aboutsummaryrefslogtreecommitdiff
path: root/src-qt5/core/lumina-checkpass
diff options
context:
space:
mode:
authorKen Moore <moorekou@gmail.com>2020-04-24 19:46:06 -0400
committerKen Moore <moorekou@gmail.com>2020-04-24 19:46:06 -0400
commit915e684ff46a331e1146f9b4329beab04fde9fd1 (patch)
tree5976a4e63f1191efaf613e31058a197143159fce /src-qt5/core/lumina-checkpass
parentInitial merge of the screensaver into the main lumina-desktop builds (diff)
downloadlumina-915e684ff46a331e1146f9b4329beab04fde9fd1.tar.gz
lumina-915e684ff46a331e1146f9b4329beab04fde9fd1.tar.bz2
lumina-915e684ff46a331e1146f9b4329beab04fde9fd1.zip
More updates.
Getting ready for the screensaver to go live. Still need to fix lumina-checkpass PAM-implementation. Apparently the openpam lib is FreeBSD-only.
Diffstat (limited to 'src-qt5/core/lumina-checkpass')
-rw-r--r--src-qt5/core/lumina-checkpass/main.c22
1 files changed, 19 insertions, 3 deletions
diff --git a/src-qt5/core/lumina-checkpass/main.c b/src-qt5/core/lumina-checkpass/main.c
index 70caf396..f7d55c7d 100644
--- a/src-qt5/core/lumina-checkpass/main.c
+++ b/src-qt5/core/lumina-checkpass/main.c
@@ -22,7 +22,18 @@
//PAM/security libraries
#include <sys/types.h>
#include <security/pam_appl.h>
-#include <security/openpam.h>
+
+//Found this little snippet from SDDM - nice alternative to using the entire openpam library from FreeBSD
+static int PAM_conv(
+ int num_msg,
+ const struct pam_message **msg,
+ struct pam_response **resp,
+ void *ctx)
+{
+ return 0;
+}
+//-----
+
void showUsage(){
puts("lumina-checkpass: Simple user-level check for password validity (for screen unlockers and such).");
@@ -74,12 +85,17 @@ int main(int argc, char** argv){
if( getuid() != pwd->pw_uid ){ return 1; } //Current UID does not match currently logged-in user UID
//Create the non-interactive PAM structures
pam_handle_t *pamh;
- struct pam_conv pamc = { openpam_nullconv, NULL };
+ struct pam_conv pamc = { &PAM_conv, 0 };
//Place the user-supplied password into the structure
+#ifdef __linux__
int ret = pam_start( "system", cUser, &pamc, &pamh);
- if(ret != PAM_SUCCESS){ return 1; } //could not init PAM
+#else
+ int ret = pam_start( "system-auth", cUser, &pamc, &pamh);
+#endif
+ if(ret != PAM_SUCCESS){ puts("Could not initialize PAM"); return 1; } //could not init PAM
//char* cPassword = argv[1];
ret = pam_set_item(pamh, PAM_AUTHTOK, pass);
+ if(ret != PAM_SUCCESS){ puts("Could not set conversation structure"); }
//Authenticate with PAM
ret = pam_authenticate(pamh,0); //this can be true without verifying password if pam_self.so is used in the auth procedures (common)
if( ret == PAM_SUCCESS ){ ret = pam_acct_mgmt(pamh,0); } //Check for valid, unexpired account and verify access restrictions
bgstack15