Merge branch 'devel' of github.com:neutrinolabs/xrdp into devel

10 years ago · 2d514e666a
parent cc0406dddf 47de7a67f6
commit 2d514e666a
3 changed files with 133 additions and 3 deletions
--- a/configure.ac
+++ b/configure.ac
@ -32,6 +32,10 @@ AM_CONDITIONAL(SESMAN_NOPAM, [test x$enable_pam != xyes])
 AC_ARG_ENABLE(kerberos, AS_HELP_STRING([--enable-kerberos],
              [Build kerberos support (default: no)]),
              [], [enable_kerberos=no])
+AC_ARG_ENABLE(bsd, AS_HELP_STRING([--enable-bsd],
+              [Build BSD auth support (default: no)]),
+              [bsd=true], [bsd=false])
+AM_CONDITIONAL(SESMAN_BSD, [test x$bsd = xtrue])
 AM_CONDITIONAL(SESMAN_KERBEROS, [test x$enable_kerberos = xyes])
 AC_ARG_ENABLE(pamuserpass, AS_HELP_STRING([--enable-pamuserpass],
              [Build pam userpass support (default: no)]),
@ -78,8 +82,11 @@ if test "x$enable_pam" = "xyes"
 then
  if test "x$enable_kerberos" != "xyes"
  then
-    AC_CHECK_HEADER([security/pam_appl.h], [],
-      [AC_MSG_ERROR([please install libpam0g-dev or pam-devel])])
+    if test -z "$enable_bsd"
+    then
+      AC_CHECK_HEADER([security/pam_appl.h], [],
+        [AC_MSG_ERROR([please install libpam0g-dev or pam-devel])])
+    fi
  fi
 fi

@ -88,7 +95,7 @@ AC_CHECK_MEMBER([struct in6_addr.s6_addr],
                [AC_DEFINE(NO_ARPA_INET_H_IP6, 1, [for IPv6])],
                [#include <arpa/inet.h>])

-if test "x$enable_pam" != "xyes"
+if test "x$enable_pam" != "xyes" || test "x$bsd" = "xtrue"
 then
  AC_DEFINE([USE_NOPAM],1,[Disable PAM])
 fi
--- a/sesman/Makefile.am
+++ b/sesman/Makefile.am
@ -14,6 +14,10 @@ if SESMAN_NOPAM
 AUTH_C = verify_user.c
 AUTH_LIB = -lcrypt
 else
+if SESMAN_BSD
+AUTH_C = verify_user_bsd.c
+AUTH_LIB = 
+else
 if SESMAN_PAMUSERPASS
 AUTH_C = verify_user_pam_userpass.c
 AUTH_LIB = -lpam -lpam_userpass
@ -27,6 +31,7 @@ AUTH_LIB = -lpam
 endif
 endif
 endif
+endif

 sbin_PROGRAMS = \
  xrdp-sesman
--- a/sesman/verify_user_bsd.c
+++ b/sesman/verify_user_bsd.c
@ -0,0 +1,118 @@
+/**
+ * xrdp: A Remote Desktop Protocol server.
+ *
+ * Copyright (C) Jay Sorg 2005-2014
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/**
+ *
+ * @file verify_user_bsd.c
+ * @brief Authenticate user using BSD password system
+ * @author Renaud Allard
+ *
+ */
+
+#include "sesman.h"
+
+#define _XOPEN_SOURCE
+#include <stdio.h>
+#include <sys/types.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <time.h>
+#include <login_cap.h>
+#include <bsd_auth.h>
+
+#ifndef SECS_PER_DAY
+#define SECS_PER_DAY (24L*3600L)
+#endif
+
+extern struct config_sesman* g_cfg; /* in sesman.c */
+
+/******************************************************************************/
+/* returns boolean */
+long DEFAULT_CC
+auth_userpass(char *user, char *pass, int *errorcode)
+{
+    int ret = auth_userokay(user, NULL, "auth-xrdp", pass);
+    return ret;
+}
+
+/******************************************************************************/
+/* returns error */
+int DEFAULT_CC
+auth_start_session(long in_val, int in_display)
+{
+    return 0;
+}
+
+/******************************************************************************/
+int DEFAULT_CC
+auth_end(long in_val)
+{
+    return 0;
+}
+
+/******************************************************************************/
+int DEFAULT_CC
+auth_set_env(long in_val)
+{
+    return 0;
+}
+
+/******************************************************************************/
+int DEFAULT_CC
+auth_check_pwd_chg(char* user)
+{
+    return 0;
+}
+
+int DEFAULT_CC
+auth_change_pwd(char* user, char* newpwd)
+{
+    return 0;
+}
+
+int DEFAULT_CC
+auth_stop_session(long in_val)
+{
+    return 0;
+}
+
+/**
+ *
+ * @brief Password encryption
+ * @param pwd Old password
+ * @param pln Plaintext new password
+ * @param crp Crypted new password
+ *
+ */
+
+static int DEFAULT_CC
+auth_crypt_pwd(char* pwd, char* pln, char* crp)
+{
+    return 0;
+}
+
+/**
+ *
+ * @return 1 if the account is disabled, 0 otherwise
+ *
+ */
+static int DEFAULT_CC
+auth_account_disabled(struct spwd* stp)
+{
+    return 0;
+}