[X2Go-Commits] libpam-x2go.git - x2gosession (branch) updated: 86984a06c0841c7f973337581a9134f1cf0ad3f2

Wed Apr 24 18:47:20 CEST 2013

The branch, x2gosession has been updated
       via  86984a06c0841c7f973337581a9134f1cf0ad3f2 (commit)
      from  453e570ea9b890eee61ef3aca99e5601cb0a0a3c (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
-----------------------------------------------------------------------

Summary of changes:
 src/pam-freerdp.c |   52 ++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 52 insertions(+)

The diff of changes is:

diff --git a/src/pam-freerdp.c b/src/pam-freerdp.c
index 259219a..edf9eca 100644
--- a/src/pam-freerdp.c
+++ b/src/pam-freerdp.c
@@ -1,5 +1,7 @@
 #include <stdlib.h>
 #include <string.h>
+#include <unistd.h>
+#include <sys/wait.h>
 
 #include <security/pam_modules.h>
 #include <security/pam_modutil.h>
@@ -67,6 +69,9 @@ get_item (pam_handle_t * pamh, int type)
 		goto done; \
 	}
 
+/* TODO: Make this a build thing */
+#define XFREERDP "/usr/bin/xfreerdp"
+
 /* Authenticate.  We need to make sure we have a user account, that
    there are remote accounts and then verify them with FreeRDP */
 PAM_EXTERN int
@@ -79,12 +84,59 @@ pam_sm_authenticate (pam_handle_t *pamh, int flags, int argc, const char **argv)
 	char * rdomain = NULL;
 	int retval = PAM_IGNORE;
 
+	/* Get all the values, or prompt for them, or return with
+	   an auth error */
 	GET_ITEM(username, PAM_USER);
 	GET_ITEM(ruser,    PAM_RUSER);
 	GET_ITEM(rhost,    PAM_RHOST);
 	GET_ITEM(rdomain,  PAM_TYPE_DOMAIN);
 	GET_ITEM(password, PAM_AUTHTOK);
 
+	/* At this point we should have the values, let's check the auth */
+	pid_t pid;
+	switch (pid = fork()) {
+	case 0: { /* child */
+		char * args[13];
+		args[0] = XFREERDP;
+		args[1] = "--plugin";
+		args[2] = "rdpsnd.so";
+		args[3] = "--no-nla";
+		args[4] = "-f";
+		args[5] = "--ignore-certificate"; /* TODO: Change when we set the home directory properly */
+		
+		/* TODO: Use stdin */
+		args[6] = "-u";
+		args[7] = ruser;
+		args[8] = "-p";
+		args[9] = password;
+		args[10] = "-d";
+		args[11] = rdomain;
+
+		args[12] = NULL;
+
+		/* TODO: Drop privs */
+		/* TODO: Home directory environment to user's home */
+		execvp(args[0], args);
+		_exit(EXIT_FAILURE);
+		break;
+	}
+	case -1: { /* fork'n error! */
+		retval = PAM_SYSTEM_ERR;
+		break;
+	}
+	default: {
+		int forkret = 0;
+		if (waitpid(pid, &forkret, 0) < 0) {
+			retval = PAM_SYSTEM_ERR;
+		} else if (forkret == 0) {
+			retval = PAM_SUCCESS;
+		} else {
+			retval = PAM_AUTH_ERR;
+		}
+	}
+	}
+
+	/* Free Memory and return our status */
 done:
 	if (username != NULL) { free(username); }
 	if (password != NULL) { free(password); }


hooks/post-receive
-- 
libpam-x2go.git (Remote login session via X2Go (PAM module))

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "libpam-x2go.git" (Remote login session via X2Go (PAM module)).


