From 718f39acbbacf859cb9f02a653447435edfe1e17 Mon Sep 17 00:00:00 2001 From: Ted Gould Date: Tue, 21 Aug 2012 16:48:55 -0500 Subject: Adding a dep on the FreeRDP library --- configure.ac | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/configure.ac b/configure.ac index f114a90..b05beca 100644 --- a/configure.ac +++ b/configure.ac @@ -19,6 +19,12 @@ if test "x$have_pam" = "xno"; then AC_MSG_ERROR([Required library PAM was not found]) fi +########################### +# FreeRDP +########################### + +PKG_CHECK_MODULES(FREERDP, freerdp) + ########################### # Local Install ########################### -- cgit v1.2.3 From 0be46b1a52e930f90dfcd36f6b7fbb970bde7d88 Mon Sep 17 00:00:00 2001 From: Ted Gould Date: Tue, 21 Aug 2012 16:51:41 -0500 Subject: Building ourselves a little binary --- .bzrignore | 1 + src/Makefile.am | 10 ++++++++++ src/freerdp-auth-check.c | 8 ++++++++ 3 files changed, 19 insertions(+) create mode 100644 src/freerdp-auth-check.c diff --git a/.bzrignore b/.bzrignore index aa1cdf5..2e03d57 100644 --- a/.bzrignore +++ b/.bzrignore @@ -4,3 +4,4 @@ src/pam_freerdp.la src/pam_freerdp_la-pam-freerdp.lo src/pam_freerdp_la-pam-freerdp.o src/pam-freerdp.la +freerdp-auth-check diff --git a/src/Makefile.am b/src/Makefile.am index 701b9ff..f7c06f8 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -15,3 +15,13 @@ pam_freerdp_la_LIBADD = \ pam_freerdp_la_CFLAGS = \ -Wall -Werror + +pkglibexec_PROGRAMS = \ + freerdp-auth-check + +freerdp_auth_check_SOURCES = \ + freerdp-auth-check.c +freerdp_auth_check_CFLAGS = \ + $(FREERDP_CFLAGS) +freerdp_auth_check_LDADD = \ + $(FREERDP_LIBS) diff --git a/src/freerdp-auth-check.c b/src/freerdp-auth-check.c new file mode 100644 index 0000000..309be4c --- /dev/null +++ b/src/freerdp-auth-check.c @@ -0,0 +1,8 @@ + +int +main (int argc, char * argv[]) +{ + + + return -1; +} -- cgit v1.2.3 From c8418c3ae5b9a8927b37022369fb5bf18fcb6146 Mon Sep 17 00:00:00 2001 From: Ted Gould Date: Tue, 21 Aug 2012 18:26:38 -0500 Subject: Adding some freerdp-ness to it --- src/freerdp-auth-check.c | 64 +++++++++++++++++++++++++++++++++++++++++++++++- 1 file changed, 63 insertions(+), 1 deletion(-) diff --git a/src/freerdp-auth-check.c b/src/freerdp-auth-check.c index 309be4c..5b29cf1 100644 --- a/src/freerdp-auth-check.c +++ b/src/freerdp-auth-check.c @@ -1,8 +1,70 @@ +#include +#include +#include + +void +auth_context_new (freerdp * instance, rdpContext * context) +{ + context->channels = freerdp_channels_new(); + return; +} + +void +auth_context_free (freerdp * instance, rdpContext * context) +{ + return; +} + +boolean +auth_pre_connect (freerdp * instance) +{ + freerdp_channels_pre_connect(instance->context->channels, instance); + return true; +} + +boolean +auth_post_connect (freerdp * instance) +{ + freerdp_channels_post_connect(instance->context->channels, instance); + return true; +} int main (int argc, char * argv[]) { + char password[512]; + if (argc != 4) { + printf("Not enough params"); + return -1; + } + + if (scanf("%511s", password) != 1) { + return -1; + } + + freerdp_channels_global_init(); + + freerdp * instance = freerdp_new(); + + instance->PreConnect = auth_pre_connect; + instance->PostConnect = auth_post_connect; + + instance->context_size = sizeof(rdpContext); + instance->ContextNew = auth_context_new; + instance->ContextFree = auth_context_free; + + freerdp_context_new(instance); + instance->settings->hostname = argv[1]; + instance->settings->username = argv[2]; + instance->settings->domain = argv[3]; + instance->settings->password = password; + instance->settings->ignore_certificate = true; - return -1; + if (freerdp_connect(instance)) { + freerdp_disconnect(instance); + return 0; + } else { + return -1; + } } -- cgit v1.2.3 From 1cec58d1f5060c2042c2c615d3b40f7a18396432 Mon Sep 17 00:00:00 2001 From: Ted Gould Date: Tue, 21 Aug 2012 18:29:37 -0500 Subject: Making PAM call the auth check utility --- src/Makefile.am | 3 ++- src/pam-freerdp.c | 23 +++++++---------------- 2 files changed, 9 insertions(+), 17 deletions(-) diff --git a/src/Makefile.am b/src/Makefile.am index f7c06f8..e5b04b2 100644 --- a/src/Makefile.am +++ b/src/Makefile.am @@ -14,7 +14,8 @@ pam_freerdp_la_LIBADD = \ -lpam pam_freerdp_la_CFLAGS = \ - -Wall -Werror + -Wall -Werror \ + -DAUTH_CHECK="\"$(pkglibexecdir)/freerdp-auth-check\"" pkglibexec_PROGRAMS = \ freerdp-auth-check diff --git a/src/pam-freerdp.c b/src/pam-freerdp.c index 9fc43ed..b06a56a 100644 --- a/src/pam-freerdp.c +++ b/src/pam-freerdp.c @@ -130,15 +130,13 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags, int argc, const char **argv) case 0: { /* child */ dup2(stdinpipe[0], 0); - char * args[7]; + char * args[5]; - args[0] = XFREERDP; - args[1] = "--plugin"; - args[2] = "rdpsnd.so"; - args[3] = "--no-nla"; - args[4] = "-f"; - args[5] = "--from-stdin"; - args[6] = NULL; + args[0] = AUTH_CHECK; + args[1] = rhost; + args[2] = ruser; + args[3] = rdomain; + args[4] = NULL; struct passwd * pwdent = getpwnam(username); if (pwdent == NULL) { @@ -164,14 +162,7 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags, int argc, const char **argv) int forkret = 0; int bytesout = 0; - bytesout += write(stdinpipe[1], ruser, strlen(ruser)); - bytesout += write(stdinpipe[1], " ", 1); - bytesout += write(stdinpipe[1], password, strlen(password)); - bytesout += write(stdinpipe[1], " ", 1); - bytesout += write(stdinpipe[1], rdomain, strlen(rdomain)); - bytesout += write(stdinpipe[1], " ", 1); - bytesout += write(stdinpipe[1], rhost, strlen(rhost)); - bytesout += write(stdinpipe[1], " ", 1); + bytesout = write(stdinpipe[1], password, strlen(password)); close(stdinpipe[1]); -- cgit v1.2.3 From efeb59db64ab1981a270f30f001c0a812047581e Mon Sep 17 00:00:00 2001 From: Ted Gould Date: Tue, 21 Aug 2012 18:34:41 -0500 Subject: A newline for scanf --- src/pam-freerdp.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/pam-freerdp.c b/src/pam-freerdp.c index b06a56a..5295098 100644 --- a/src/pam-freerdp.c +++ b/src/pam-freerdp.c @@ -162,7 +162,8 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags, int argc, const char **argv) int forkret = 0; int bytesout = 0; - bytesout = write(stdinpipe[1], password, strlen(password)); + bytesout += write(stdinpipe[1], password, strlen(password)); + bytesout += write(stdinpipe[1], "\n", 1); close(stdinpipe[1]); -- cgit v1.2.3 From 6c4d1fb57188c7fa7be10d607581823d40d83f48 Mon Sep 17 00:00:00 2001 From: Ted Gould Date: Tue, 21 Aug 2012 18:40:32 -0500 Subject: Adding a copyright header --- src/freerdp-auth-check.c | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/src/freerdp-auth-check.c b/src/freerdp-auth-check.c index 5b29cf1..83bab2f 100644 --- a/src/freerdp-auth-check.c +++ b/src/freerdp-auth-check.c @@ -1,3 +1,21 @@ +/* + * Copyright © 2012 Canonical Ltd. + * + * This program is free software: you can redistribute it and/or modify it + * under the terms of the GNU General Public License version 3, as + * published by the Free Software Foundation. + * + * This program is distributed in the hope that it will be useful, but + * WITHOUT ANY WARRANTY; without even the implied warranties of + * MERCHANTABILITY, SATISFACTORY QUALITY, or FITNESS FOR A PARTICULAR + * PURPOSE. See the GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License along + * with this program. If not, see . + * + * Author: Ted Gould + */ + #include #include #include -- cgit v1.2.3