|
@ -17,119 +17,124 @@ |
|
|
|
|
|
|
|
|
#include <stdio.h> |
|
|
#include <stdio.h> |
|
|
#include <unistd.h> |
|
|
#include <unistd.h> |
|
|
|
|
|
#include <string.h> |
|
|
|
|
|
#include <getopt.h> |
|
|
#include "conf.h" |
|
|
#include "conf.h" |
|
|
#include "log.h" |
|
|
#include "log.h" |
|
|
#include "device.h" |
|
|
#include "device.h" |
|
|
#include "local.h" |
|
|
#include "local.h" |
|
|
|
|
|
|
|
|
static void pusb_check_conf_dump(t_pusb_options *opts) |
|
|
|
|
|
|
|
|
static void pusb_check_conf_dump(t_pusb_options *opts, const char *username, |
|
|
|
|
|
const char *service) |
|
|
{ |
|
|
{ |
|
|
fprintf(stdout, "Configuration dump:\n"); |
|
|
|
|
|
fprintf(stdout, "enable\t\t\t: %s\n", opts->enable ? "true" : "false"); |
|
|
|
|
|
fprintf(stdout, "debug\t\t\t: %s\n", opts->debug ? "true" : "false"); |
|
|
|
|
|
fprintf(stdout, "quiet\t\t\t: %s\n", opts->quiet ? "true" : "false"); |
|
|
|
|
|
fprintf(stdout, "color_log\t\t: %s\n", opts->color_log ? "true" : "false"); |
|
|
|
|
|
fprintf(stdout, "one_time_pad\t\t: %s\n", |
|
|
|
|
|
opts->one_time_pad ? "true" : "false"); |
|
|
|
|
|
fprintf(stdout, "probe_timeout\t\t: %d\n", opts->probe_timeout); |
|
|
|
|
|
fprintf(stdout, "hostname\t\t: %s\n", opts->hostname); |
|
|
|
|
|
fprintf(stdout, "system_pad_directory\t: %s\n", |
|
|
|
|
|
opts->system_pad_directory); |
|
|
|
|
|
fprintf(stdout, "device_pad_directory\t: %s\n", |
|
|
|
|
|
opts->device_pad_directory); |
|
|
|
|
|
|
|
|
fprintf(stdout, "Configuration dump for user %s (service: %s):\n", |
|
|
|
|
|
username, service); |
|
|
|
|
|
fprintf(stdout, "enable\t\t\t: %s\n", opts->enable ? "true" : "false"); |
|
|
|
|
|
fprintf(stdout, "debug\t\t\t: %s\n", opts->debug ? "true" : "false"); |
|
|
|
|
|
fprintf(stdout, "quiet\t\t\t: %s\n", opts->quiet ? "true" : "false"); |
|
|
|
|
|
fprintf(stdout, "color_log\t\t: %s\n", opts->color_log ? "true" : "false"); |
|
|
|
|
|
fprintf(stdout, "one_time_pad\t\t: %s\n", |
|
|
|
|
|
opts->one_time_pad ? "true" : "false"); |
|
|
|
|
|
fprintf(stdout, "probe_timeout\t\t: %d\n", opts->probe_timeout); |
|
|
|
|
|
fprintf(stdout, "hostname\t\t: %s\n", opts->hostname); |
|
|
|
|
|
fprintf(stdout, "system_pad_directory\t: %s\n", |
|
|
|
|
|
opts->system_pad_directory); |
|
|
|
|
|
fprintf(stdout, "device_pad_directory\t: %s\n", |
|
|
|
|
|
opts->device_pad_directory); |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
static int pusb_check_perform_authentication(t_pusb_options *opts, |
|
|
|
|
|
const char *user, |
|
|
|
|
|
const char *service) |
|
|
|
|
|
|
|
|
static int pusb_check_perform_authentication(t_pusb_options *opts, |
|
|
|
|
|
const char *user, |
|
|
|
|
|
const char *service) |
|
|
{ |
|
|
{ |
|
|
int retval; |
|
|
|
|
|
|
|
|
int retval; |
|
|
|
|
|
|
|
|
if (!opts->enable) |
|
|
|
|
|
{ |
|
|
|
|
|
log_debug("Not enabled, exiting...\n"); |
|
|
|
|
|
return (0); |
|
|
|
|
|
} |
|
|
|
|
|
log_info("Authentication request for user \"%s\" (%s)\n", |
|
|
|
|
|
user, service); |
|
|
|
|
|
if (!pusb_local_login(opts, user)) |
|
|
|
|
|
{ |
|
|
|
|
|
log_error("Access denied.\n"); |
|
|
|
|
|
return (0); |
|
|
|
|
|
} |
|
|
|
|
|
retval = pusb_device_check(opts, user); |
|
|
|
|
|
if (retval) |
|
|
|
|
|
log_info("Access granted.\n"); |
|
|
|
|
|
else |
|
|
|
|
|
log_error("Access denied.\n"); |
|
|
|
|
|
return (retval); |
|
|
|
|
|
|
|
|
if (!opts->enable) |
|
|
|
|
|
{ |
|
|
|
|
|
log_debug("Not enabled, exiting...\n"); |
|
|
|
|
|
return (0); |
|
|
|
|
|
} |
|
|
|
|
|
log_info("Authentication request for user \"%s\" (%s)\n", |
|
|
|
|
|
user, service); |
|
|
|
|
|
if (!pusb_local_login(opts, user)) |
|
|
|
|
|
{ |
|
|
|
|
|
log_error("Access denied.\n"); |
|
|
|
|
|
return (0); |
|
|
|
|
|
} |
|
|
|
|
|
retval = pusb_device_check(opts, user); |
|
|
|
|
|
if (retval) |
|
|
|
|
|
log_info("Access granted.\n"); |
|
|
|
|
|
else |
|
|
|
|
|
log_error("Access denied.\n"); |
|
|
|
|
|
return (retval); |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
static void pusb_check_usage(const char *name) |
|
|
|
|
|
|
|
|
static void pusb_check_usage(const char *name) |
|
|
{ |
|
|
{ |
|
|
fprintf(stderr, "Usage: %s [-c <config file>] -u <username> -s <service>" \ |
|
|
|
|
|
" [options]\n", name); |
|
|
|
|
|
fprintf(stderr, "-u and -s are mandatory\n"); |
|
|
|
|
|
fprintf(stderr, "Options can be one or more of the followings:\n"); |
|
|
|
|
|
fprintf(stderr, "\t-a Authenticate: Try to authenticate the user\n"); |
|
|
|
|
|
fprintf(stderr, "\t-d Dump: Parse and dump the settings\n"); |
|
|
|
|
|
fprintf(stderr, "\t-q Quiet: Silent mode\n"); |
|
|
|
|
|
|
|
|
fprintf(stderr, "Usage: %s [--help] [--config=path] [--service=name] [--dump] [--quiet]" \ |
|
|
|
|
|
" <username>\n", name); |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
int main(int argc, char **argv) |
|
|
|
|
|
|
|
|
int main(int argc, char **argv) |
|
|
{ |
|
|
{ |
|
|
t_pusb_options opts; |
|
|
|
|
|
char *conf_file = PUSB_CONF_FILE; |
|
|
|
|
|
int quiet = 0; |
|
|
|
|
|
char *user = NULL; |
|
|
|
|
|
char *service = NULL; |
|
|
|
|
|
int opt; |
|
|
|
|
|
int mode = 0; |
|
|
|
|
|
extern char *optarg; |
|
|
|
|
|
|
|
|
t_pusb_options opts; |
|
|
|
|
|
char *conf_file = PUSB_CONF_FILE; |
|
|
|
|
|
char *service = "pamusb-check"; |
|
|
|
|
|
char *user = NULL; |
|
|
|
|
|
int quiet = 0; |
|
|
|
|
|
int dump = 0; |
|
|
|
|
|
int opt; |
|
|
|
|
|
int opt_index = 0; |
|
|
|
|
|
extern char *optarg; |
|
|
|
|
|
char *short_options = "hc:s:dq"; |
|
|
|
|
|
struct option long_options[] = { |
|
|
|
|
|
{ "help", 0, 0, 0}, |
|
|
|
|
|
{ "config", 1, 0, 0}, |
|
|
|
|
|
{ "service", 1, 0, 0}, |
|
|
|
|
|
{ "dump", 0, &dump, 1 }, |
|
|
|
|
|
{ "quiet", 0, &quiet, 1}, |
|
|
|
|
|
{ 0, 0, 0, 0} |
|
|
|
|
|
}; |
|
|
|
|
|
|
|
|
while ((opt = getopt(argc, argv, "u:s:c:qad")) != EOF) |
|
|
|
|
|
{ |
|
|
|
|
|
switch (opt) |
|
|
|
|
|
|
|
|
while ((opt = getopt_long(argc, argv, short_options, long_options, |
|
|
|
|
|
&opt_index)) != EOF) |
|
|
|
|
|
{ |
|
|
|
|
|
if (opt == 'h' || (!opt && !strcmp(long_options[opt_index].name, "help"))) |
|
|
|
|
|
{ |
|
|
|
|
|
pusb_check_usage(argv[0]); |
|
|
|
|
|
return (1); |
|
|
|
|
|
} |
|
|
|
|
|
else if (opt == 'c' || (!opt && !strcmp(long_options[opt_index].name, "config"))) |
|
|
|
|
|
conf_file = optarg; |
|
|
|
|
|
else if (opt == 's' || (!opt && !strcmp(long_options[opt_index].name, "service"))) |
|
|
|
|
|
service = optarg; |
|
|
|
|
|
else if (opt == '?') |
|
|
|
|
|
{ |
|
|
|
|
|
pusb_check_usage(argv[0]); |
|
|
|
|
|
return (1); |
|
|
|
|
|
} |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
if ((argc - 1) == optind) |
|
|
|
|
|
user = argv[optind]; |
|
|
|
|
|
else |
|
|
|
|
|
{ |
|
|
|
|
|
pusb_check_usage(argv[0]); |
|
|
|
|
|
return (1); |
|
|
|
|
|
} |
|
|
|
|
|
pusb_conf_init(&opts); |
|
|
|
|
|
if (!pusb_conf_parse(conf_file, &opts, user, service)) |
|
|
|
|
|
return (1); |
|
|
|
|
|
if (quiet) |
|
|
|
|
|
{ |
|
|
|
|
|
opts.quiet = 1; |
|
|
|
|
|
opts.debug = 0; |
|
|
|
|
|
} |
|
|
|
|
|
pusb_log_init(&opts); |
|
|
|
|
|
if (dump) |
|
|
{ |
|
|
{ |
|
|
case 'u': |
|
|
|
|
|
user = optarg; |
|
|
|
|
|
break; |
|
|
|
|
|
case 's': |
|
|
|
|
|
service = optarg; |
|
|
|
|
|
break; |
|
|
|
|
|
case 'c': |
|
|
|
|
|
conf_file = optarg; |
|
|
|
|
|
break; |
|
|
|
|
|
case 'q': |
|
|
|
|
|
quiet = 1; |
|
|
|
|
|
break; |
|
|
|
|
|
case 'a': |
|
|
|
|
|
mode = 1; |
|
|
|
|
|
break; |
|
|
|
|
|
case 'd': |
|
|
|
|
|
mode = 2; |
|
|
|
|
|
break; |
|
|
|
|
|
default: |
|
|
|
|
|
break; |
|
|
|
|
|
|
|
|
pusb_check_conf_dump(&opts, user, service); |
|
|
|
|
|
return (1); |
|
|
} |
|
|
} |
|
|
} |
|
|
|
|
|
if (!user || !service || !mode) |
|
|
|
|
|
{ |
|
|
|
|
|
pusb_check_usage(argv[0]); |
|
|
|
|
|
return (1); |
|
|
|
|
|
} |
|
|
|
|
|
pusb_conf_init(&opts); |
|
|
|
|
|
if (!pusb_conf_parse(conf_file, &opts, user, service)) |
|
|
|
|
|
return (1); |
|
|
|
|
|
if (quiet) |
|
|
|
|
|
{ |
|
|
|
|
|
opts.quiet = 1; |
|
|
|
|
|
opts.debug = 0; |
|
|
|
|
|
} |
|
|
|
|
|
pusb_log_init(&opts); |
|
|
|
|
|
if (mode == 1) |
|
|
|
|
|
return (!pusb_check_perform_authentication(&opts, user, service)); |
|
|
|
|
|
else if (mode == 2) |
|
|
|
|
|
pusb_check_conf_dump(&opts); |
|
|
|
|
|
return (0); |
|
|
|
|
|
|
|
|
return (!pusb_check_perform_authentication(&opts, user, service)); |
|
|
} |
|
|
} |