Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- --- ConsoleKit_orig/pam-ck-connector/Makefile.am 2013-01-08 13:28:05.000000000 +0400
- +++ ConsoleKit/pam-ck-connector/Makefile.am 2013-01-08 13:29:57.000000000 +0400
- @@ -5,6 +5,7 @@
- INCLUDES = \
- $(LIBDBUS_CFLAGS) \
- -I$(top_builddir)/libck-connector \
- + -DLIBEXECDIR=\""$(libexecdir)"\" \
- $(NULL)
- pamlibdir = $(PAM_MODULE_DIR)
- --- ConsoleKit_orig/pam-ck-connector/pam-ck-connector.c 2013-01-08 13:28:05.000000000 +0400
- +++ ConsoleKit/pam-ck-connector/pam-ck-connector.c 2013-01-08 13:35:08.000000000 +0400
- @@ -36,11 +36,13 @@
- #include <string.h>
- #include <syslog.h>
- #include <sys/stat.h>
- +#include <sys/wait.h>
- #include <sys/types.h>
- #include <unistd.h>
- #include <dirent.h>
- #include <limits.h>
- #include <errno.h>
- +#include <fcntl.h>
- #ifdef HAVE_PATHS_H
- #include <paths.h>
- @@ -228,6 +230,129 @@
- return PAM_SUCCESS;
- }
- +static const char*
- +exec_command (char **argvv)
- +{
- + pid_t pid;
- + int fds[2];
- +
- + if (pipe (fds) != 0)
- + return NULL;
- +
- + pid = fork ();
- + if (pid == -1)
- + {
- + close (fds[0]);
- + close (fds[1]);
- + return NULL;
- + }
- +
- + if (pid > 0) /* parent */
- + {
- + close (fds[1]);
- +
- + int status = 0;
- + pid_t retval;
- + char *output = NULL;
- +
- + retval = waitpid (pid, &status, 0);
- + if ((retval == (pid_t)-1) || (status != 0))
- + goto out;
- +
- + int len;
- + char buf[2048];
- + len = read (fds[0], buf, sizeof(buf));
- + if (len <= 0)
- + goto out;
- +
- + buf[len] = '\0';
- + output = strdup (buf);
- +
- + out:
- + close (fds[0]);
- + return output;
- + }
- + else /* child */
- + {
- + close (fds[0]);
- +
- + if (geteuid () == 0) {
- + /* must set the real uid to 0 so the helper will not error
- + * out if pam is called from setuid binary (su, sudo...) */
- + setuid (0);
- + }
- +
- + /* connect stdout to pipe and stdin to /dev/null */
- + int i;
- + i = open (("/dev/null"), O_RDWR);
- + if (i < 0)
- + _exit (errno);
- +
- + if ((dup2 (i, STDIN_FILENO) == -1) || (dup2 (fds[1], STDOUT_FILENO) == -1))
- + _exit (errno);
- +
- + for (i = 3; i < sysconf (_SC_OPEN_MAX); i++)
- + close (i);
- +
- + execv (argvv[0], argvv);
- + _exit (errno);
- + }
- +
- + return NULL; /* will never be reached */
- +}
- +
- +static char *
- +bintohex (int len,
- + const char *bindata)
- +{
- + char *hexdata, *starthex;
- + register char *s = (char *)malloc (3);
- +
- + /* two chars per byte, plus null termination */
- + starthex = hexdata = (char *)malloc (2*len + 1);
- + if (!hexdata)
- + return NULL;
- +
- + for (; len > 0; len--, bindata++) {
- + sprintf (s, "%02x", (unsigned char)*bindata);
- + *hexdata++ = s[0];
- + *hexdata++ = s[1];
- + }
- + free (s);
- + *hexdata = '\0';
- + return starthex;
- +}
- +
- +static const char *
- +get_x11_display_device (pam_handle_t *pamh,
- + const char *x11_display)
- +{
- + /* ck-get-x11-display-device uses XOpenDisplay */
- + /* so we need cookie */
- + const struct pam_xauth_data *xdt;
- + char *cktool_cmd[5];
- + int res;
- + char *key;
- + const char *x11_display_device;
- +
- + res = pam_get_item (pamh, PAM_XAUTHDATA, (const void **) &xdt);
- + if (res != PAM_SUCCESS || xdt == NULL)
- + return NULL;
- +
- + key = bintohex (xdt->datalen, xdt->data);
- +
- + cktool_cmd[0] = LIBEXECDIR "/get-x11-display-device.sh";
- + cktool_cmd[1] = x11_display; /* displayname */
- + cktool_cmd[2] = xdt->name; /* protocolname */
- + cktool_cmd[3] = key; /* hexkey */
- + cktool_cmd[4] = NULL;
- +
- + x11_display_device = exec_command (cktool_cmd);
- +
- + free (key);
- + return x11_display_device;
- +}
- +
- PAM_EXTERN int
- pam_sm_open_session (pam_handle_t *pamh,
- int flags,
- @@ -304,6 +429,10 @@
- snprintf (ttybuf, len, _PATH_DEV "%s", display_device);
- display_device = ttybuf;
- }
- +
- + x11_display_device = NULL;
- + if (x11_display != NULL)
- + x11_display_device = get_x11_display_device (pamh, x11_display);
- remote_host_name = NULL;
- s = NULL;
- @@ -330,7 +459,6 @@
- }
- }
- - x11_display_device = NULL;
- if ((s = pam_getenv (pamh, "CKCON_X11_DISPLAY_DEVICE")) != NULL) {
- x11_display_device = s;
- if (opt_debug) {
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement