/* -*- Mode: C; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 8 -*- * * Copyright (C) 2016 Red Hat, Inc. * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. * */ #include #include #include #include #include #include #include #ifdef HAVE_KEYUTILS #include #endif int pam_sm_authenticate (pam_handle_t *pamh, int flags, int argc, const char **argv) { #ifdef HAVE_KEYUTILS int r; void *cached_password = NULL; key_serial_t serial; serial = find_key_by_type_and_desc ("user", "cryptsetup", 0); if (serial == 0) return PAM_AUTHINFO_UNAVAIL; r = keyctl_read_alloc (serial, &cached_password); if (r < 0 || r != strlen (cached_password)) return PAM_AUTHINFO_UNAVAIL; r = pam_set_item (pamh, PAM_AUTHTOK, cached_password); free (cached_password); if (r < 0) return PAM_AUTH_ERR; else return PAM_SUCCESS; #endif return PAM_AUTHINFO_UNAVAIL; } int pam_sm_setcred (pam_handle_t *pamh, int flags, int argc, const char **argv) { return PAM_SUCCESS; } int pam_sm_acct_mgmt (pam_handle_t *pamh, int flags, int argc, const char **argv) { return PAM_SUCCESS; } int pam_sm_chauthtok (pam_handle_t *pamh, int flags, int argc, const char **argv) { return PAM_SUCCESS; } int pam_sm_open_session (pam_handle_t *pamh, int flags, int argc, const char **argv) { return PAM_SUCCESS; } int pam_sm_close_session (pam_handle_t *pamh, int flags, int argc, const char **argv) { return PAM_SUCCESS; }