From: Eugene Crosser <crosser@average.org>
Date: Wed, 4 Dec 2013 20:13:04 +0000 (+0400)
Subject: path= and injectauth params
X-Git-Url: http://www.average.org/gitweb/?p=pam_pcsc_cr.git;a=commitdiff_plain;h=0262298f8fc324fb4a1577f0c205bdf339ded782;ds=sidebyside

path= and injectauth params
---

diff --git a/authfile.c b/authfile.c
index 6937a66..f6a7fea 100644
--- a/authfile.c
+++ b/authfile.c
@@ -27,9 +27,9 @@
  * string.
  */
 
-static char *template = "~/.pam_cr/auth";
+static const char *template = "~/.pam_cr/auth";
 
-void authfile_template(char *str)
+void authfile_template(const char *str)
 {
 	template = str;
 }
@@ -37,7 +37,7 @@ void authfile_template(char *str)
 static int path_size(const char *tokenid, const char *userid)
 {
 	const char *usub;
-	char *p, *q;
+	const char *p, *q;
 	struct passwd *pw;
 
 	if ((p = strchr(template, '~')) != strrchr(template, '~')) return 0;
@@ -58,7 +58,8 @@ static void
 make_path(char * const path, const char *tokenid, const char *userid)
 {
 	const char *usub;
-	char *p, *q;
+	const char *p;
+	char *q;
 	struct passwd *pw;
 
 	path[0] = '\0';
diff --git a/authfile.h b/authfile.h
index 4a12aaa..f592d20 100644
--- a/authfile.h
+++ b/authfile.h
@@ -1,7 +1,7 @@
 #ifndef _AUTHFILE_H
 #define _AUTHFILE_H
 
-void authfile_template(char *template);
+void authfile_template(const char *template);
 
 struct _auth_obj authfile(const char *tokenid,
 		const char *userid, const char *password,
diff --git a/pam_pcsc_cr.c b/pam_pcsc_cr.c
index 13a92e0..75c49da 100644
--- a/pam_pcsc_cr.c
+++ b/pam_pcsc_cr.c
@@ -57,6 +57,7 @@ static void update_nonce(char *nonce, const int nonsize)
 struct _cfg {
 	int noaskpass;
 	int verbose;
+	int injectauth;
 };
 
 void parse_cfg(struct _cfg * const cfg, int argc, const char *argv[])
@@ -68,6 +69,9 @@ void parse_cfg(struct _cfg * const cfg, int argc, const char *argv[])
 			pcsc_option(argv[i]);
 		else if (!strcmp(argv[i], "verbose")) cfg->verbose = 1;
 		else if (!strcmp(argv[i], "noaskpass")) cfg->noaskpass = 1;
+		else if (!strcmp(argv[i], "injectauth")) cfg->injectauth = 1;
+		else if (!strncmp(argv[i], "path=", 5))
+					authfile_template(argv[i]+5);
 	}
 }
 
@@ -87,7 +91,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags,
 	if ((pam_err = pam_get_user(pamh, &user, NULL)) != PAM_SUCCESS) {
 		if (cfg.verbose) syslog(LOG_ERR, "get_user failed: %s",
 					pam_strerror(pamh, pam_err));
-		return (pam_err);
+		return pam_err;
 	}
 	if (strspn(user, "0123456789") == strlen(user)) {
 		tokenid = user;
@@ -135,7 +139,7 @@ pam_sm_authenticate(pam_handle_t *pamh, int flags,
 	} else {
 		if (!user)
 			pam_set_item(pamh, PAM_USER, ao.data);
-		if (ao.payload && ao.payload[0])
+		if (cfg.injectauth && ao.payload && ao.payload[0])
 			pam_set_item(pamh, PAM_AUTHTOK, ao.payload);
 		return PAM_SUCCESS;
 	}