[krb5-auth-dialog] Add simple PAM plugin
- From: Guido Günther <guidog src gnome org>
- To: commits-list gnome org
- Cc:
- Subject: [krb5-auth-dialog] Add simple PAM plugin
- Date: Tue, 27 Apr 2010 17:51:58 +0000 (UTC)
commit 0c5190a9f2161ab25f6081d6e179b4e6317954fa
Author: Guido Günther <agx sigxcpu org>
Date: Tue Apr 20 22:23:01 2010 +0200
Add simple PAM plugin
BZ: #347034
configure.ac | 28 ++++++++++-
plugins/Makefile.am | 26 ++++++++++
plugins/ka-plugin-pam.c | 128 +++++++++++++++++++++++++++++++++++++++++++++++
plugins/ka-plugin-pam.h | 59 ++++++++++++++++++++++
4 files changed, 239 insertions(+), 2 deletions(-)
---
diff --git a/configure.ac b/configure.ac
index cf05c5f..79301a6 100644
--- a/configure.ac
+++ b/configure.ac
@@ -218,7 +218,7 @@ AC_SUBST(check_interval)
minimum_lifetime=30
AC_DEFINE_UNQUOTED(MINUTES_BEFORE_PROMPTING,[$minimum_lifetime],
- [Define the to the minimum amount of time (m) a credential
+ [Define to the minimum amount of time (m) a credential
will have to be valid before we will ask the user to get
fresh credentials.])
AC_SUBST(minimum_lifetime)
@@ -229,6 +229,23 @@ dnl
KA_PLUGINS_DIR="$libdir/krb5-auth-dialog/plugins"
AC_SUBST(KA_PLUGINS_DIR)
+dnl PAM Plugin
+AC_ARG_WITH(pam-plugin,
+ [ --with-pam-plugin, enable PAM plugin],
+ [with_pam_plugin=yes],
+ [with_pam_plugin=no])
+if test x"$with_pam_plugin" = x"yes"; then
+ have_pam=no
+ AC_CHECK_LIB(pam, pam_start, have_pam=yes)
+ if test "x$have_pam" = "xyes"; then
+ PAM_LIBS="${PAM_LIBS} -lpam"
+ else
+ AC_MSG_ERROR("PAM libraries not found")
+ fi
+fi
+AC_SUBST(PAM_LIBS)
+AM_CONDITIONAL([ENABLE_PAM_PLUGIN],[test "x$with_pam_plugin" = "xyes"])
+
dnl Final stage
AC_OUTPUT([
Makefile
@@ -279,4 +296,11 @@ AC_MSG_NOTICE([ Debug : $enable_debug])
AC_MSG_NOTICE([ Minimum Lifetime: $minimum_lifetime minutes])
AC_MSG_NOTICE([ Check Interval: $check_interval seconds])
AC_MSG_NOTICE([])
-
+AC_MSG_NOTICE([Plugins])
+AC_MSG_NOTICE([])
+if test "$with_pam_plugin" = "yes" ; then
+AC_MSG_NOTICE([ PAM plugin: $PAM_LIBS])
+else
+AC_MSG_NOTICE([ PAM plugin: no])
+fi
+AC_MSG_NOTICE([])
diff --git a/plugins/Makefile.am b/plugins/Makefile.am
index 0b41e38..8fecd5c 100644
--- a/plugins/Makefile.am
+++ b/plugins/Makefile.am
@@ -2,8 +2,15 @@ NULL =
pkglibdir = $(KA_PLUGINS_DIR)
+if ENABLE_PAM_PLUGIN
+ PAM_PLUGIN = libka-plugin-pam.la
+else
+ PAM_PLUGIN =
+endif
+
pkglib_LTLIBRARIES = \
libka-plugin-dummy.la \
+ $(PAM_PLUGIN) \
$(NULL)
# Dummy example plugin
@@ -21,3 +28,22 @@ libka_plugin_dummy_la_LDFLAGS = \
-module \
-avoid-version \
$(NULL)
+
+# PAM plugin
+if ENABLE_PAM_PLUGIN
+libka_plugin_pam_la_SOURCES = \
+ ka-plugin-pam.c \
+ ka-plugin-pam.h \
+ $(NULL)
+
+libka_plugin_pam_la_CPPFLAGS = \
+ $(GTK_CFLAGS) \
+ -I$(top_srcdir)/src \
+ $(NULL)
+
+libka_plugin_pam_la_LDFLAGS = \
+ -module \
+ -avoid-version \
+ $(PAM_LIBS) \
+ $(NULL)
+endif
diff --git a/plugins/ka-plugin-pam.c b/plugins/ka-plugin-pam.c
new file mode 100644
index 0000000..53d1f06
--- /dev/null
+++ b/plugins/ka-plugin-pam.c
@@ -0,0 +1,128 @@
+/*
+ * Copyright (C) 2010 Guido Guenther <agx sigxcpu org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2, or (at your option)
+ * any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ */
+
+#include "ka-plugin-pam.h"
+#include <gmodule.h>
+
+#include <security/pam_appl.h>
+
+G_DEFINE_TYPE (KaPluginPam, ka_plugin_pam, KA_TYPE_PLUGIN)
+
+#define GET_PRIVATE(o) \
+ (G_TYPE_INSTANCE_GET_PRIVATE ((o), KA_TYPE_PLUGIN_PAM, KaPluginPamPrivate))
+
+typedef struct _KaPluginPamPrivate KaPluginPamPrivate;
+
+int ka_plugin_major_version = KA_PLUGIN_MAJOR_VERSION;
+int ka_plugin_minor_version = KA_PLUGIN_MINOR_VERSION;
+
+G_MODULE_EXPORT KaPlugin*
+ka_plugin_create (void)
+{
+ return KA_PLUGIN (ka_plugin_pam_new());
+}
+
+struct _KaPluginPamPrivate {
+ gulong handlers[2];
+};
+
+static void
+ka_plugin_pam_finalize (GObject *object)
+{
+ G_OBJECT_CLASS (ka_plugin_pam_parent_class)->finalize (object);
+}
+
+static int simple_conv( int n, const struct pam_message **msg, struct pam_response **resp, void *data)
+{
+ return (PAM_CONV_ERR);
+}
+
+static struct pam_conv simplepamconv = { simple_conv, NULL };
+
+static void
+renewed_event_cb (gpointer* applet, gchar* princ, guint when, gpointer user_data)
+{
+ const char *user;
+ pam_handle_t *pamh = NULL;
+ int retval = 0;
+
+ user = g_get_user_name ();
+ retval = pam_start("ka-plugin-pam", user, &simplepamconv, &pamh);
+ if (retval)
+ goto out;
+
+ retval = pam_setcred(pamh, PAM_ESTABLISH_CRED);
+ if (retval)
+ goto out;
+
+out:
+ if (retval)
+ g_warning("PAM plugin: %s", pam_strerror(pamh, retval));
+
+ if (pamh)
+ pam_end(pamh, PAM_SUCCESS);
+}
+
+static void
+ka_plugin_pam_activate (KaPlugin *self, KaApplet* applet)
+{
+ KaPluginPamPrivate *priv = GET_PRIVATE (self);
+
+ priv->handlers[1] = g_signal_connect (applet,
+ "krb-tgt-acquired",
+ G_CALLBACK (renewed_event_cb),
+ NULL);
+ priv->handlers[0] = g_signal_connect (applet,
+ "krb-tgt-renewed",
+ G_CALLBACK (renewed_event_cb),
+ NULL);
+}
+
+
+static void
+ka_plugin_pam_deactivate (KaPlugin *self, KaApplet* applet)
+{
+ KaPluginPamPrivate *priv = GET_PRIVATE (self);
+
+ g_signal_handler_disconnect (applet, priv->handlers[0]);
+ g_signal_handler_disconnect (applet, priv->handlers[1]);
+}
+
+static void
+ka_plugin_pam_class_init (KaPluginPamClass *klass)
+{
+ GObjectClass *object_class = G_OBJECT_CLASS (klass);
+ KaPluginClass *plugin_class = KA_PLUGIN_CLASS (klass);
+
+ g_type_class_add_private (klass, sizeof (KaPluginPamPrivate));
+
+ plugin_class->activate = ka_plugin_pam_activate;
+ plugin_class->deactivate = ka_plugin_pam_deactivate;
+ object_class->finalize = ka_plugin_pam_finalize;
+}
+
+static void
+ka_plugin_pam_init (KaPluginPam *self)
+{
+}
+
+KaPluginPam*
+ka_plugin_pam_new (void)
+{
+ return g_object_new (KA_TYPE_PLUGIN_PAM, KA_PLUGIN_PROP_NAME, "pam", NULL);
+}
diff --git a/plugins/ka-plugin-pam.h b/plugins/ka-plugin-pam.h
new file mode 100644
index 0000000..c693121
--- /dev/null
+++ b/plugins/ka-plugin-pam.h
@@ -0,0 +1,59 @@
+/*
+ * Copyright (C) 2010 Guido Guenther <agx sigxcpu org>
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2, or (at your option)
+ * any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ */
+
+#ifndef _KA_PLUGIN_PAM
+#define _KA_PLUGIN_PAM
+
+#include <ka-plugin.h>
+
+G_BEGIN_DECLS
+
+#define KA_TYPE_PLUGIN_PAM ka_plugin_pam_get_type()
+
+#define KA_PLUGIN_PAM(obj) \
+ (G_TYPE_CHECK_INSTANCE_CAST ((obj), KA_TYPE_PLUGIN_PAM, KaPluginPam))
+
+#define KA_PLUGIN_PAM_CLASS(klass) \
+ (G_TYPE_CHECK_CLASS_CAST ((klass), KA_TYPE_PLUGIN_PAM, KaPluginPamClass))
+
+#define KA_IS_PLUGIN_PAM(obj) \
+ (G_TYPE_CHECK_INSTANCE_TYPE ((obj), KA_TYPE_PLUGIN_PAM))
+
+#define KA_IS_PLUGIN_PAM_CLASS(klass) \
+ (G_TYPE_CHECK_CLASS_TYPE ((klass), KA_TYPE_PLUGIN_PAM))
+
+#define KA_PLUGIN_PAM_GET_CLASS(obj) \
+ (G_TYPE_INSTANCE_GET_CLASS ((obj), KA_TYPE_PLUGIN_PAM, KaPluginPamClass))
+
+typedef struct {
+ KaPlugin parent;
+} KaPluginPam;
+
+typedef struct {
+ KaPluginClass parent_class;
+} KaPluginPamClass;
+
+GType ka_plugin_pam_get_type (void);
+
+KaPluginPam* ka_plugin_pam_new (void);
+
+G_END_DECLS
+
+#endif /* _KA_PLUGIN_PAM */
+
+/* ka-plugin-pam.c */
[
Date Prev][
Date Next] [
Thread Prev][
Thread Next]
[
Thread Index]
[
Date Index]
[
Author Index]
