mirror of
git://git.gnu.org.ua/pam-modules.git
synced 2025-04-26 00:19:52 +03:00
Minor fixes
* configure.ac: Don't build static libraries. * examples/ldappubkey: Optionally authenticate via PAM`
This commit is contained in:
Sergey Poznyakoff
parent
23951fcddb
commit
082c967151
5 changed files with 25 additions and 4 deletions
|
|
@ -35,6 +35,7 @@ dnl Checks for programs.
|
|||
AC_PROG_CC
|
||||
AC_PROG_INSTALL
|
||||
|
||||
AM_DISABLE_STATIC
|
||||
LT_PREREQ(2.2.5a)
|
||||
LT_INIT
|
||||
|
||||
|
|
|
|||
|
|
@ -127,7 +127,16 @@ Full hostname of the machine.
|
|||
Default value is:
|
||||
|
||||
(&(objectClass=posixAccount)($uid=$arg))
|
||||
|
||||
|
||||
=item B<PublicKeyPAMService> I<NAME>
|
||||
|
||||
If this setting is present, B<ldappubkey> will first try to authenticate
|
||||
using LDAP service I<NAME> and the user name supplied in the command line.
|
||||
It will exit immediately if the authentication fails.
|
||||
|
||||
This can be used to enforce additional restrictions on who is allowed to
|
||||
log in remotely on the server.
|
||||
|
||||
=back
|
||||
|
||||
=head1 OPTIONS
|
||||
|
|
@ -279,6 +288,17 @@ my $arg = $ARGV[0];
|
|||
my $hostname = get_fqdn_hostname();
|
||||
$filter =~ s/(?<!\\)(\$(?:uid|arg|hostname))/$1/eeg;
|
||||
|
||||
if (my $service = $config{publickeypamservice}) {
|
||||
use Authen::PAM qw(:constants);
|
||||
my $pamh;
|
||||
ref($pamh = new Authen::PAM($service, $arg)) ||
|
||||
die "Error code $pamh during PAM init!";
|
||||
my $res = $pamh->pam_authenticate;
|
||||
if ($res != PAM_SUCCESS) {
|
||||
die "pam_authenticate: ". $pamh->pam_strerror($res) . "\n";
|
||||
}
|
||||
}
|
||||
|
||||
my $res = assert($ldap->search(base => $config{'base'},
|
||||
filter => $filter,
|
||||
attrs => \@attrs ),
|
||||
|
|
|
|||
|
|
@ -62,7 +62,7 @@ struct pam_opt pam_opt[] = {
|
|||
#endif
|
||||
|
||||
int
|
||||
xgetname (int (*getfn)(char *, size_t), char **storage)
|
||||
xgetname(int (*getfn)(char *, size_t), char **storage)
|
||||
{
|
||||
char *buffer = NULL;
|
||||
size_t size = 0;
|
||||
|
|
|
|||
|
|
@ -105,7 +105,7 @@ static int
|
|||
read_fd(pam_handle_t *pamh, const char *file, int fd)
|
||||
{
|
||||
char buf[1024], *p;
|
||||
ssize_t rd;
|
||||
ssize_t rd = 0;
|
||||
size_t total = 0;
|
||||
size_t level = 0;
|
||||
|
||||
|
|
|
|||
|
|
@ -120,7 +120,7 @@ pamck_conv(int num_msg, const struct pam_message **msg,
|
|||
if (!reply)
|
||||
return PAM_CONV_ERR;
|
||||
for (i = 0; i < num_msg; i++) {
|
||||
char *str;
|
||||
char *str = NULL;
|
||||
|
||||
switch (msg[i]->msg_style) {
|
||||
case PAM_PROMPT_ECHO_OFF:
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue