diff options
author | Ted Gould <ted@gould.cx> | 2012-08-21 18:42:14 -0500 |
---|---|---|
committer | Ted Gould <ted@gould.cx> | 2012-08-21 18:42:14 -0500 |
commit | 17e1cb79e748146b54d96d3f8d99588d285d3cc8 (patch) | |
tree | ef72c431700c25e7753a52539b9f682b80bcbb0c | |
parent | febcb8d261da4263085794d959185bd3af6a91f3 (diff) | |
parent | 6c4d1fb57188c7fa7be10d607581823d40d83f48 (diff) | |
download | libpam-freerdp2-17e1cb79e748146b54d96d3f8d99588d285d3cc8.tar.gz libpam-freerdp2-17e1cb79e748146b54d96d3f8d99588d285d3cc8.tar.bz2 libpam-freerdp2-17e1cb79e748146b54d96d3f8d99588d285d3cc8.zip |
Adding an auth helper
-rw-r--r-- | .bzrignore | 1 | ||||
-rw-r--r-- | configure.ac | 6 | ||||
-rw-r--r-- | src/Makefile.am | 13 | ||||
-rw-r--r-- | src/freerdp-auth-check.c | 88 | ||||
-rw-r--r-- | src/pam-freerdp.c | 22 |
5 files changed, 114 insertions, 16 deletions
@@ -4,3 +4,4 @@ src/pam_freerdp.la src/pam_freerdp_la-pam-freerdp.lo src/pam_freerdp_la-pam-freerdp.o src/pam-freerdp.la +freerdp-auth-check diff --git a/configure.ac b/configure.ac index f114a90..b05beca 100644 --- a/configure.ac +++ b/configure.ac @@ -20,6 +20,12 @@ if test "x$have_pam" = "xno"; then fi ########################### +# FreeRDP +########################### + +PKG_CHECK_MODULES(FREERDP, freerdp) + +########################### # Local Install ########################### diff --git a/src/Makefile.am b/src/Makefile.am index 701b9ff..e5b04b2 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -14,4 +14,15 @@ pam_freerdp_la_LIBADD = \ -lpam pam_freerdp_la_CFLAGS = \ - -Wall -Werror + -Wall -Werror \ + -DAUTH_CHECK="\"$(pkglibexecdir)/freerdp-auth-check\"" + +pkglibexec_PROGRAMS = \ + freerdp-auth-check + +freerdp_auth_check_SOURCES = \ + freerdp-auth-check.c +freerdp_auth_check_CFLAGS = \ + $(FREERDP_CFLAGS) +freerdp_auth_check_LDADD = \ + $(FREERDP_LIBS) diff --git a/src/freerdp-auth-check.c b/src/freerdp-auth-check.c new file mode 100644 index 0000000..83bab2f --- /dev/null +++ b/src/freerdp-auth-check.c @@ -0,0 +1,88 @@ +/* + * Copyright © 2012 Canonical Ltd. + * + * This program is free software: you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 3, as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranties of + * MERCHANTABILITY, SATISFACTORY QUALITY, or FITNESS FOR A PARTICULAR + * PURPOSE. See the GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program. If not, see <http://www.gnu.org/licenses/>. + * + * Author: Ted Gould <ted@canonical.com> + */ + +#include <freerdp/freerdp.h> +#include <freerdp/channels/channels.h> +#include <string.h> + +void +auth_context_new (freerdp * instance, rdpContext * context) +{ + context->channels = freerdp_channels_new(); + return; +} + +void +auth_context_free (freerdp * instance, rdpContext * context) +{ + return; +} + +boolean +auth_pre_connect (freerdp * instance) +{ + freerdp_channels_pre_connect(instance->context->channels, instance); + return true; +} + +boolean +auth_post_connect (freerdp * instance) +{ + freerdp_channels_post_connect(instance->context->channels, instance); + return true; +} + +int +main (int argc, char * argv[]) +{ + char password[512]; + if (argc != 4) { + printf("Not enough params"); + return -1; + } + + if (scanf("%511s", password) != 1) { + return -1; + } + + freerdp_channels_global_init(); + + freerdp * instance = freerdp_new(); + + instance->PreConnect = auth_pre_connect; + instance->PostConnect = auth_post_connect; + + instance->context_size = sizeof(rdpContext); + instance->ContextNew = auth_context_new; + instance->ContextFree = auth_context_free; + + freerdp_context_new(instance); + + instance->settings->hostname = argv[1]; + instance->settings->username = argv[2]; + instance->settings->domain = argv[3]; + instance->settings->password = password; + instance->settings->ignore_certificate = true; + + if (freerdp_connect(instance)) { + freerdp_disconnect(instance); + return 0; + } else { + return -1; + } +} diff --git a/src/pam-freerdp.c b/src/pam-freerdp.c index 9fc43ed..5295098 100644 --- a/src/pam-freerdp.c +++ b/src/pam-freerdp.c @@ -130,15 +130,13 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags, int argc, const char **argv) case 0: { /* child */ dup2(stdinpipe[0], 0); - char * args[7]; + char * args[5]; - args[0] = XFREERDP; - args[1] = "--plugin"; - args[2] = "rdpsnd.so"; - args[3] = "--no-nla"; - args[4] = "-f"; - args[5] = "--from-stdin"; - args[6] = NULL; + args[0] = AUTH_CHECK; + args[1] = rhost; + args[2] = ruser; + args[3] = rdomain; + args[4] = NULL; struct passwd * pwdent = getpwnam(username); if (pwdent == NULL) { @@ -164,14 +162,8 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags, int argc, const char **argv) int forkret = 0; int bytesout = 0; - bytesout += write(stdinpipe[1], ruser, strlen(ruser)); - bytesout += write(stdinpipe[1], " ", 1); bytesout += write(stdinpipe[1], password, strlen(password)); - bytesout += write(stdinpipe[1], " ", 1); - bytesout += write(stdinpipe[1], rdomain, strlen(rdomain)); - bytesout += write(stdinpipe[1], " ", 1); - bytesout += write(stdinpipe[1], rhost, strlen(rhost)); - bytesout += write(stdinpipe[1], " ", 1); + bytesout += write(stdinpipe[1], "\n", 1); close(stdinpipe[1]); |