Browse Source

Added options for timeout and one time pad paths

master
Andrea Luzzardi 18 years ago
parent
commit
d868e50c11
9 changed files with 88 additions and 25 deletions
  1. +1
    -1
      pam_usb/src/Makefile
  2. +9
    -0
      pam_usb/src/conf.c
  3. +3
    -0
      pam_usb/src/conf.h
  4. +13
    -1
      pam_usb/src/conf.xml
  5. +4
    -10
      pam_usb/src/device.c
  6. +10
    -8
      pam_usb/src/otp.c
  7. +8
    -5
      pam_usb/src/test.c
  8. +34
    -0
      pam_usb/src/xpath.c
  9. +6
    -0
      pam_usb/src/xpath.h

+ 1
- 1
pam_usb/src/Makefile View File

@ -4,7 +4,7 @@ SRC = test.c \
xpath.c \ xpath.c \
hal.c \ hal.c \
otp.c \ otp.c \
device.c drive.c
device.c
OBJ = $(SRC:.c=.o) OBJ = $(SRC:.c=.o)
NAME = test NAME = test
CC = gcc CC = gcc


+ 9
- 0
pam_usb/src/conf.c View File

@ -28,6 +28,10 @@ static void pusb_conf_options_get_from(t_pusb_options *opts,
{ {
pusb_xpath_get_string_from(doc, from, "option[@name='hostname']", pusb_xpath_get_string_from(doc, from, "option[@name='hostname']",
opts->hostname, sizeof(opts->hostname)); opts->hostname, sizeof(opts->hostname));
pusb_xpath_get_string_from(doc, from, "option[@name='system_otp_directory']",
opts->system_otp_directory, sizeof(opts->system_otp_directory));
pusb_xpath_get_string_from(doc, from, "option[@name='device_otp_directory']",
opts->device_otp_directory, sizeof(opts->device_otp_directory));
pusb_xpath_get_bool_from(doc, from, "option[@name='debug']", pusb_xpath_get_bool_from(doc, from, "option[@name='debug']",
&(opts->debug)); &(opts->debug));
pusb_xpath_get_bool_from(doc, from, "option[@name='enable']", pusb_xpath_get_bool_from(doc, from, "option[@name='enable']",
@ -36,6 +40,8 @@ static void pusb_conf_options_get_from(t_pusb_options *opts,
&(opts->try_otp)); &(opts->try_otp));
pusb_xpath_get_bool_from(doc, from, "option[@name='enforce_otp']", pusb_xpath_get_bool_from(doc, from, "option[@name='enforce_otp']",
&(opts->enforce_otp)); &(opts->enforce_otp));
pusb_xpath_get_int_from(doc, from, "option[@name='probe_timeout']",
&(opts->probe_timeout));
} }
static int pusb_conf_parse_options(t_pusb_options *opts, static int pusb_conf_parse_options(t_pusb_options *opts,
@ -118,6 +124,9 @@ int pusb_conf_init(t_pusb_options *opts)
log_error("gethostname: %s\n", strerror(errno)); log_error("gethostname: %s\n", strerror(errno));
return (0); return (0);
} }
strcpy(opts->system_otp_directory, "./");
strcpy(opts->device_otp_directory, ".auth");
opts->probe_timeout = 10;
opts->enable = 1; opts->enable = 1;
opts->try_otp = 1; opts->try_otp = 1;
opts->enforce_otp = 0; opts->enforce_otp = 0;


+ 3
- 0
pam_usb/src/conf.h View File

@ -32,11 +32,14 @@ typedef struct pusb_device
typedef struct pusb_options typedef struct pusb_options
{ {
int probe_timeout;
int enable; int enable;
int try_otp; int try_otp;
int enforce_otp; int enforce_otp;
int debug; int debug;
char hostname[32]; char hostname[32];
char system_otp_directory[128];
char device_otp_directory[32];
t_pusb_device device; t_pusb_device device;
} t_pusb_options; } t_pusb_options;


+ 13
- 1
pam_usb/src/conf.xml View File

@ -4,23 +4,35 @@
<option name="debug">true</option> <option name="debug">true</option>
<option name="try_otp">true</option> <option name="try_otp">true</option>
<option name="enforce_otp">false</option> <option name="enforce_otp">false</option>
<option name="probe_timeout">10</option>
<!-- <option name="system_otp_directory">.</option>
<option name="device_otp_directory">.auth</option> -->
</defaults> </defaults>
<devices> <devices>
<device id="foobar"> <device id="foobar">
<vendor>SanDisk</vendor>
<model>Cruzer Titanium</model>
<serial>SanDisk_Cruzer_Titanium_SNDKB882652FC4A03701</serial>
</device>
</devices>
<devices>
<device id="foobar2">
<vendor>SanDisk Corp.</vendor> <vendor>SanDisk Corp.</vendor>
<model>Cruzer Titanium</model> <model>Cruzer Titanium</model>
<serial>SNDKB882652FC4A03701</serial> <serial>SNDKB882652FC4A03701</serial>
</device> </device>
</devices> </devices>
<users> <users>
<user id="scox"> <user id="scox">
<device>foobar</device> <device>foobar</device>
</user> </user>
<user id="root"> <user id="root">
<device>foobar</device>
<device>foobar2</device>
<option name="enforce_otp">true</option> <option name="enforce_otp">true</option>
</user> </user>
</users> </users>


+ 4
- 10
pam_usb/src/device.c View File

@ -15,6 +15,8 @@
* Place, Suite 330, Boston, MA 02111-1307 USA * Place, Suite 330, Boston, MA 02111-1307 USA
*/ */
#include <unistd.h>
#include <string.h>
#include <libhal-storage.h> #include <libhal-storage.h>
#include "conf.h" #include "conf.h"
#include "hal.h" #include "hal.h"
@ -34,12 +36,8 @@ LibHalDrive *pusb_device_get_storage(t_pusb_options *opts, LibHalContext *ctx,
"info.parent", udi, "info.parent", udi,
"info.bus", "usb", "info.bus", "usb",
NULL))) NULL)))
{
printf("loop\n");
usleep(250000);
}
printf("phydev: %s\n", phy_udi);
maxloop = (10000000 / 250000);
usleep(250000);
maxloop = ((opts->probe_timeout * 1000000) / 250000);
while (maxloop > 0 && while (maxloop > 0 &&
(!(storage_udi = pusb_hal_find_item(ctx, (!(storage_udi = pusb_hal_find_item(ctx,
"storage.physical_device", phy_udi, "storage.physical_device", phy_udi,
@ -48,17 +46,13 @@ LibHalDrive *pusb_device_get_storage(t_pusb_options *opts, LibHalContext *ctx,
{ {
if (storage_udi) if (storage_udi)
libhal_free_string(storage_udi); libhal_free_string(storage_udi);
printf("loop\n");
printf("maxloop: %d\n", maxloop);
--maxloop; --maxloop;
usleep(250000); usleep(250000);
} }
printf("blockdev: %s\n", storage_udi);
libhal_free_string(phy_udi); libhal_free_string(phy_udi);
if (storage_udi) if (storage_udi)
{ {
drive = libhal_drive_from_udi(ctx, storage_udi); drive = libhal_drive_from_udi(ctx, storage_udi);
printf("%s\n", storage_udi);
libhal_free_string(storage_udi); libhal_free_string(storage_udi);
} }
return (drive); return (drive);


+ 10
- 8
pam_usb/src/otp.c View File

@ -66,7 +66,7 @@ static LibHalVolume *pusb_otp_find_volume(t_pusb_options *opts, LibHalContext *c
} }
static FILE *pusb_otp_open_device(t_pusb_options *opts, LibHalVolume *volume, static FILE *pusb_otp_open_device(t_pusb_options *opts, LibHalVolume *volume,
const char *mode)
const char *mode)
{ {
FILE *f; FILE *f;
char *path; char *path;
@ -76,7 +76,7 @@ static FILE *pusb_otp_open_device(t_pusb_options *opts, LibHalVolume *volume,
mnt_point = (char *)libhal_volume_get_mount_point(volume); mnt_point = (char *)libhal_volume_get_mount_point(volume);
if (!mnt_point) if (!mnt_point)
return (NULL); return (NULL);
path_size = strlen(mnt_point) + 1 + strlen(".auth") + 1 + \
path_size = strlen(mnt_point) + 1 + strlen(opts->device_otp_directory) + 1 + \
strlen(opts->hostname) + strlen(".otp") + 1; strlen(opts->hostname) + strlen(".otp") + 1;
if (!(path = malloc(path_size))) if (!(path = malloc(path_size)))
{ {
@ -84,8 +84,8 @@ static FILE *pusb_otp_open_device(t_pusb_options *opts, LibHalVolume *volume,
return (NULL); return (NULL);
} }
memset(path, 0x00, path_size); memset(path, 0x00, path_size);
snprintf(path, path_size, "%s/.auth/%s.otp", mnt_point,
opts->hostname);
snprintf(path, path_size, "%s/%s/%s.otp", mnt_point,
opts->device_otp_directory, opts->hostname);
f = fopen(path, mode); f = fopen(path, mode);
free(path); free(path);
if (!f) if (!f)
@ -102,14 +102,16 @@ static FILE *pusb_otp_open_system(t_pusb_options *opts, const char *mode)
char *path; char *path;
size_t path_size; size_t path_size;
path_size = strlen(".") + 1 + strlen(opts->device.serial) + strlen(".otp") + 1;
path_size = strlen(opts->system_otp_directory) + 1 +
strlen(opts->device.serial) + strlen(".otp") + 1;
if (!(path = malloc(path_size))) if (!(path = malloc(path_size)))
{ {
log_error("malloc error\n"); log_error("malloc error\n");
return (NULL); return (NULL);
} }
memset(path, 0x00, path_size); memset(path, 0x00, path_size);
snprintf(path, path_size, "%s/%s.otp", ".", opts->device.serial);
snprintf(path, path_size, "%s/%s.otp", opts->system_otp_directory,
opts->device.serial);
f = fopen(path, mode); f = fopen(path, mode);
free(path); free(path);
if (!f) if (!f)
@ -181,10 +183,10 @@ int pusb_otp_check(t_pusb_options *opts, LibHalContext *ctx,
int maxtries; int maxtries;
int i; int i;
maxtries = (10000000 / 250000);
maxtries = ((opts->probe_timeout * 1000000) / 250000);
for (i = 0; i < maxtries; ++i) for (i = 0; i < maxtries; ++i)
{ {
printf("Waiting for volumes...\n");
log_debug("Waiting volumes...\n");
volume = pusb_otp_find_volume(opts, ctx, drive); volume = pusb_otp_find_volume(opts, ctx, drive);
if (volume) if (volume)
break; break;


+ 8
- 5
pam_usb/src/test.c View File

@ -22,11 +22,14 @@
static void pusb_dump_conf(t_pusb_options *opts) static void pusb_dump_conf(t_pusb_options *opts)
{ {
printf("\nConfiguration dump:\n"); printf("\nConfiguration dump:\n");
printf("enable:\t\t%d\n", opts->enable);
printf("try_otp:\t%d\n", opts->try_otp);
printf("enforce_otp:\t%d\n", opts->enforce_otp);
printf("debug:\t\t%d\n", opts->debug);
printf("hostname:\t%s\n", opts->hostname);
printf("enable:\t\t\t%d\n", opts->enable);
printf("probe_timeout:\t\t%d\n", opts->probe_timeout);
printf("try_otp:\t\t%d\n", opts->try_otp);
printf("enforce_otp:\t\t%d\n", opts->enforce_otp);
printf("debug:\t\t\t%d\n", opts->debug);
printf("hostname:\t\t%s\n", opts->hostname);
printf("system_otp_directory:\t%s\n", opts->system_otp_directory);
printf("device_otp_directory:\t%s\n", opts->device_otp_directory);
} }
int main(int argc, char **argv) int main(int argc, char **argv)


+ 34
- 0
pam_usb/src/xpath.c View File

@ -150,3 +150,37 @@ int pusb_xpath_get_bool_from(xmlDocPtr doc,
log_debug("%s%s -> %s\n", base, path, *value ? "true" : "false"); log_debug("%s%s -> %s\n", base, path, *value ? "true" : "false");
return (retval); return (retval);
} }
int pusb_xpath_get_int(xmlDocPtr doc, const char *path, int *value)
{
char ret[64]; /* strlen("false") + 1 */
if (!pusb_xpath_get_string(doc, path, ret, sizeof(ret)))
return (0);
*value = atoi(ret);
return (1);
}
int pusb_xpath_get_int_from(xmlDocPtr doc,
const char *base,
const char *path,
int *value)
{
char *xpath = NULL;
size_t xpath_size;
int retval;
xpath_size = strlen(base) + strlen(path) + 1;
if (!(xpath = malloc(xpath_size)))
{
log_error("malloc error!\n");
return (0);
}
memset(xpath, 0x00, xpath_size);
snprintf(xpath, xpath_size, "%s%s", base, path);
retval = pusb_xpath_get_int(doc, xpath, value);
free(xpath);
if (retval)
log_debug("%s%s -> %d\n", base, path, *value);
return (retval);
}

+ 6
- 0
pam_usb/src/xpath.h View File

@ -26,4 +26,10 @@ int pusb_xpath_get_string_from(xmlDocPtr doc, const char *base,
const char *path, char *value, size_t size); const char *path, char *value, size_t size);
int pusb_xpath_get_bool_from(xmlDocPtr doc, const char *base, const char *path, int pusb_xpath_get_bool_from(xmlDocPtr doc, const char *base, const char *path,
int *value); int *value);
int pusb_xpath_get_int(xmlDocPtr doc, const char *path, int *value);
int pusb_xpath_get_int_from(xmlDocPtr doc,
const char *base,
const char *path,
int *value);
#endif /* !PUSB_XPATH_H_ */ #endif /* !PUSB_XPATH_H_ */

Loading…
Cancel
Save