summaryrefslogtreecommitdiffstats
path: root/src/responder/pam/pamsrv_dp.c
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/responder/pam/pamsrv_dp.c106
1 files changed, 106 insertions, 0 deletions
diff --git a/src/responder/pam/pamsrv_dp.c b/src/responder/pam/pamsrv_dp.c
new file mode 100644
index 0000000..881352e
--- /dev/null
+++ b/src/responder/pam/pamsrv_dp.c
@@ -0,0 +1,106 @@
+/*
+ SSSD
+
+ NSS Responder - Data Provider Interfaces
+
+ Copyright (C) Simo Sorce <ssorce@redhat.com> 2008
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include <talloc.h>
+#include <tevent.h>
+#include <security/pam_modules.h>
+
+#include "util/util.h"
+#include "util/sss_pam_data.h"
+#include "responder/pam/pamsrv.h"
+#include "sss_iface/sss_iface_async.h"
+
+static void
+pam_dp_send_req_done(struct tevent_req *subreq);
+
+errno_t
+pam_dp_send_req(struct pam_auth_req *preq)
+{
+ struct tevent_req *subreq;
+ struct be_conn *be_conn;
+ errno_t ret;
+
+ ret = sss_dp_get_domain_conn(preq->cctx->rctx, preq->domain->conn_name,
+ &be_conn);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_CRIT_FAILURE, "The Data Provider connection for %s is not "
+ "available! This maybe a bug, it shouldn't happen!\n",
+ preq->domain->conn_name);
+ return EIO;
+ }
+
+ DEBUG(SSSDBG_CONF_SETTINGS, "Sending request with the following data:\n");
+ DEBUG_PAM_DATA(SSSDBG_CONF_SETTINGS, preq->pd);
+
+ subreq = sbus_call_dp_dp_pamHandler_send(preq, be_conn->conn,
+ be_conn->bus_name, SSS_BUS_PATH, preq->pd);
+ if (subreq == NULL) {
+ DEBUG(SSSDBG_CRIT_FAILURE, "Unable to create subrequest!\n");
+ return ENOMEM;
+ }
+
+ tevent_req_set_callback(subreq, pam_dp_send_req_done, preq);
+
+ return EOK;
+}
+
+static void
+pam_dp_send_req_done(struct tevent_req *subreq)
+{
+ struct pam_data *pam_response;
+ struct response_data *resp;
+ struct pam_auth_req *preq;
+ errno_t ret;
+
+ preq = tevent_req_callback_data(subreq, struct pam_auth_req);
+
+ ret = sbus_call_dp_dp_pamHandler_recv(preq, subreq, &pam_response);
+ talloc_zfree(subreq);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_CRIT_FAILURE, "PAM handler failed [%d]: %s\n",
+ ret, sss_strerror(ret));
+ preq->pd->pam_status = PAM_SYSTEM_ERR;
+ goto done;
+ }
+
+ preq->pd->pam_status = pam_response->pam_status;
+ preq->pd->account_locked = pam_response->account_locked;
+
+ DEBUG(SSSDBG_FUNC_DATA, "received: [%d (%s)][%s]\n",
+ pam_response->pam_status,
+ pam_strerror(NULL, pam_response->pam_status),
+ preq->pd->domain);
+
+ for (resp = pam_response->resp_list; resp != NULL; resp = resp->next) {
+ talloc_steal(preq->pd, resp);
+
+ if (resp->next == NULL) {
+ resp->next = preq->pd->resp_list;
+ preq->pd->resp_list = pam_response->resp_list;
+ break;
+ }
+ }
+
+ talloc_zfree(pam_response);
+
+done:
+ preq->callback(preq);
+}