* libmisc/non_interactive_pam_conv.c,

libmisc/pam_pass_non_interractive.c, libmisc/Makefile.am: Renamed. * libmisc/pam_pass_non_interractive.c, lib/prototypes.h: non_interactive_password and non_interactive_pam_conv do not need to be externally visible. * libmisc/pam_pass_non_interractive.c: Added declaration of ni_conv. * libmisc/pam_pass_non_interractive.c: Only compile ifdef USE_PAM. * libmisc/pam_pass_non_interractive.c, lib/prototypes.h: Added do_pam_passwd_non_interractive(). * src/chpasswd.c: Use do_pam_passwd_non_interractive().
2009-05-09 13:15:25 +00:00
parent 19b672c3a4
commit d1534c53f7
5 changed files with 70 additions and 37 deletions
--- a/libmisc/Makefile.am
+++ b/libmisc/Makefile.am
@@ -38,9 +38,9 @@ libmisc_a_SOURCES = \
 	mail.c \
 	motd.c \
 	myname.c \
-	non_interactive_pam_conv.c \
 	obscure.c \
 	pam_pass.c \
+	pam_pass_non_interractive.c \
 	pwd2spwd.c \
 	pwdcheck.c \
 	pwd_init.c \
--- a/libmisc/pam_pass_non_interractive.c
+++ b/libmisc/pam_pass_non_interractive.c
@@ -31,6 +31,7 @@

 #ident "$Id:$"

+#ifdef USE_PAM
 #include <assert.h>
 #include <string.h>
 #include <stdio.h>
@@ -38,13 +39,23 @@
 #include <security/pam_appl.h>
 #include "prototypes.h"

-/*@null@*/ /*@only@*/char *non_interactive_password = NULL;
+/*@null@*/ /*@only@*/static char *non_interactive_password = NULL;
+static int ni_conv (int num_msg,
+                    const struct pam_message **msg,
+                    struct pam_response **resp,
+                    unused void *appdata_ptr);
+static struct pam_conv non_interactive_pam_conv = {
+	ni_conv,
+	NULL
+};
+


 static int ni_conv (int num_msg,
                    const struct pam_message **msg,
                    struct pam_response **resp,
-                    unused void *appdata_ptr) {
+                    unused void *appdata_ptr)
+{
 	struct pam_response *responses;
 	int count;

@@ -117,8 +128,38 @@ failed_conversation:
 	return PAM_CONV_ERR;
 }

-struct pam_conv non_interactive_pam_conv = {
-	ni_conv,
-	NULL
-};

+/*
+ * Change non interactively the user's password using PAM.
+ *
+ * Return 0 on success, 1 on failure.
+ */
+int do_pam_passwd_non_interractive (const char *pam_service,
+                                    const char *username,
+                                    const char* password)
+{
+	pam_handle_t *pamh = NULL;
+	int ret;
+
+	ret = pam_start (pam_service, username, &non_interactive_pam_conv, &pamh);
+	if (ret != PAM_SUCCESS) {
+		fprintf (stderr,
+		         _("%s: (user %s) pam_start failure %d\n"),
+		         Prog, username, ret);
+		return 1;
+	}
+
+	non_interactive_password = password;
+	ret = pam_chauthtok (pamh, 0);
+	if (ret != PAM_SUCCESS) {
+		fprintf (stderr,
+		         _("%s: (user %s) pam_chauthtok() failed, error:\n"
+		           "%s\n"),
+		         Prog, username, pam_strerror (pamh, ret));
+	}
+
+	(void) pam_end (pamh, PAM_SUCCESS);
+}
+#else				/* !USE_PAM */
+extern int errno;		/* warning: ANSI C forbids an empty source file */
+#endif				/* !USE_PAM */