diff options
| author | Christian Aistleitner <christian@quelltextlich.at> | 2016-06-05 12:46:56 +0200 |
|---|---|---|
| committer | Christian Aistleitner <christian@quelltextlich.at> | 2016-06-05 23:48:29 +0200 |
| commit | e84000f7b8b8fb8ae29f53f66dea488f904e0838 (patch) | |
| tree | 5f13682709817542d91e29a06791e657cdfe1ddf /src | |
| parent | a93247d32f79d4b354c4a9e15bf05d787610eb2c (diff) | |
| download | ngircd-e84000f7b8b8fb8ae29f53f66dea488f904e0838.tar.gz ngircd-e84000f7b8b8fb8ae29f53f66dea488f904e0838.zip | |
Add PAMServiceName setting to specify the used PAM configuration
This setting allows to run multiple ngIRCd instances with PAM configurations on each instance. If one sets it to "ngircd-foo", PAM will use `/etc/pam.d/ngircd-foo` instead of the default `/etc/pam.d/ngircd`.
Diffstat (limited to 'src')
| -rw-r--r-- | src/ngircd/conf.c | 8 | ||||
| -rw-r--r-- | src/ngircd/conf.h | 3 | ||||
| -rw-r--r-- | src/ngircd/defines.h | 3 | ||||
| -rw-r--r-- | src/ngircd/pam.c | 3 |
4 files changed, 16 insertions, 1 deletions
diff --git a/src/ngircd/conf.c b/src/ngircd/conf.c index 98a2c1d7..01ec3c09 100644 --- a/src/ngircd/conf.c +++ b/src/ngircd/conf.c @@ -419,6 +419,7 @@ Conf_Test( void ) #ifdef PAM printf(" PAM = %s\n", yesno_to_str(Conf_PAM)); printf(" PAMIsOptional = %s\n", yesno_to_str(Conf_PAMIsOptional)); + printf(" PAMServiceName = %s\n", Conf_PAMServiceName); #endif #ifndef STRICT_RFC printf(" RequireAuthPing = %s\n", yesno_to_str(Conf_AuthPing)); @@ -807,6 +808,7 @@ Set_Defaults(bool InitServers) Conf_PAM = false; #endif Conf_PAMIsOptional = false; + strcpy(Conf_PAMServiceName, "ngircd"); Conf_ScrubCTCP = false; #ifdef SYSLOG #ifdef LOG_LOCAL5 @@ -1833,6 +1835,12 @@ Handle_OPTIONS(const char *File, int Line, char *Var, char *Arg) Conf_PAMIsOptional = Check_ArgIsTrue(Arg); return; } + if (strcasecmp(Var, "PAMServiceName") == 0) { + len = strlcpy(Conf_PAMServiceName, Arg, sizeof(Conf_PAMServiceName)); + if (len >= sizeof(Conf_PAMServiceName)) + Config_Error_TooLong(File, Line, Var); + return; + } if (strcasecmp(Var, "PredefChannelsOnly") == 0) { /* * TODO: This section and support for "PredefChannelsOnly" diff --git a/src/ngircd/conf.h b/src/ngircd/conf.h index 70de20af..7203b86a 100644 --- a/src/ngircd/conf.h +++ b/src/ngircd/conf.h @@ -203,6 +203,9 @@ GLOBAL bool Conf_PAM; /** Don't require all clients to send a password an to be PAM authenticated */ GLOBAL bool Conf_PAMIsOptional; +/** The service name to use for PAM */ +GLOBAL char Conf_PAMServiceName[MAX_PAM_SERVICE_NAME_LEN]; + /** Disable all CTCP commands except for /me ? */ GLOBAL bool Conf_ScrubCTCP; diff --git a/src/ngircd/defines.h b/src/ngircd/defines.h index 6bea174e..f2666905 100644 --- a/src/ngircd/defines.h +++ b/src/ngircd/defines.h @@ -61,6 +61,9 @@ /** Size of default connection pool. */ #define CONNECTION_POOL 100 +/** Size of buffer for PAM service name. */ +#define MAX_PAM_SERVICE_NAME_LEN 64 + /* Hard-coded (default) options */ diff --git a/src/ngircd/pam.c b/src/ngircd/pam.c index d2a8a54e..4e47ddb1 100644 --- a/src/ngircd/pam.c +++ b/src/ngircd/pam.c @@ -32,6 +32,7 @@ #include "log.h" #include "conn.h" #include "client.h" +#include "conf.h" #include "pam.h" @@ -101,7 +102,7 @@ PAM_Authenticate(CLIENT *Client) { conv.appdata_ptr = Conn_Password(Client_Conn(Client)); /* Initialize PAM */ - retval = pam_start("ngircd", Client_OrigUser(Client), &conv, &pam); + retval = pam_start(Conf_PAMServiceName, Client_OrigUser(Client), &conv, &pam); if (retval != PAM_SUCCESS) { Log(LOG_ERR, "PAM: Failed to create authenticator! (%d)", retval); return false; |