Commit | Line | Data |
---|---|---|
3616b334 | 1 | /* |
2 | * Dolda Connect - Modular multiuser Direct Connect-style client | |
302a2600 | 3 | * Copyright (C) 2004 Fredrik Tolf <fredrik@dolda2000.com> |
3616b334 | 4 | * |
5 | * This program is free software; you can redistribute it and/or modify | |
6 | * it under the terms of the GNU General Public License as published by | |
7 | * the Free Software Foundation; either version 2 of the License, or | |
8 | * (at your option) any later version. | |
9 | * | |
10 | * This program is distributed in the hope that it will be useful, | |
11 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
12 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
13 | * GNU General Public License for more details. | |
14 | * | |
15 | * You should have received a copy of the GNU General Public License | |
16 | * along with this program; if not, write to the Free Software | |
17 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA | |
18 | */ | |
19 | ||
20 | #include <pwd.h> | |
21 | #include <sys/un.h> | |
22 | #include <errno.h> | |
23 | #include <string.h> | |
24 | #include <wchar.h> | |
25 | ||
26 | #ifdef HAVE_CONFIG_H | |
27 | #include <config.h> | |
28 | #endif | |
29 | #include "auth.h" | |
30 | #include "utils.h" | |
31 | #include "module.h" | |
32 | #include "conf.h" | |
33 | ||
34 | struct unixdata { | |
35 | char *username; | |
36 | }; | |
37 | ||
38 | static int inithandle(struct authhandle *auth, char *username) | |
39 | { | |
40 | struct unixdata *data; | |
41 | ||
42 | data = smalloc(sizeof(*data)); | |
43 | memset(data, 0, sizeof(*data)); | |
44 | data->username = sstrdup(username); | |
45 | auth->mechdata = data; | |
46 | return(0); | |
47 | } | |
48 | ||
49 | static void release(struct authhandle *auth) | |
50 | { | |
51 | struct unixdata *data; | |
52 | ||
53 | data = auth->mechdata; | |
54 | free(data->username); | |
55 | free(data); | |
56 | } | |
57 | ||
58 | static int unixauth(struct authhandle *auth, struct socket *sk, char *passdata) | |
59 | { | |
60 | struct passwd *pwd; | |
61 | struct unixdata *data; | |
d1ef0200 FT |
62 | uid_t uid; |
63 | gid_t gid; | |
3616b334 | 64 | |
65 | data = auth->mechdata; | |
66 | if((pwd = getpwnam(data->username)) == NULL) | |
67 | return(AUTH_ERR); | |
d1ef0200 | 68 | if(getucred(sk, &uid, &gid)) { |
75a50bc2 | 69 | errno = EOPNOTSUPP; /* Bleh */ |
3616b334 | 70 | return(AUTH_ERR); |
71 | } | |
d1ef0200 FT |
72 | if(pwd->pw_uid == uid) { |
73 | flog(LOG_INFO, "successful authentication as %s with Unix credentials (uid=%i, gid=%i)", data->username, uid, gid); | |
3616b334 | 74 | return(AUTH_SUCCESS); |
516eedd9 | 75 | } |
3616b334 | 76 | auth->text = swcsdup(L"Unix credentials do not match supplied user name"); |
77 | return(AUTH_DENIED); | |
78 | } | |
79 | ||
80 | static int available(struct socket *sk) | |
81 | { | |
d1ef0200 | 82 | return(sockfamily(sk) == PF_UNIX); |
3616b334 | 83 | } |
84 | ||
85 | static struct authmech mechdesc = { | |
86 | .inithandle = inithandle, | |
87 | .release = release, | |
88 | .authenticate = unixauth, | |
89 | .available = available, | |
90 | .name = L"unix", | |
91 | .enabled = 1 | |
92 | }; | |
93 | ||
94 | static int init(int hup) | |
95 | { | |
96 | if(!hup) | |
97 | regmech(&mechdesc); | |
98 | return(0); | |
99 | } | |
100 | ||
101 | static struct module me = { | |
102 | .init = init, | |
103 | .name = "auth-unix" | |
104 | }; | |
105 | MODULE(me) |