Newbie app-writing question

Will McDonald will at cs.wisc.edu
Mon Jun 14 17:25:23 UTC 2004


Hello,

I have a question on my first PAM-aware application, and the web has not
yielded the knowledge I need. I need to write an authentication function that
will be called from an external program. The function needs to take username &
pass as arguments and return 0 or 1. When I first did this for DG-UX I had to
resort to the old hash-password-and-compare-to-getpwnam() method, but since
we've moved to Linux I figure I should/need to do this through PAM.

So far I've built the reference program [0], but am trying to figure out how
to pass pam_authenticate() the password instead of having it ask for it - this
has to be completely non-interactive and produce no output. From the small
amount of examples and references I've found [1], I *think* I need to write a
new conversation function and pass that to pam_start(), but I haven't figured
out the propper syntax to do that [2].

Any help is appreciated.

Thanks,
-will

[0] http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/pam_appl-8.html
[1] http://www.freebsd.org/doc/en_US.ISO8859-1/articles/pam/index.html
[2] This was what I tried after merging [1] into [0], which doesn't work:

static struct pam_conv conv = {
    misc_conv,
    NULL
};

int static_conv(int n, const struct pam_message **msg,
            struct pam_response **resp, void *data) {
    struct pam_response *aresp;
    int i;

    if (n <= 0 || n > PAM_MAX_NUM_MSG)
        return (PAM_CONV_ERR);
    if ((aresp = calloc(n, sizeof *aresp)) == NULL)
        return (PAM_BUF_ERR);

    for (i = 0; i < n; ++i) {
        aresp[i].resp_retcode = 0;
        aresp[i].resp = "myActualSecretPass";
    }

    *resp = aresp;
    return (PAM_SUCCESS);
}

int main(int argc, char *argv[])
{
	.....

    conv.conv = &static_conv;
    retval = pam_start("test", user, &conv, &pamh);

	.....
}

-- 
---------Will McDonald-----------------will at upl.cs.wisc.edu----------
GPG encrypted mail preferred. Join the web-o-trust!  Key ID: F4332B28





More information about the Pam-list mailing list