merged logging code into main branch. use configure option --without-logfile to...

[netatalk.git] / etc / uams / uams_pam.c
diff --git a/etc/uams/uams_pam.c b/etc/uams/uams_pam.c

index 3475913ff363e11d7127629b2c3148929a5884cb..57d7ee4b7bf981ed1a4a5e7860c5d728c1026d3d 100644 (file)
--- a/etc/uams/uams_pam.c
+++ b/etc/uams/uams_pam.c
@@ -1,14 +1,37 @@
  /*
+ * $Id: uams_pam.c,v 1.11 2002-01-04 04:45:48 sibaz Exp $
+ *
   * Copyright (c) 1990,1993 Regents of The University of Michigan.
   * Copyright (c) 1999 Adrian Sun (asun@u.washington.edu) 
   * All Rights Reserved.  See COPYRIGHT.
   */
-#ifdef USE_PAM
+
+#ifdef HAVE_CONFIG_H
+#include "config.h"
+#endif /* HAVE_CONFIG_H */
+
  #include <stdio.h>
  #include <stdlib.h>
+#ifdef HAVE_UNISTD_H
  #include <unistd.h>
+#endif /* HAVE_UNISTD_H */
+
+/* STDC check */
+#if STDC_HEADERS
  #include <string.h>
-#include <syslog.h>
+#else /* STDC_HEADERS */
+#ifndef HAVE_STRCHR
+#define strchr index
+#define strrchr index
+#endif /* HAVE_STRCHR */
+char *strchr (), *strrchr ();
+#ifndef HAVE_MEMCPY
+#define memcpy(d,s,n) bcopy ((s), (d), (n))
+#define memmove(d,s,n) bcopy ((s), (d), (n))
+#endif /* ! HAVE_MEMCPY */
+#endif /* STDC_HEADERS */
+
+#include <atalk/logger.h>
  
  #include <security/pam_appl.h>
  
@@ -63,7 +86,7 @@ static int PAM_conv (int num_msg,
      case PAM_TEXT_INFO:
  #ifdef PAM_BINARY_PROMPT
      case PAM_BINARY_PROMPT:
-#endif
+#endif /* PAM_BINARY_PROMPT */
        /* ignore it... */
        break;
      case PAM_ERROR_MSG:
@@ -117,9 +140,13 @@ static int pam_login(void *obj, struct passwd **uam_pwd,
                              (void *) &username, &ulen) < 0)
        return AFPERR_MISC;
  
-    if (uam_afpserver_option(obj, UAM_OPTION_HOSTNAME,
+    if (uam_afpserver_option(obj, UAM_OPTION_CLIENTNAME,
                              (void *) &hostname, NULL) < 0)
-      return AFPERR_MISC;
+       {
+       LOG(log_info, logtype_default, "uams_pam.c :PAM: unable to retrieve client hostname");
+       hostname = NULL;
+       }
+
  
      len = (unsigned char) *ibuf++;
      if ( len > ulen ) {
@@ -137,7 +164,7 @@ static int pam_login(void *obj, struct passwd **uam_pwd,
         return AFPERR_PARAM;
      }
  
-    syslog(LOG_INFO, "cleartext login: %s", username);
+    LOG(log_info, logtype_default, "cleartext login: %s", username);
      PAM_username = username;
      PAM_password = ibuf; /* Set these things up for the conv function */
  
@@ -164,13 +191,13 @@ static int pam_login(void *obj, struct passwd **uam_pwd,
  #ifdef PAM_AUTHTOKEN_REQD
        else if (PAM_error == PAM_AUTHTOKEN_REQD) 
         err = AFPERR_PWDCHNG;
-#endif
+#endif /* PAM_AUTHTOKEN_REQD */
        goto login_err;
      }
  
  #ifndef PAM_CRED_ESTABLISH
  #define PAM_CRED_ESTABLISH PAM_ESTABLISH_CRED
-#endif
+#endif /* PAM_CRED_ESTABLISH */
      PAM_error = pam_setcred(pamh, PAM_CRED_ESTABLISH);
      if (PAM_error != PAM_SUCCESS)
        goto login_err;
@@ -255,20 +282,121 @@ static int pam_changepw(void *obj, char *username,
  }
  
  
+/* Printer ClearTxtUAM login */
+int pam_printer(start, stop, username, out)
+        char    *start, *stop, *username;
+       struct papfile  *out;
+{
+    int PAM_error;
+    char       *data, *p, *q;
+    char       password[PASSWDLEN + 1] = "\0";
+    static const char *loginok = "0\r";
+
+    data = (char *)malloc(stop - start + 1);
+    strncpy(data, start, stop - start + 1);
+
+    /* We are looking for the following format in data:
+     * (username) (password)
+     *
+     * Let's hope username doesn't contain ") ("!
+     */
+
+    /* Parse input for username in () */
+    if ((p = strchr(data, '(' )) == NULL) {
+       LOG(log_info, logtype_default,"Bad Login ClearTxtUAM: username not found in string");
+       free(data);
+       return(-1);
+    }
+    p++;
+    if ((q = strstr(data, ") (" )) == NULL) {
+       LOG(log_info, logtype_default,"Bad Login ClearTxtUAM: username not found in string");
+       free(data);
+       return(-1);
+    }
+    strncpy(username, p, q - p);
+
+    /* Parse input for password in next () */
+    p = q + 3;
+    if ((q = strrchr(data, ')' )) == NULL) {
+       LOG(log_info, logtype_default,"Bad Login ClearTxtUAM: password not found in string");
+       free(data);
+       return(-1);
+    }
+    strncpy(password, p, q - p);
+
+    /* Done copying username and password, clean up */
+    free(data);
+
+    PAM_username = username;
+    PAM_password = password;
+
+    PAM_error = pam_start("netatalk", username, &PAM_conversation,
+                          &pamh);
+    if (PAM_error != PAM_SUCCESS) {
+       LOG(log_info, logtype_default, "Bad Login ClearTxtUAM: %s: %s", 
+                       username, pam_strerror(pamh, PAM_error));
+        pam_end(pamh, PAM_error);
+        pamh = NULL;
+        return(-1);
+    }
+
+    pam_set_item(pamh, PAM_TTY, "papd");
+    pam_set_item(pamh, PAM_RHOST, hostname);
+    PAM_error = pam_authenticate(pamh,0);
+    if (PAM_error != PAM_SUCCESS) {
+       LOG(log_info, logtype_default, "Bad Login ClearTxtUAM: %s: %s", 
+                       username, pam_strerror(pamh, PAM_error));
+        pam_end(pamh, PAM_error);
+        pamh = NULL;
+        return(-1);
+    }      
+
+    PAM_error = pam_acct_mgmt(pamh, 0);
+    if (PAM_error != PAM_SUCCESS) {
+       LOG(log_info, logtype_default, "Bad Login ClearTxtUAM: %s: %s", 
+                       username, pam_strerror(pamh, PAM_error));
+        pam_end(pamh, PAM_error);
+        pamh = NULL;
+        return(-1);
+    }
+
+    PAM_error = pam_open_session(pamh, 0);
+    if (PAM_error != PAM_SUCCESS) {
+       LOG(log_info, logtype_default, "Bad Login ClearTxtUAM: %s: %s", 
+                       username, pam_strerror(pamh, PAM_error));
+        pam_end(pamh, PAM_error);
+        pamh = NULL;
+        return(-1);
+    }
+
+    /* Login successful, but no need to hang onto it,
+       so logout immediately */
+    append(out, loginok, strlen(loginok));
+    LOG(log_info, logtype_default, "Login ClearTxtUAM: %s", username);
+    pam_close_session(pamh, 0);
+    pam_end(pamh, 0);
+    pamh = NULL;
+
+    return(0);
+}
+
+
  static int uam_setup(const char *path)
  {
    if (uam_register(UAM_SERVER_LOGIN, path, "Cleartxt Passwrd", 
                    pam_login, NULL, pam_logout) < 0)
-    return -1;
+       return -1;
  
    if (uam_register(UAM_SERVER_CHANGEPW, path, "Cleartxt Passwrd",
                    pam_changepw) < 0) {
-    uam_unregister(UAM_SERVER_LOGIN, "Cleartxt Passwrd");
-    return -1;
+       uam_unregister(UAM_SERVER_LOGIN, "Cleartxt Passwrd");
+       return -1;
    }
  
-  /*uam_register(UAM_SERVER_PRINTAUTH, path, "Cleartxt Passwrd",
-    pam_printer);*/
+  if (uam_register(UAM_SERVER_PRINTAUTH, path, "ClearTxtUAM",
+                  pam_printer) < 0) {
+       return -1;
+  }
  
    return 0;
  }
@@ -277,7 +405,7 @@ static void uam_cleanup(void)
  {
    uam_unregister(UAM_SERVER_LOGIN, "Cleartxt Passwrd");
    uam_unregister(UAM_SERVER_CHANGEPW, "Cleartxt Passwrd");
-  /*uam_unregister(UAM_SERVER_PRINTAUTH, "Cleartxt Passwrd"); */
+  uam_unregister(UAM_SERVER_PRINTAUTH, "ClearTxtUAM");
  }
  
  UAM_MODULE_EXPORT struct uam_export uams_clrtxt = {
@@ -286,4 +414,8 @@ UAM_MODULE_EXPORT struct uam_export uams_clrtxt = {
    uam_setup, uam_cleanup
  };
  
-#endif /* USE_PAM */
+UAM_MODULE_EXPORT struct uam_export uams_pam = {
+  UAM_MODULE_SERVER,
+  UAM_MODULE_VERSION,
+  uam_setup, uam_cleanup
+};