aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/pam-freerdp.c31
1 files changed, 31 insertions, 0 deletions
diff --git a/src/pam-freerdp.c b/src/pam-freerdp.c
index 539cd0d..1858baf 100644
--- a/src/pam-freerdp.c
+++ b/src/pam-freerdp.c
@@ -1,3 +1,5 @@
+#include <stdlib.h>
+
#include <security/pam_modules.h>
#include <security/pam_modutil.h>
@@ -6,6 +8,35 @@
PAM_EXTERN int
pam_sm_authenticate (pam_handle_t *pamh, int flags, int argc, const char **argv)
{
+ const char * username = NULL;
+ const char * password = NULL;
+ const char * ruser = NULL;
+ const char * rhost = NULL;
+ //const char * rdomain = NULL;
+
+ if (pam_get_item(pamh, PAM_USER, (const void **)&username) != PAM_SUCCESS || username == NULL) {
+ /* If we don't have a local username then bah, we don't want
+ to deal with this and we're going to fail. This means that
+ the pam-local-account failed.
+
+ NOTE: We're not using pam_get_user() here because we don't want
+ to prompt, we want to only work in the case where the username is
+ built for us. */
+ return PAM_AUTH_ERR;
+ }
+
+ if (pam_get_item(pamh, PAM_RUSER, (const void **)&ruser) != PAM_SUCCESS || ruser == NULL) {
+ return PAM_AUTH_ERR;
+ }
+
+ if (pam_get_item(pamh, PAM_RHOST, (const void **)&rhost) != PAM_SUCCESS || rhost == NULL) {
+ return PAM_AUTH_ERR;
+ }
+
+ if (pam_get_item(pamh, PAM_AUTHTOK, (const void **)&password) != PAM_SUCCESS || password == NULL) {
+ return PAM_AUTH_ERR;
+ }
+
return PAM_IGNORE;
}