The FreeRADIUS server  $Id: 15bac2a4c627c01d1aa2047687b3418955ac7f00 $
Data Structures | Macros | Functions | Variables
rlm_pam.c File Reference

Interfaces with the PAM library to allow auth via PAM. More...

#include <freeradius-devel/server/base.h>
#include <freeradius-devel/server/module_rlm.h>
#include "config.h"
+ Include dependency graph for rlm_pam.c:

Go to the source code of this file.

Data Structures

struct  rlm_pam_data_t
 
struct  rlm_pam_t
 

Macros

#define COPY_STRING(s)   ((s) ? talloc_strdup(reply, s) : NULL)
 

Functions

static int do_pam (request_t *request, char const *username, char const *passwd, char const *pamauth)
 Check the users password against the standard UNIX password table + PAM. More...
 
static unlang_action_t mod_authenticate (rlm_rcode_t *p_result, module_ctx_t const *mctx, request_t *request)
 
static int mod_instantiate (module_inst_ctx_t const *mctx)
 
static int pam_conv (int num_msg, struct pam_message const **msg, struct pam_response **resp, void *appdata_ptr)
 Dialogue between RADIUS and PAM modules. More...
 

Variables

static fr_dict_attr_t const * attr_pam_auth
 
static fr_dict_attr_t const * attr_user_name
 
static fr_dict_attr_t const * attr_user_password
 
static fr_dict_t const * dict_freeradius
 
static fr_dict_t const * dict_radius
 
static const conf_parser_t module_config []
 
module_rlm_t rlm_pam
 
fr_dict_autoload_t rlm_pam_dict []
 
fr_dict_attr_autoload_t rlm_pam_dict_attr []
 

Detailed Description

Interfaces with the PAM library to allow auth via PAM.

Id
9686d20a9d38e616f127d4abdf342911220b08ea
Note
This was taken from the hacks that miguel a.l. paraz map@i.nosp@m.phil.nosp@m..net did on radiusd-cistron-1.5.3 and migrated to a separate file. That, in fact, was again based on the original stuff from Jeph Blaize jblai.nosp@m.ze@k.nosp@m.iva.n.nosp@m.et done in May 1997.
Copyright
2000,2006 The FreeRADIUS server project
1997 Jeph Blaize (jblai.nosp@m.ze@k.nosp@m.iva.n.nosp@m.et)
1999 miguel a.l. paraz (map@i.nosp@m.phil.nosp@m..net)

Definition in file rlm_pam.c.

Data Structure Documentation

◆ rlm_pam_data_t

struct rlm_pam_data_t

Definition at line 54 of file rlm_pam.c.

+ Collaboration diagram for rlm_pam_data_t:
Data Fields
bool error True if pam_conv failed.
char const * password Password to provide to PAM when prompted.
request_t * request The current request.
char const * username Username to provide to PAM when prompted.

◆ rlm_pam_t

struct rlm_pam_t

Definition at line 50 of file rlm_pam.c.

Data Fields
char const * pam_auth_name

Macro Definition Documentation

◆ COPY_STRING

#define COPY_STRING (   s)    ((s) ? talloc_strdup(reply, s) : NULL)

Function Documentation

◆ do_pam()

static int do_pam ( request_t request,
char const *  username,
char const *  passwd,
char const *  pamauth 
)
static

Check the users password against the standard UNIX password table + PAM.

Note
For most flexibility, passing a pamauth type to this function allows you to have multiple authentication types (i.e. multiple files associated with radius in /etc/pam.d).
Parameters
requestThe current request.
usernameUser to authenticate.
passwdPassword to authenticate with,
pamauthType of PAM authentication.
Returns
  • 0 on success.
  • -1 on failure.

Definition at line 165 of file rlm_pam.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

◆ mod_authenticate()

static unlang_action_t mod_authenticate ( rlm_rcode_t p_result,
module_ctx_t const *  mctx,
request_t request 
)
static

Definition at line 214 of file rlm_pam.c.

+ Here is the call graph for this function:

◆ mod_instantiate()

static int mod_instantiate ( module_inst_ctx_t const *  mctx)
static

Definition at line 88 of file rlm_pam.c.

◆ pam_conv()

static int pam_conv ( int  num_msg,
struct pam_message const **  msg,
struct pam_response **  resp,
void *  appdata_ptr 
)
static

Dialogue between RADIUS and PAM modules.

Uses PAM's appdata_ptr so it's thread safe, and doesn't have any nasty static variables hanging around.

Definition at line 102 of file rlm_pam.c.

+ Here is the call graph for this function:
+ Here is the caller graph for this function:

Variable Documentation

◆ attr_pam_auth

fr_dict_attr_t const* attr_pam_auth
static

Definition at line 76 of file rlm_pam.c.

◆ attr_user_name

fr_dict_attr_t const* attr_user_name
static

Definition at line 77 of file rlm_pam.c.

◆ attr_user_password

fr_dict_attr_t const* attr_user_password
static

Definition at line 78 of file rlm_pam.c.

◆ dict_freeradius

fr_dict_t const* dict_freeradius
static

Definition at line 66 of file rlm_pam.c.

◆ dict_radius

fr_dict_t const* dict_radius
static

Definition at line 67 of file rlm_pam.c.

◆ module_config

const conf_parser_t module_config[]
static
Initial value:
= {
{ FR_CONF_OFFSET("pam_auth", rlm_pam_t, pam_auth_name) },
CONF_PARSER_TERMINATOR
}
CONF_PARSER_TERMINATOR
#define CONF_PARSER_TERMINATOR
Definition: cf_parse.h:627
FR_CONF_OFFSET
#define FR_CONF_OFFSET(_name, _struct, _field)
conf_parser_t which parses a single CONF_PAIR, writing the result to a field in a struct
Definition: cf_parse.h:268
rlm_pam_t
Definition: rlm_pam.c:50

Definition at line 61 of file rlm_pam.c.

◆ rlm_pam

module_rlm_t rlm_pam
Initial value:
= {
.common = {
.magic = MODULE_MAGIC_INIT,
.name = "pam",
.flags = MODULE_TYPE_THREAD_UNSAFE,
.inst_size = sizeof(rlm_pam_t),
.config = module_config,
.instantiate = mod_instantiate
},
.method_group = {
.bindings = (module_method_binding_t[]){
{ .section = SECTION_NAME("authenticate", CF_IDENT_ANY), .method = mod_authenticate },
MODULE_BINDING_TERMINATOR
}
}
}
CF_IDENT_ANY
#define CF_IDENT_ANY
Definition: cf_util.h:78
MODULE_MAGIC_INIT
#define MODULE_MAGIC_INIT
Stop people using different module/library/server versions together.
Definition: dl_module.h:63
config
static const conf_parser_t config[]
Definition: base.c:183
mod_authenticate
static unlang_action_t mod_authenticate(rlm_rcode_t *p_result, module_ctx_t const *mctx, request_t *request)
Definition: rlm_pam.c:214
module_config
static const conf_parser_t module_config[]
Definition: rlm_pam.c:61
mod_instantiate
static int mod_instantiate(module_inst_ctx_t const *mctx)
Definition: rlm_pam.c:88
instantiate
static int instantiate(module_inst_ctx_t const *mctx)
Definition: rlm_rest.c:1302
SECTION_NAME
#define SECTION_NAME(_name1, _name2)
Define a section name consisting of a verb and a noun.
Definition: section.h:40
MODULE_TYPE_THREAD_UNSAFE
@ MODULE_TYPE_THREAD_UNSAFE
Module is not threadsafe.
Definition: module.h:48
MODULE_BINDING_TERMINATOR
#define MODULE_BINDING_TERMINATOR
Terminate a module binding list.
Definition: module.h:151
module_method_binding_s
Named methods exported by a module.
Definition: module.h:173

Definition at line 271 of file rlm_pam.c.

◆ rlm_pam_dict

fr_dict_autoload_t rlm_pam_dict
Initial value:
= {
{ .out = &dict_freeradius, .proto = "freeradius" },
{ .out = &dict_radius, .proto = "radius" },
{ NULL }
}
dict_freeradius
static fr_dict_t const * dict_freeradius
Definition: rlm_pam.c:66
dict_radius
static fr_dict_t const * dict_radius
Definition: rlm_pam.c:67

Definition at line 70 of file rlm_pam.c.

◆ rlm_pam_dict_attr

fr_dict_attr_autoload_t rlm_pam_dict_attr
Initial value:
= {
{ .out = &attr_pam_auth, .name = "Pam-Auth", .type = FR_TYPE_STRING, .dict = &dict_freeradius },
{ .out = &attr_user_name, .name = "User-Name", .type = FR_TYPE_STRING, .dict = &dict_radius },
{ .out = &attr_user_password, .name = "User-Password", .type = FR_TYPE_STRING, .dict = &dict_radius },
{ NULL }
}
FR_TYPE_STRING
@ FR_TYPE_STRING
String of printable characters.
Definition: merged_model.c:83
attr_user_password
static fr_dict_attr_t const * attr_user_password
Definition: rlm_pam.c:78
attr_pam_auth
static fr_dict_attr_t const * attr_pam_auth
Definition: rlm_pam.c:76
attr_user_name
static fr_dict_attr_t const * attr_user_name
Definition: rlm_pam.c:77

Definition at line 81 of file rlm_pam.c.

Generated by   doxygen 1.9.1