本文整理汇总了C++中pam_open_session函数的典型用法代码示例。如果您正苦于以下问题:C++ pam_open_session函数的具体用法?C++ pam_open_session怎么用?C++ pam_open_session使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了pam_open_session函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: pam_open_session
bool PamHandle::openSession() {
m_result = pam_open_session(m_handle, m_silent);
if (m_result != PAM_SUCCESS) {
qWarning() << "[PAM] openSession:" << pam_strerror(m_handle, m_result);
}
return m_result == PAM_SUCCESS;
}
示例2: switch
void Authenticator::open_session(void) {
switch((last_result=pam_setcred(pam_handle, PAM_ESTABLISH_CRED))) {
default:
case PAM_CRED_ERR:
case PAM_CRED_UNAVAIL:
_end();
throw Exception(pam_handle, "pam_setcred()", last_result);
case PAM_CRED_EXPIRED:
case PAM_USER_UNKNOWN:
throw Cred_Exception(pam_handle, "pam_setcred()", last_result);
case PAM_SUCCESS:
break;
}
switch((last_result=pam_open_session(pam_handle, 0))) {
// The documentation and implementation of Linux PAM differs:
// PAM_SESSION_ERROR is described in the documentation but
// don't exists in the actual implementation. This issue needs
// to be fixes at some point.
default:
//case PAM_SESSION_ERROR:
pam_setcred(pam_handle, PAM_DELETE_CRED);
_end();
throw Exception(pam_handle, "pam_open_session()", last_result);
case PAM_SUCCESS:
break;
};
return;
}
示例3: xlsh_session_open
int xlsh_session_open(const char* service, const char* user,
pam_handle_t** handle)
{
struct pam_conv conv = { xlsh_session_conv, NULL };
pam_handle_t* pam_handle;
if(pam_start(service, user, &conv, &pam_handle) != PAM_SUCCESS)
return XLSH_ERROR;
if(xlsh_X)
pam_set_item(pam_handle, PAM_TTY, XLSH_XTTY);
else
pam_set_item(pam_handle, PAM_TTY, ttyname(0));
if(pam_authenticate(pam_handle, 0) != PAM_SUCCESS) {
pam_end(pam_handle, 0);
return XLSH_ERROR;
}
if(pam_acct_mgmt(pam_handle, 0) != PAM_SUCCESS) {
pam_end(pam_handle, 0);
return XLSH_ERROR;
}
if(pam_setcred(pam_handle, PAM_ESTABLISH_CRED) != PAM_SUCCESS) {
pam_end(pam_handle, 0);
return XLSH_ERROR;
}
if(pam_open_session(pam_handle, 0) != PAM_SUCCESS) {
pam_setcred(pam_handle, PAM_DELETE_CRED);
pam_end(pam_handle, 0);
return XLSH_ERROR;
}
*handle = pam_handle;
return XLSH_EOK;
}
示例4: run_test_case
static enum pamtest_err run_test_case(pam_handle_t *ph,
struct pam_testcase *tc)
{
switch (tc->pam_operation) {
case PAMTEST_AUTHENTICATE:
tc->op_rv = pam_authenticate(ph, tc->flags);
return PAMTEST_ERR_OK;
case PAMTEST_SETCRED:
tc->op_rv = pam_setcred(ph, tc->flags);
return PAMTEST_ERR_OK;
case PAMTEST_ACCOUNT:
tc->op_rv = pam_acct_mgmt(ph, tc->flags);
return PAMTEST_ERR_OK;
case PAMTEST_OPEN_SESSION:
tc->op_rv = pam_open_session(ph, tc->flags);
return PAMTEST_ERR_OK;
case PAMTEST_CLOSE_SESSION:
tc->op_rv = pam_close_session(ph, tc->flags);
return PAMTEST_ERR_OK;
case PAMTEST_CHAUTHTOK:
tc->op_rv = pam_chauthtok(ph, tc->flags);
return PAMTEST_ERR_OK;
case PAMTEST_GETENVLIST:
tc->case_out.envlist = pam_getenvlist(ph);
return PAMTEST_ERR_OK;
case PAMTEST_KEEPHANDLE:
tc->case_out.ph = ph;
return PAMTEST_ERR_KEEPHANDLE;
default:
return PAMTEST_ERR_OP;
}
return PAMTEST_ERR_OP;
}
示例5: setup_pam
static int
setup_pam(struct weston_launch *wl)
{
int err;
wl->pc.conv = pam_conversation_fn;
wl->pc.appdata_ptr = wl;
err = pam_start("login", wl->pw->pw_name, &wl->pc, &wl->ph);
if (err != PAM_SUCCESS) {
fprintf(stderr, "failed to start pam transaction: %d: %s\n",
err, pam_strerror(wl->ph, err));
return -1;
}
err = pam_set_item(wl->ph, PAM_TTY, ttyname(wl->tty));
if (err != PAM_SUCCESS) {
fprintf(stderr, "failed to set PAM_TTY item: %d: %s\n",
err, pam_strerror(wl->ph, err));
return -1;
}
err = pam_open_session(wl->ph, 0);
if (err != PAM_SUCCESS) {
fprintf(stderr, "failed to open pam session: %d: %s\n",
err, pam_strerror(wl->ph, err));
return -1;
}
return 0;
}
示例6: pam_open_session
bool XProcess::pam_startSession(){
//This should only be run if pam_checkPW was successful
int ret = pam_open_session(pamh,0);
bool ok = FALSE;
if(ret == PAM_SUCCESS){ ok = TRUE; }
else{ pam_logFailure(ret); }
return ok;
}
示例7: pam_start
bool PAMAuthenticator::authenticate(void)
{
pam_conv c;
c.conv = PAMAuthenticator::conv;
c.appdata_ptr = this;
int res = pam_start("repwatchproxy", 0, &c, &this->m_ph);
if (res == PAM_SUCCESS) {
res = pam_set_item(this->m_ph, PAM_RUSER, this->m_user.constData());
if (res != PAM_SUCCESS) {
goto getout;
}
res = pam_set_item(this->m_ph, PAM_RHOST, this->m_host.constData());
if (res != PAM_SUCCESS) {
goto getout;
}
res = pam_authenticate(this->m_ph, 0);
if (res != PAM_SUCCESS) {
goto getout;
}
res = pam_acct_mgmt(this->m_ph, 0);
if (PAM_NEW_AUTHTOK_REQD == res) {
res = pam_chauthtok(this->m_ph, PAM_CHANGE_EXPIRED_AUTHTOK);
}
if (res != PAM_SUCCESS) {
goto getout;
}
res = pam_setcred(this->m_ph, PAM_ESTABLISH_CRED);
if (res != PAM_SUCCESS) {
goto getout;
}
res = pam_open_session(this->m_ph, 0);
if (res != PAM_SUCCESS) {
goto getout;
}
return true;
getout:
qWarning("%s: %s", Q_FUNC_INFO, pam_strerror(this->m_ph, res));
pam_end(this->m_ph, res);
}
else {
qCritical("PAM initialization failed");
}
this->m_ph = 0;
return false;
}
示例8: main
int main(int argc, char *argv[]) {
char **args;
pam_handle_t *pamh=NULL;
int retval;
struct passwd *pw;
if (argc==1){
return -1;
}
pw=getpwuid(getuid());
retval = pam_start(PAM_NAME, pw->pw_name, &conv, &pamh);
if (retval == PAM_SUCCESS)
retval = pam_acct_mgmt(pamh, 0); /* permitted access? */
else
fprintf(stderr,"%s: pam_start failed\n",PAM_NAME);
if (retval == PAM_SUCCESS)
retval = pam_open_session(pamh, 0);
else
fprintf(stderr,"%s: pam_acct failed\n",PAM_NAME);
if (retval != PAM_SUCCESS)
fprintf(stderr,"%s: pam_acct failed\n",PAM_NAME);
if (pam_end(pamh,retval) != PAM_SUCCESS) { /* close Linux-PAM */
pamh = NULL;
fprintf(stderr, "check_user: failed to release authenticator\n");
exit(1);
}
if (retval != PAM_SUCCESS)
return 99;
#ifdef LOG
log=fopen(LOG,"a");
if (log!=NULL){
for (i=0;i<argc;i++){
fprintf(log,"%s ",argv[i]);
}
fprintf(log,"\n");
fclose(log);
}
#endif
args = &argv[1];
execvp(args[0], args);
}
示例9: setcred
void context::open_session()
{
_M_code = setcred();
if(errc(_M_code) != errc::success) throw cred_error(_M_pamh, _M_code);
_M_code = pam_open_session(_M_pamh, 0);
if(errc(_M_code) != errc::success)
{
rmcred();
throw session_error(_M_pamh, _M_code);
}
}
示例10: pam_setup
int
pam_setup (char *user, char *host)
{
/*
* Any application using PAM must provide a conversion function, which
* is used for direct communication between a loaded module and the
* application. In this case, SLURM does need a communication mechanism,
* so the default (or null) conversation function may be used.
*/
struct pam_conv conv = {misc_conv, NULL};
int rc = 0;
if (!conf->use_pam)
return SLURM_SUCCESS;
/*
* SLURM uses PAM to obtain resource limits established by the system
* administrator. PAM's session management library is responsible for
* handling resource limits. When a PAM session is opened on behalf of
* a user, the limits imposed by the sys admin are picked up. Opening
* a PAM session requires a PAM handle, which is obtained when the PAM
* interface is initialized. (PAM handles are required with essentially
* all PAM calls.) It's also necessary to have the users PAM credentials
* to open a user session.
*/
if ((rc = pam_start (SLURM_SERVICE_PAM, user, &conv, &pam_h))
!= PAM_SUCCESS) {
error ("pam_start: %s", pam_strerror(pam_h, rc));
return SLURM_ERROR;
} else if ((rc = pam_set_item (pam_h, PAM_USER, user))
!= PAM_SUCCESS) {
error ("pam_set_item USER: %s", pam_strerror(pam_h, rc));
return SLURM_ERROR;
} else if ((rc = pam_set_item (pam_h, PAM_RUSER, user))
!= PAM_SUCCESS) {
error ("pam_set_item RUSER: %s", pam_strerror(pam_h, rc));
return SLURM_ERROR;
} else if ((rc = pam_set_item (pam_h, PAM_RHOST, host))
!= PAM_SUCCESS) {
error ("pam_set_item HOST: %s", pam_strerror(pam_h, rc));
return SLURM_ERROR;
} else if ((rc = pam_setcred (pam_h, PAM_ESTABLISH_CRED))
!= PAM_SUCCESS) {
error ("pam_setcred: %s", pam_strerror(pam_h, rc));
return SLURM_ERROR;
} else if ((rc = pam_open_session (pam_h, 0)) != PAM_SUCCESS) {
error("pam_open_session: %s", pam_strerror(pam_h, rc));
return SLURM_ERROR;
}
return SLURM_SUCCESS;
}
示例11: do_auth
static void do_auth(char *service, char*user, char*pwd, char* mode, int sid)
{
pam_handle_t *pamh=NULL;
int retval;
struct session *sessp;
conv.appdata_ptr = (void*)strdup(pwd);
retval = pam_start(service, user, &conv, &pamh);
if (retval != PAM_SUCCESS) {
werr(pamh, sid, retval, "start");
return;
}
pam_set_item(pamh, PAM_RUSER, user);
retval = pam_authenticate(pamh, 0);
if (retval != PAM_SUCCESS) {
werr(pamh, sid, retval, "auth");
return;
}
if (mode[0] == 'A') {
retval = pam_acct_mgmt(pamh, 0);
if (retval != PAM_SUCCESS) {
werr(pamh, sid, retval, "accounting");
return;
}
/*fprintf(stderr, "did ok acct \n\r");*/
}
if (mode[1] == 'S') {
retval = pam_open_session(pamh, 0);
if (retval != PAM_SUCCESS) {
werr(pamh, sid, retval, "session");
return;
}
/*fprintf(stderr, "did ok open sess \n\r"); */
}
if ((sessp = malloc(sizeof(struct session))) == NULL) {
werr(pamh, sid, -1, "malloc");
return;
}
if (mode[1] == 'S')
sessp->session_mode = 1;
else
sessp->session_mode = 0;
sessp->sid = sid;
sessp->pamh = pamh;
sessp->next = sessions;
sessions = sessp;
wok(sid);
}
示例12: AuthPAMCheckSession
int AuthPAMCheckSession(TSession *Session)
{
if (! pamh)
{
if (! PAMStart(Session, Session->RealUser)) return(FALSE);
}
if (pam_acct_mgmt(pamh, 0)==PAM_SUCCESS)
{
pam_open_session(pamh, 0);
return(TRUE);
}
return(FALSE);
}
示例13: pam_begin_session
int
pam_begin_session(struct passwd *pw, sudo_auth *auth)
{
int status = PAM_SUCCESS;
/*
* If there is no valid user we cannot open a PAM session.
* This is not an error as sudo can run commands with arbitrary
* uids, it just means we are done from a session management standpoint.
*/
if (pw == NULL) {
if (pamh != NULL) {
(void) pam_end(pamh, PAM_SUCCESS | PAM_DATA_SILENT);
pamh = NULL;
}
goto done;
}
/* If the user did not have to authenticate there is no pam handle yet. */
if (pamh == NULL)
pam_init(pw, NULL, NULL);
/*
* Update PAM_USER to reference the user we are running the command
* as, as opposed to the user we authenticated as.
*/
(void) pam_set_item(pamh, PAM_USER, pw->pw_name);
/*
* Set credentials (may include resource limits, device ownership, etc).
* We don't check the return value here because in Linux-PAM 0.75
* it returns the last saved return code, not the return code
* for the setcred module. Because we haven't called pam_authenticate(),
* this is not set and so pam_setcred() returns PAM_PERM_DENIED.
* We can't call pam_acct_mgmt() with Linux-PAM for a similar reason.
*/
(void) pam_setcred(pamh, PAM_ESTABLISH_CRED);
#ifndef NO_PAM_SESSION
status = pam_open_session(pamh, 0);
if (status != PAM_SUCCESS) {
(void) pam_end(pamh, status | PAM_DATA_SILENT);
pamh = NULL;
}
#endif
done:
return status == PAM_SUCCESS ? AUTH_SUCCESS : AUTH_FAILURE;
}
示例14: pam_begin_session
int pam_begin_session(const char* username, int fd)
{
int rv, i;
if (!pam_h &&
(rv = pam_start(PAM_APPL_NAME, username, &conv, &pam_h)) != PAM_SUCCESS)
fatal("pam_start() failure: %d", rv);
#ifdef SUN_PAM_TTY_BUG
if ((rv = pam_set_item(pam_h, PAM_TTY, "/dev/nld")) != PAM_SUCCESS)
fatal("pam_set_item(PAM_TTY,/dev/nld");
#endif
conv_reject_prompts = 1;
pam_conv_fd = fd;
/* On Solaris and HP-UX, the docs say we can't call setcred first, and the
* modules actually enforce that. LinuxPAM says we must call setcred first,
* and that's preferable, so we do it in all other cases. */
#ifdef SUN_PAM
int setcred_first = 0;
#else
int setcred_first = 1;
#endif
for (i = 0; i < 2; ++i) {
if (i != setcred_first) {
if ((rv = pam_setcred(pam_h, PAM_ESTABLISH_CRED)) != PAM_SUCCESS) {
debug("pam_setcred(PAM_ESTABLISH_CRED): %s", pam_strerror(pam_h, rv));
if (authenticated) {
pam_conv_fd = -1;
return -1;
}
} else {
setcred = 1;
}
} else {
if ((rv = pam_open_session(pam_h, 0)) != PAM_SUCCESS) {
debug("pam_open_session(): %s", pam_strerror(pam_h, rv));
if (authenticated) {
pam_conv_fd = -1;
return -1;
}
} else {
opened_session = 1;
}
}
}
pam_conv_fd = -1;
return 0;
}
示例15: main
int
main (void)
{
int retval;
/* 1: Call with NULL as pam handle */
retval = pam_open_session (NULL, 0);
if (retval == PAM_SUCCESS)
{
fprintf (stderr, "pam_open_session (NULL, 0) returned PAM_SUCCESS\n");
return 1;
}
return 0;
}