Annotation of embedaddon/quagga/vtysh/vtysh_user.c, revision 1.1.1.2
1.1 misho 1: /* User authentication for vtysh.
2: * Copyright (C) 2000 Kunihiro Ishiguro
3: *
4: * This file is part of GNU Zebra.
5: *
6: * GNU Zebra is free software; you can redistribute it and/or modify it
7: * under the terms of the GNU General Public License as published by the
8: * Free Software Foundation; either version 2, or (at your option) any
9: * later version.
10: *
11: * GNU Zebra is distributed in the hope that it will be useful, but
12: * WITHOUT ANY WARRANTY; without even the implied warranty of
13: * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14: * General Public License for more details.
15: *
16: * You should have received a copy of the GNU General Public License
17: * along with GNU Zebra; see the file COPYING. If not, write to the Free
18: * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
19: * 02111-1307, USA.
20: */
21:
22: #include <zebra.h>
23: #include <lib/version.h>
24:
25: #include <pwd.h>
26:
27: #ifdef USE_PAM
28: #include <security/pam_appl.h>
29: #ifdef HAVE_PAM_MISC_H
30: #include <security/pam_misc.h>
31: #endif
32: #ifdef HAVE_OPENPAM_H
33: #include <security/openpam.h>
34: #endif
35: #endif /* USE_PAM */
36:
37: #include "memory.h"
38: #include "linklist.h"
39: #include "command.h"
1.1.1.2 ! misho 40: #include "vtysh_user.h"
1.1 misho 41:
42: #ifdef USE_PAM
43: static struct pam_conv conv =
44: {
45: PAM_CONV_FUNC,
46: NULL
47: };
48:
1.1.1.2 ! misho 49: static int
1.1 misho 50: vtysh_pam (const char *user)
51: {
52: int ret;
53: pam_handle_t *pamh = NULL;
54:
55: /* Start PAM. */
56: ret = pam_start(QUAGGA_PROGNAME, user, &conv, &pamh);
57: /* printf ("ret %d\n", ret); */
58:
59: /* Is user really user? */
60: if (ret == PAM_SUCCESS)
61: ret = pam_authenticate (pamh, 0);
62: /* printf ("ret %d\n", ret); */
63:
64: #if 0
65: /* Permitted access? */
66: if (ret == PAM_SUCCESS)
67: ret = pam_acct_mgmt (pamh, 0);
68: printf ("ret %d\n", ret);
69:
70: if (ret == PAM_AUTHINFO_UNAVAIL)
71: ret = PAM_SUCCESS;
72: #endif /* 0 */
73:
74: /* This is where we have been authorized or not. */
75: #ifdef DEBUG
76: if (ret == PAM_SUCCESS)
77: printf("Authenticated\n");
78: else
79: printf("Not Authenticated\n");
80: #endif /* DEBUG */
81:
82: /* close Linux-PAM */
83: if (pam_end (pamh, ret) != PAM_SUCCESS)
84: {
85: pamh = NULL;
86: fprintf(stderr, "vtysh_pam: failed to release authenticator\n");
87: exit(1);
88: }
89:
90: return ret == PAM_SUCCESS ? 0 : 1;
91: }
92: #endif /* USE_PAM */
93:
94: struct vtysh_user
95: {
96: char *name;
97: u_char nopassword;
98: };
99:
100: struct list *userlist;
101:
1.1.1.2 ! misho 102: static struct vtysh_user *
1.1 misho 103: user_new ()
104: {
105: return XCALLOC (0, sizeof (struct vtysh_user));
106: }
107:
1.1.1.2 ! misho 108: #if 0
! 109: static void
1.1 misho 110: user_free (struct vtysh_user *user)
111: {
112: XFREE (0, user);
113: }
1.1.1.2 ! misho 114: #endif
1.1 misho 115:
1.1.1.2 ! misho 116: static struct vtysh_user *
1.1 misho 117: user_lookup (const char *name)
118: {
119: struct listnode *node, *nnode;
120: struct vtysh_user *user;
121:
122: for (ALL_LIST_ELEMENTS (userlist, node, nnode, user))
123: {
124: if (strcmp (user->name, name) == 0)
125: return user;
126: }
127: return NULL;
128: }
129:
1.1.1.2 ! misho 130: #if 0
! 131: static void
1.1 misho 132: user_config_write ()
133: {
134: struct listnode *node, *nnode;
135: struct vtysh_user *user;
136:
137: for (ALL_LIST_ELEMENTS (userlist, node, nnode, user))
138: {
139: if (user->nopassword)
140: printf (" username %s nopassword\n", user->name);
141: }
142: }
1.1.1.2 ! misho 143: #endif
1.1 misho 144:
1.1.1.2 ! misho 145: static struct vtysh_user *
1.1 misho 146: user_get (const char *name)
147: {
148: struct vtysh_user *user;
149: user = user_lookup (name);
150: if (user)
151: return user;
152:
153: user = user_new ();
154: user->name = strdup (name);
155: listnode_add (userlist, user);
156:
157: return user;
158: }
159:
160: DEFUN (username_nopassword,
161: username_nopassword_cmd,
162: "username WORD nopassword",
163: "\n"
164: "\n"
165: "\n")
166: {
167: struct vtysh_user *user;
168: user = user_get (argv[0]);
169: user->nopassword = 1;
170: return CMD_SUCCESS;
171: }
172:
173: int
1.1.1.2 ! misho 174: vtysh_auth (void)
1.1 misho 175: {
176: struct vtysh_user *user;
177: struct passwd *passwd;
178:
179: passwd = getpwuid (geteuid ());
180:
181: user = user_lookup (passwd->pw_name);
182: if (user && user->nopassword)
183: /* Pass through */;
184: else
185: {
186: #ifdef USE_PAM
187: if (vtysh_pam (passwd->pw_name))
188: exit (0);
189: #endif /* USE_PAM */
190: }
191: return 0;
192: }
193:
1.1.1.2 ! misho 194: char *
! 195: vtysh_get_home (void)
! 196: {
! 197: struct passwd *passwd;
! 198:
! 199: passwd = getpwuid (getuid ());
! 200:
! 201: return passwd ? passwd->pw_dir : NULL;
! 202: }
! 203:
1.1 misho 204: void
1.1.1.2 ! misho 205: vtysh_user_init (void)
1.1 misho 206: {
207: userlist = list_new ();
208: install_element (CONFIG_NODE, &username_nopassword_cmd);
209: }
FreeBSD-CVSweb <freebsd-cvsweb@FreeBSD.org>