2 * Copyright 2000, International Business Machines Corporation and others.
5 * This software has been released under the terms of the IBM Public
6 * License. For details, see the LICENSE file in the top-level source
7 * directory or online at http://www.openafs.org/dl/license10.html
10 #include <afsconfig.h>
11 #include <afs/param.h>
15 #include <security/pam_appl.h>
17 static int my_conv(int num_msg
, PAM_CONST
struct pam_message
**msg
,
18 struct pam_response
**response
, void *appdata_ptr
);
21 static struct pam_conv pam_conv
= { &my_conv
, NULL
};
24 static pam_handle_t
*pamh
;
27 static const char *service
= "afstest";
28 static const char *new_envstring
= "GOTHEREVIATESTPAM=1";
29 static const char *new_homestring
= "HOME=/tmp";
31 #if defined(AFS_LINUX20_ENV) || defined(AFS_FBSD_ENV) || defined(AFS_DFBSD_ENV) || defined(AFS_NBSD_ENV) || defined(AFS_DARWIN_ENV)
32 #define getpassphrase getpass
37 main(int argc
, char *argv
[])
39 int authenticated
= 0;
44 if (argc
< 2 || argc
> 3) {
45 fprintf(stderr
, "Usage: %s [-u] <user>\n", argv
[0]);
49 if (strcmp(argv
[1], "-u") != 0) {
50 fprintf(stderr
, "Usage: %s [-u] <user>\n", argv
[0]);
53 /* service = "unixtest"; */
61 pam_start(service
, username
, &pam_conv
, &pamh
)) != PAM_SUCCESS
) {
62 fprintf(stderr
, "PAM error %d\n", retcode
);
66 authenticated
= ((retcode
= pam_authenticate(pamh
, 0)) == PAM_SUCCESS
);
69 fprintf(stderr
, "PAM couldn't authenticate you.\n");
70 pam_end(pamh
, PAM_ABORT
);
74 if ((retcode
= pam_acct_mgmt(pamh
, 0)) != PAM_SUCCESS
) {
75 fprintf(stderr
, "pam_acct_mgmt returned %d.\n", retcode
);
76 pam_end(pamh
, PAM_ABORT
);
80 /* pam_open_session */
83 if ((retcode
= pam_setcred(pamh
, PAM_ESTABLISH_CRED
)) != PAM_SUCCESS
) {
84 fprintf(stderr
, "pam_setcred returned %d.\n", retcode
);
85 pam_end(pamh
, PAM_ABORT
);
89 if ((retcode
= pam_open_session(pamh
, PAM_SILENT
)) != PAM_SUCCESS
) {
90 fprintf(stderr
, "pam_open_session returned %d.\n", retcode
);
91 pam_end(pamh
, PAM_ABORT
);
94 pam_end(pamh
, PAM_SUCCESS
);
96 putenv((char *)new_envstring
);
97 putenv((char *)new_homestring
);
99 if ((retcode
= chdir("/tmp")) != 0) {
100 fprintf(stderr
, "chdir returned %d.\n", retcode
);
104 printf("Type exit to back out.\n");
105 return execl("/bin/csh", "/bin/csh", NULL
);
110 my_conv(int num_msg
, PAM_CONST
struct pam_message
**msg
, struct pam_response
**response
,
113 PAM_CONST
struct pam_message
*m
;
114 struct pam_response
*r
;
119 *response
= calloc(num_msg
, sizeof(struct pam_response
));
120 if (*response
== NULL
)
128 switch (m
->msg_style
) {
129 case PAM_PROMPT_ECHO_OFF
:
131 /* ON HP's we still read 8 chars */
133 r
->resp
= strdup(getpass(m
->msg
));
136 r
->resp
= strdup(getpassphrase(m
->msg
));
139 case PAM_PROMPT_ECHO_ON
:
140 fputs(m
->msg
, stdout
);
142 r
->resp
= malloc(PAM_MAX_RESP_SIZE
);
143 if (fgets(r
->resp
, PAM_MAX_RESP_SIZE
, stdin
) == NULL
) {
144 fprintf(stderr
, "fgets did not work as expected\n");
147 r
->resp
[PAM_MAX_RESP_SIZE
- 1] = '\0';
148 p
= &r
->resp
[strlen(r
->resp
) - 1];
149 while (*p
== '\n' && p
>= r
->resp
)
154 fputs(m
->msg
, stderr
);
157 fputs(m
->msg
, stdout
);