54
54
int rc = PAM_SUCCESS;
55
55
struct pam_response* resp = NULL;
56
56
struct UserDataS* userDatap = (struct UserDataS*) appdata_ptr;
57
unsigned int msg_len = 0;
58
60
const char* message = (*msg)->msg;
62
/* make a copy we can strip */
63
char * compare_message = m_strdup(message);
60
65
TRACE(("enter pamConvFunc"))
62
67
if (num_msg != 1) {
63
68
/* If you're getting here - Dropbear probably can't support your pam
64
69
* modules. This whole file is a bit of a hack around lack of
65
* asynchronocity in PAM anyway */
70
* asynchronocity in PAM anyway. */
66
71
dropbear_log(LOG_INFO, "pamConvFunc() called with >1 messages: not supported.");
67
72
return PAM_CONV_ERR;
70
75
TRACE(("msg_style is %d", (*msg)->msg_style))
72
TRACE(("message is '%s'", message))
76
if (compare_message) {
77
TRACE(("message is '%s'", compare_message))
74
79
TRACE(("null message"))
83
/* Make the string lowercase. */
84
msg_len = strlen(compare_message);
85
for (i = 0; i < msg_len; i++) {
86
compare_message[i] = tolower(compare_message[i]);
89
/* If the string ends with ": ", remove the space.
90
ie "login: " vs "login:" */
92
&& compare_message[msg_len-2] == ':'
93
&& compare_message[msg_len-1] == ' ') {
94
compare_message[msg_len-1] = '\0';
77
97
switch((*msg)->msg_style) {
79
99
case PAM_PROMPT_ECHO_OFF:
81
if (strcmp(message, "Password:") != 0) {
82
TRACE(("PAM_PROMPT_ECHO_OFF: unrecognized prompt"))
101
if (!(strcmp(compare_message, "password:") == 0)) {
102
/* We don't recognise the prompt as asking for a password,
103
so can't handle it. Add more above as required for
104
different pam modules/implementations */
105
dropbear_log(LOG_NOTICE, "PAM unknown prompt %s (no echo)",
87
111
/* You have to read the PAM module-writers' docs (do we look like
100
124
case PAM_PROMPT_ECHO_ON:
102
if ((strcmp(message, "login: " ) != 0)
103
&& (strcmp(message, "login:" ) != 0)
104
&& (strcmp(message, "Please enter username: " ) != 0)) {
105
TRACE(("PAM_PROMPT_ECHO_ON: unrecognized prompt"))
126
if (!((strcmp(compare_message, "login:" ) == 0)
127
|| (strcmp(compare_message, "please enter username:") == 0))) {
128
/* We don't recognise the prompt as asking for a username,
129
so can't handle it. Add more above as required for
130
different pam modules/implementations */
131
dropbear_log(LOG_NOTICE, "PAM unknown prompt %s (with echo)",
106
133
rc = PAM_CONV_ERR;
155
183
unsigned char changepw;
157
185
/* check if client wants to change password */
158
changepw = buf_getbyte(ses.payload);
186
changepw = buf_getbool(ses.payload);
160
188
/* not implemented by this server */
161
189
send_msg_userauth_failure(0, 1);