1 /* User authentication for vtysh.
2 * Copyright (C) 2000 Kunihiro Ishiguro
4 * This file is part of GNU Zebra.
6 * GNU Zebra is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2, or (at your option) any
11 * GNU Zebra is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
16 * You should have received a copy of the GNU General Public License along
17 * with this program; see the file COPYING; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
22 #include <lib/version.h>
27 #include <security/pam_appl.h>
28 #ifdef HAVE_PAM_MISC_H
29 #include <security/pam_misc.h>
32 #include <security/openpam.h>
39 #include "vtysh/vtysh_user.h"
42 * Compiler is warning about prototypes not being declared.
43 * The DEFUNSH and DEFUN macro's are messing with the
44 * compiler I believe. This is just to make it happy.
47 static int vtysh_pam(const char *);
50 void vtysh_user_init(void);
52 extern struct list
*config_top
;
53 extern void config_add_line(struct list
*config
, const char *line
);
56 static struct pam_conv conv
= {PAM_CONV_FUNC
, NULL
};
58 static int vtysh_pam(const char *user
)
61 pam_handle_t
*pamh
= NULL
;
64 ret
= pam_start(FRR_PAM_NAME
, user
, &conv
, &pamh
);
65 /* printf ("ret %d\n", ret); */
67 /* Is user really user? */
68 if (ret
== PAM_SUCCESS
)
69 ret
= pam_authenticate(pamh
, 0);
70 /* printf ("ret %d\n", ret); */
73 /* Permitted access? */
74 if (ret
== PAM_SUCCESS
)
75 ret
= pam_acct_mgmt (pamh
, 0);
76 printf ("ret %d\n", ret
);
78 if (ret
== PAM_AUTHINFO_UNAVAIL
)
82 /* This is where we have been authorized or not. */
84 if (ret
== PAM_SUCCESS
)
85 printf("Authenticated\n");
87 printf("Not Authenticated\n");
91 if (pam_end(pamh
, ret
) != PAM_SUCCESS
) {
93 fprintf(stderr
, "vtysh_pam: failed to release authenticator\n");
97 return ret
== PAM_SUCCESS
? 0 : 1;
106 struct list
*userlist
;
108 static struct vtysh_user
*user_new(void)
110 return XCALLOC(MTYPE_TMP
, sizeof(struct vtysh_user
));
113 static struct vtysh_user
*user_lookup(const char *name
)
115 struct listnode
*node
, *nnode
;
116 struct vtysh_user
*user
;
118 for (ALL_LIST_ELEMENTS(userlist
, node
, nnode
, user
)) {
119 if (strcmp(user
->name
, name
) == 0)
125 void user_config_write()
127 struct listnode
*node
, *nnode
;
128 struct vtysh_user
*user
;
131 for (ALL_LIST_ELEMENTS(userlist
, node
, nnode
, user
)) {
132 if (user
->nopassword
) {
133 sprintf(line
, "username %s nopassword", user
->name
);
134 config_add_line(config_top
, line
);
139 static struct vtysh_user
*user_get(const char *name
)
141 struct vtysh_user
*user
;
142 user
= user_lookup(name
);
147 user
->name
= strdup(name
);
148 listnode_add(userlist
, user
);
153 DEFUN (vtysh_banner_motd_file
,
154 vtysh_banner_motd_file_cmd
,
155 "banner motd file FILE",
158 "Banner from a file\n"
162 return cmd_banner_motd_file(argv
[idx_file
]->arg
);
165 DEFUN (username_nopassword
,
166 username_nopassword_cmd
,
167 "username WORD nopassword",
173 struct vtysh_user
*user
;
174 user
= user_get(argv
[idx_word
]->arg
);
175 user
->nopassword
= 1;
181 struct vtysh_user
*user
;
182 struct passwd
*passwd
;
184 if ((passwd
= getpwuid(geteuid())) == NULL
) {
185 fprintf(stderr
, "could not lookup user ID %d\n",
190 user
= user_lookup(passwd
->pw_name
);
191 if (user
&& user
->nopassword
)
195 if (vtysh_pam(passwd
->pw_name
))
202 char *vtysh_get_home(void)
204 struct passwd
*passwd
;
207 if ((homedir
= getenv("HOME")) != 0)
210 /* Fallback if HOME is undefined */
211 passwd
= getpwuid(getuid());
213 return passwd
? passwd
->pw_dir
: NULL
;
216 void vtysh_user_init(void)
218 userlist
= list_new();
219 install_element(CONFIG_NODE
, &username_nopassword_cmd
);
220 install_element(CONFIG_NODE
, &vtysh_banner_motd_file_cmd
);