Mercurial > crates > nonstick

view pam-sober/test.c @ 44:50371046c61a default tip

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Add support for pam_get_authtok and minor cleanups. This change adds the pam_get_authtok function for PAM modules, as well as performing a few cleanups: - Pattern match in a few more places. - Pull out string-copying into a function. - Format and run clippy. - Replace outdated PAM doc links with man7.org pages.
author Paul Fisher <paul@pfish.zone>
date Sat, 08 Mar 2025 19:29:46 -0500
parents ec70822cbdef
children
line wrap: on
line source

#include <security/pam_appl.h>
#include <security/pam_misc.h>
#include <stdio.h>

const struct pam_conv conv = {
	misc_conv,
	NULL
};

int main(int argc, char *argv[]) {
	pam_handle_t* pamh = NULL;
	int retval;
	const char* user = "nobody";

	if(argc != 2) {
		printf("Usage: app [username]\n");
		exit(1);
	}

	user = argv[1];

	retval = pam_start("sober-auth", user, &conv, &pamh);

	// Are the credentials correct?
	if (retval == PAM_SUCCESS) {
		printf("PAM module initialized\n");
		retval = pam_authenticate(pamh, 0);
	}

	// Can the accound be used at this time?
	if (retval == PAM_SUCCESS) {
		printf("Credentials accepted.\n");
		retval = pam_acct_mgmt(pamh, 0);
	}

	// Did everything work?
	if (retval == PAM_SUCCESS) {
		printf("Account is valid.\n");
		printf("Authenticated\n");
	} else {
		printf("Not Authenticated\n");
	}

	// close PAM (end session)
	if (pam_end(pamh, retval) != PAM_SUCCESS) {
		pamh = NULL;
		printf("check_user: failed to release authenticator\n");
		exit(1);
	}

	return retval == PAM_SUCCESS ? 0 : 1;
}