@@ -1,8 +1,7 @@

 CXXFLAGS += -fPIC -fno-stack-protector

 CFLAGS += -fPIC -fno-stack-protector

-OBJS = logging.o conversation.o token.o dual_control.o

-HEADERS = logging.h test_support.h token.h

+OBJS = dual_control.o

 MODULELIB = pam_dual_control.so

@@ -25,27 +24,12 @@ clean:

 distclean: clean

 	@rm -f Makefile config.h

+dual_control.o: dual_control.h

-

-t_%.o: %.cc

-	$(CXX) -c $(CPPFLAGS) $(CXXFLAGS) -D UNIT_TEST -o $@ $<

-

-#dual_control_test: dual_control_test.o t_dual_control.o

-#	$(CXX) $(CXXFLAGS) $(CPPLAGS)  -lpam -o $@ $^

-#

-#logging_test: logging_test.o t_logging.o

-#	$(CXX) $(CXXFLAGS) $(CPPFLAGS) -lpam -o $@ $^

-#

-#token_test: token_test.o t_token.o

-#	$(CXX) $(CXXFLAGS) $(CPPFLAGS)  -lpam -o $@ $^

-

-user_test: user_test.o t_user.o

+validator_test: validator_test.o validator.o

 	$(CXX) $(CXXFLAGS) $(CPPFLAGS)  -o $@ $^

-validator_test: validator_test.o t_validator.o

-	$(CXX) $(CXXFLAGS) $(CPPFLAGS)  -o $@ $^

-

-conversation_test: conversation_test.o t_conversation.o

+conversation_test: conversation_test.o conversation.o

 	$(CXX) $(CXXFLAGS) $(CPPFLAGS)  -o $@ $^

 .PHONY: test

@@ -53,11 +37,6 @@ test: validator_test conversation_test

 	@./validator_test

 	@./conversation_test

-#	@./dual_control_test

-#	@./logging_test

-#	@./token_test

-#	@echo all tests passed

-

 .PHONY: install

 install: $(OBJS)

 ifeq ($(UNAME_S), Linux)

@@ -1,29 +1,21 @@

-#include <security/pam_appl.h>

 #include <security/pam_modules.h>

-#include <cstring>

-#include <cstdlib>

+#include <string>

+#include <memory>

+#include <vector>

-#include "logging.h"

-#include "conversation.h"

-#include "validator.h"

+#include "arguments.h"

-extern validator system_validator;

+std::vector<const std::string> convert_arguments(int argc, const char **argv);

-PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) {

-

-    pam_token_conversation conversation(pamh);

-    int returned_validation = system_validator.validate(conversation.user_name(), conversation.token());

+extern dual_control dc;

-    if (returned_validation) {

-        log_success();

-        return PAM_SUCCESS;

-    } else {

-        log_failure();

-        return PAM_AUTH_ERR;

-    }

+PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) {

+    std::vector<const std::string> arguments = convert_arguments(argc, argv);

+    return dc.authenticate(pamh, flags, arguments);

 }

 PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv) {

-    return PAM_SUCCESS;

+    std::vector<const std::string> arguments = convert_arguments(argc, argv);

+    return dc.setcred(pamh, flags, arguments);

 }

new file mode 100644

@@ -0,0 +1,28 @@

+#ifndef _DUAL_CONTROL_H

+#define _DUAL_CONTROL_H

+

+#include <string>

+#include <memory>

+#include <vector>

+#include <security/pam_modules.h>

+

+class dual_control_ifc {

+    public:

+        virtual int authenticate(pam_handle_t *handle, int flags, const std::vector<const std::string> &arguments ) = 0;

+        virtual int setcred(pam_handle_t *handle, int flags, const std::vector<const std::string> &arguments) = 0;

+};

+

+class dual_control : public dual_control_ifc {

+    private:

+        std::shared_ptr<dual_control_ifc> delegate_;

+    public:

+        int authenticate(pam_handle_t *handle, int flags, const std::vector<const std::string> &arguments ) {

+            return delegate_->authenticate(handle, flags, arguments);

+        }

+        int setcred(pam_handle_t *handle, int flags, const std::vector<const std::string> &arguments) {

+            return delegate_->setcred(handle, flags, arguments);

+        }

+};

+

+#endif

+

@@ -10,9 +10,7 @@ class user_token_supplier {

     public:

        virtual std::string token(const user_p user) = 0;

 };

-

 typedef std::shared_ptr<user_token_supplier> user_token_supplier_p;

-int validate_token(const char *user, const char *token);

 #endif