diff options
Diffstat (limited to 'pam_gdm')
-rw-r--r-- | pam_gdm/Makefile.am | 2 | ||||
-rw-r--r-- | pam_gdm/pam_gdm.c | 29 |
2 files changed, 31 insertions, 0 deletions
diff --git a/pam_gdm/Makefile.am b/pam_gdm/Makefile.am index 5ea69d78..61d672b4 100644 --- a/pam_gdm/Makefile.am +++ b/pam_gdm/Makefile.am @@ -15,6 +15,7 @@ pam_gdm_la_SOURCES = \ $(END_OF_LIST) pam_gdm_la_CFLAGS = \ + $(KEYUTILS_CFLAGS) \ $(PAM_CFLAGS) \ $(END_OF_LIST) @@ -26,6 +27,7 @@ pam_gdm_la_LDFLAGS = \ $(END_OF_LIST) pam_gdm_la_LIBADD = \ + $(KEYUTILS_LIBS) \ $(PAM_LIBS) \ $(END_OF_LIST) diff --git a/pam_gdm/pam_gdm.c b/pam_gdm/pam_gdm.c index 90a05573..7beb04e7 100644 --- a/pam_gdm/pam_gdm.c +++ b/pam_gdm/pam_gdm.c @@ -17,18 +17,47 @@ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. * */ +#include <config.h> + +#include <unistd.h> + #include <security/_pam_macros.h> #include <security/pam_ext.h> #include <security/pam_misc.h> #include <security/pam_modules.h> #include <security/pam_modutil.h> +#ifdef HAVE_KEYUTILS +#include <keyutils.h> +#endif + int pam_sm_authenticate (pam_handle_t *pamh, int flags, int argc, const char **argv) { +#ifdef HAVE_KEYUTILS + int r; + void *cached_password = NULL; + key_serial_t serial; + + serial = find_key_by_type_and_desc ("user", "cryptsetup", 0); + if (serial == 0) + return PAM_AUTHINFO_UNAVAIL; + + r = keyctl_read_alloc (serial, &cached_password); + if (r < 0) + return PAM_AUTHINFO_UNAVAIL; + + r = pam_set_item (pamh, PAM_AUTHTOK, cached_password); + + free (cached_password); + + if (r < 0) + return PAM_AUTH_ERR; +#endif + return PAM_SUCCESS; } |