]>
git.proxmox.com Git - mirror_frr.git/blob - vtysh/vtysh_user.c
1 /* User authentication for vtysh.
2 * Copyright (C) 2000 Kunihiro Ishiguro
4 * This file is part of GNU Zebra.
6 * GNU Zebra is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2, or (at your option) any
11 * GNU Zebra is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with GNU Zebra; see the file COPYING. If not, write to the Free
18 * Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA
23 #include <lib/version.h>
28 #include <security/pam_appl.h>
29 #ifdef HAVE_PAM_MISC_H
30 #include <security/pam_misc.h>
33 #include <security/openpam.h>
40 #include "vtysh/vtysh_user.h"
43 * Compiler is warning about prototypes not being declared.
44 * The DEFUNSH and DEFUN macro's are messing with the
45 * compiler I believe. This is just to make it happy.
48 static int vtysh_pam(const char *);
51 void vtysh_user_init(void);
53 extern struct list
*config_top
;
54 extern void config_add_line(struct list
*config
, const char *line
);
57 static struct pam_conv conv
=
64 vtysh_pam (const char *user
)
67 pam_handle_t
*pamh
= NULL
;
70 ret
= pam_start(QUAGGA_PROGNAME
, user
, &conv
, &pamh
);
71 /* printf ("ret %d\n", ret); */
73 /* Is user really user? */
74 if (ret
== PAM_SUCCESS
)
75 ret
= pam_authenticate (pamh
, 0);
76 /* printf ("ret %d\n", ret); */
79 /* Permitted access? */
80 if (ret
== PAM_SUCCESS
)
81 ret
= pam_acct_mgmt (pamh
, 0);
82 printf ("ret %d\n", ret
);
84 if (ret
== PAM_AUTHINFO_UNAVAIL
)
88 /* This is where we have been authorized or not. */
90 if (ret
== PAM_SUCCESS
)
91 printf("Authenticated\n");
93 printf("Not Authenticated\n");
97 if (pam_end (pamh
, ret
) != PAM_SUCCESS
)
100 fprintf(stderr
, "vtysh_pam: failed to release authenticator\n");
104 return ret
== PAM_SUCCESS
? 0 : 1;
114 struct list
*userlist
;
116 static struct vtysh_user
*
119 return XCALLOC (MTYPE_TMP
, sizeof (struct vtysh_user
));
122 static struct vtysh_user
*
123 user_lookup (const char *name
)
125 struct listnode
*node
, *nnode
;
126 struct vtysh_user
*user
;
128 for (ALL_LIST_ELEMENTS (userlist
, node
, nnode
, user
))
130 if (strcmp (user
->name
, name
) == 0)
139 struct listnode
*node
, *nnode
;
140 struct vtysh_user
*user
;
143 for (ALL_LIST_ELEMENTS (userlist
, node
, nnode
, user
))
145 if (user
->nopassword
)
147 sprintf(line
, "username %s nopassword", user
->name
);
148 config_add_line (config_top
, line
);
153 static struct vtysh_user
*
154 user_get (const char *name
)
156 struct vtysh_user
*user
;
157 user
= user_lookup (name
);
162 user
->name
= strdup (name
);
163 listnode_add (userlist
, user
);
168 DEFUN (banner_motd_file
,
169 banner_motd_file_cmd
,
170 "banner motd file FILE",
173 "Banner from a file\n"
176 return cmd_banner_motd_file (argv
[0]);
179 DEFUN (username_nopassword
,
180 username_nopassword_cmd
,
181 "username WORD nopassword",
186 struct vtysh_user
*user
;
187 user
= user_get (argv
[0]);
188 user
->nopassword
= 1;
195 struct vtysh_user
*user
;
196 struct passwd
*passwd
;
198 if ((passwd
= getpwuid (geteuid ())) == NULL
)
200 fprintf (stderr
, "could not lookup user ID %d\n", (int) geteuid());
204 user
= user_lookup (passwd
->pw_name
);
205 if (user
&& user
->nopassword
)
210 if (vtysh_pam (passwd
->pw_name
))
218 vtysh_get_home (void)
220 struct passwd
*passwd
;
222 passwd
= getpwuid (getuid ());
224 return passwd
? passwd
->pw_dir
: NULL
;
228 vtysh_user_init (void)
230 userlist
= list_new ();
231 install_element (CONFIG_NODE
, &username_nopassword_cmd
);
232 install_element (CONFIG_NODE
, &banner_motd_file_cmd
);