ldap_integration
Differences
This shows you the differences between two versions of the page.
Next revision | Previous revisionNext revisionBoth sides next revision | ||
ldap_integration [2009/08/14 08:49] – created aorth | ldap_integration [2009/08/14 09:38] – old revision restored aorth | ||
---|---|---|---|
Line 5: | Line 5: | ||
<code c> | <code c> | ||
#define DEFAULT_USER " | #define DEFAULT_USER " | ||
- | |||
- | |||
#include < | #include < | ||
- | |||
- | |||
/* | /* | ||
- | |||
* here, we make definitions for the externally accessible functions | * here, we make definitions for the externally accessible functions | ||
- | |||
* in this file (these definitions are required for static modules | * in this file (these definitions are required for static modules | ||
- | |||
* but strongly encouraged generally) they are used to instruct the | * but strongly encouraged generally) they are used to instruct the | ||
- | |||
* modules include file to define their prototypes. | * modules include file to define their prototypes. | ||
- | |||
*/ | */ | ||
- | |||
- | |||
#define PAM_SM_AUTH | #define PAM_SM_AUTH | ||
- | |||
#define PAM_SM_ACCOUNT | #define PAM_SM_ACCOUNT | ||
- | |||
#define PAM_SM_SESSION | #define PAM_SM_SESSION | ||
- | |||
#define PAM_SM_PASSWORD | #define PAM_SM_PASSWORD | ||
- | |||
- | |||
#include < | #include < | ||
- | |||
#include < | #include < | ||
- | |||
#include < | #include < | ||
- | |||
#include < | #include < | ||
- | |||
#include < | #include < | ||
- | |||
#include < | #include < | ||
- | |||
- | |||
int testBind(char* loginDN, char* password) | int testBind(char* loginDN, char* password) | ||
- | |||
{ | { | ||
- | |||
struct timeval timeOut = {10, | struct timeval timeOut = {10, | ||
- | |||
int returnValue=0; | int returnValue=0; | ||
- | |||
char* pass2; | char* pass2; | ||
- | |||
pass2=password; | pass2=password; | ||
- | |||
char tempPass[100]; | char tempPass[100]; | ||
- | |||
- | |||
// | // | ||
- | |||
strcat(loginDN," | strcat(loginDN," | ||
- | |||
//syslog (LOG_ERR, " | //syslog (LOG_ERR, " | ||
- | |||
- | |||
LDAP *ld; | LDAP *ld; | ||
- | |||
int version = LDAP_VERSION3; | int version = LDAP_VERSION3; | ||
- | |||
ldap_set_option( NULL, LDAP_OPT_PROTOCOL_VERSION, | ldap_set_option( NULL, LDAP_OPT_PROTOCOL_VERSION, | ||
- | |||
ldap_set_option( NULL, LDAP_OPT_NETWORK_TIMEOUT, | ldap_set_option( NULL, LDAP_OPT_NETWORK_TIMEOUT, | ||
- | |||
ld = ldap_init(" | ld = ldap_init(" | ||
- | |||
if (ld==NULL) printf(" | if (ld==NULL) printf(" | ||
- | |||
int rc; | int rc; | ||
- | |||
//if (ldap_simple_bind_s( ld, loginDN, | //if (ldap_simple_bind_s( ld, loginDN, | ||
- | |||
if (ldap_simple_bind_s( ld, loginDN, | if (ldap_simple_bind_s( ld, loginDN, | ||
- | |||
- | |||
- | |||
{ | { | ||
- | |||
returnValue =0; | returnValue =0; | ||
- | |||
syslog (LOG_ERR, " | syslog (LOG_ERR, " | ||
- | |||
| | ||
- | |||
} | } | ||
- | |||
else | else | ||
- | |||
{ | { | ||
- | |||
| | ||
- | |||
syslog (LOG_ERR, " | syslog (LOG_ERR, " | ||
- | |||
- | |||
} | } | ||
- | |||
/* | /* | ||
- | |||
FILE* outFile; | FILE* outFile; | ||
- | |||
outFile=fopen ("/ | outFile=fopen ("/ | ||
- | |||
fprintf(outFile," | fprintf(outFile," | ||
- | |||
// if (rc==PAM_SUCCESS) | // if (rc==PAM_SUCCESS) | ||
- | |||
fprintf(outFile," | fprintf(outFile," | ||
- | |||
| | ||
- | |||
*/ | */ | ||
- | |||
// return(0); | // return(0); | ||
- | |||
return (returnValue); | return (returnValue); | ||
- | |||
- | |||
} | } | ||
- | |||
- | |||
/* --- authentication management functions --- */ | /* --- authentication management functions --- */ | ||
- | |||
- | |||
PAM_EXTERN | PAM_EXTERN | ||
- | + | int pam_sm_authenticate(pam_handle_t *pamh,int flags,int argc,const char **argv) | |
- | int pam_sm_authenticate(pam_handle_t *pamh,int flags,int argc | + | |
- | + | ||
- | ,const char **argv) | + | |
{ | { | ||
- | |||
int retval,rc; | int retval,rc; | ||
- | |||
const char *user=NULL; | const char *user=NULL; | ||
- | |||
char *p; | char *p; | ||
- | |||
//syslog (LOG_ERR, " | //syslog (LOG_ERR, " | ||
- | |||
- | |||
/* | /* | ||
- | |||
* authentication requires we know who the user wants to be | * authentication requires we know who the user wants to be | ||
- | |||
*/ | */ | ||
- | |||
retval = pam_get_user(pamh, | retval = pam_get_user(pamh, | ||
- | |||
if (retval != PAM_SUCCESS) { | if (retval != PAM_SUCCESS) { | ||
- | |||
D((" | D((" | ||
- | |||
return retval; | return retval; | ||
- | |||
} | } | ||
- | |||
- | |||
// rc=pam_get_item (pamh, PAM_AUTHTOK, | // rc=pam_get_item (pamh, PAM_AUTHTOK, | ||
- | |||
- | |||
| | ||
- | |||
if (user == NULL || *user == ' | if (user == NULL || *user == ' | ||
- | |||
D((" | D((" | ||
- | |||
retval = pam_set_item(pamh, | retval = pam_set_item(pamh, | ||
- | |||
if (retval != PAM_SUCCESS) | if (retval != PAM_SUCCESS) | ||
- | |||
return PAM_USER_UNKNOWN; | return PAM_USER_UNKNOWN; | ||
- | |||
} | } | ||
- | |||
// user = NULL; /* clean up */ | // user = NULL; /* clean up */ | ||
- | |||
- | |||
// return PAM_SUCCESS; | // return PAM_SUCCESS; | ||
- | |||
- | |||
//changes introduced by lavila | //changes introduced by lavila | ||
- | |||
// I still cannot put this module on top of the stack | // I still cannot put this module on top of the stack | ||
- | |||
// I have to put it at least on second place | // I have to put it at least on second place | ||
- | |||
// or my password information returns null when using get_itme | // or my password information returns null when using get_itme | ||
- | |||
// | // | ||
- | |||
rc=pam_get_item (pamh, PAM_AUTHTOK, | rc=pam_get_item (pamh, PAM_AUTHTOK, | ||
- | |||
// if (rc == PAM_SUCCESS) | // if (rc == PAM_SUCCESS) | ||
- | |||
- | |||
char luser[100]; | char luser[100]; | ||
- | |||
| | ||
- | |||
// if (p!=NULL) | // if (p!=NULL) | ||
- | |||
/* { | /* { | ||
- | |||
FILE* outFile; | FILE* outFile; | ||
- | |||
outFile=fopen ("/ | outFile=fopen ("/ | ||
- | |||
fprintf(outFile," | fprintf(outFile," | ||
- | |||
fprintf(outFile," | fprintf(outFile," | ||
- | |||
fclose(outFile); | fclose(outFile); | ||
- | |||
rc = testBind(luser, | rc = testBind(luser, | ||
- | |||
}*/ | }*/ | ||
- | |||
- | |||
- | |||
rc = testBind(luser, | rc = testBind(luser, | ||
- | |||
- | |||
// rc=0; | // rc=0; | ||
- | |||
if (rc==1) | if (rc==1) | ||
- | |||
return PAM_SUCCESS; | return PAM_SUCCESS; | ||
- | |||
else return PAM_AUTH_ERR; | else return PAM_AUTH_ERR; | ||
- | |||
- | |||
// return PAM_USER_UNKNOWN; | // return PAM_USER_UNKNOWN; | ||
- | |||
// | // | ||
- | |||
- | |||
- | |||
- | |||
} | } | ||
- | |||
- | |||
PAM_EXTERN | PAM_EXTERN | ||
- | |||
int pam_sm_setcred(pam_handle_t *pamh,int flags,int argc | int pam_sm_setcred(pam_handle_t *pamh,int flags,int argc | ||
- | |||
, | , | ||
- | |||
{ | { | ||
- | |||
| | ||
- | |||
// return PAM_USER_UNKNOWN; | // return PAM_USER_UNKNOWN; | ||
- | |||
- | |||
} | } | ||
- | |||
- | |||
/* --- account management functions --- */ | /* --- account management functions --- */ | ||
- | |||
- | |||
PAM_EXTERN | PAM_EXTERN | ||
- | |||
int pam_sm_acct_mgmt(pam_handle_t *pamh,int flags,int argc | int pam_sm_acct_mgmt(pam_handle_t *pamh,int flags,int argc | ||
- | |||
, | , | ||
- | |||
{ | { | ||
- | |||
| | ||
- | |||
- | |||
} | } | ||
- | |||
- | |||
/* --- password management --- */ | /* --- password management --- */ | ||
- | |||
- | |||
PAM_EXTERN | PAM_EXTERN | ||
- | |||
int pam_sm_chauthtok(pam_handle_t *pamh,int flags,int argc | int pam_sm_chauthtok(pam_handle_t *pamh,int flags,int argc | ||
- | |||
, | , | ||
- | |||
{ | { | ||
- | |||
| | ||
- | |||
- | |||
- | |||
} | } | ||
- | |||
- | |||
/* --- session management --- */ | /* --- session management --- */ | ||
- | |||
- | |||
PAM_EXTERN | PAM_EXTERN | ||
- | |||
int pam_sm_open_session(pam_handle_t *pamh,int flags,int argc | int pam_sm_open_session(pam_handle_t *pamh,int flags,int argc | ||
- | |||
,const char **argv) | ,const char **argv) | ||
- | |||
{ | { | ||
- | |||
return PAM_SUCCESS; | return PAM_SUCCESS; | ||
- | |||
} | } | ||
- | |||
- | |||
PAM_EXTERN | PAM_EXTERN | ||
- | |||
int pam_sm_close_session(pam_handle_t *pamh,int flags,int argc | int pam_sm_close_session(pam_handle_t *pamh,int flags,int argc | ||
- | |||
,const char **argv) | ,const char **argv) | ||
- | |||
{ | { | ||
- | |||
| | ||
- | |||
} | } | ||
- | |||
- | |||
/* end of module definition */ | /* end of module definition */ | ||
- | |||
- | |||
#ifdef PAM_STATIC | #ifdef PAM_STATIC | ||
- | |||
- | |||
/* static module data */ | /* static module data */ | ||
- | |||
- | |||
/*struct pam_module_pam_permit_modstruct = { | /*struct pam_module_pam_permit_modstruct = { | ||
- | |||
" | " | ||
- | |||
struct pam_module_pam_cgiar_ldap_modstruct = { | struct pam_module_pam_cgiar_ldap_modstruct = { | ||
- | |||
" | " | ||
- | |||
pam_sm_authenticate, | pam_sm_authenticate, | ||
- | |||
pam_sm_setcred, | pam_sm_setcred, | ||
- | |||
pam_sm_acct_mgmt, | pam_sm_acct_mgmt, | ||
- | |||
pam_sm_open_session, | pam_sm_open_session, | ||
- | |||
pam_sm_close_session, | pam_sm_close_session, | ||
- | |||
pam_sm_chauthtok | pam_sm_chauthtok | ||
- | |||
}; | }; | ||
- | |||
- | |||
#endif | #endif | ||
- | |||
- | |||
</ | </ |
ldap_integration.txt · Last modified: 2012/02/06 08:43 by aorth