aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorTed Gould <ted@gould.cx>2012-08-20 14:23:03 -0500
committerTed Gould <ted@gould.cx>2012-08-20 14:23:03 -0500
commit35dc28b34f75794f4e88add4298032d236b167e1 (patch)
tree14de45a94b8bd60a8d8311fbfa499691be60a49a /src
parent09706973403a6ae0934f55780ac81159bf8d6200 (diff)
downloadlibpam-x2go-35dc28b34f75794f4e88add4298032d236b167e1.tar.gz
libpam-x2go-35dc28b34f75794f4e88add4298032d236b167e1.tar.bz2
libpam-x2go-35dc28b34f75794f4e88add4298032d236b167e1.zip
Switch to pushing the creditials via stdin
Diffstat (limited to 'src')
-rw-r--r--src/pam-freerdp.c38
1 files changed, 27 insertions, 11 deletions
diff --git a/src/pam-freerdp.c b/src/pam-freerdp.c
index bf533c4..d8c6703 100644
--- a/src/pam-freerdp.c
+++ b/src/pam-freerdp.c
@@ -1,4 +1,5 @@
#include <stdlib.h>
+#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include <sys/wait.h>
@@ -95,27 +96,29 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags, int argc, const char **argv)
GET_ITEM(rdomain, PAM_TYPE_DOMAIN);
GET_ITEM(password, PAM_AUTHTOK);
+ int stdinpipe[2];
+ if (pipe(stdinpipe) != 0) {
+ retval = PAM_SYSTEM_ERR;
+ goto done;
+ }
+
/* At this point we should have the values, let's check the auth */
pid_t pid;
switch (pid = fork()) {
case 0: { /* child */
- char * args[13];
+ dup2(stdinpipe[0], 0);
+
+ char * args[8];
+
args[0] = XFREERDP;
args[1] = "--plugin";
args[2] = "rdpsnd.so";
args[3] = "--no-nla";
args[4] = "-f";
args[5] = "--ignore-certificate"; /* TODO: Change when we set the home directory properly */
+ args[6] = "--from-stdin";
- /* TODO: Use stdin */
- args[6] = "-u";
- args[7] = ruser;
- args[8] = "-p";
- args[9] = password;
- args[10] = "-d";
- args[11] = rdomain;
-
- args[12] = NULL;
+ args[7] = NULL;
/* TODO: Drop privs */
/* TODO: Home directory environment to user's home */
@@ -129,7 +132,20 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags, int argc, const char **argv)
}
default: {
int forkret = 0;
- if (waitpid(pid, &forkret, 0) < 0) {
+ int bytesout = 0;
+
+ bytesout += write(stdinpipe[1], ruser, strlen(ruser));
+ bytesout += write(stdinpipe[1], " ", 1);
+ bytesout += write(stdinpipe[1], password, strlen(password));
+ bytesout += write(stdinpipe[1], " ", 1);
+ bytesout += write(stdinpipe[1], rdomain, strlen(rdomain));
+ bytesout += write(stdinpipe[1], " ", 1);
+ bytesout += write(stdinpipe[1], rhost, strlen(rhost));
+ bytesout += write(stdinpipe[1], " ", 1);
+
+ close(stdinpipe[1]);
+
+ if (waitpid(pid, &forkret, 0) < 0 || bytesout == 0) {
retval = PAM_SYSTEM_ERR;
} else if (forkret == 0) {
retval = PAM_SUCCESS;