1
/* -*- mode: c++; c-basic-offset: 2; indent-tabs-mode: nil; -*-
2
* vim:expandtab:shiftwidth=2:tabstop=2:smarttab:
4
* Copyright (C) 2009 Sun Microsystems
6
* This program is free software; you can redistribute it and/or modify
7
* it under the terms of the GNU General Public License as published by
8
* the Free Software Foundation; version 2 of the License.
10
* This program is distributed in the hope that it will be useful,
11
* but WITHOUT ANY WARRANTY; without even the implied warranty of
12
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13
* GNU General Public License for more details.
15
* You should have received a copy of the GNU General Public License
16
* along with this program; if not, write to the Free Software
17
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
21
Sections of this were taken/modified from mod_auth_path for Apache
2
Sections of this where taken/modified from mod_auth_path for Apache
5
#define DRIZZLE_SERVER 1
6
#include <drizzled/server_includes.h>
7
#include <drizzled/plugin_authentication.h>
27
8
#include <security/pam_appl.h>
28
#if !defined(__sun) && !defined(__FreeBSD__)
29
10
#include <security/pam_misc.h>
32
#include "drizzled/security_context.h"
33
#include "drizzled/plugin/authentication.h"
35
using namespace drizzled;
39
15
const char *password;
40
16
} auth_pam_userinfo;
43
int auth_pam_talker(int num_msg,
45
struct pam_message **msg,
47
const struct pam_message **msg,
49
struct pam_response **resp,
52
int auth_pam_talker(int num_msg,
54
struct pam_message **msg,
56
const struct pam_message **msg,
58
struct pam_response **resp,
18
static int auth_pam_talker(int num_msg,
20
struct pam_message **msg,
22
const struct pam_message **msg,
24
struct pam_response **resp,
61
27
auth_pam_userinfo *userinfo = (auth_pam_userinfo*)appdata_ptr;
62
28
struct pam_response *response = 0;
72
38
return PAM_CONV_ERR;
75
for(x= 0; x < num_msg; x++)
41
for(x= 0; x < num_msg; x++)
77
43
/* initialize to safe values */
78
44
response[x].resp_retcode= 0;
79
45
response[x].resp= 0;
81
47
/* select response based on requested output style */
82
switch(msg[x]->msg_style)
48
switch(msg[x]->msg_style)
84
50
case PAM_PROMPT_ECHO_ON:
85
51
/* on memory allocation failure, auth fails */
101
67
return PAM_SUCCESS;
104
class Auth_pam : public drizzled::plugin::Authentication
107
Auth_pam(std::string name_arg)
108
: drizzled::plugin::Authentication(name_arg) {}
109
virtual bool authenticate(const SecurityContext &sctx,
110
const std::string &password)
113
auth_pam_userinfo userinfo= { NULL, NULL };
114
struct pam_conv conv_info= { &auth_pam_talker, (void*)&userinfo };
115
pam_handle_t *pamh= NULL;
117
userinfo.name= sctx.getUser().c_str();
118
userinfo.password= password.c_str();
120
retval= pam_start("drizzle", userinfo.name, &conv_info, &pamh);
122
if (retval == PAM_SUCCESS)
123
retval= pam_authenticate(pamh, PAM_DISALLOW_NULL_AUTHTOK);
125
if (retval == PAM_SUCCESS)
126
retval= pam_acct_mgmt(pamh, PAM_DISALLOW_NULL_AUTHTOK);
128
pam_end(pamh, retval);
130
return (retval == PAM_SUCCESS) ? true: false;
135
static Auth_pam *auth= NULL;
137
static int initialize(drizzled::module::Context &context)
139
auth= new Auth_pam("auth_pam");
144
DRIZZLE_DECLARE_PLUGIN
70
static bool authenticate(THD *thd, const char *password)
73
auth_pam_userinfo userinfo= { NULL, NULL };
74
struct pam_conv conv_info= { &auth_pam_talker, (void*)&userinfo };
75
pam_handle_t *pamh= NULL;
77
userinfo.name= thd->main_security_ctx.user;
78
userinfo.password= password;
80
retval= pam_start("check_user", userinfo.name, &conv_info, &pamh);
82
if (retval == PAM_SUCCESS)
83
retval= pam_authenticate(pamh, PAM_DISALLOW_NULL_AUTHTOK);
85
if (retval == PAM_SUCCESS)
86
retval= pam_acct_mgmt(pamh, PAM_DISALLOW_NULL_AUTHTOK);
88
pam_end(pamh, retval);
90
return (retval == PAM_SUCCESS) ? true: false;
93
static int initialize(void *p)
95
authentication_st *auth= (authentication_st *)p;
97
auth->authenticate= authenticate;
102
static int finalize(void *p)
109
mysql_declare_plugin(auth_pam)
150
115
"PAM based authenication.",
151
116
PLUGIN_LICENSE_GPL,
152
117
initialize, /* Plugin Init */
118
finalize, /* Plugin Deinit */
119
NULL, /* status variables */
153
120
NULL, /* system variables */
154
121
NULL /* config options */
156
DRIZZLE_DECLARE_PLUGIN_END;
123
mysql_declare_plugin_end;