Proper use of pam_get_item()

Jason Gerfen <jason.gerfen@xxxxxxxxxxxx> · Thu, 18 Nov 2004 06:57:00 -0700

Gathering username/password from PAM.  I am having a hard time 
attempting to gather the user credentials.  Here is my code:

/* PAM includes */
#include <security/pam_modules.h>
#include <security/_pam_macros.h>
#include <security/pam_appl.h>

/* PAM definitions */
#define PAM_SM_ACCOUNT
#define PAM_SM_AUTH
#define PAM_SM_PASSWORD
#define PAM_SM_SESSION

typedef struct usrData * udataptr;
struct usrData {
   const char * usrname;
   char * password;
} localUser;

/* Handle our authentication process */
PAM_EXTERN
int pam_sm_authenticate( pam_handle_t *pamh, int flags, int argc,
                        const char **argv )
{
   int retval, i;
   udataptr myUser = &localUser;
   myConfigPtr myConfig = &localConfig;
   char user[15];
   const void ** password;

   myUser->usrname=user;

   struct pam_conv *conv = NULL;
   struct pam_message message;
   const struct pam_message *msg;
   struct pam_response *response;

   /* Get our username from PAM */

   if( ( retval = pam_get_user( pamh, &( myUser->usrname ), "PAM_test 
login: " ) != PAM_SUCCESS ) ) {

       _pam_log( LOG_ERR, "Error: %s", pam_strerror( pamh, retval ) );

       return 1;

   } else {

       _pam_log( LOG_ERR, "Obtained Username: %s", myUser->usrname );

   }

   /* PAM conversion stuff just to get to the bloody password */

   if( ( retval = pam_get_item( pamh, PAM_CONV, ( const void ** ) &conv 
) != PAM_SUCCESS ) ) {

       _pam_log( LOG_ERR, "Error: %s", pam_strerror( pamh, retval ) );

       return 1;

   } else {

       message.msg_style = PAM_PROMPT_ECHO_OFF;

       message.msg = "pam_test login: ";

       msg = &message;

       retval = ( *conv->conv )( 1, &msg, &response, conv->appdata_ptr );

       if( retval == PAM_SUCCESS ) {

   // THIS IS WHERE IT CRASHES??? I am passing the 3rd argument 
correctly as a const void **

           if( ( retval = pam_get_item( pamh, PAM_AUTHTOK, password ) 
!= PAM_SUCCESS ) ) {

               _pam_log( LOG_ERR, "Error: %s", pam_strerror( pamh, 
retval ) );

               return 1;

           } else {

               strcpy( *( &( myUser->password ) ), *password );

           }

       } else {

           _pam_log( LOG_ERR, "Error: %s", pam_strerror( pamh, retval ) );

           return 1;

       }

   }

Any help is appreciated...

--
Jason Gerfen
jason.gerfen@xxxxxxxxxxxx

"And remember... If the ladies
don't find you handsome, they
should at least find you handy..."
            ~The Red Green show

_______________________________________________

Pam-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/pam-list