aboutsummaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/pam-freerdp.c21
1 files changed, 20 insertions, 1 deletions
diff --git a/src/pam-freerdp.c b/src/pam-freerdp.c
index 9007a52..89c5d5d 100644
--- a/src/pam-freerdp.c
+++ b/src/pam-freerdp.c
@@ -33,6 +33,7 @@
#include <security/pam_appl.h>
#define PAM_TYPE_DOMAIN 1234
+#define ALL_GOOD_SIGNAL "Ar, ready to authenticate cap'n"
static char * global_domain = NULL;
/* FIXME? This is a work around to the fact that PAM seems to be clearing
@@ -269,6 +270,9 @@ session_socket_handler (struct passwd * pwdent, int readypipe, const char * ruse
/* Track write out */
int writedata = 0;
+ /* Track ready writing */
+ int readywrite = 0;
+
if (setgid(pwdent->pw_gid) < 0 || setuid(pwdent->pw_uid) < 0 ||
setegid(pwdent->pw_gid) < 0 || seteuid(pwdent->pw_uid) < 0) {
/* Don't need to clean up yet */
@@ -337,6 +341,11 @@ session_socket_handler (struct passwd * pwdent, int readypipe, const char * ruse
goto cleanup;
}
+ readywrite = write(readypipe, ALL_GOOD_SIGNAL, strlen(ALL_GOOD_SIGNAL) + 1);
+ if (readywrite != strlen(ALL_GOOD_SIGNAL) + 1) {
+ goto cleanup;
+ }
+
connected_addr_size = sizeof(struct sockaddr_un);
connectfd = accept(socketfd, (struct sockaddr *)&connected_addr, &connected_addr_size);
if (connectfd < 0) {
@@ -422,8 +431,18 @@ pam_sm_open_session (pam_handle_t *pamh, int flags, int argc, const char ** argv
retval = PAM_SYSTEM_ERR;
} else {
+ char readbuffer[strlen(ALL_GOOD_SIGNAL) + 1];
+ int readlen = 0;
+
+ readlen = read(sessionready[0], readbuffer, strlen(ALL_GOOD_SIGNAL) + 1);
+
close(sessionready[0]);
- session_pid = pid;
+
+ if (readlen == strlen(ALL_GOOD_SIGNAL) + 1) {
+ session_pid = pid;
+ } else {
+ retval = PAM_SYSTEM_ERR;
+ }
}
done: