2 * Copyright 2000, International Business Machines Corporation and others.
5 * This software has been released under the terms of the IBM Public
6 * License. For details, see the LICENSE file in the top-level source
7 * directory or online at http://www.openafs.org/dl/license10.html
15 #include <security/pam_appl.h>
16 #include <afsconfig.h>
17 #include <afs/param.h>
25 char *pam_afs_ident = "pam_afs";
26 char *pam_afs_lh = "TRANSARC_PAM_AFS_AUTH_login_handle";
36 memset(data, 0, strlen(data));
50 /* The PAM module needs to be free from libucb dependency. Otherwise,
51 dynamic linking is a problem, the AFS PAM library refuses to coexist
52 with the DCE library. The sigvec() and sigsetmask() are the only two
53 calls that neccesiate the inclusion of libucb.a. There are used by
54 the lwp library to support premeptive threads and signalling between
55 threads. Since the lwp support used by the PAM module uses none of
56 these facilities, we can safely define these to be null functions */
58 #if !defined(AFS_HPUX110_ENV)
59 /* For HP 11.0, this function is in util/hputil.c */
60 sigvec(int sig, const struct sigvec* vec, struct sigvec* ovec)
64 #endif /* AFS_HPUX110_ENV */
70 /* converts string to integer */
72 char *cv2string(ttp, aval)
74 register unsigned long aval;
76 register char *tp = ttp;
92 int do_klog(const char* user, const char* password, const char* lifetime)
102 #if defined(AFS_KERBEROS_ENV)
107 if (access(klog_prog, X_OK) != 0) {
108 syslog(LOG_ERR, "can not access klog program '%s'", KLOG);
111 #if defined(AFS_KERBEROS_ENV)
112 argv[argc++] = "klog.krb";
115 argv[argc++] = "klog";
117 argv[argc++] = (char*)user;
118 argv[argc++] = "-silent";
119 argv[argc++] = "-pipe";
120 if (lifetime != NULL) {
121 argv[argc++] = "-lifetime";
122 argv[argc++] = (char*)lifetime;
126 if (pipe(pipedes) != 0) {
127 syslog(LOG_ERR, "can not open pipe: %s", strerror(errno));
132 case (-1): /* Error: fork failed */
133 syslog(LOG_ERR, "fork failed: %s", strerror(errno));
135 case (0) : /* child */
142 execv(klog_prog, argv);
144 syslog(LOG_ERR, "execv failed: %s", strerror(errno));
149 write(pipedes[1], password, strlen(password));
150 write(pipedes[1], "\n", 1);
153 if (pid != wait(&status)) return(0);
154 if (WIFEXITED(status)) {
155 ret = WEXITSTATUS(status);
158 syslog(LOG_NOTICE, "%s for %s failed", klog_prog, user) ;
161 /* syslog(LOG_DEBUG, "do_klog returns %d", ret); */
165 /* get the current AFS pag for the calling process */
166 static afs_int32 curpag()
170 afs_uint32 h, l, ret;
172 if (getgroups(sizeof groups/sizeof groups[0], groups) < 2) return 0;
174 g0 = groups[0] & 0xffff;
175 g1 = groups[1] & 0xffff;
178 if (g0 < 0xc000 && g1 < 0xc000) {
179 l = ((g0 & 0x3fff) << 14) | (g1 & 0x3fff);
181 h = (g1 >> 14) + h + h + h;
182 ret = ((h << 28) | l);
183 /* Additional testing */
184 if (((ret >> 24) & 0xff) == 'A')
192 /* Returns the AFS pag number, if any, otherwise return -1 */
198 if (pag == 0 || pag == -1)
201 /* high order byte is always 'A'; actual pag value is low 24 bits */
202 return (pag & 0xFFFFFF);