2006-01-22 Thorsten Kukuk <kukuk@thkukuk.de>
+ * modules/pam_succeed_if/pam_succeed_if.c (pam_sm_acct_mgmt):
+ Add support for static modules.
+ * modules/pam_xauth/pam_xauth.c: Likewise.
+
+ * libpam/pam_handlers.c (_pam_add_handler): Add pamh to
+ _pam_open_static_handler call.
+
+ * libpam/pam_static.c (_pam_open_static_handler): Add pamh
+ as argument.
+ * libpam/pam_private.h: Adjust prototype.
+
* configure.in: Don't define PAM_DYNAMIC.
* libpam/pam_handlers.c: Get ride of PAM_DYNAMIC, don't
include pam_dynamic.h
- * libpam/pam_dynamic.c: Don't include pam_dynamic.h,
+ * libpam/pam_dynamic.c: Don't include pam_dynamic.h,
exclude functions if we compile with PAM_STATIC.
* libpam/pam_dynamic.h: Remove.
* libpam/pam_private.h: Add function prototypes from pam_dynamic.h.
* This code should work even if no dynamic loading is available. */
if (success != PAM_SUCCESS) {
D(("_pam_add_handler: open static handler %s", mod_path));
- mod->dl_handle = _pam_open_static_handler(mod_path);
+ mod->dl_handle = _pam_open_static_handler(pamh, mod_path);
if (mod->dl_handle == NULL) {
D(("_pam_add_handler: unable to find static handler %s",
mod_path));
/* The next two in ../modules/_pam_static/pam_static.c */
/* Return pointer to data structure used to define a static module */
-struct pam_module * _pam_open_static_handler(const char *path);
+struct pam_module * _pam_open_static_handler (pam_handle_t *pamh,
+ const char *path);
/* Return pointer to function requested from static module */
extern int _pam_auditlog(pam_handle_t *pamh, int action, int retval, int flags);
extern int _pam_audit_end(pam_handle_t *pamh, int pam_status);
#endif
-
+
/*
* Copyright (C) 1995 by Red Hat Software, Marc Ewing
* Copyright (c) 1996-8,2001 by Andrew G. Morgan <morgan@kernel.org>
* 3. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior
* written permission.
- *
+ *
* ALTERNATIVELY, this product may be distributed under the terms of
* the GNU Public License, in which case the provisions of the GPL are
* required INSTEAD OF the above restrictions. (This clause is
* necessary due to a potential bad interaction between the GPL and
* the restrictions contained in a BSD-style copyright.)
- *
+ *
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
-/* pam_static.c -- static module loading helper functions */
-
-/* created by Michael K. Johnson, johnsonm@redhat.com
+/*
+ * pam_static.c -- static module loading helper functions
*
- * $Id$
+ * created by Michael K. Johnson, johnsonm@redhat.com
*/
/* This whole file is only used for PAM_STATIC */
*/
/* Return pointer to data structure used to define a static module */
-struct pam_module * _pam_open_static_handler(const char *path)
+struct pam_module *
+_pam_open_static_handler (pam_handle_t *pamh, const char *path)
{
int i;
const char *clpath = path;
#include <pwd.h>
#include <grp.h>
#include <netdb.h>
+
+#define PAM_SM_AUTH
+#define PAM_SM_ACCOUNT
+
#include <security/pam_modules.h>
#include <security/pam_modutil.h>
#include <security/pam_ext.h>
if (strcasecmp(qual, "innetgr") == 0) {
const void *rhost;
if (pam_get_item(pamh, PAM_RHOST, &rhost) != PAM_SUCCESS)
- rhost = NULL;
+ rhost = NULL;
return evaluate_innetgr(rhost, pwd->pw_name, right);
}
/* (Rhost, user) is not in this group. */
if (strcasecmp(qual, "notinnetgr") == 0) {
const void *rhost;
if (pam_get_item(pamh, PAM_RHOST, &rhost) != PAM_SUCCESS)
- rhost = NULL;
+ rhost = NULL;
return evaluate_notinnetgr(rhost, pwd->pw_name, right);
}
/* Fail closed. */
return PAM_SERVICE_ERR;
}
-int
+PAM_EXTERN int
pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED,
int argc, const char **argv)
{
return ret;
}
-int
+PAM_EXTERN int
pam_sm_setcred(pam_handle_t *pamh UNUSED, int flags UNUSED,
int argc UNUSED, const char **argv UNUSED)
{
return PAM_SUCCESS;
}
-int
+PAM_EXTERN int
pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv)
{
return pam_sm_authenticate(pamh, flags, argc, argv);
}
+
+/* static module data */
+#ifdef PAM_STATIC
+struct pam_module _pam_succeed_if_modstruct = {
+ "pam_succeed_if",
+ pam_sm_authenticate,
+ pam_sm_setcred,
+ pam_sm_acct_mgmt,
+ NULL,
+ NULL,
+ NULL
+};
+#endif
* OF THE POSSIBILITY OF SUCH DAMAGE.
*/
-/* "$Id$" */
-
#include "config.h"
#include <sys/types.h>
#include <sys/fsuid.h>
#include <syslog.h>
#include <unistd.h>
+#define PAM_SM_SESSION
+
#include <security/pam_modules.h>
#include <security/_pam_macros.h>
#include <security/pam_modutil.h>
}
return PAM_SUCCESS;
}
+
+/* static module data */
+#ifdef PAM_STATIC
+struct pam_module _pam_xauth_modstruct = {
+ "pam_xauth",
+ NULL,
+ NULL,
+ NULL,
+ pam_sm_open_session,
+ pam_sm_close_session,
+ NULL
+};
+#endif