diff options
author | Ken Moore <moorekou@gmail.com> | 2020-04-24 19:46:06 -0400 |
---|---|---|
committer | Ken Moore <moorekou@gmail.com> | 2020-04-24 19:46:06 -0400 |
commit | 915e684ff46a331e1146f9b4329beab04fde9fd1 (patch) | |
tree | 5976a4e63f1191efaf613e31058a197143159fce /src-qt5/core/lumina-checkpass | |
parent | Initial merge of the screensaver into the main lumina-desktop builds (diff) | |
download | lumina-915e684ff46a331e1146f9b4329beab04fde9fd1.tar.gz lumina-915e684ff46a331e1146f9b4329beab04fde9fd1.tar.bz2 lumina-915e684ff46a331e1146f9b4329beab04fde9fd1.zip |
More updates.
Getting ready for the screensaver to go live.
Still need to fix lumina-checkpass PAM-implementation. Apparently the openpam lib is FreeBSD-only.
Diffstat (limited to 'src-qt5/core/lumina-checkpass')
-rw-r--r-- | src-qt5/core/lumina-checkpass/main.c | 22 |
1 files changed, 19 insertions, 3 deletions
diff --git a/src-qt5/core/lumina-checkpass/main.c b/src-qt5/core/lumina-checkpass/main.c index 70caf396..f7d55c7d 100644 --- a/src-qt5/core/lumina-checkpass/main.c +++ b/src-qt5/core/lumina-checkpass/main.c @@ -22,7 +22,18 @@ //PAM/security libraries #include <sys/types.h> #include <security/pam_appl.h> -#include <security/openpam.h> + +//Found this little snippet from SDDM - nice alternative to using the entire openpam library from FreeBSD +static int PAM_conv( + int num_msg, + const struct pam_message **msg, + struct pam_response **resp, + void *ctx) +{ + return 0; +} +//----- + void showUsage(){ puts("lumina-checkpass: Simple user-level check for password validity (for screen unlockers and such)."); @@ -74,12 +85,17 @@ int main(int argc, char** argv){ if( getuid() != pwd->pw_uid ){ return 1; } //Current UID does not match currently logged-in user UID //Create the non-interactive PAM structures pam_handle_t *pamh; - struct pam_conv pamc = { openpam_nullconv, NULL }; + struct pam_conv pamc = { &PAM_conv, 0 }; //Place the user-supplied password into the structure +#ifdef __linux__ int ret = pam_start( "system", cUser, &pamc, &pamh); - if(ret != PAM_SUCCESS){ return 1; } //could not init PAM +#else + int ret = pam_start( "system-auth", cUser, &pamc, &pamh); +#endif + if(ret != PAM_SUCCESS){ puts("Could not initialize PAM"); return 1; } //could not init PAM //char* cPassword = argv[1]; ret = pam_set_item(pamh, PAM_AUTHTOK, pass); + if(ret != PAM_SUCCESS){ puts("Could not set conversation structure"); } //Authenticate with PAM ret = pam_authenticate(pamh,0); //this can be true without verifying password if pam_self.so is used in the auth procedures (common) if( ret == PAM_SUCCESS ){ ret = pam_acct_mgmt(pamh,0); } //Check for valid, unexpired account and verify access restrictions |