Could someone who knows C programming, finish off this module to create a
pam_localhost module for PAM
pam_localhost.c
/*
* $Id: pam_localhost.c,v 1.0 2006/03/30 0:0:0 Exp $
* built to compile as part of 0.77 of LINUX-PAM
*/
/*
* checks to see if the user is logged in from one to the private IP addresses
* 10.0.0.0 through 10.255.255.255
* 172.16.0.0 through 172.31.255.255
* 192.168.0.0 through 192.168.255.255
* Returns PAM_SUCCESS if the person is logging in locally(private IP address)
* Returns PAM_AUTH_ERR if not
* This code began life a modified pam_listfile (0.77) module
* by Elliot Lee <[EMAIL PROTECTED]>, Red Hat Software. July 25, 1996.
* log refused access error christopher mccrory <[EMAIL PROTECTED]> 1998/7/11
* which began life as the pam_rootok module.
*/
#include <security/_pam_aconf.h>
#include <stdio.h>
#include <stdlib.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <unistd.h>
#include <syslog.h>
#include <stdarg.h>
#include <string.h>
#include <pwd.h>
#include <grp.h>
#ifdef DEBUG
#include <assert.h>
#endif
/*
* here, we make a definition for the externally accessible function
* in this file (this definition is required for static a module
* but strongly encouraged generally) it is used to instruct the
* modules include file to define the function prototypes.
*/
#define PAM_SM_AUTH
#define PAM_SM_ACCOUNT
#define PAM_SM_PASWORD
#define PAM_SM_SESSION
#define PAM_SM_CHAUTHTOK
#include <security/pam_modules.h>
#include <security/_pam_macros.h>
/* some syslogging */
#define LOCAL_LOG_PREFIX "PAM-listfile: "
static void _pam_log(int err, const char *format, ...)
{
va_list args;
va_start(args, format);
vsyslog(LOG_AUTH | err, format, args);
va_end(args);
}
/* --- authentication management functions (only) --- */
/* Extended Items that are not directly available via pam_get_item() */
#define EI_GROUP (1 << 0)
#define EI_SHELL (1 << 1)
/* Constants for apply= parameter */
#define APPLY_TYPE_NULL 0
#define APPLY_TYPE_NONE 1
#define APPLY_TYPE_USER 2
#define APPLY_TYPE_GROUP 3
#define LESSER(a, b) ((a) < (b) ? (a) : (b))
PAM_EXTERN
int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char
**argv)
{
/* main authentication code. Is called by all of the pam_sm_* modules
*
* psuedocode
*
* get the rhost
* (void) pam_get_item(pamh, PAM_RHOST, (const void **)&service);
* get the ip from the server's default dns
* switch on the first byte of the ip
* case 10 => return PAM_SUCCESS
* case 168
* switch on second byte
* case 192 => return PAM_SUCCESS
* default => return PAM_AUTH_ERR
* case 172
* switch on second byte
* case 16 => return PAM_SUCCESS
* case 17 => return PAM_SUCCESS
* case 18 => return PAM_SUCCESS
* case 19 => return PAM_SUCCESS
* case 20 => return PAM_SUCCESS
* case 21 => return PAM_SUCCESS
* case 22 => return PAM_SUCCESS
* case 23 => return PAM_SUCCESS
* case 24 => return PAM_SUCCESS
* case 25 => return PAM_SUCCESS
* case 26 => return PAM_SUCCESS
* case 27 => return PAM_SUCCESS
* case 28 => return PAM_SUCCESS
* case 29 => return PAM_SUCCESS
* case 30 => return PAM_SUCCESS
* case 31 => return PAM_SUCCESS
* DEFAULT => return PAM_AUTH_ERR
* deafult=> return PAM_AUTH_ERR
*/
}
PAM_EXTERN
int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv)
{
return PAM_SUCCESS;
}
PAM_EXTERN
int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc,
const char **argv)
{
return pam_sm_authenticate(pamh, flags, argc, argv);
}
PAM_EXTERN
int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc,
const char **argv)
{
return pam_sm_authenticate(pamh, flags, argc, argv);
}
PAM_EXTERN
int pam_sm_close_session(pam_handle_t *pamh, int flags, int argc,
const char **argv)
{
return pam_sm_authenticate(pamh, flags, argc, argv);
}
PAM_EXTERN
int pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc,
const char **argv)
{
return pam_sm_authenticate(pamh, flags, argc, argv);
}
#ifdef PAM_STATIC
/* static module data */
struct pam_module _pam_listfile_modstruct = {
"pam_listfile",
pam_sm_authenticate,
pam_sm_setcred,
pam_sm_acct_mgmt,
pam_sm_open_session,
pam_sm_close_session,
pam_sm_chauthtok,
};
#endif /* PAM_STATIC */
/* end of module definition */
