* string.
*/
-static char *template = "~/.pam_cr/auth";
+static const char *template = "~/.pam_cr/auth";
-void authfile_template(char *str)
+void authfile_template(const char *str)
{
template = str;
}
static int path_size(const char *tokenid, const char *userid)
{
const char *usub;
- char *p, *q;
+ const char *p, *q;
struct passwd *pw;
if ((p = strchr(template, '~')) != strrchr(template, '~')) return 0;
make_path(char * const path, const char *tokenid, const char *userid)
{
const char *usub;
- char *p, *q;
+ const char *p;
+ char *q;
struct passwd *pw;
path[0] = '\0';
#ifndef _AUTHFILE_H
#define _AUTHFILE_H
-void authfile_template(char *template);
+void authfile_template(const char *template);
struct _auth_obj authfile(const char *tokenid,
const char *userid, const char *password,
struct _cfg {
int noaskpass;
int verbose;
+ int injectauth;
};
void parse_cfg(struct _cfg * const cfg, int argc, const char *argv[])
pcsc_option(argv[i]);
else if (!strcmp(argv[i], "verbose")) cfg->verbose = 1;
else if (!strcmp(argv[i], "noaskpass")) cfg->noaskpass = 1;
+ else if (!strcmp(argv[i], "injectauth")) cfg->injectauth = 1;
+ else if (!strncmp(argv[i], "path=", 5))
+ authfile_template(argv[i]+5);
}
}
if ((pam_err = pam_get_user(pamh, &user, NULL)) != PAM_SUCCESS) {
if (cfg.verbose) syslog(LOG_ERR, "get_user failed: %s",
pam_strerror(pamh, pam_err));
- return (pam_err);
+ return pam_err;
}
if (strspn(user, "0123456789") == strlen(user)) {
tokenid = user;
} else {
if (!user)
pam_set_item(pamh, PAM_USER, ao.data);
- if (ao.payload && ao.payload[0])
+ if (cfg.injectauth && ao.payload && ao.payload[0])
pam_set_item(pamh, PAM_AUTHTOK, ao.payload);
return PAM_SUCCESS;
}