diff --git a/configure.ac b/configure.ac index c5d22ec0..50db1fe9 100644 --- a/configure.ac +++ b/configure.ac @@ -32,6 +32,10 @@ AM_CONDITIONAL(SESMAN_NOPAM, [test x$enable_pam != xyes]) AC_ARG_ENABLE(kerberos, AS_HELP_STRING([--enable-kerberos], [Build kerberos support (default: no)]), [], [enable_kerberos=no]) +AC_ARG_ENABLE(bsd, AS_HELP_STRING([--enable-bsd], + [Build BSD auth support (default: no)]), + [bsd=true], [bsd=false]) +AM_CONDITIONAL(SESMAN_BSD, [test x$bsd = xtrue]) AM_CONDITIONAL(SESMAN_KERBEROS, [test x$enable_kerberos = xyes]) AC_ARG_ENABLE(pamuserpass, AS_HELP_STRING([--enable-pamuserpass], [Build pam userpass support (default: no)]), @@ -78,8 +82,11 @@ if test "x$enable_pam" = "xyes" then if test "x$enable_kerberos" != "xyes" then - AC_CHECK_HEADER([security/pam_appl.h], [], - [AC_MSG_ERROR([please install libpam0g-dev or pam-devel])]) + if test -z "$enable_bsd" + then + AC_CHECK_HEADER([security/pam_appl.h], [], + [AC_MSG_ERROR([please install libpam0g-dev or pam-devel])]) + fi fi fi diff --git a/sesman/Makefile.am b/sesman/Makefile.am index e4b63eb4..516639f4 100644 --- a/sesman/Makefile.am +++ b/sesman/Makefile.am @@ -14,6 +14,10 @@ if SESMAN_NOPAM AUTH_C = verify_user.c AUTH_LIB = -lcrypt else +if SESMAN_BSD +AUTH_C = verify_user_bsd.c +AUTH_LIB = +else if SESMAN_PAMUSERPASS AUTH_C = verify_user_pam_userpass.c AUTH_LIB = -lpam -lpam_userpass @@ -27,6 +31,7 @@ AUTH_LIB = -lpam endif endif endif +endif sbin_PROGRAMS = \ xrdp-sesman diff --git a/sesman/verify_user_bsd.c b/sesman/verify_user_bsd.c new file mode 100644 index 00000000..3edd2d9e --- /dev/null +++ b/sesman/verify_user_bsd.c @@ -0,0 +1,113 @@ +/* + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + + xrdp: A Remote Desktop Protocol server. + Copyright (C) Jay Sorg 2005-2008 +*/ + +/** + * + * @file verify_user_user.c + * @brief Authenticate user using BSD password system + * @author Renaud Allard + * + */ + +#include "sesman.h" + +#define _XOPEN_SOURCE +#include +#include +#include +#include +#include +#include +#include + +#ifndef SECS_PER_DAY +#define SECS_PER_DAY (24L*3600L) +#endif + +extern struct config_sesman* g_cfg; /* in sesman.c */ + +/******************************************************************************/ +/* returns boolean */ +long DEFAULT_CC +auth_userpass(char* user, char* pass) +{ + int ret = auth_userokay(user, NULL, "auth-xrdp", pass); + return ret; +} + +/******************************************************************************/ +/* returns error */ +int DEFAULT_CC +auth_start_session(long in_val, int in_display) +{ + return 0; +} + +/******************************************************************************/ +int DEFAULT_CC +auth_end(long in_val) +{ + return 0; +} + +/******************************************************************************/ +int DEFAULT_CC +auth_set_env(long in_val) +{ + return 0; +} + +/******************************************************************************/ +int DEFAULT_CC +auth_check_pwd_chg(char* user) +{ + return 0; +} + +int DEFAULT_CC +auth_change_pwd(char* user, char* newpwd) +{ + return 0; +} + +/** + * + * @brief Password encryption + * @param pwd Old password + * @param pln Plaintext new password + * @param crp Crypted new password + * + */ + +static int DEFAULT_CC +auth_crypt_pwd(char* pwd, char* pln, char* crp) +{ + return 0; +} + +/** + * + * @return 1 if the account is disabled, 0 otherwise + * + */ +static int DEFAULT_CC +auth_account_disabled(struct spwd* stp) +{ + return 0; +}