go/msteinert-go-pam
1
0
Fork 0
Code Issues Pull Requests Actions Packages Releases Activity

Updated to match current code.google.com/p/gopam

Browse Source
This commit is contained in:
Victor van Poppelen
2014-04-03 13:11:40 -04:00
parent ae2ede3e76
commit 4c91b63e1e
10 changed files with 3 additions and 139 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
Makefile
View File

@@ -1,20 +0,0 @@
include $(GOROOT)/src/Make.inc
.PHONY: all pam install examples clean
all: install examples
pam:
gomake -C pam
install: pam
gomake -C pam install
examples:
gomake -C examples
clean:
gomake -C pam clean
gomake -C examples clean

14
README
View File

@@ -1,14 +0,0 @@
It's Go! It's PAM (Pluggable Authentication Modules)! It's GoPAM!
This is a Go wrapper for the PAM application API. There's not much
else to be said. PAM is a simple API and now it's available for use in Go
applications.
There's an example of a "fake login" program in the examples
directory. Look at the pam module's godocs for details about the Go
API; for a more general PAM application API reference, peep
http://www.kernel.org/pub/linux/libs/pam/Linux-PAM-html/adg-interface-by-app-expected.html
In the future, maybe the module API will be wrapped too. I don't know!

11
examples/Makefile
View File

@@ -1,11 +0,0 @@
# Copyright 2009 The Go Authors. All rights reserved.
# Use of this source code is governed by a BSD-style
# license that can be found in the LICENSE file.
include $(GOROOT)/src/Make.inc
TARG=fakelogin
GOFILES=\
fakelogin.go
include $(GOROOT)/src/Make.cmd

74
examples/fakelogin.go
View File

@@ -1,74 +0,0 @@
// This is a fake login implementation! It uses whatever default
// PAM service configuration is available on the system, and tries
// to authenticate any user. This should cause PAM to ask its
// conversation handler for a username and password, in sequence.
//
// This application will handle those requests by displaying the
// PAM-provided prompt and sending back the first line of stdin input
// it can read for each.
//
// Keep in mind that unless run as root (or setuid root), the only
// user's authentication that can succeed is that of the process owner.
//
// It's not a real login for several reasons:
//
// (!WARNING!) It echos your password to the terminal (!WARNING!)
// It doesn't switch users.
// It's not a real login.
//
// It does however demonstrate a simple but powerful use of Go PAM.
package main
import(
"fmt"
"github.com/krockot/gopam/pam"
"os"
"bufio"
)
func GetLine(prompt string) (string,bool) {
fmt.Print(prompt)
in := bufio.NewReader(os.Stdin)
input,err := in.ReadString('\n')
if err != nil {
return "",false
}
return input[:len(input)-1],true
}
// Echo on/off is ignored; echo will always happen.
func DumbPrompter(style int, msg string) (string,bool) {
switch style {
case pam.PROMPT_ECHO_OFF:
return GetLine(msg)
case pam.PROMPT_ECHO_ON:
return GetLine(msg)
case pam.ERROR_MSG:
fmt.Fprintf(os.Stderr, "Error: %s\n", msg)
return "",true
case pam.TEXT_INFO:
fmt.Println(msg)
return "",true
}
return "",false
}
func main() {
t,status := pam.Start("", "", pam.ResponseFunc(DumbPrompter))
if status != pam.SUCCESS {
fmt.Fprintf(os.Stderr, "Start() failed: %s\n", t.Error(status))
return
}
defer func(){ t.End(status) }()
status = t.Authenticate(0)
if status != pam.SUCCESS {
fmt.Fprintf(os.Stderr, "Auth failed: %s\n", t.Error(status))
return
}
fmt.Printf("Authentication succeeded!\n")
fmt.Printf("Goodbye, friend.\n")
}

1
pam/gopam.c → gopam.c
View File

@@ -2,7 +2,6 @@
#include <security/pam_appl.h> #include <security/pam_appl.h>
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#include "gopam.h"
#include "_cgo_export.h" #include "_cgo_export.h"
/* Simplification of pam_get_item to remove type ambiguity. Will never /* Simplification of pam_get_item to remove type ambiguity. Will never

0
pam/gopam.h → gopam.h
View File

4
pam/pam.go → pam.go
View File

@@ -1,6 +1,6 @@
// Package pam provides a wrapper for the application layer of the // Package pam provides a wrapper for the application layer of the
// Pluggable Authentication Modules library. // Pluggable Authentication Modules library.
package pam package gopam
import ( import (
//#include "gopam.h" //#include "gopam.h"
@@ -188,7 +188,7 @@ func (t* Transaction) GetEnvList() map[string]string {
for *(*uintptr)(unsafe.Pointer(list)) != 0 { for *(*uintptr)(unsafe.Pointer(list)) != 0 {
entry := *(*uintptr)(unsafe.Pointer(list)) entry := *(*uintptr)(unsafe.Pointer(list))
nameval := C.GoString((*C.char)(unsafe.Pointer(entry))) nameval := C.GoString((*C.char)(unsafe.Pointer(entry)))
chunks := strings.Split(nameval, "=", 2) chunks := strings.SplitN(nameval, "=", 2)
env[chunks[0]] = chunks[1] env[chunks[0]] = chunks[1]
list += (uintptr)(unsafe.Sizeof(list)) list += (uintptr)(unsafe.Sizeof(list))
} }

16
pam/Makefile
View File

@@ -1,16 +0,0 @@
include $(GOROOT)/src/Make.inc
TARG=pam
GOFILES:=pamdefs.go
CGOFILES:=pam.go
CGO_LDFLAGS:=-lpam
CGO_OFILES:=gopam.o
include $(GOROOT)/src/Make.pkg
DOLLAR:="$"
pamdefs.go: pamdefs.c
godefs `echo -n $(CGO_FLAGS) | sed 's/\(^ ^$(DOLLAR)]*\)/-f \1/g'` -g pam pamdefs.c > pamdefs.go
gofmt -w pamdefs.go

0
pam/pamdefs.c → pamdefs.c
View File

2
pam/pamdefs.go → pamdefs.go
View File

@@ -2,7 +2,7 @@
// MACHINE GENERATED - DO NOT EDIT. // MACHINE GENERATED - DO NOT EDIT.
package pam package gopam
// Constants // Constants
const ( const (