mirrors
/
xrdp
mirror of https://github.com/neutrinolabs/xrdp
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

changed pam session and env

This commit is contained in:
jsorg71 2005-08-14 02:22:11 +00:00
parent dda4269822
commit c3ff1bcebb
4 changed files with 154 additions and 76 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

169
sesman/sesman.c
View File

@ -30,9 +30,11 @@
long DEFAULT_CC
auth_userpass(char* user, char* pass);
int DEFAULT_CC
auth_start_session(long in_val);
auth_start_session(long in_val, int in_display);
int DEFAULT_CC
auth_end(long in_val);
int DEFAULT_CC
auth_set_env(long in_val);
static int g_sck;
static int g_pid;
@ -166,7 +168,6 @@ cterm(int s)
{
if (session_items[i].pid == pid)
{
auth_end(session_items[i].data);
g_memset(session_items + i, 0, sizeof(struct session_item));
}
}
@ -197,26 +198,65 @@ check_password_file(char* filename, char* password)
/******************************************************************************/
static int DEFAULT_CC
set_user(char* username, char* passwd_file, int display)
{
int error;
int pw_uid;
int pw_gid;
int uid;
char pw_shell[256];
char pw_dir[256];
char pw_gecos[256];
char text[256];
error = g_getuser_info(username, &pw_gid, &pw_uid, pw_shell, pw_dir,
pw_gecos);
if (error == 0)
{
error = g_setgid(pw_gid);
if (error == 0)
{
uid = pw_uid;
error = g_setuid(uid);
}
if (error == 0)
{
g_clearenv();
g_setenv("SHELL", pw_shell, 1);
g_setenv("PATH", "/bin:/usr/bin:/usr/X11R6/bin:/usr/local/bin", 1);
g_setenv("USER", username, 1);
g_sprintf(text, "%d", uid);
g_setenv("UID", text, 1);
g_setenv("HOME", pw_dir, 1);
g_set_current_dir(pw_dir);
g_sprintf(text, ":%d.0", display);
g_setenv("DISPLAY", text, 1);
if (passwd_file != 0)
{
g_mkdir(".vnc");
g_sprintf(passwd_file, "%s/.vnc/sesman_passwd", pw_dir);
}
}
}
return error;
}
/******************************************************************************/
/* returns 0 if error else the display number the session was started on */
static int DEFAULT_CC
start_session(int width, int height, int bpp, char* username, char* password,
long data)
{
int display;
int pid;
int uid;
int wmpid;
int xpid;
int error;
int pw_uid;
int pw_gid;
char pw_gecos[256];
char pw_dir[256];
char pw_shell[256];
char text[256];
char passwd_file[256];
char geometry[32];
char depth[32];
char screen[32];
char cur_dir[256];
char text[256];
char passwd_file[256];
g_get_current_dir(cur_dir, 255);
display = 10;
@ -228,7 +268,6 @@ start_session(int width, int height, int bpp, char* username, char* password,
{
return 0;
}
auth_start_session(data);
wmpid = 0;
pid = g_fork();
if (pid == -1)
@ -236,74 +275,54 @@ start_session(int width, int height, int bpp, char* username, char* password,
}
else if (pid == 0) /* child */
{
error = g_getuser_info(username, &pw_gid, &pw_uid, pw_shell, pw_dir,
pw_gecos);
if (error == 0)
g_unset_signals();
auth_start_session(data, display);
g_sprintf(geometry, "%dx%d", width, height);
g_sprintf(depth, "%d", bpp);
g_sprintf(screen, ":%d", display);
wmpid = g_fork();
if (wmpid == -1)
{
error = g_setgid(pw_gid);
if (error == 0)
}
else if (wmpid == 0) /* child */
{
/* give X a bit to start */
g_sleep(1000);
set_user(username, 0, display);
if (x_server_running(display))
{
uid = pw_uid;
error = g_setuid(uid);
auth_set_env(data);
g_sprintf(text, "%s/startwm.sh", cur_dir);
g_execlp3(text, "startwm.sh", 0);
/* should not get here */
}
if (error == 0)
g_printf("error\n");
g_exit(0);
}
else /* parent */
{
xpid = g_fork();
if (xpid == -1)
{
g_clearenv();
g_setenv("SHELL", pw_shell, 1);
g_setenv("PATH", "/bin:/usr/bin:/usr/X11R6/bin:/usr/local/bin", 1);
g_setenv("USER", username, 1);
g_sprintf(text, "%d", uid);
g_setenv("UID", text, 1);
g_setenv("HOME", pw_dir, 1);
g_set_current_dir(pw_dir);
g_sprintf(text, ":%d.0", display);
g_setenv("DISPLAY", text, 1);
g_sprintf(geometry, "%dx%d", width, height);
g_sprintf(depth, "%d", bpp);
g_sprintf(screen, ":%d", display);
g_mkdir(".vnc");
g_sprintf(passwd_file, "%s/.vnc/sesman_passwd", pw_dir);
}
else if (xpid == 0) /* child */
{
set_user(username, passwd_file, display);
check_password_file(passwd_file, password);
wmpid = g_fork();
if (wmpid == -1)
{
}
else if (wmpid == 0) /* child */
{
/* give X a bit to start */
g_sleep(500);
if (x_server_running(display))
{
g_sprintf(text, "%s/startwm.sh", cur_dir);
g_execlp3(text, "startwm.sh", 0);
/* should not get here */
}
g_printf("error\n");
g_exit(0);
}
else /* parent */
{
xpid = g_fork();
if (xpid == -1)
{
}
else if (xpid == 0) /* child */
{
g_execlp11("Xvnc", "Xvnc", screen, "-geometry", geometry,
"-depth", depth, "-bs", "-rfbauth", passwd_file, 0);
/* should not get here */
g_printf("error\n");
g_exit(0);
}
else /* parent */
{
g_waitpid(wmpid);
g_sigterm(xpid);
g_sigterm(wmpid);
g_sleep(1000);
g_exit(0);
}
}
g_execlp11("Xvnc", "Xvnc", screen, "-geometry", geometry,
"-depth", depth, "-bs", "-rfbauth", passwd_file, 0);
/* should not get here */
g_printf("error\n");
g_exit(0);
}
else /* parent */
{
g_waitpid(wmpid);
g_sigterm(xpid);
g_sigterm(wmpid);
g_sleep(1000);
auth_end(data);
g_exit(0);
}
}
}

7
sesman/verify_user.c
View File

@ -103,3 +103,10 @@ auth_end(void)
{
return 0;
}
/******************************************************************************/
int DEFAULT_CC
auth_set_env(void)
{
return 0;
}

47
sesman/verify_user_pam.c
View File

@ -133,12 +133,20 @@ auth_userpass(char* user, char* pass)
/******************************************************************************/
/* returns error */
int DEFAULT_CC
auth_start_session(long in_val)
auth_start_session(long in_val, int in_display)
{
struct t_auth_info* auth_info;
int error;
char display[256];
g_sprintf(display, ":%d", in_display);
auth_info = (struct t_auth_info*)in_val;
error = pam_set_item(auth_info->ph, PAM_TTY, display);
if (error != PAM_SUCCESS)
{
g_printf("pam_set_item failed: %s\n\r", pam_strerror(auth_info->ph, error));
return 1;
}
error = pam_setcred(auth_info->ph, PAM_ESTABLISH_CRED);
if (error != PAM_SUCCESS)
{
@ -185,3 +193,40 @@ auth_end(long in_val)
g_free(auth_info);
return 0;
}
/******************************************************************************/
/* returns error */
/* set any pam env vars */
int DEFAULT_CC
auth_set_env(long in_val)
{
struct t_auth_info* auth_info;
char** pam_envlist;
char** pam_env;
char item[256];
char value[256];
int eq_pos;
auth_info = (struct t_auth_info*)in_val;
if (auth_info != 0)
{
/* export PAM environment */
pam_envlist = pam_getenvlist(auth_info->ph);
if (pam_envlist != NULL)
{
for (pam_env = pam_envlist; *pam_env != NULL; ++pam_env)
{
eq_pos = g_pos(*pam_env, "=");
if (eq_pos >= 0 && eq_pos < 250)
{
g_strncpy(item, *pam_env, eq_pos);
g_strncpy(value, (*pam_env) + eq_pos + 1, 255);
g_setenv(item, value, 1);
}
g_free(*pam_env);
}
g_free(pam_envlist);
}
}
return 0;
}

7
sesman/verify_user_pam_userpass.c
View File

@ -83,3 +83,10 @@ auth_end(void)
{
return 0;
}
/******************************************************************************/
int DEFAULT_CC
auth_set_env(void)
{
return 0;
}