| [Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] |
On Wednesday 29 April 2009 12:31:23 Andreas Schneider wrote: > After this, I've created a patch for http://pamtester.soruceforge.net/ to > use pam_start_test() and added the possibility to specify the config > directory via a commandline option. > Here is a patch to define the password to use for authentication via the commandline. src/pamtester -v -C/tmp/pam.d -Psecret login csync authenticate pamtester: invoking pam_start(login, csync, ...) pamtester: performing operation - authenticate pamtester: successfully authenticated -- andreas
Index: pamtester-0.1.2/src/Makefile.am
===================================================================
--- pamtester-0.1.2.orig/src/Makefile.am
+++ pamtester-0.1.2/src/Makefile.am
@@ -12,5 +12,7 @@ pamtester_SOURCES=\
util.c \
util.h \
compat.c \
- compat.h
+ compat.h \
+ conv.c \
+ conv.h
CFLAGS=-Wall
Index: pamtester-0.1.2/src/app.c
===================================================================
--- pamtester-0.1.2.orig/src/app.c
+++ pamtester-0.1.2/src/app.c
@@ -80,6 +80,7 @@
#include "util.h"
#include "app.h"
#include "compat.h"
+#include "conv.h"
static int resolve_item_type(int *retval, const char *name)
{
@@ -157,6 +158,8 @@ void pamtester_app_init(pamtester_app_t
params->app_name = xstrdup(app_name);
params->service = NULL;
params->user = NULL;
+ params->password = NULL;
+ params->newpassword = NULL;
params->config_dir = NULL;
params->items = params->last_item = NULL;
params->envs = params->last_env = NULL;
@@ -172,6 +175,8 @@ void pamtester_app_cleanup(pamtester_app
xfree(params->app_name);
xfree(params->service);
xfree(params->user);
+ xfree(params->password);
+ xfree(params->newpassword);
xfree(params->config_dir);
for (item = params->items; item != NULL; item = next_item) {
@@ -202,7 +207,7 @@ int pamtester_app_run(pamtester_app_t *p
int err;
char *err_msg = NULL;
- const struct pam_conv conv = { misc_conv, NULL };
+ struct pam_conv conv = { misc_conv, NULL };
pamtester_pam_item_t *item;
pam_handle_t *pamh = NULL;
pamtester_op_t *op;
@@ -211,6 +216,11 @@ int pamtester_app_run(pamtester_app_t *p
fprintf(stderr, "%s: invoking pam_start(%s, %s, ...)\n", params->app_name, params->service, params->user);
}
+ if (params->password != NULL) {
+ conv.conv = pamtester_password_conv;
+ conv.appdata_ptr = (void *) params;
+ }
+
if ((err = pam_start_test((params->service == NULL ? "" : params->service),
(params->user == NULL ? "": params->user),
params->config_dir, &conv, &pamh))) {
Index: pamtester-0.1.2/src/conv.c
===================================================================
--- /dev/null
+++ pamtester-0.1.2/src/conv.c
@@ -0,0 +1,101 @@
+/*
+ * pamtester - PAM testing program.
+ *
+ * Copyright (c) 2009, Günther Deschner <gd@xxxxxxxxx>
+ * Copyright (c) 2009, Andreas Schneider <mail@xxxxxxxxxxxx>
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are
+ * met:
+ *
+ * - Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * - Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * - Neither the name of the "pamtester" nor the names of its
+ * contributors may be used to endorse or promote products derived from
+ * this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
+ * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#include "app.h"
+#include "conv.h"
+
+int pamtester_password_conv(int num_msg,
+ const struct pam_message **msg,
+ struct pam_response **resp,
+ void *appdata_ptr)
+{
+ int replies = 0;
+ struct pam_response *reply = NULL;
+ pamtester_app_t *creds = appdata_ptr;
+
+ *resp = NULL;
+
+ if (num_msg <= 0) {
+ return PAM_CONV_ERR;
+ }
+
+ reply = malloc(sizeof(struct pam_response) * num_msg);
+ if (!reply) {
+ return PAM_CONV_ERR;
+ }
+
+ memset(reply, '\0', sizeof(struct pam_response) * num_msg);
+
+ for (replies = 0; replies < num_msg; replies++) {
+ switch (msg[replies]->msg_style) {
+ case PAM_PROMPT_ECHO_ON:
+ reply[replies].resp_retcode = PAM_SUCCESS;
+ reply[replies].resp = strdup(creds->user);
+ /* PAM frees resp */
+ break;
+
+ case PAM_PROMPT_ECHO_OFF:
+ reply[replies].resp_retcode = PAM_SUCCESS;
+ reply[replies].resp = strdup(creds->password);
+ /* PAM frees resp */
+ break;
+
+ case PAM_TEXT_INFO:
+ /* fall through */
+
+ case PAM_ERROR_MSG:
+ /* ignore it... */
+ reply[replies].resp_retcode = PAM_SUCCESS;
+ reply[replies].resp = NULL;
+ break;
+
+ case PAM_RADIO_TYPE:
+ printf("radio type received\n");
+ break;
+
+ default:
+ /* Must be an error of some sort... */
+ if (reply) {
+ free(reply);
+ }
+ return PAM_CONV_ERR;
+ }
+ }
+ if (reply) {
+ *resp = reply;
+ }
+ return PAM_SUCCESS;
+}
+
+
Index: pamtester-0.1.2/src/conv.h
===================================================================
--- /dev/null
+++ pamtester-0.1.2/src/conv.h
@@ -0,0 +1,47 @@
+/*
+ * pamtester - PAM testing program.
+ *
+ * Copyright (c) 2009, Günther Deschner <gd@xxxxxxxxx>
+ * Copyright (c) 2009, Andreas Schneider <mail@xxxxxxxxxxxx>
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions are
+ * met:
+ *
+ * - Redistributions of source code must retain the above copyright notice,
+ * this list of conditions and the following disclaimer.
+ *
+ * - Redistributions in binary form must reproduce the above copyright
+ * notice, this list of conditions and the following disclaimer in the
+ * documentation and/or other materials provided with the distribution.
+ *
+ * - Neither the name of the "pamtester" nor the names of its
+ * contributors may be used to endorse or promote products derived from
+ * this software without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+ * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+ * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
+ * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER
+ * OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
+ * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
+ * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
+ * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
+ * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
+ * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
+ * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+ */
+
+#ifndef _PAMTESTER_CONV_H
+#define _PAMTESTER_CONV_H
+
+#include <security/pam_appl.h>
+#include <security/pam_misc.h>
+
+int pamtester_password_conv(int num_msg,
+ const struct pam_message **msg,
+ struct pam_response **resp,
+ void *appdata_ptr);
+
+#endif /* _PAMTESTER_CONV_H */
+
Index: pamtester-0.1.2/src/pamtester.c
===================================================================
--- pamtester-0.1.2.orig/src/pamtester.c
+++ pamtester-0.1.2/src/pamtester.c
@@ -78,6 +78,28 @@ static int opt_hdlr_configdir(void *para
return 0;
}
+static int opt_hdlr_password(void *param, const char *val)
+{
+ pamtester_app_t *x = (pamtester_app_t *)param;
+
+ if (val != NULL) {
+ x->password = xstrdup(val);
+ }
+
+ return 0;
+}
+
+static int opt_hdlr_newpassword(void *param, const char *val)
+{
+ pamtester_app_t *x = (pamtester_app_t *)param;
+
+ if (val != NULL) {
+ x->newpassword = xstrdup(val);
+ }
+
+ return 0;
+}
+
static int opt_hdlr_item(void *param, const char *val)
{
pamtester_app_t *x = (pamtester_app_t *)param;
@@ -141,6 +163,8 @@ pamtester_opt_spec_t options[] = {
{ "C", "configdir", 1, 0, '*', opt_hdlr_configdir },
{ "I", "item", 1, 1, '*', opt_hdlr_item },
{ "E", "env", 1, 1, '*', opt_hdlr_env },
+ { "P", "password", 1, 0, '*', opt_hdlr_password },
+ { "N", "newpassword", 1, 0, '*', opt_hdlr_newpassword },
{ "v", "verbose", 1, 0, '?', opt_hdlr_verbose },
{ NULL, NULL, 0, 0, 0, NULL }
};
@@ -155,7 +179,9 @@ int main(int argc, const char **argv)
const char *prog_name = xbasename(argv[0]);
if (argc < 2) {
- fprintf(stderr, "usage: %s [-Cconfigdir] [-Eenv=value] [-Iparam=value] service user op_name ...\n", prog_name);
+ fprintf(stderr, "usage: %s [-Cconfigdir] [-Eenv=value] "
+ "[-Iparam=value] [-Ppassword] [-Nnewpassword] "
+ "service user op_name ...\n", prog_name);
exit(-1);
}
Attachment:
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Pam-list mailing list Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
|
|