Bandie/pam_panic
Bandie
/
pam_panic
1
0
Fork 0
Code Issues 5 Pull Requests Releases Wiki Activity

Merge pull request #27 from pampanic/bandiePreMerge 

Correcting and adding header for future unit tests
This commit is contained in:
Bandie 2018-04-01 21:50:25 +02:00 committed by GitHub
parent f19d3ee46a 4e6260f547
commit 913a2d2271
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
13 changed files with 118 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
Makefile
View File

@ -11,14 +11,15 @@ all:
@which reboot >/dev/null
@which poweroff >/dev/null
@which cryptsetup >/dev/null
mkdir -p build obj
mkdir -p build
make -C src -e "PPASSFILE = $(PPASSFILE)"
@printf "Done!\n"
clean:
rm build/pam_panic.so
rm build/pam_panic_pw
rm obj/pam_panic.o
rmdir build obj
make -C src/pam_panic clean
rmdir build
@printf "Done!\n"
detect_pamdir:

2
README.md
View File

@ -1,4 +1,4 @@
# pam\_panic [![Build Status](https://travis-ci.org/pampanic/pam_panic.svg?branch=master)](https://travis-ci.org/pampanic/pam_panic) [![CodeFactor](https://www.codefactor.io/repository/github/pampanic/pam_panic/badge)](https://www.codefactor.io/repository/github/pampanic/pam_panic)
# pam\_panic [![Build Status](https://travis-ci.org/pampanic/pam_panic.svg?branch=master)](https://travis-ci.org/pampanic/pam_panic)
## Purpose

28
src/pam_panic/Makefile
View File

@ -1,9 +1,25 @@
CFLAGS = --std=gnu11 -O2 -fPIC -DPOWEROFF=\"`which poweroff`\" -DREBOOT=\"`which reboot`\" -DCRYPTSETUP=\"`which cryptsetup`\" -DPPASSFILE=\"$(PPASSFILE)\"
LDFLAGS = -x --shared -lcrypt
CFLAGS = -Wall --std=gnu11 -O2 -fPIC -DPOWEROFF=\"`which poweroff`\" -DREBOOT=\"`which reboot`\" -DCRYPTSETUP=\"`which cryptsetup`\" -DPPASSFILE=\"$(PPASSFILE)\"
#LDFLAGS = -x -shared -lcrypt -lpam -lpam_misc
LDFLAGS = -shared -lcrypt -lpam -lpam_misc
all:
mkdir -p ../../obj
OBJ = pam_panic_authdevice.o pam_panic_password.o pam_panic_reject.o
pam_panic: $(OBJ)
cc $(CFLAGS) $(LDFLAGS) -o ../../build/pam_panic.so pam_panic.c $(OBJ)
# ld $(LDFLAGS) -o ../../build/pam_panic.so $(OBJ)
%.o: %.c
$(CC) $(CFLAGS) -c -o $@ $<
all:
mkdir -p ../../build
cc $(CFLAGS) -c pam_panic.c -o ../../obj/pam_panic.o
ld $(LDFLAGS) -o ../../build/pam_panic.so ../../obj/pam_panic.o
clean:
rm *.o
# cc $(CFLAGS) -c pam_panic.c -o ../../obj/pam_panic.o
# ld $(LDFLAGS) -o ../../build/pam_panic.so ../../obj/pam_panic.o

20
src/pam_panic/pam_panic.c
View File

@ -6,7 +6,6 @@ DATE : 2018-03-27T02:34:08+02:00
LICENSE : GNU-GPLv3
*/
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
@ -21,10 +20,23 @@ LICENSE : GNU-GPLv3
#include "pam_panic_authdevice.h"
#include "pam_panic_password.h"
#ifdef REBOOT
#ifdef POWEROFF
#ifdef CRYPTSETUP
int makeRegex(pam_handle_t *pamh, regex_t *regex){
char *pattern = "^[A-Fa-f0-9]\\{8\\}\\-[A-Fa-f0-9]\\{4\\}\\-[A-Fa-f0-9]\\{4\\}\\-[A-Fa-f0-9]\\{4\\}\\-[A-Fa-f0-9]\\{12\\}$";
if(regcomp(regex, pattern, 0)){
pam_syslog(pamh, LOG_CRIT, "ERROR: Problem with regcomp.");
return 1;
}
return 0;
}
void argSplit(char **some_arg, char **some_temp, const char *arg){
strncpy(*some_arg, arg, 128);
*some_temp = strtok(*some_arg, "=");
@ -56,13 +68,9 @@ PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, cons
// Regex for checking arguments
char *pattern = "^[A-Fa-f0-9]\\{8\\}\\-[A-Fa-f0-9]\\{4\\}\\-[A-Fa-f0-9]\\{4\\}\\-[A-Fa-f0-9]\\{4\\}\\-[A-Fa-f0-9]\\{12\\}$";
regex_t regex;
if(regcomp(&regex, pattern, 0)){
pam_syslog(pamh, LOG_CRIT, "ERROR: Problem with regcomp.");
if(makeRegex(pamh, &regex))
return (PAM_IGNORE);
}
// Argument handling

34
src/pam_panic/pam_panic.h Normal file
View File

@ -0,0 +1,34 @@
/*
FILENAME : pam_panic.c
DESCRIPTION : Header is made for testing purposes.
AUTHOR : Bandie
DATE : 2018-03-27T02:34:08+02:00
LICENSE : GNU-GPLv3
*/
#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <fcntl.h>
#include <sys/wait.h>
#include <regex.h>
#include <string.h>
#include <security/pam_modules.h>
#include <security/pam_ext.h>
#include <syslog.h>
#include "pam_panic_reject.h"
#include "pam_panic_authdevice.h"
#include "pam_panic_password.h"
void argSplit(char **some_arg, char **some_temp, const char *arg);
void constrPath(char **dst, char **src);
PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char *argv[]);
PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char *argv[]);
PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char *argv[]);
PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char *argv[]);
PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char *argv[]);
PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc, const char *argv[]);

10
src/pam_panic/pam_panic_authdevice.c
View File

@ -6,6 +6,14 @@ DATE : 2018-03-27T02:34:08+02:00
LICENSE : GNU-GPLv3
*/
#include <stdint.h>
#include <unistd.h>
#include <security/pam_modules.h>
#include <security/pam_ext.h>
#include <syslog.h>
#include "pam_panic_reject.h"
#include "pam_panic_authdevice.h"
int authDevice(pam_handle_t *pamh, char *allowed, char *rejected, char *serious_dev, int8_t bSerious, int8_t bReboot, int8_t bPoweroff){
@ -23,4 +31,6 @@ int authDevice(pam_handle_t *pamh, char *allowed, char *rejected, char *serious_
if(access(rejected, F_OK) != -1)
return reject(serious_dev, bSerious, bReboot, bPoweroff);
return (PAM_MAXTRIES);
}

3
src/pam_panic/pam_panic_authdevice.h
View File

@ -6,7 +6,6 @@ LICENSE : GNU-GPLv3
*/
#define ASK "Please enter your secret key to decrypt the firewall and access the mainframe. "
#include "pam_panic_authdevice.c"
int authDevice(pam_handle_t *pamh, char *allowed, char *rejected, char *serious_dev, int8_t bSerious, int8_t bReboot, int8_t bPoweroff);

12
src/pam_panic/pam_panic_password.c
View File

@ -6,6 +6,17 @@ DATE : 2018-03-27T02:34:08+02:00
LICENSE : GNU-GPLv3
*/
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <fcntl.h>
#include <security/pam_modules.h>
#include <security/pam_ext.h>
#include <syslog.h>
#include <crypt.h>
#include "pam_panic_password.h"
#include "pam_panic_reject.h"
int readPassword(pam_handle_t *pamh, char pw[2][99]){
@ -24,7 +35,6 @@ int readPassword(pam_handle_t *pamh, char pw[2][99]){
// Get file contents
size_t nread;
char filecontent[198];
char chr;
nread = fread(filecontent, sizeof(char), 198, f);
fclose(f);

8
src/pam_panic/pam_panic_password.h
View File

@ -5,7 +5,11 @@ DATE : 2018-03-27T02:34:08+02:00
LICENSE : GNU-GPLv3
*/
#ifndef PPASSFILE
#error PPASSFILE must be declared!
#endif
int authPassword(pam_handle_t *pamh, char *serious_dev, int8_t bSerious, int8_t bReboot, int8_t bPoweroff);
#include <crypt.h>
#include "pam_panic_password.c"

5
src/pam_panic/pam_panic_reject.c
View File

@ -6,6 +6,11 @@ DATE : 2018-03-27T02:34:08+02:00
LICENSE : GNU-GPLv3
*/
#include <stdint.h>
#include <unistd.h>
#include <security/pam_ext.h>
#include <sys/wait.h>
#include "pam_panic_reject.h"
int reject(char *serious_dev, int8_t bSerious, int8_t bReboot, int8_t bPoweroff){
if(bSerious){

3
src/pam_panic/pam_panic_reject.h
View File

@ -5,5 +5,4 @@ DATE : 2018-03-27T02:34:08+02:00
LICENSE : GNU-GPLv3
*/
#include "pam_panic_reject.c"
int reject(char *serious_dev, int8_t bSerious, int8_t bReboot, int8_t bPoweroff);

2
src/pam_panic_pw/pam_panic_pw.c
View File

@ -1,7 +1,7 @@
/*
FILENAME : pam_panic_pw.c
DESCRIPTION : Generates and saves password for pam_panic
AUTHOR : Bandie
AUTHOR : Bandie, some Author of the glibc manpage
DATE : 2018-03-27T02:34:08+02:00
LICENSE : GNU-GPLv3
*/

8
src/pam_panic_pw/pam_panic_pw.h Normal file
View File

@ -0,0 +1,8 @@
/*
FILENAME : pam_panic_pw.h
AUTHOR : Bandie
DATE : 2018-03-27T02:34:08+02:00
LICENSE : GNU-GPLv3
*/
int writePassword(char pw[][99]);