|
|
- /*
- * Copyright (c) 2003-2007 Andrea Luzzardi <scox@sig11.org>
- *
- * This file is part of the pam_usb project. pam_usb is free software;
- * you can redistribute it and/or modify it under the terms of the GNU General
- * Public License version 2, as published by the Free Software Foundation.
- *
- * pam_usb is distributed in the hope that it will be useful, but WITHOUT ANY
- * WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
- * FOR A PARTICULAR PURPOSE. See the GNU General Public License for more
- * details.
- *
- * You should have received a copy of the GNU General Public License along with
- * this program; if not, write to the Free Software Foundation, Inc., 51 Franklin
- * Street, Fifth Floor, Boston, MA 02110-1301 USA
- */
-
- #include <stdio.h>
- #include <unistd.h>
- #include <string.h>
- #include <getopt.h>
- #include "conf.h"
- #include "log.h"
- #include "device.h"
- #include "local.h"
-
- static void pusb_check_conf_dump(t_pusb_options *opts, const char *username,
- const char *service)
- {
- fprintf(stdout, "Configuration dump for user %s (service: %s):\n",
- username, service);
- fprintf(stdout, "enable\t\t\t: %s\n", opts->enable ? "true" : "false");
- fprintf(stdout, "debug\t\t\t: %s\n", opts->debug ? "true" : "false");
- fprintf(stdout, "quiet\t\t\t: %s\n", opts->quiet ? "true" : "false");
- fprintf(stdout, "color_log\t\t: %s\n", opts->color_log ? "true" : "false");
- fprintf(stdout, "one_time_pad\t\t: %s\n",
- opts->one_time_pad ? "true" : "false");
- fprintf(stdout, "deny_remote\t\t: %s\n",
- opts->deny_remote ? "true" : "false");
- fprintf(stdout, "pad_expiration\t\t: %u seconds\n", (unsigned int)opts->pad_expiration);
- fprintf(stdout, "probe_timeout\t\t: %d seconds\n", (unsigned int)opts->probe_timeout);
- fprintf(stdout, "hostname\t\t: %s\n", opts->hostname);
- fprintf(stdout, "system_pad_directory\t: %s\n",
- opts->system_pad_directory);
- fprintf(stdout, "device_pad_directory\t: %s\n",
- opts->device_pad_directory);
- }
-
- static int pusb_check_perform_authentication(t_pusb_options *opts,
- const char *user,
- const char *service)
- {
- int retval;
-
- if (!opts->enable)
- {
- log_debug("Not enabled, exiting...\n");
- return (0);
- }
- log_info("Authentication request for user \"%s\" (%s)\n",
- user, service);
- if (!pusb_local_login(opts, user))
- {
- log_error("Access denied.\n");
- return (0);
- }
- retval = pusb_device_check(opts, user);
- if (retval)
- log_info("Access granted.\n");
- else
- log_error("Access denied.\n");
- return (retval);
- }
-
- static void pusb_check_usage(const char *name)
- {
- fprintf(stderr, "Usage: %s [--help] [--debug] [--config=path] [--service=name] [--dump] [--quiet] [--debug]" \
- " <username>\n", name);
- }
-
- int main(int argc, char **argv)
- {
- t_pusb_options opts;
- char *conf_file = PUSB_CONF_FILE;
- char *service = "pamusb-check";
- char *user = NULL;
- int quiet = 0;
- int dump = 0;
- int debug = 0;
- int opt;
- int opt_index = 0;
- extern char *optarg;
- char *short_options = "hc:s:dqD";
- struct option long_options[] = {
- { "help", 0, 0, 0 },
- { "config", 1, 0, 0 },
- { "service", 1, 0, 0 },
- { "dump", 0, 0, 0 },
- { "quiet", 0, 0, 0 },
- { "debug", 0, 0, 0 },
- { 0, 0, 0, 0 }
- };
-
- while ((opt = getopt_long(argc, argv, short_options, long_options,
- &opt_index)) != EOF)
- {
- if (opt == 'h' || (!opt && !strcmp(long_options[opt_index].name, "help")))
- {
- pusb_check_usage(argv[0]);
- return (1);
- }
- else if (opt == 'c' || (!opt && !strcmp(long_options[opt_index].name, "config")))
- conf_file = optarg;
- else if (opt == 's' || (!opt && !strcmp(long_options[opt_index].name, "service")))
- service = optarg;
- else if (opt == 'd' || (!opt && !strcmp(long_options[opt_index].name, "dump")))
- dump = 1;
- else if (opt == 'q' || (!opt && !strcmp(long_options[opt_index].name, "quiet")))
- quiet = 1;
- else if (opt == 'D' || (!opt && !strcmp(long_options[opt_index].name, "debug")))
- debug = 1;
- else if (opt == '?')
- {
- pusb_check_usage(argv[0]);
- return (1);
- }
- }
-
- if ((argc - 1) == optind)
- user = argv[optind];
- else
- {
- pusb_check_usage(argv[0]);
- return (1);
- }
-
- if (quiet && debug)
- {
- fprintf(stderr, "Error: You cannot use --quiet and --debug together.");
- return (1);
- }
-
- pusb_log_init(&opts);
- if (!pusb_conf_init(&opts))
- return (1);
- if (!pusb_conf_parse(conf_file, &opts, user, service))
- return (1);
- if (quiet)
- {
- opts.quiet = 1;
- opts.debug = 0;
- }
- else if (debug)
- {
- opts.quiet = 0;
- opts.debug = 1;
- }
- if (dump)
- {
- pusb_check_conf_dump(&opts, user, service);
- return (1);
- }
- return (!pusb_check_perform_authentication(&opts, user, service));
- }
|