Browse code
checkpoint
Greg Wiley authored on 13/04/2017 17:54:49Showing 4 changed files
| ... | ... |
@@ -3,6 +3,18 @@ |
| 3 | 3 |
|
| 4 | 4 |
#include <security/pam_modules.h> |
| 5 | 5 |
|
| 6 |
+class token_conversation {
|
|
| 7 |
+ public: |
|
| 8 |
+ virtual ~token_conversation() {}
|
|
| 9 |
+ virtual std::string token() = 0; |
|
| 10 |
+ virtual std::string user_name() = 0; |
|
| 11 |
+} |
|
| 12 |
+ |
|
| 13 |
+class pam_token_conversation : token_conversation {
|
|
| 14 |
+ public: |
|
| 15 |
+ pam_token_conversation(pam_handle_t *pamh); |
|
| 16 |
+} |
|
| 17 |
+ |
|
| 6 | 18 |
char const *ask_for_token(pam_handle_t *pamh); |
| 7 | 19 |
|
| 8 | 20 |
#endif |
| ... | ... |
@@ -4,25 +4,15 @@ |
| 4 | 4 |
#include <cstdlib> |
| 5 | 5 |
|
| 6 | 6 |
#include "logging.h" |
| 7 |
-#include "token.h" |
|
| 8 | 7 |
#include "conversation.h" |
| 8 |
+#include "validator.h" |
|
| 9 | 9 |
|
| 10 |
-PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) {
|
|
| 11 |
- const char *returned_token = ask_for_token(pamh); |
|
| 10 |
+extern validator system_validator; |
|
| 12 | 11 |
|
| 13 |
- int returned_token_length = strlen(returned_token); |
|
| 14 |
- char working_token[returned_token_length + 1]; |
|
| 15 |
- strcpy(working_token, returned_token); |
|
| 16 |
- char *colon = strchr(working_token, ':'); |
|
| 17 |
- if(!colon) {
|
|
| 18 |
- return PAM_AUTH_ERR; |
|
| 19 |
- } |
|
| 20 |
- |
|
| 21 |
- *colon = 0; |
|
| 22 |
- char *user = working_token; |
|
| 23 |
- char *token = colon + 1; |
|
| 12 |
+PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) {
|
|
| 24 | 13 |
|
| 25 |
- int returned_validation = validate_token(user, token); |
|
| 14 |
+ pam_token_conversation conversation(pamh); |
|
| 15 |
+ int returned_validation = system_validator.validate(conversation.user_name(), conversation.token()); |
|
| 26 | 16 |
|
| 27 | 17 |
if (returned_validation) {
|
| 28 | 18 |
log_success(); |
| ... | ... |
@@ -10,65 +10,10 @@ |
| 10 | 10 |
#include <memory> |
| 11 | 11 |
#include <fstream> |
| 12 | 12 |
|
| 13 |
-#include "token.h" |
|
| 14 |
-#include "test_support.h" |
|
| 15 |
- |
|
| 16 |
- |
|
| 17 |
-typedef struct passwd passwd_t; |
|
| 18 |
-class user {
|
|
| 19 |
- private: |
|
| 20 |
- std::vector<char> passwd_buffer; |
|
| 21 |
- std::shared_ptr<passwd_t> sys_user_info; |
|
| 22 |
- |
|
| 23 |
- public: |
|
| 24 |
- user(const std::string &user_name); |
|
| 25 |
- bool valid(); |
|
| 26 |
- const std::string token(); |
|
| 27 |
- |
|
| 28 |
-}; |
|
| 29 |
- |
|
| 30 |
-const std::string user::token() {
|
|
| 31 |
- // compute the token file path |
|
| 32 |
- std::string filepath = (std::string)sys_user_info->pw_dir + "/.dual_control"; |
|
| 33 |
- // does the file exist? |
|
| 34 |
- std::ifstream token_file(filepath); |
|
| 35 |
- if (!token_file.good()) {
|
|
| 36 |
- return ""; |
|
| 37 |
- } |
|
| 38 |
- |
|
| 39 |
- // read file |
|
| 40 |
- int token_length = 6; |
|
| 41 |
- std::vector<char> token_buffer(token_length + 1); |
|
| 42 |
- token_file.read(token_buffer.data(), token_length); |
|
| 43 | 13 |
|
| 44 |
- // return contents |
|
| 45 |
- return token_buffer.data(); |
|
| 46 |
-} |
|
| 47 |
- |
|
| 48 |
-bool user::valid() {
|
|
| 49 |
- return sys_user_info; |
|
| 50 |
-} |
|
| 51 |
- |
|
| 52 |
-user::user(const std::string &user_name) : |
|
| 53 |
- passwd_buffer(sysconf(_SC_GETPW_R_SIZE_MAX)) {
|
|
| 54 |
- std::shared_ptr<passwd> temp_passwd(new passwd); |
|
| 55 |
- struct passwd *found_passwd(0); |
|
| 56 |
- getpwnam_r(user_name.c_str(), sys_user_info.get(), passwd_buffer.data(), passwd_buffer.size(), &found_passwd); |
|
| 57 |
- |
|
| 58 |
- if (found_passwd) {
|
|
| 59 |
- sys_user_info = temp_passwd; |
|
| 60 |
- } |
|
| 61 |
-} |
|
| 62 |
- |
|
| 63 |
-int validate_token(const char *c_user_name, const char *c_token) {
|
|
| 64 |
- |
|
| 65 |
- user_p user(create_user(c_user_name)); |
|
| 66 |
- |
|
| 67 |
- validator_p validator(create_validator(user)); |
|
| 14 |
+#include "test_support.h" |
|
| 68 | 15 |
|
| 69 |
- return validator->valid(c_token); |
|
| 70 | 16 |
|
| 71 | 17 |
|
| 72 |
-} |
|
| 73 | 18 |
|
| 74 | 19 |
|