100
100
password_conversation(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr)
102
102
if (num_msg != 1 || msg[0]->msg_style != PAM_PROMPT_ECHO_OFF) {
103
fprintf(stderr, "ERROR: Unexpected PAM converstaion '%d/%s'\n", msg[0]->msg_style, msg[0]->msg);
107
/* Workaround for Solaris 2.6 where the PAM library is broken
108
* and does not pass appdata_ptr to the conversation routine
110
appdata_ptr = password;
113
fprintf(stderr, "ERROR: No password available to password_converstation!\n");
103
fprintf(stderr, "ERROR: Unexpected PAM converstaion '%d/%s'\n", msg[0]->msg_style, msg[0]->msg);
107
/* Workaround for Solaris 2.6 where the PAM library is broken
108
* and does not pass appdata_ptr to the conversation routine
110
appdata_ptr = password;
113
fprintf(stderr, "ERROR: No password available to password_converstation!\n");
116
116
*resp = calloc(num_msg, sizeof(struct pam_response));
118
fprintf(stderr, "ERROR: Out of memory!\n");
118
fprintf(stderr, "ERROR: Out of memory!\n");
121
121
(*resp)[0].resp = strdup((char *) appdata_ptr);
122
122
(*resp)[0].resp_retcode = 0;
159
158
setvbuf(stdout, NULL, _IOLBF, 0);
162
int ch = getopt(argc, argv, "1n:t:o");
179
fprintf(stderr, "Unknown getopt value '%c'\n", ch);
161
int ch = getopt(argc, argv, "1n:t:o");
178
fprintf(stderr, "Unknown getopt value '%c'\n", ch);
185
184
if (optind < argc) {
186
fprintf(stderr, "Unknown option '%s'\n", argv[optind]);
185
fprintf(stderr, "Unknown option '%s'\n", argv[optind]);
191
190
while (fgets(buf, BUFSIZE, stdin)) {
193
password = strchr(buf, '\n');
195
fprintf(stderr, "authenticator: Unexpected input '%s'\n", buf);
199
password = strchr(buf, ' ');
201
fprintf(stderr, "authenticator: Unexpected input '%s'\n", buf);
205
rfc1738_unescape(user);
206
rfc1738_unescape(password);
207
conv.appdata_ptr = (char *) password; /* from buf above. not allocated */
192
password = strchr(buf, '\n');
194
fprintf(stderr, "authenticator: Unexpected input '%s'\n", buf);
198
password = strchr(buf, ' ');
200
fprintf(stderr, "authenticator: Unexpected input '%s'\n", buf);
204
rfc1738_unescape(user);
205
rfc1738_unescape(password);
206
conv.appdata_ptr = (char *) password; /* from buf above. not allocated */
210
/* Create PAM connection */
211
retval = pam_start(service, user, &conv, &pamh);
212
if (retval != PAM_SUCCESS) {
213
fprintf(stderr, "ERROR: failed to create PAM authenticator\n");
216
} else if (!pamh || (time(NULL) - pamh_created) >= ttl || pamh_created > time(NULL)) {
217
/* Close previous PAM connection */
219
retval = pam_end(pamh, retval);
220
if (retval != PAM_SUCCESS) {
221
fprintf(stderr, "WARNING: failed to release PAM authenticator\n");
225
/* Initialize persistent PAM connection */
226
retval = pam_start(service, "squid@", &conv, &pamh);
227
if (retval != PAM_SUCCESS) {
228
fprintf(stderr, "ERROR: failed to create PAM authenticator\n");
231
pamh_created = time(NULL);
234
retval = PAM_SUCCESS;
236
if (retval == PAM_SUCCESS)
237
retval = pam_set_item(pamh, PAM_USER, user);
238
if (retval == PAM_SUCCESS)
239
retval = pam_set_item(pamh, PAM_CONV, &conv);
241
if (retval == PAM_SUCCESS)
242
retval = pam_authenticate(pamh, 0);
243
if (retval == PAM_SUCCESS && !no_acct_mgmt)
244
retval = pam_acct_mgmt(pamh, 0);
245
if (retval == PAM_SUCCESS) {
246
fprintf(stdout, "OK\n");
209
/* Create PAM connection */
210
retval = pam_start(service, user, &conv, &pamh);
211
if (retval != PAM_SUCCESS) {
212
fprintf(stderr, "ERROR: failed to create PAM authenticator\n");
215
} else if (!pamh || (time(NULL) - pamh_created) >= ttl || pamh_created > time(NULL)) {
216
/* Close previous PAM connection */
218
retval = pam_end(pamh, retval);
219
if (retval != PAM_SUCCESS) {
220
fprintf(stderr, "WARNING: failed to release PAM authenticator\n");
224
/* Initialize persistent PAM connection */
225
retval = pam_start(service, "squid@", &conv, &pamh);
226
if (retval != PAM_SUCCESS) {
227
fprintf(stderr, "ERROR: failed to create PAM authenticator\n");
230
pamh_created = time(NULL);
233
retval = PAM_SUCCESS;
235
if (retval == PAM_SUCCESS)
236
retval = pam_set_item(pamh, PAM_USER, user);
237
if (retval == PAM_SUCCESS)
238
retval = pam_set_item(pamh, PAM_CONV, &conv);
240
if (retval == PAM_SUCCESS)
241
retval = pam_authenticate(pamh, 0);
242
if (retval == PAM_SUCCESS && !no_acct_mgmt)
243
retval = pam_acct_mgmt(pamh, 0);
244
if (retval == PAM_SUCCESS) {
245
fprintf(stdout, "OK\n");
249
fprintf(stdout, "ERR\n");
252
retval = PAM_SUCCESS;
248
fprintf(stdout, "ERR\n");
251
retval = PAM_SUCCESS;
253
252
#ifdef PAM_AUTHTOK
255
if (retval == PAM_SUCCESS)
256
retval = pam_set_item(pamh, PAM_AUTHTOK, NULL);
254
if (retval == PAM_SUCCESS)
255
retval = pam_set_item(pamh, PAM_AUTHTOK, NULL);
259
if (ttl == 0 || retval != PAM_SUCCESS) {
260
retval = pam_end(pamh, retval);
261
if (retval != PAM_SUCCESS) {
262
fprintf(stderr, "WARNING: failed to release PAM authenticator\n");
258
if (ttl == 0 || retval != PAM_SUCCESS) {
259
retval = pam_end(pamh, retval);
260
if (retval != PAM_SUCCESS) {
261
fprintf(stderr, "WARNING: failed to release PAM authenticator\n");
269
retval = pam_end(pamh, retval);
270
if (retval != PAM_SUCCESS) {
272
fprintf(stderr, "ERROR: failed to release PAM authenticator\n");
268
retval = pam_end(pamh, retval);
269
if (retval != PAM_SUCCESS) {
271
fprintf(stderr, "ERROR: failed to release PAM authenticator\n");