2 * Copyright 2000, International Business Machines Corporation and others.
5 * This software has been released under the terms of the IBM Public
6 * License. For details, see the LICENSE file in the top-level source
7 * directory or online at http://www.openafs.org/dl/license10.html
15 #include <security/pam_appl.h>
16 #include <afsconfig.h>
17 #include <afs/param.h>
25 char *pam_afs_ident = "pam_afs";
26 char *pam_afs_lh = "TRANSARC_PAM_AFS_AUTH_login_handle";
36 memset(data, 0, strlen(data));
50 /* The PAM module needs to be free from libucb dependency. Otherwise,
51 dynamic linking is a problem, the AFS PAM library refuses to coexist
52 with the DCE library. The sigvec() and sigsetmask() are the only two
53 calls that neccesiate the inclusion of libucb.a. There are used by
54 the lwp library to support premeptive threads and signalling between
55 threads. Since the lwp support used by the PAM module uses none of
56 these facilities, we can safely define these to be null functions */
58 #if !defined(AFS_HPUX110_ENV)
59 /* For HP 11.0, this function is in util/hputil.c */
60 sigvec(int sig, const struct sigvec* vec, struct sigvec* ovec)
69 #endif /* AFS_HPUX110_ENV */
71 /* converts string to integer */
73 char *cv2string(ttp, aval)
75 register unsigned long aval;
77 register char *tp = ttp;
93 int do_klog(const char* user, const char* password, const char* lifetime)
103 #if defined(AFS_KERBEROS_ENV)
108 if (access(klog_prog, X_OK) != 0) {
109 syslog(LOG_ERR, "can not access klog program '%s'", KLOG);
112 #if defined(AFS_KERBEROS_ENV)
113 argv[argc++] = "klog.krb";
116 argv[argc++] = "klog";
118 argv[argc++] = (char*)user;
119 argv[argc++] = "-silent";
120 argv[argc++] = "-pipe";
121 if (lifetime != NULL) {
122 argv[argc++] = "-lifetime";
123 argv[argc++] = (char*)lifetime;
127 if (pipe(pipedes) != 0) {
128 syslog(LOG_ERR, "can not open pipe: %s", strerror(errno));
133 case (-1): /* Error: fork failed */
134 syslog(LOG_ERR, "fork failed: %s", strerror(errno));
136 case (0) : /* child */
143 execv(klog_prog, argv);
145 syslog(LOG_ERR, "execv failed: %s", strerror(errno));
150 write(pipedes[1], password, strlen(password));
151 write(pipedes[1], "\n", 1);
154 if (pid != wait(&status)) return(0);
155 if (WIFEXITED(status)) {
156 ret = WEXITSTATUS(status);
159 syslog(LOG_NOTICE, "%s for %s failed", klog_prog, user) ;
162 /* syslog(LOG_DEBUG, "do_klog returns %d", ret); */
166 /* get the current AFS pag for the calling process */
167 static afs_int32 curpag()
171 afs_uint32 h, l, ret;
173 if (getgroups(sizeof groups/sizeof groups[0], groups) < 2) return 0;
175 g0 = groups[0] & 0xffff;
176 g1 = groups[1] & 0xffff;
179 if (g0 < 0xc000 && g1 < 0xc000) {
180 l = ((g0 & 0x3fff) << 14) | (g1 & 0x3fff);
182 h = (g1 >> 14) + h + h + h;
183 ret = ((h << 28) | l);
184 /* Additional testing */
185 if (((ret >> 24) & 0xff) == 'A')
193 /* Returns the AFS pag number, if any, otherwise return -1 */
199 if (pag == 0 || pag == -1)
202 /* high order byte is always 'A'; actual pag value is low 24 bits */
203 return (pag & 0xFFFFFF);