version 1.1.2.8, 2007/01/05 00:32:31
|
version 1.1.2.9, 2007/01/07 21:39:01
|
|
|
#else /* POSIX CASE FOLLOWS */ | #else /* POSIX CASE FOLLOWS */ |
| |
static int InProcess_startProviderAgent( | static int InProcess_startProviderAgent( |
|
const SessionKey& sessionKey, |
const char* module, | const char* module, |
int uid, | int uid, |
int gid, | int gid, |
|
|
return status; | return status; |
} | } |
| |
static int InProcess_pamAuthenticate( |
static int InProcess_authenticatePassword( |
const char* username, | const char* username, |
const char* password, | const char* password, |
SessionKey& sessionKey) | SessionKey& sessionKey) |
|
|
#endif | #endif |
} | } |
| |
static int InProcess_pamValidateUser( |
static int InProcess_validateUser( |
const char* username) | const char* username) |
{ | { |
#if defined(PEGASUS_PAM_AUTHENTICATION) | #if defined(PEGASUS_PAM_AUTHENTICATION) |
|
|
} | } |
| |
static int OutOfProcess_startProviderAgent( | static int OutOfProcess_startProviderAgent( |
|
const SessionKey& sessionKey, |
const char* module, | const char* module, |
int uid, | int uid, |
int gid, | int gid, |
|
|
| |
ExecutorStartProviderAgentRequest request; | ExecutorStartProviderAgentRequest request; |
memset(&request, 0, sizeof(request)); | memset(&request, 0, sizeof(request)); |
|
Strlcpy(request.key, sessionKey.data(), sizeof(request.key)); |
memcpy(request.module, module, n); | memcpy(request.module, module, n); |
request.uid = uid; | request.uid = uid; |
request.gid = gid; | request.gid = gid; |
|
|
return response.status; | return response.status; |
} | } |
| |
static int OutOfProcess_pamAuthenticate( |
static int OutOfProcess_authenticatePassword( |
const char* username, | const char* username, |
const char* password, | const char* password, |
SessionKey& sessionKey) | SessionKey& sessionKey) |
|
|
// _send request header: | // _send request header: |
| |
ExecutorRequestHeader header; | ExecutorRequestHeader header; |
header.code = EXECUTOR_PAM_AUTHENTICATE_MESSAGE; |
header.code = EXECUTOR_AUTHENTICATE_PASSWORD_MESSAGE; |
| |
if (_send(_getSock(), &header, sizeof(header)) != sizeof(header)) | if (_send(_getSock(), &header, sizeof(header)) != sizeof(header)) |
return -1; | return -1; |
| |
// _send request body. | // _send request body. |
| |
ExecutorPAMAuthenticateRequest request; |
ExecutorAuthenticatePasswordRequest request; |
memset(&request, 0, sizeof(request)); | memset(&request, 0, sizeof(request)); |
Strlcpy(request.username, username, EXECUTOR_BUFFER_SIZE); | Strlcpy(request.username, username, EXECUTOR_BUFFER_SIZE); |
Strlcpy(request.password, password, EXECUTOR_BUFFER_SIZE); | Strlcpy(request.password, password, EXECUTOR_BUFFER_SIZE); |
|
|
| |
// Receive the response | // Receive the response |
| |
ExecutorPAMAuthenticateResponse response; |
ExecutorAuthenticatePasswordResponse response; |
| |
if (_recv(_getSock(), &response, sizeof(response)) != sizeof(response)) | if (_recv(_getSock(), &response, sizeof(response)) != sizeof(response)) |
return -1; | return -1; |
|
|
return response.status; | return response.status; |
} | } |
| |
static int OutOfProcess_pamValidateUser( |
static int OutOfProcess_validateUser( |
const char* username) | const char* username) |
{ | { |
AutoMutex autoMutex(_mutex); | AutoMutex autoMutex(_mutex); |
|
|
// _send request header: | // _send request header: |
| |
ExecutorRequestHeader header; | ExecutorRequestHeader header; |
header.code = EXECUTOR_PAM_VALIDATE_USER_MESSAGE; |
header.code = EXECUTOR_VALIDATE_USER_MESSAGE; |
| |
if (_send(_getSock(), &header, sizeof(header)) != sizeof(header)) | if (_send(_getSock(), &header, sizeof(header)) != sizeof(header)) |
return -1; | return -1; |
| |
// _send request body. | // _send request body. |
| |
ExecutorPAMValidateUserRequest request; |
ExecutorValidateUserRequest request; |
memset(&request, 0, sizeof(request)); | memset(&request, 0, sizeof(request)); |
Strlcpy(request.username, username, EXECUTOR_BUFFER_SIZE); | Strlcpy(request.username, username, EXECUTOR_BUFFER_SIZE); |
| |
|
|
| |
// Receive the response | // Receive the response |
| |
ExecutorPAMValidateUserResponse response; |
ExecutorValidateUserResponse response; |
| |
if (_recv(_getSock(), &response, sizeof(response)) != sizeof(response)) | if (_recv(_getSock(), &response, sizeof(response)) != sizeof(response)) |
return -1; | return -1; |
|
|
return response.status; | return response.status; |
} | } |
| |
int OutOfProcess_startLocalAuth( |
int OutOfProcess_challengeLocal( |
const char* user, | const char* user, |
char path[EXECUTOR_BUFFER_SIZE], |
char challenge[EXECUTOR_BUFFER_SIZE], |
SessionKey& sessionKey) | SessionKey& sessionKey) |
{ | { |
AutoMutex autoMutex(_mutex); | AutoMutex autoMutex(_mutex); |
|
|
// _send request header: | // _send request header: |
| |
ExecutorRequestHeader header; | ExecutorRequestHeader header; |
header.code = EXECUTOR_START_LOCAL_AUTH_MESSAGE; |
header.code = EXECUTOR_CHALLENGE_LOCAL_MESSAGE; |
| |
if (_send(_getSock(), &header, sizeof(header)) != sizeof(header)) | if (_send(_getSock(), &header, sizeof(header)) != sizeof(header)) |
return -1; | return -1; |
| |
// _send request body. | // _send request body. |
| |
ExecutorStartLocalAuthRequest request; |
ExecutorChallengeLocalRequest request; |
memset(&request, 0, sizeof(request)); | memset(&request, 0, sizeof(request)); |
Strlcpy(request.user, user, EXECUTOR_BUFFER_SIZE); | Strlcpy(request.user, user, EXECUTOR_BUFFER_SIZE); |
| |
|
|
| |
// Receive the response | // Receive the response |
| |
ExecutorStartLocalAuthResponse response; |
ExecutorChallengeLocalResponse response; |
| |
if (_recv(_getSock(), &response, sizeof(response)) != sizeof(response)) | if (_recv(_getSock(), &response, sizeof(response)) != sizeof(response)) |
return -1; | return -1; |
| |
Strlcpy((char*)sessionKey.data(), response.key, sessionKey.size()); | Strlcpy((char*)sessionKey.data(), response.key, sessionKey.size()); |
Strlcpy(path, response.path, EXECUTOR_BUFFER_SIZE); |
Strlcpy(challenge, response.challenge, EXECUTOR_BUFFER_SIZE); |
| |
return response.status; | return response.status; |
} | } |
| |
int OutOfProcess_finishLocalAuth( |
int OutOfProcess_authenticateLocal( |
const SessionKey& sessionKey, | const SessionKey& sessionKey, |
const char* token) | const char* token) |
{ | { |
|
|
// _send request header: | // _send request header: |
| |
ExecutorRequestHeader header; | ExecutorRequestHeader header; |
header.code = EXECUTOR_FINISH_LOCAL_AUTH_MESSAGE; |
header.code = EXECUTOR_AUTHENTICATE_LOCAL_MESSAGE; |
| |
if (_send(_getSock(), &header, sizeof(header)) != sizeof(header)) | if (_send(_getSock(), &header, sizeof(header)) != sizeof(header)) |
return -1; | return -1; |
| |
// _send request body. | // _send request body. |
| |
ExecutorFinishLocalAuthRequest request; |
ExecutorAuthenticateLocalRequest request; |
memset(&request, 0, sizeof(request)); | memset(&request, 0, sizeof(request)); |
Strlcpy(request.key, (char*)sessionKey.data(), EXECUTOR_BUFFER_SIZE); | Strlcpy(request.key, (char*)sessionKey.data(), EXECUTOR_BUFFER_SIZE); |
Strlcpy(request.token, token, EXECUTOR_BUFFER_SIZE); | Strlcpy(request.token, token, EXECUTOR_BUFFER_SIZE); |
|
|
| |
// Receive the response | // Receive the response |
| |
ExecutorFinishLocalAuthResponse response; |
ExecutorAuthenticateLocalResponse response; |
| |
if (_recv(_getSock(), &response, sizeof(response)) != sizeof(response)) | if (_recv(_getSock(), &response, sizeof(response)) != sizeof(response)) |
return -1; | return -1; |
|
|
#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) | #if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) |
return OutOfProcess_openFile(path, mode); | return OutOfProcess_openFile(path, mode); |
#else | #else |
return -1; |
return NULL; |
#endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */ | #endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */ |
} | } |
| |
|
|
} | } |
| |
int Executor::startProviderAgent( | int Executor::startProviderAgent( |
|
const SessionKey& sessionKey, |
const char* module, | const char* module, |
int uid, | int uid, |
int gid, | int gid, |
|
|
{ | { |
if (_getSock() == -1) | if (_getSock() == -1) |
return InProcess_startProviderAgent( | return InProcess_startProviderAgent( |
module, uid, gid, pid, readPipe, writePipe); |
sessionKey, module, uid, gid, pid, readPipe, writePipe); |
| |
#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) | #if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) |
return OutOfProcess_startProviderAgent( | return OutOfProcess_startProviderAgent( |
module, uid, gid, pid, readPipe, writePipe); |
sessionKey, module, uid, gid, pid, readPipe, writePipe); |
#else | #else |
return -1; | return -1; |
#endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */ | #endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */ |
|
|
#endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */ | #endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */ |
} | } |
| |
int Executor::pamAuthenticate( |
int Executor::authenticatePassword( |
const char* username, | const char* username, |
const char* password, | const char* password, |
SessionKey& sessionKey) | SessionKey& sessionKey) |
{ | { |
if (_getSock() == -1) | if (_getSock() == -1) |
return InProcess_pamAuthenticate(username, password, sessionKey); |
return InProcess_authenticatePassword(username, password, sessionKey); |
| |
#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) | #if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) |
return OutOfProcess_pamAuthenticate(username, password, sessionKey); |
return OutOfProcess_authenticatePassword(username, password, sessionKey); |
#else | #else |
return -1; | return -1; |
#endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */ | #endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */ |
} | } |
| |
int Executor::pamValidateUser( |
int Executor::validateUser( |
const char* username) | const char* username) |
{ | { |
if (_getSock() == -1) | if (_getSock() == -1) |
return InProcess_pamValidateUser(username); |
return InProcess_validateUser(username); |
| |
#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) | #if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) |
return OutOfProcess_pamValidateUser(username); |
return OutOfProcess_validateUser(username); |
#else | #else |
return -1; | return -1; |
#endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */ | #endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */ |
} | } |
| |
int Executor::startLocalAuth( |
int Executor::challengeLocal( |
const char* user, | const char* user, |
char path[EXECUTOR_BUFFER_SIZE], | char path[EXECUTOR_BUFFER_SIZE], |
SessionKey& sessionKey) | SessionKey& sessionKey) |
|
|
return -1; | return -1; |
| |
#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) | #if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) |
return OutOfProcess_startLocalAuth(user, path, sessionKey); |
return OutOfProcess_challengeLocal(user, path, sessionKey); |
#else | #else |
return -1; | return -1; |
#endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */ | #endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */ |
} | } |
| |
int Executor::finishLocalAuth( |
int Executor::authenticateLocal( |
const SessionKey& sessionKey, | const SessionKey& sessionKey, |
const char* token) |
const char* challengeResponse) |
{ | { |
if (_getSock() == -1) | if (_getSock() == -1) |
return -1; | return -1; |
| |
#if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) | #if defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) |
return OutOfProcess_finishLocalAuth(sessionKey, token); |
return OutOfProcess_authenticateLocal(sessionKey, challengeResponse); |
#else | #else |
return -1; | return -1; |
#endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */ | #endif /* defined(PEGASUS_ENABLE_PRIVILEGE_SEPARATION) */ |