Pam-list Digest, Vol 37, Issue 8
Andreas Schindler
schindler at az1.de
Wed Mar 14 08:43:18 UTC 2007
pam-list-request at redhat.com wrote:
>
> Hello,
> I'm writing a new module for Python to support PAM authorization, it
> is written in C.
>
> What I currently do is what the misc_conv function does; I provide a
> password when it prompts for a message with pam_message.msg_style set
> to PAM_PROMPT_ECHO_OFF and a username when it prompts for
> PAM_PROMPT_ECHO_ON (which it doesn't ask for; I initialize the pam
> handle with a username already.)
>
> This is my conversation function: http://rafb.net/p/sOjqmC47.html
> I have tripple verified that userinfo is available and contains proper
> data. The function does reach the end.
>
> When I do pam_authenticate(), I receive the error "Authentication
> error" and the syslog just says the regular thing when a password is
> incorrect.
>
>
To Ludvic Ericson:
Looking at your conversion function i found you set the global return
code for the conversation
function itself but forget to set the return code for each message. Here
is a snippet of a working
conversation function:
switch (msgv[i]->msg_style) {
case PAM_PROMPT_ECHO_ON: // Echo on; Username
rsp[i].resp = strdup(userinfo->username);
*rsp[i].resp_retcode = PAM_SUCCESS;*
break;
case PAM_PROMPT_ECHO_OFF: // Echo off; Password
rsp[i].resp = strdup(userinfo->password);
*rsp[i].resp_retcode = PAM_SUCCESS;*
break;
I guess, if you had used 'calloc' instead of 'malloc' to create the
response structure, this missing link would have never shown up, because
PAM_SUCCESS == 0 ! So, be happy you found it.
Good Luck!
Andreas
--
Dr.-Ing. Andreas Schindler
Alpha Zero One Computersysteme GmbH
Frankfurter Str. 141
63303 Dreieich
Telefon 06103-57187-21
Telefax 06103-373245
schindler at az1.de
www.az1.de
Alpha Zero One Computersysteme GmbH, Brandeniusstr. 3, 44265 Dortmund
HRB 11089 Amtsgericht Dortmund, Geschäftsführer : Klaus-Jürgen Koke, Joachim Carle
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pam-list/attachments/20070314/ca2720f1/attachment.htm>
More information about the Pam-list
mailing list