "authstaticlist.h"
+#include "courierauthstaticlist.h"
#include "courierauthdebug.h"
#if HAVE_SECURITY_PAM_APPL_H
#include <Pam/pam_appl.h>
#endif
-static const char rcsid[]="$Id: authpam.c,v 1.24 2006/10/28 19:22:52 mrsam Exp $";
static const char *pam_username, *pam_password, *pam_service;
NULL
};
-static int dopam(pam_handle_t **pamh)
+static int dopam(pam_handle_t **pamh, int *started)
{
-int retval;
+ int retval;
DPRINTF("pam_service=%s, pam_username=%s",
pam_service ? pam_service : "<null>",
pam_username ? pam_username : "<null>");
+ *started=1;
+
retval=pam_start(pam_service, pam_username, &conv, pamh);
if (retval != PAM_SUCCESS)
{
DPRINTF("pam_start failed, result %d [Hint: bad PAM configuration?]", retval);
+ *started=0;
}
#if 0
if (p == 0)
{
+ int started;
+
close(pipefd[0]);
- retval=dopam(&pamh);
+ retval=dopam(&pamh, &started);
if (retval == PAM_SUCCESS)
if (write(pipefd[1], "", 1) < 0)
; /* ignore gcc warning */
close(pipefd[1]);
+
+ if (started)
+ pam_end(pamh, retval);
_exit(0);
}
free(s);
errno=EPERM;
return (-1);
-
-#if 0
- free(s);
- close(pipefd[0]);
-
- retval=dopam(&pamh);
-
- if (retval == PAM_SUCCESS)
- retval=pam_open_session(pamh, 0);
-
- if (retval != PAM_SUCCESS)
- {
- if (pam_end(pamh, retval) != PAM_SUCCESS)
- perror("Unable to release PAM tokens");
-
- /* Wait for child to terminate */
-
- close(pipefd[1]); /* Tell the child to shut down */
- while (wait(&waitstat) != p)
- ;
- return (-1);
- }
-
- /* Tell child process to run in authenticated state */
-
- write(pipefd[1], "", 1);
- close(pipefd[1]);
-
- /* Wait for child process to finish */
-
- while (wait(&waitstat) != p)
- ;
-
- retval=pam_close_session(pamh, 0);
- if (retval != PAM_SUCCESS)
- perror("pam_close_session");
-
- if (pam_end(pamh, retval) != PAM_SUCCESS)
- perror("Unable to release PAM tokens");
-
- if (WIFEXITED(waitstat))
- exit(WEXITSTATUS(waitstat));
- exit(255);
- return (1);
-#endif
}
extern int auth_pam_pre(const char *userid, const char *service,