OpenBSD non-PAM lokker authentication.

Reviewers: ManMower, zmike! Subscribers: raster, ManMower, cedric Differential Revision: https://phab.enlightenment.org/D4204
2016-09-08 10:06:51 -04:00 · 2016-09-08 10:06:51 -04:00 · fddcaa43c4
parent adfa905e09
commit fddcaa43c4
3 changed files with 97 additions and 3 deletions
--- a/src/bin/e_auth.c
+++ b/src/bin/e_auth.c
@ -1,6 +1,6 @@
 #include "e.h"

-#if defined(HAVE_PAM) && !defined(__FreeBSD__)
+#if defined(HAVE_PAM) && !defined(__FreeBSD__)  && !defined(__OpenBSD__)
 # include <security/pam_appl.h>
 # include <pwd.h>

@ -128,7 +128,7 @@ _auth_pam_init(E_Auth *da)
   free(current_host);
   return 0;
 }
-#endif  // HAVE_PAM && !__FreeBSD__
+#endif  // HAVE_PAM && !__FreeBSD__ && !_OpenBSD__

 E_API int
 #if defined(__FreeBSD__)
@ -165,6 +165,41 @@ out:

   return ret;
 }
+#elif defined(__OpenBSD__)
+e_auth_begin(char *passwd)
+{
+   char exe_path[PATH_MAX], *p;
+   Ecore_Exe *exe = NULL;
+   int ret = 0;
+   int len = strlen(passwd);
+
+   if (len == 0) goto out;
+
+   snprintf(exe_path, sizeof(exe_path), "%s/enlightenment/utils/enlightenment_sys -z",
+            e_prefix_lib_get());
+
+   exe = ecore_exe_pipe_run(exe_path, ECORE_EXE_PIPE_WRITE, NULL);
+   if (!exe) goto out;
+   if (ecore_exe_send(exe, passwd, len) != EINA_TRUE) goto out;
+   if (ecore_exe_send(exe, "\n", 1) != EINA_TRUE) goto out;
+   ecore_exe_close_stdin(exe);
+
+   ret = ecore_exe_pid_get(exe);
+   if (ret == -1)
+     {
+       ret = 0;
+       goto out;
+     }
+ 
+   exe = NULL;
+out:
+   if (exe) ecore_exe_free(exe);
+
+   for (p = passwd; *p; p++)
+     *p = 0;
+
+   return ret;
+}
 #elif defined(HAVE_PAM)
 e_auth_begin(char *passwd)
 {
--- a/src/bin/e_desklock.c
+++ b/src/bin/e_desklock.c
@ -259,7 +259,7 @@ e_desklock_show(Eina_Bool suspend)
        return 1;
     }

-#ifndef HAVE_PAM
+#if ! defined(HAVE_PAM) && ! defined(__OpenBSD__)
   if (e_desklock_is_system())
     {
        e_util_dialog_show(_("Error - no PAM support"),
--- a/src/bin/e_sys_main.c
+++ b/src/bin/e_sys_main.c
@ -49,6 +49,56 @@ static int       auth_etc_enlightenment_sysactions(char *a,
 static void      auth_etc_enlightenment_sysactions_perm(char *path);
 static char     *get_word(char *s,
                          char *d);
+#if defined(__OpenBSD__)
+
+static void
+_exit_backoff(void)
+{
+   sleep(3);
+   exit(1 << 7);
+}
+
+static int
+_check_auth(const char *guess)
+{
+   struct passwd *pw_ent;
+   uid_t uid = getuid();
+
+   pw_ent = getpwuid_shadow(uid);
+   if (!pw_ent)
+     _exit_backoff();
+
+   return crypt_checkpass(guess, pw_ent->pw_passwd);
+}
+
+static int
+auth_generic_enlightenment_desklock(void)
+{
+   char buf[4096];
+   char byte[1];
+   int res = -1;
+   int i = 0;
+
+   while (read(STDIN_FILENO, byte, sizeof(byte)) > 0)
+     {
+        if (byte[0] == '\n') break;
+        buf[i++] = byte[0];
+        if (i == sizeof(buf) -1) break;
+     }
+
+   buf[i] = '\0';
+
+   if (!i)
+     _exit_backoff();
+
+   res = _check_auth(buf);
+
+   if (res) _exit_backoff();
+
+   return res;
+}
+
+#endif

 /* local subsystem globals */
 static Eina_Hash *actions = NULL;
@ -82,6 +132,15 @@ main(int argc,
             exit(0);
          }
     }
+#if defined(__OpenBSD__)
+   if (argc >= 2)
+     {
+        if (!strcmp(argv[1], "-z"))
+          {
+             exit(auth_generic_enlightenment_desklock());
+          }
+     }
+#endif
   if (argc >= 3)
     {
        if ((argc == 3) && (!strcmp(argv[1], "-t")))