本文整理汇总了C++中pam_setcred函数的典型用法代码示例。如果您正苦于以下问题:C++ pam_setcred函数的具体用法?C++ pam_setcred怎么用?C++ pam_setcred使用的例子?那么恭喜您, 这里精选的函数代码示例或许可以为您提供帮助。
在下文中一共展示了pam_setcred函数的15个代码示例,这些例子默认根据受欢迎程度排序。您可以为喜欢或者感觉有用的代码点赞,您的评价将有助于系统推荐出更棒的C++代码示例。
示例1: xlsh_session_open
int xlsh_session_open(const char* service, const char* user,
pam_handle_t** handle)
{
struct pam_conv conv = { xlsh_session_conv, NULL };
pam_handle_t* pam_handle;
if(pam_start(service, user, &conv, &pam_handle) != PAM_SUCCESS)
return XLSH_ERROR;
if(xlsh_X)
pam_set_item(pam_handle, PAM_TTY, XLSH_XTTY);
else
pam_set_item(pam_handle, PAM_TTY, ttyname(0));
if(pam_authenticate(pam_handle, 0) != PAM_SUCCESS) {
pam_end(pam_handle, 0);
return XLSH_ERROR;
}
if(pam_acct_mgmt(pam_handle, 0) != PAM_SUCCESS) {
pam_end(pam_handle, 0);
return XLSH_ERROR;
}
if(pam_setcred(pam_handle, PAM_ESTABLISH_CRED) != PAM_SUCCESS) {
pam_end(pam_handle, 0);
return XLSH_ERROR;
}
if(pam_open_session(pam_handle, 0) != PAM_SUCCESS) {
pam_setcred(pam_handle, PAM_DELETE_CRED);
pam_end(pam_handle, 0);
return XLSH_ERROR;
}
*handle = pam_handle;
return XLSH_EOK;
}示例2: do_pam_setcred
void
do_pam_setcred(int init)
{
sshpam_err = pam_set_item(sshpam_handle, PAM_CONV,
(const void *)&store_conv);
if (sshpam_err != PAM_SUCCESS)
fatal("PAM: failed to set PAM_CONV: %s",
pam_strerror(sshpam_handle, sshpam_err));
if (init) {
debug("PAM: establishing credentials");
sshpam_err = pam_setcred(sshpam_handle, PAM_ESTABLISH_CRED);
} else {
debug("PAM: reinitializing credentials");
sshpam_err = pam_setcred(sshpam_handle, PAM_REINITIALIZE_CRED);
}
if (sshpam_err == PAM_SUCCESS) {
sshpam_cred_established = 1;
return;
}
if (sshpam_authenticated)
fatal("PAM: pam_setcred(): %s",
pam_strerror(sshpam_handle, sshpam_err));
else
debug("PAM: pam_setcred(): %s",
pam_strerror(sshpam_handle, sshpam_err));
}示例3: sftppam_exit_ev
static void sftppam_exit_ev(const void *event_data, void *user_data) {
/* Close the PAM session */
if (sftppam_pamh != NULL) {
int res;
#ifdef PAM_CRED_DELETE
res = pam_setcred(sftppam_pamh, PAM_CRED_DELETE);
#else
res = pam_setcred(sftppam_pamh, PAM_DELETE_CRED);
#endif
if (res != PAM_SUCCESS) {
pr_trace_msg(trace_channel, 9, "PAM error setting PAM_DELETE_CRED: %s",
pam_strerror(sftppam_pamh, res));
}
res = pam_close_session(sftppam_pamh, PAM_SILENT);
pam_end(sftppam_pamh, res);
sftppam_pamh = NULL;
}
if (sftppam_user != NULL) {
free(sftppam_user);
sftppam_user = NULL;
sftppam_userlen = 0;
}
}示例4: switch
void Authenticator::close_session(void) {
switch((last_result=pam_close_session(pam_handle, 0))) {
// The documentation and implementation of Linux PAM differs:
// PAM_SESSION_ERROR is described in the documentation but
// don't exists in the actual implementation. This issue needs
// to be fixes at some point.
default:
//case PAM_SESSION_ERROR:
pam_setcred(pam_handle, PAM_DELETE_CRED);
_end();
throw Exception(pam_handle, "pam_close_session", last_result);
case PAM_SUCCESS:
break;
};
switch((last_result=pam_setcred(pam_handle, PAM_DELETE_CRED))) {
default:
case PAM_CRED_ERR:
case PAM_CRED_UNAVAIL:
case PAM_CRED_EXPIRED:
case PAM_USER_UNKNOWN:
_end();
throw Exception(pam_handle, "pam_setcred()", last_result);
case PAM_SUCCESS:
break;
}
return;
}示例5: run_test_case
static enum pamtest_err run_test_case(pam_handle_t *ph,
struct pam_testcase *tc)
{
switch (tc->pam_operation) {
case PAMTEST_AUTHENTICATE:
tc->op_rv = pam_authenticate(ph, tc->flags);
return PAMTEST_ERR_OK;
case PAMTEST_SETCRED:
tc->op_rv = pam_setcred(ph, tc->flags);
return PAMTEST_ERR_OK;
case PAMTEST_ACCOUNT:
tc->op_rv = pam_acct_mgmt(ph, tc->flags);
return PAMTEST_ERR_OK;
case PAMTEST_OPEN_SESSION:
tc->op_rv = pam_open_session(ph, tc->flags);
return PAMTEST_ERR_OK;
case PAMTEST_CLOSE_SESSION:
tc->op_rv = pam_close_session(ph, tc->flags);
return PAMTEST_ERR_OK;
case PAMTEST_CHAUTHTOK:
tc->op_rv = pam_chauthtok(ph, tc->flags);
return PAMTEST_ERR_OK;
case PAMTEST_GETENVLIST:
tc->case_out.envlist = pam_getenvlist(ph);
return PAMTEST_ERR_OK;
case PAMTEST_KEEPHANDLE:
tc->case_out.ph = ph;
return PAMTEST_ERR_KEEPHANDLE;
default:
return PAMTEST_ERR_OP;
}
return PAMTEST_ERR_OP;
}示例6: pam_setcred
bool PamHandle::setCred(int flags) {
m_result = pam_setcred(m_handle, flags | m_silent);
if (m_result != PAM_SUCCESS) {
qWarning() << "[PAM] setCred:" << pam_strerror(m_handle, m_result);
}
return m_result == PAM_SUCCESS;
}示例7: SessionExit
void SessionExit(struct display *d, int status, int removeAuth)
{
#ifdef USE_PAM
pam_handle_t *pamh = thepamh();
if (pamh) {
/* shutdown PAM session */
if (pam_setcred(pamh, PAM_DELETE_CRED) != PAM_SUCCESS)
WDMError("pam_setcred(DELETE_CRED) failed, errno=%d", errno);
pam_close_session(pamh, 0);
pam_end(pamh, PAM_SUCCESS);
pamh = NULL;
}
#endif
/* make sure the server gets reset after the session is over */
if (d->serverPid >= 2 && d->resetSignal)
kill(d->serverPid, d->resetSignal);
else
ResetServer(d);
if (removeAuth) {
setgid(verify.gid);
setuid(verify.uid);
RemoveUserAuthorization(d, &verify);
}
WDMDebug("Display %s exiting with status %d\n", d->name, status);
exit(status);
}示例8: auth
static int auth(const char *password) {
pam_handle_t* pamh;
struct passwd *pw;
if ((pw = getpwuid(getuid())) == NULL)
return 0;
struct pam_response * reply = malloc(sizeof(struct pam_response));
if (!reply)
return 0;
struct pam_conv pamc = { conversation, reply };
int rc = 0;
reply->resp = strdup(password);
reply->resp_retcode = 0;
pam_start("slock", pw->pw_name, &pamc, &pamh);
if (pam_set_item(pamh, PAM_AUTHTOK, password) == PAM_SUCCESS &&
pam_authenticate(pamh,PAM_DISALLOW_NULL_AUTHTOK) == PAM_SUCCESS &&
pam_acct_mgmt(pamh, 0) == PAM_SUCCESS &&
pam_setcred(pamh, PAM_REFRESH_CRED) == PAM_SUCCESS) {
rc = 1;
}
pam_end(pamh,0);
return rc;
}示例9: pam_finish
void
pam_finish ()
{
int rc = 0;
/*
* Allow PAM to clean up its state by closing the user session and
* ending the association with PAM.
*/
if (!conf->use_pam)
return;
if (pam_h != NULL) {
/*
* Log any errors, but there's no need to return a SLURM error.
*/
if ((rc = pam_close_session (pam_h, 0)) != PAM_SUCCESS) {
error("pam_close_session: %s", pam_strerror(pam_h, rc));
}
if ((rc = pam_setcred (pam_h, PAM_DELETE_CRED)) != PAM_SUCCESS){
error("pam_setcred DELETE: %s", pam_strerror(pam_h,rc));
}
if ((rc = pam_end (pam_h, rc)) != PAM_SUCCESS) {
error("pam_end: %s", pam_strerror(NULL, rc));
}
pam_h = NULL;
}
}示例10: init_groups
static void
init_groups (const struct passwd* pw, gid_t* groups, int num_groups) {
int retval;
errno = 0;
if (num_groups) {
retval = setgroups (num_groups, groups);
} else {
retval = initgroups (pw->pw_name, pw->pw_gid);
}
if (retval == -1) {
cleanup_pam (PAM_ABORT);
err (EXIT_FAILURE, _("cannot set groups"));
}
endgrent ();
retval = pam_setcred (pamh, PAM_ESTABLISH_CRED);
if (is_pam_failure(retval)) {
errx (EXIT_FAILURE, "%s", pam_strerror (pamh, retval));
} else {
_pam_cred_established = 1;
}
}示例11: mc_pam_auth
/* Return 0 if authentication failed, 1 otherwise */
static int
mc_pam_auth (const char *username, const char *password)
{
pam_handle_t *pamh;
struct user_pass up;
int status;
up.username = username;
up.password = password;
conv.appdata_ptr = &up;
if ((status =
pam_start ("mcserv", username, &conv, &pamh)) != PAM_SUCCESS)
goto failed_pam;
if ((status = pam_authenticate (pamh, 0)) != PAM_SUCCESS)
goto failed_pam;
if ((status = pam_acct_mgmt (pamh, 0)) != PAM_SUCCESS)
goto failed_pam;
if ((status = pam_setcred (pamh, PAM_ESTABLISH_CRED)) != PAM_SUCCESS)
goto failed_pam;
pam_end (pamh, status);
return 0;
failed_pam:
pam_end (pamh, status);
return 1;
}示例12: do_pam_cleanup_proc
/* Called at exit to cleanly shutdown PAM */
static void
do_pam_cleanup_proc(void *context)
{
int pam_retval;
pam_stuff *pam = (pam_stuff *) context;
if (pam == NULL)
return;
if (pam->authctxt != NULL && pam->authctxt->pam == pam) {
pam->authctxt->pam_retval = pam->last_pam_retval;
pam->authctxt->pam = NULL;
pam->authctxt = NULL;
}
if (pam->h == NULL)
return;
/*
* We're in fatal_cleanup() or not in userauth or without a
* channel -- can't converse now, too bad.
*/
pam_retval = pam_set_item(pam->h, PAM_CONV, NULL);
if (pam_retval != PAM_SUCCESS) {
log("Cannot remove PAM conv, close session or delete creds[%d]: %.200s",
pam_retval, PAM_STRERROR(pam->h, pam_retval));
goto cleanup;
}
if (pam->state & PAM_S_DONE_OPEN_SESSION) {
pam_retval = pam_close_session(pam->h, 0);
if (pam_retval != PAM_SUCCESS)
log("Cannot close PAM session[%d]: %.200s",
pam_retval, PAM_STRERROR(pam->h, pam_retval));
}
if (pam->state & PAM_S_DONE_SETCRED) {
pam_retval = pam_setcred(pam->h, PAM_DELETE_CRED);
if (pam_retval != PAM_SUCCESS)
debug("Cannot delete credentials[%d]: %.200s",
pam_retval, PAM_STRERROR(pam->h, pam_retval));
}
cleanup:
/* Use the previous PAM result, if not PAM_SUCCESS for pam_end() */
if (pam->last_pam_retval != PAM_SUCCESS)
pam_retval = pam_end(pam->h, pam->last_pam_retval);
else if (pam_retval != PAM_SUCCESS)
pam_retval = pam_end(pam->h, pam_retval);
else
pam_retval = pam_end(pam->h, PAM_ABORT);
if (pam_retval != PAM_SUCCESS)
log("Cannot release PAM authentication[%d]: %.200s",
pam_retval, PAM_STRERROR(pam->h, pam_retval));
xfree(pam);
}示例13: checkpw_cleanup
static void checkpw_cleanup (pam_handle_t *hdl)
{
#if 0 /* see checkpw() for why this is #if 0 */
pam_close_session (hdl,NIL); /* close session [uw]tmp */
#endif
pam_setcred (hdl,PAM_DELETE_CRED);
pam_end (hdl,PAM_SUCCESS);
}示例14: mdm_verify_cleanup
void
mdm_verify_cleanup (MdmDisplay *d)
{
gid_t groups[1] = { 0 };
cur_mdm_disp = d;
if (pamh != NULL) {
gint pamerr;
pam_handle_t *tmp_pamh;
gboolean old_opened_session;
gboolean old_did_setcred;
mdm_debug ("Running mdm_verify_cleanup and pamh != NULL");
mdm_sigterm_block_push ();
mdm_sigchld_block_push ();
tmp_pamh = pamh;
pamh = NULL;
old_opened_session = opened_session;
opened_session = FALSE;
old_did_setcred = did_setcred;
did_setcred = FALSE;
mdm_sigchld_block_pop ();
mdm_sigterm_block_pop ();
pamerr = PAM_SUCCESS;
/* Close the users session */
if (old_opened_session) {
mdm_debug ("Running pam_close_session");
pamerr = pam_close_session (tmp_pamh, 0);
}
/* Throw away the credentials */
if (old_did_setcred) {
mdm_debug ("Running pam_setcred with PAM_DELETE_CRED");
pamerr = pam_setcred (tmp_pamh, PAM_DELETE_CRED);
}
pam_end (tmp_pamh, pamerr);
/* Workaround to avoid mdm messages being logged as PAM_pwdb */
mdm_log_shutdown ();
mdm_log_init ();
}
/* Clear the group setup */
setgid (0);
/* this will get rid of any suplementary groups etc... */
setgroups (1, groups);
cur_mdm_disp = NULL;
/* reset limits */
mdm_reset_limits ();
}示例15: pam_setcred
int context::rmcred()
{
int code = static_cast<int>(errc::success);
if(_M_cred)
{
code = pam_setcred(_M_pamh, PAM_DELETE_CRED);
_M_cred = false;
}
return code;
}