[doldaconnect.git] / daemon / auth-unix.c

/*
 *  Dolda Connect - Modular multiuser Direct Connect-style client
 *  Copyright (C) 2004 Fredrik Tolf <fredrik@dolda2000.com>
 *  
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
 *  
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *  
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
*/

#include <pwd.h>
#include <sys/un.h>
#include <errno.h>
#include <string.h>
#include <wchar.h>

#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#include "auth.h"
#include "utils.h"
#include "module.h"
#include "conf.h"

struct unixdata {
    char *username;
};

static int inithandle(struct authhandle *auth, char *username)
{
    struct unixdata *data;
    
    data = smalloc(sizeof(*data));
    memset(data, 0, sizeof(*data));
    data->username = sstrdup(username);
    auth->mechdata = data;
    return(0);
}

static void release(struct authhandle *auth)
{
    struct unixdata *data;
    
    data = auth->mechdata;
    free(data->username);
    free(data);
}

static int unixauth(struct authhandle *auth, struct socket *sk, char *passdata)
{
    struct passwd *pwd;
    struct unixdata *data;
    uid_t uid;
    gid_t gid;
    
    data = auth->mechdata;
    if((pwd = getpwnam(data->username)) == NULL)
	return(AUTH_ERR);
    if(getucred(sk, &uid, &gid)) {
	errno = EOPNOTSUPP; /* Bleh */
	return(AUTH_ERR);
    }
    if(pwd->pw_uid == uid) {
	flog(LOG_INFO, "successful authentication as %s with Unix credentials (uid=%i, gid=%i)", data->username, uid, gid);
	return(AUTH_SUCCESS);
    }
    auth->text = swcsdup(L"Unix credentials do not match supplied user name");
    return(AUTH_DENIED);
}

static int available(struct socket *sk)
{
    return(sockfamily(sk) == PF_UNIX);
}

static struct authmech mechdesc = {
    .inithandle = inithandle,
    .release = release,
    .authenticate = unixauth,
    .available = available,
    .name = L"unix",
    .enabled = 1
};

static int init(int hup)
{
    if(!hup)
	regmech(&mechdesc);
    return(0);
}

static struct module me = {
    .init = init,
    .name = "auth-unix"
};
MODULE(me)
Commit	Line	Data
3616b334	1	/*
3616b334	2	* Dolda Connect - Modular multiuser Direct Connect-style client
302a2600	3	* Copyright (C) 2004 Fredrik Tolf <fredrik@dolda2000.com>
3616b334	4	*
	5	* This program is free software; you can redistribute it and/or modify
	6	* it under the terms of the GNU General Public License as published by
	7	* the Free Software Foundation; either version 2 of the License, or
	8	* (at your option) any later version.
	9	*
	10	* This program is distributed in the hope that it will be useful,
	11	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	12	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	13	* GNU General Public License for more details.
	14	*
	15	* You should have received a copy of the GNU General Public License
	16	* along with this program; if not, write to the Free Software
	17	* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
	18	*/
	19
	20	#include <pwd.h>
	21	#include <sys/un.h>
	22	#include <errno.h>
	23	#include <string.h>
	24	#include <wchar.h>
	25
	26	#ifdef HAVE_CONFIG_H
	27	#include <config.h>
	28	#endif
	29	#include "auth.h"
	30	#include "utils.h"
	31	#include "module.h"
	32	#include "conf.h"
	33
	34	struct unixdata {
	35	char *username;
	36	};
	37
	38	static int inithandle(struct authhandle auth, char username)
	39	{
	40	struct unixdata *data;
	41
	42	data = smalloc(sizeof(*data));
	43	memset(data, 0, sizeof(*data));
	44	data->username = sstrdup(username);
	45	auth->mechdata = data;
	46	return(0);
	47	}
	48
	49	static void release(struct authhandle *auth)
	50	{
	51	struct unixdata *data;
	52
	53	data = auth->mechdata;
	54	free(data->username);
	55	free(data);
	56	}
	57
	58	static int unixauth(struct authhandle auth, struct socket sk, char *passdata)
	59	{
	60	struct passwd *pwd;
	61	struct unixdata *data;
d1ef0200 FT	62	uid_t uid;
d1ef0200 FT	63	gid_t gid;
3616b334	64
	65	data = auth->mechdata;
	66	if((pwd = getpwnam(data->username)) == NULL)
	67	return(AUTH_ERR);
d1ef0200	68	if(getucred(sk, &uid, &gid)) {
75a50bc2	69	errno = EOPNOTSUPP; /* Bleh */
3616b334	70	return(AUTH_ERR);
3616b334	71	}
d1ef0200 FT	72	if(pwd->pw_uid == uid) {
d1ef0200 FT	73	flog(LOG_INFO, "successful authentication as %s with Unix credentials (uid=%i, gid=%i)", data->username, uid, gid);
3616b334	74	return(AUTH_SUCCESS);
516eedd9	75	}
3616b334	76	auth->text = swcsdup(L"Unix credentials do not match supplied user name");
	77	return(AUTH_DENIED);
	78	}
	79
	80	static int available(struct socket *sk)
	81	{
d1ef0200	82	return(sockfamily(sk) == PF_UNIX);
3616b334	83	}
	84
	85	static struct authmech mechdesc = {
	86	.inithandle = inithandle,
	87	.release = release,
	88	.authenticate = unixauth,
	89	.available = available,
	90	.name = L"unix",
	91	.enabled = 1
	92	};
	93
	94	static int init(int hup)
	95	{
	96	if(!hup)
	97	regmech(&mechdesc);
	98	return(0);
	99	}
	100
	101	static struct module me = {
	102	.init = init,
	103	.name = "auth-unix"
	104	};
	105	MODULE(me)