1 /* User authentication for vtysh.
2 * Copyright (C) 2000 Kunihiro Ishiguro
4 * This file is part of GNU Zebra.
6 * GNU Zebra is free software; you can redistribute it and/or modify it
7 * under the terms of the GNU General Public License as published by the
8 * Free Software Foundation; either version 2, or (at your option) any
11 * GNU Zebra is distributed in the hope that it will be useful, but
12 * WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * General Public License for more details.
16 * You should have received a copy of the GNU General Public License along
17 * with this program; see the file COPYING; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA
22 #include <lib/version.h>
27 #include <security/pam_appl.h>
28 #ifdef HAVE_PAM_MISC_H
29 #include <security/pam_misc.h>
32 #include <security/openpam.h>
39 #include "vtysh/vtysh_user.h"
42 * Compiler is warning about prototypes not being declared.
43 * The DEFUNSH and DEFUN macro's are messing with the
44 * compiler I believe. This is just to make it happy.
47 static int vtysh_pam(const char *);
50 void vtysh_user_init(void);
52 extern struct list
*config_top
;
53 extern void config_add_line(struct list
*config
, const char *line
);
56 static struct pam_conv conv
=
63 vtysh_pam (const char *user
)
66 pam_handle_t
*pamh
= NULL
;
69 ret
= pam_start(FRR_PAM_NAME
, user
, &conv
, &pamh
);
70 /* printf ("ret %d\n", ret); */
72 /* Is user really user? */
73 if (ret
== PAM_SUCCESS
)
74 ret
= pam_authenticate (pamh
, 0);
75 /* printf ("ret %d\n", ret); */
78 /* Permitted access? */
79 if (ret
== PAM_SUCCESS
)
80 ret
= pam_acct_mgmt (pamh
, 0);
81 printf ("ret %d\n", ret
);
83 if (ret
== PAM_AUTHINFO_UNAVAIL
)
87 /* This is where we have been authorized or not. */
89 if (ret
== PAM_SUCCESS
)
90 printf("Authenticated\n");
92 printf("Not Authenticated\n");
96 if (pam_end (pamh
, ret
) != PAM_SUCCESS
)
99 fprintf(stderr
, "vtysh_pam: failed to release authenticator\n");
103 return ret
== PAM_SUCCESS
? 0 : 1;
113 struct list
*userlist
;
115 static struct vtysh_user
*
118 return XCALLOC (MTYPE_TMP
, sizeof (struct vtysh_user
));
121 static struct vtysh_user
*
122 user_lookup (const char *name
)
124 struct listnode
*node
, *nnode
;
125 struct vtysh_user
*user
;
127 for (ALL_LIST_ELEMENTS (userlist
, node
, nnode
, user
))
129 if (strcmp (user
->name
, name
) == 0)
138 struct listnode
*node
, *nnode
;
139 struct vtysh_user
*user
;
142 for (ALL_LIST_ELEMENTS (userlist
, node
, nnode
, user
))
144 if (user
->nopassword
)
146 sprintf(line
, "username %s nopassword", user
->name
);
147 config_add_line (config_top
, line
);
152 static struct vtysh_user
*
153 user_get (const char *name
)
155 struct vtysh_user
*user
;
156 user
= user_lookup (name
);
161 user
->name
= strdup (name
);
162 listnode_add (userlist
, user
);
167 DEFUN (vtysh_banner_motd_file
,
168 vtysh_banner_motd_file_cmd
,
169 "banner motd file FILE",
172 "Banner from a file\n"
176 return cmd_banner_motd_file (argv
[idx_file
]->arg
);
179 DEFUN (username_nopassword
,
180 username_nopassword_cmd
,
181 "username WORD nopassword",
187 struct vtysh_user
*user
;
188 user
= user_get (argv
[idx_word
]->arg
);
189 user
->nopassword
= 1;
196 struct vtysh_user
*user
;
197 struct passwd
*passwd
;
199 if ((passwd
= getpwuid (geteuid ())) == NULL
)
201 fprintf (stderr
, "could not lookup user ID %d\n", (int) geteuid());
205 user
= user_lookup (passwd
->pw_name
);
206 if (user
&& user
->nopassword
)
211 if (vtysh_pam (passwd
->pw_name
))
219 vtysh_get_home (void)
221 struct passwd
*passwd
;
224 if ((homedir
= getenv("HOME")) != 0)
227 /* Fallback if HOME is undefined */
228 passwd
= getpwuid (getuid ());
230 return passwd
? passwd
->pw_dir
: NULL
;
234 vtysh_user_init (void)
236 userlist
= list_new ();
237 install_element (CONFIG_NODE
, &username_nopassword_cmd
);
238 install_element (CONFIG_NODE
, &vtysh_banner_motd_file_cmd
);