diff options
| author | Mattias Andrée <maandree@operamail.com> | 2013-11-20 21:02:25 +0100 |
|---|---|---|
| committer | Mattias Andrée <maandree@operamail.com> | 2013-11-20 21:02:25 +0100 |
| commit | 61733cebeb3a752d5fae2b87b605ce82d15ba88f (patch) | |
| tree | e6a49822700130f0d17a56c7868ac3f20b7bcc9b /src/pam.c | |
| parent | only root may use -f (diff) | |
| download | libpassphrase-61733cebeb3a752d5fae2b87b605ce82d15ba88f.tar.gz libpassphrase-61733cebeb3a752d5fae2b87b605ce82d15ba88f.tar.bz2 libpassphrase-61733cebeb3a752d5fae2b87b605ce82d15ba88f.tar.xz | |
some work on pam usage
Signed-off-by: Mattias Andrée <maandree@operamail.com>
Diffstat (limited to 'src/pam.c')
| -rw-r--r-- | src/pam.c | 49 |
1 files changed, 48 insertions, 1 deletions
@@ -26,6 +26,9 @@ #include "pam.h" +#define __failed(RC) ((RC) != PAM_SUCCESS) + + /** * The PAM handle */ @@ -44,7 +47,7 @@ static struct pam_conv conv = { misc_conv, NULL }; */ static void do_pam(int rc) { - if (rc != PAM_SUCCESS) + if (__failed(rc)) { const char* msg = pam_strerror(handle, rc); if (msg) @@ -75,3 +78,47 @@ void initialise_pam(char* remote, char* username) do_pam(pam_set_item(handle, PAM_TTY, ttyname(STDIN_FILENO) ?: "(none)")); } + +/** + * Verify that the account may be used + */ +void verify_account_pam(void) +{ + int rc = pam_acct_mgmt(handle, 0); + if (rc == PAM_NEW_AUTHTOK_REQD) + rc = pam_chauthtok(handle, PAM_CHANGE_EXPIRED_AUTHTOK); + do_pam(rc); +} + + +/** + * Open PAM session + */ +void open_session_pam(void) +{ + int rc; + do_pam(pam_setcred(handle, PAM_ESTABLISH_CRED)); + + if (__failed(rc = pam_open_session(handle, 0))) + { + pam_setcred(handle, PAM_DELETE_CRED); + do_pam(rc); + } + + if (__failed(rc = pam_setcred(handle, PAM_REINITIALIZE_CRED))) + { + pam_close_session(handle, 0); + do_pam(rc); + } +} + + +/** + * Close PAM session + */ +void close_session_pam(void) +{ + pam_setcred(handle, PAM_DELETE_CRED); + pam_end(handle, pam_close_session(handle, 0)); +} + |