implement basic PAM authentication

author: Jakob Kaivo <jkk@ung.org> 2021-02-01 13:09:18 -0500
committer: Jakob Kaivo <jkk@ung.org> 2021-02-01 13:09:18 -0500
commit: 56a7bd183c92c4f1b519376ccd6155a24bae970c (patch)
tree: 5041a2bea9c8cf5e67e4a20b765722948ce8fcde /check/pam.c
parent: 7e2116e5b07bd2a065bc9b8f1cbc63f57e41e285 (diff)
1 files changed, 41 insertions, 0 deletions
diff --git a/check/pam.c b/check/pam.c
new file mode 100644
index 0000000..00e9998
--- /dev/null
+++ b/check/pam.c
@@ -0,0 +1,41 @@
+#include <stdio.h>
+
+#include <security/pam_appl.h>
+#include <security/pam_misc.h>
+
+#include "check.h"
+
+/*
+static int pam_conv_f(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr)
+{
+	(void)num_msg;
+	(void)msg;
+	printf("msg: %s\n", (*msg)->msg);
+	(void)resp;
+	printf("resp: %s\n", (*resp)->resp);
+	(void)appdata_ptr;
+	return 0;
+}
+*/
+
+int authenticate(const char *user)
+{
+	int ret = 1;
+	pam_handle_t *pamh = NULL;
+	struct pam_conv conv = {
+		.conv = misc_conv,
+	};
+
+	if (pam_start(PAM_SERVICE_NAME, user, &conv, &pamh) != PAM_SUCCESS) {
+		fatal(0, "PAM error");
+		return 1;
+	}
+
+	if (pam_authenticate(pamh, 0) == PAM_SUCCESS) {
+		ret = 0;
+	}
+
+	pam_end(pamh, 0);
+
+	return ret;
+}
author	Jakob Kaivo <jkk@ung.org>	2021-02-01 13:09:18 -0500
committer	Jakob Kaivo <jkk@ung.org>	2021-02-01 13:09:18 -0500
commit	56a7bd183c92c4f1b519376ccd6155a24bae970c (patch)
tree	5041a2bea9c8cf5e67e4a20b765722948ce8fcde /check/pam.c
parent	7e2116e5b07bd2a065bc9b8f1cbc63f57e41e285 (diff)