diff options
-rw-r--r-- | src/pam-freerdp.c | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/src/pam-freerdp.c b/src/pam-freerdp.c index 539cd0d..1858baf 100644 --- a/src/pam-freerdp.c +++ b/src/pam-freerdp.c @@ -1,3 +1,5 @@ +#include <stdlib.h> + #include <security/pam_modules.h> #include <security/pam_modutil.h> @@ -6,6 +8,35 @@ PAM_EXTERN int pam_sm_authenticate (pam_handle_t *pamh, int flags, int argc, const char **argv) { + const char * username = NULL; + const char * password = NULL; + const char * ruser = NULL; + const char * rhost = NULL; + //const char * rdomain = NULL; + + if (pam_get_item(pamh, PAM_USER, (const void **)&username) != PAM_SUCCESS || username == NULL) { + /* If we don't have a local username then bah, we don't want + to deal with this and we're going to fail. This means that + the pam-local-account failed. + + NOTE: We're not using pam_get_user() here because we don't want + to prompt, we want to only work in the case where the username is + built for us. */ + return PAM_AUTH_ERR; + } + + if (pam_get_item(pamh, PAM_RUSER, (const void **)&ruser) != PAM_SUCCESS || ruser == NULL) { + return PAM_AUTH_ERR; + } + + if (pam_get_item(pamh, PAM_RHOST, (const void **)&rhost) != PAM_SUCCESS || rhost == NULL) { + return PAM_AUTH_ERR; + } + + if (pam_get_item(pamh, PAM_AUTHTOK, (const void **)&password) != PAM_SUCCESS || password == NULL) { + return PAM_AUTH_ERR; + } + return PAM_IGNORE; } |