pam_get_item() problems
Jason DiCioccio
geniusj at gmail.com
Wed Nov 17 16:15:14 UTC 2004
I have the following:
/*
* dummy conversation function sending exactly one prompt
* and expecting exactly one response from the other party
*/
static int converse(pam_handle_t *pamh,
struct pam_message **message,
struct pam_response **response)
{
int retval;
const struct pam_conv *conv;
retval = pam_get_item(pamh, PAM_CONV, (const void **) &conv ) ;
if (retval == PAM_SUCCESS)
retval = conv->conv(1, (const struct pam_message **)message,
response, conv->appdata_ptr);
return retval; /* propagate error status */
}
/*
* This is a conversation function to obtain the user's password
*/
int conversation(pam_handle_t *pamh)
{
struct pam_message msg[2],*pmsg[2];
struct pam_response *resp;
int retval;
char * token = NULL;
pmsg[0] = &msg[0];
msg[0].msg_style = PAM_PROMPT_ECHO_OFF;
msg[0].msg = "Password: ";
/* so call the conversation expecting i responses */
resp = NULL;
retval = converse(pamh, pmsg, &resp);
if (resp != NULL) {
const char * item;
/* interpret the response */
if (retval == PAM_SUCCESS) { /* a good conversation */
token = x_strdup(resp[0].resp);
if (token == NULL) {
return PAM_AUTHTOK_RECOVER_ERR;
}
}
/* set the auth token */
retval = pam_set_item(pamh, PAM_AUTHTOK, token);
token = _pam_delete(token); /* clean it up */
if ( (retval != PAM_SUCCESS) ||
(retval = pam_get_item(pamh, PAM_AUTHTOK, (const void **)&item))
!= PAM_SUCCESS ) {
return retval;
}
_pam_drop_reply(resp, 1);
} else {
retval = (retval == PAM_SUCCESS)
? PAM_AUTHTOK_RECOVER_ERR:retval ;
}
return retval;
}
Regards,
-JD-
On Wed, 17 Nov 2004 09:06:14 -0700, Jason Gerfen
<jason.gerfen at scl.utah.edu> wrote:
> Could you show me an example of a proper conversion function?
>
>
>
> Jason DiCioccio wrote:
>
> >Greetings!
> >
> >On Wed, 17 Nov 2004 08:43:47 -0700, Jason Gerfen
> ><jason.gerfen at scl.utah.edu> wrote:
> >
> >
> >>I am looking for assistance using the pam_get_item() function.
> >>According to the pam module writters guide on kernel.org I should use
> >>pam_get_item() as the following:
> >>
> >>extern int pam_get_item( const pam_handle_t *pamh,
> >> int item_type,
> >> const void **item );
> >>
> >>As you can see in the code below it should retrieve the password entered
> >>during login and store it in the const void **password variable. But
> >>what happens is it completely crashes the display manager. I don't get
> >>it, I have looked at other people's source (pam_krb5afs.c for example)
> >>and they are calling the pam_get_item() function in much the same way
> >>and yet it isn't crashing their display. Am I missing something or over
> >>looking a compile option perhaps? Any help is greatly appreciated.
> >>
> >>
> >
> >You need to use a conversation function first. Take a look at some of
> >the code you were looking at before and look for where they call
> >theri conversation functions. You need to initiate a 'conversation'
> >with the calling program in order to receive the auth token. You then
> >use pam_set_item to set PAM_AUTHTOK.
> >
> >I hope this made sense. I ran into this same issue before and it was
> >driving me nuts :)
> >
> >Regards,
> >-JD-
> >
> >_______________________________________________
> >Pam-list mailing list
> >Pam-list at redhat.com
> >https://www.redhat.com/mailman/listinfo/pam-list
> >
> >
>
> --
> Jason Gerfen
> Student Computing
> Marriott Library
> 801.585.9810
>
>
> jason.gerfen at scl.utah.edu
>
> "And remember... If the ladies
> don't find you handsome, they
> should at least find you handy..."
> ~The Red Green show
>
>
More information about the Pam-list
mailing list