fix gio-unix-2.0 include error
This commit is contained in:
parent
6f8ea6f4ee
commit
f274a10c80
|
@ -35,6 +35,7 @@ include_directories(
|
||||||
${Qt5Widgets_INCLUDE_DIRS}
|
${Qt5Widgets_INCLUDE_DIRS}
|
||||||
${Qt5DBus_INCLUDE_DIRS}
|
${Qt5DBus_INCLUDE_DIRS}
|
||||||
${GLIB2_INCLUDE_DIRS}
|
${GLIB2_INCLUDE_DIRS}
|
||||||
|
${GIOUNIX2_INCLUDE_DIRS}
|
||||||
include
|
include
|
||||||
../common
|
../common
|
||||||
)
|
)
|
||||||
|
|
|
@ -17,7 +17,7 @@
|
||||||
**/
|
**/
|
||||||
#include "giodbus.h"
|
#include "giodbus.h"
|
||||||
#include <gio/gio.h>
|
#include <gio/gio.h>
|
||||||
#include <gio-unix-2.0/gio/gunixfdlist.h>
|
#include <gio/gunixfdlist.h>
|
||||||
#include <glib.h>
|
#include <glib.h>
|
||||||
|
|
||||||
int get_server_gvariant_stdout (int drvid)
|
int get_server_gvariant_stdout (int drvid)
|
||||||
|
|
|
@ -24,12 +24,12 @@
|
||||||
#include <unistd.h>
|
#include <unistd.h>
|
||||||
#include <sys/stat.h>
|
#include <sys/stat.h>
|
||||||
|
|
||||||
int enable_debug;
|
int pam_enable_debug;
|
||||||
char *log_prefix;
|
char *pam_log_prefix;
|
||||||
|
|
||||||
void logger(char *format, ...)
|
void pam_logger(char *format, ...)
|
||||||
{
|
{
|
||||||
if(!enable_debug){
|
if(!pam_enable_debug){
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -39,7 +39,7 @@ void logger(char *format, ...)
|
||||||
char timestr[32] = {0};
|
char timestr[32] = {0};
|
||||||
strftime(timestr, sizeof(timestr), "%Y-%m-%d %H:%M:%S", localtime(&t)); //产生"YYYYMMDD hh:mm:ss"格式的字符串。
|
strftime(timestr, sizeof(timestr), "%Y-%m-%d %H:%M:%S", localtime(&t)); //产生"YYYYMMDD hh:mm:ss"格式的字符串。
|
||||||
|
|
||||||
fprintf(stderr, "[%s] %s - ", log_prefix, timestr);
|
fprintf(stderr, "[%s] %s - ", pam_log_prefix, timestr);
|
||||||
va_start(args, format); /* 初始化 args */
|
va_start(args, format); /* 初始化 args */
|
||||||
vfprintf(stderr, format, args);
|
vfprintf(stderr, format, args);
|
||||||
}
|
}
|
||||||
|
|
|
@ -37,9 +37,9 @@
|
||||||
#define USER_CONFIG_FILE "/home/%s/.biometric_auth/ukui_biometric.conf"
|
#define USER_CONFIG_FILE "/home/%s/.biometric_auth/ukui_biometric.conf"
|
||||||
|
|
||||||
/* Declare log function */
|
/* Declare log function */
|
||||||
extern int enable_debug;
|
extern int pam_enable_debug;
|
||||||
extern char *log_prefix;
|
extern char *pam_log_prefix;
|
||||||
extern int logger(char *format, ...);
|
extern int pam_logger(char *format, ...);
|
||||||
|
|
||||||
static int ukui_biometric_lock = 0;
|
static int ukui_biometric_lock = 0;
|
||||||
int enable_biometric_authentication(pam_handle_t *pamh);
|
int enable_biometric_authentication(pam_handle_t *pamh);
|
||||||
|
@ -52,7 +52,7 @@ static void signal_handler(int signo)
|
||||||
{
|
{
|
||||||
if (signo == SIGUSR1)
|
if (signo == SIGUSR1)
|
||||||
child_alive = 0; /* GUI child process has terminated */
|
child_alive = 0; /* GUI child process has terminated */
|
||||||
logger("signal_handler is triggered\n");
|
pam_logger("signal_handler is triggered\n");
|
||||||
}
|
}
|
||||||
|
|
||||||
int enable_biometric_authentication_app()
|
int enable_biometric_authentication_app()
|
||||||
|
@ -64,14 +64,14 @@ int enable_biometric_authentication_app()
|
||||||
int is_enable = 0;
|
int is_enable = 0;
|
||||||
|
|
||||||
if((file = fopen(conf_file, "r")) == NULL){
|
if((file = fopen(conf_file, "r")) == NULL){
|
||||||
logger("open configure file failed: %s\n", strerror(errno));
|
pam_logger("open configure file failed: %s\n", strerror(errno));
|
||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
while(fgets(line, sizeof(line), file)) {
|
while(fgets(line, sizeof(line), file)) {
|
||||||
i = sscanf(line, "EnableAuthApp=%d\n", &is_enable);
|
i = sscanf(line, "EnableAuthApp=%d\n", &is_enable);
|
||||||
if(i > 0) {
|
if(i > 0) {
|
||||||
logger("EnableAuthApp=%d\n", is_enable);
|
pam_logger("EnableAuthApp=%d\n", is_enable);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -145,9 +145,9 @@ int call_conversation(pam_handle_t *pamh, int msg_style, char *msg, char *resp)
|
||||||
message_tmp->msg_style = msg_style;
|
message_tmp->msg_style = msg_style;
|
||||||
message_tmp->msg = msg;
|
message_tmp->msg = msg;
|
||||||
message[0] = message_tmp;
|
message[0] = message_tmp;
|
||||||
logger("Call conv callback function\n");
|
pam_logger("Call conv callback function\n");
|
||||||
status = conv_struct->conv(1, message, &response, conv_struct->appdata_ptr);
|
status = conv_struct->conv(1, message, &response, conv_struct->appdata_ptr);
|
||||||
logger("Finish conv callback function\n");
|
pam_logger("Finish conv callback function\n");
|
||||||
|
|
||||||
if (resp && response->resp)
|
if (resp && response->resp)
|
||||||
strcpy(resp, response->resp);
|
strcpy(resp, response->resp);
|
||||||
|
@ -163,7 +163,7 @@ int call_conversation(pam_handle_t *pamh, int msg_style, char *msg, char *resp)
|
||||||
/* GUI child process */
|
/* GUI child process */
|
||||||
void child(char *service, char *username, char *xdisp)
|
void child(char *service, char *username, char *xdisp)
|
||||||
{
|
{
|
||||||
logger("Child process will be replaced.\n");
|
pam_logger("Child process will be replaced.\n");
|
||||||
int fd = open("/dev/null", O_WRONLY);
|
int fd = open("/dev/null", O_WRONLY);
|
||||||
dup2(fd, 2);
|
dup2(fd, 2);
|
||||||
|
|
||||||
|
@ -171,7 +171,7 @@ void child(char *service, char *username, char *xdisp)
|
||||||
"--service", service,
|
"--service", service,
|
||||||
"--user", username,
|
"--user", username,
|
||||||
// "--display", xdisp,
|
// "--display", xdisp,
|
||||||
enable_debug ? "--debug" : "",
|
pam_enable_debug ? "--debug" : "",
|
||||||
(char *)0);
|
(char *)0);
|
||||||
/*
|
/*
|
||||||
* execl almost always succeed as long as the GUI executable file exists.
|
* execl almost always succeed as long as the GUI executable file exists.
|
||||||
|
@ -179,11 +179,11 @@ void child(char *service, char *username, char *xdisp)
|
||||||
* process won't reach here. Therefore, the following code won't be
|
* process won't reach here. Therefore, the following code won't be
|
||||||
* executed in general.
|
* executed in general.
|
||||||
*/
|
*/
|
||||||
logger("Fatal error: execl(gui) failed in child process. "
|
pam_logger("Fatal error: execl(gui) failed in child process. "
|
||||||
"This is an extremely rare condition. Please ensure that the "
|
"This is an extremely rare condition. Please ensure that the "
|
||||||
"biometric-authentication executable file exists.\n");
|
"biometric-authentication executable file exists.\n");
|
||||||
logger("Use password as a fallback\n");
|
pam_logger("Use password as a fallback\n");
|
||||||
logger("Child _exit with BIO_IGNORE\n");
|
pam_logger("Child _exit with BIO_IGNORE\n");
|
||||||
/* Child process exits */
|
/* Child process exits */
|
||||||
_exit(BIO_IGNORE);
|
_exit(BIO_IGNORE);
|
||||||
}
|
}
|
||||||
|
@ -195,7 +195,7 @@ void handler()
|
||||||
/* PAM parent process */
|
/* PAM parent process */
|
||||||
int parent(int pid, pam_handle_t *pamh, int need_call_conv)
|
int parent(int pid, pam_handle_t *pamh, int need_call_conv)
|
||||||
{
|
{
|
||||||
logger("Parent process continue running.\n");
|
pam_logger("Parent process continue running.\n");
|
||||||
int child_status = -1;
|
int child_status = -1;
|
||||||
/*
|
/*
|
||||||
* 1. If calling conversation function is not needed, wait the child
|
* 1. If calling conversation function is not needed, wait the child
|
||||||
|
@ -223,7 +223,7 @@ int parent(int pid, pam_handle_t *pamh, int need_call_conv)
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if (signal(SIGUSR1, signal_handler) == SIG_ERR)
|
if (signal(SIGUSR1, signal_handler) == SIG_ERR)
|
||||||
logger("Fatal Error. Can't catch SIGUSR1\n");
|
pam_logger("Fatal Error. Can't catch SIGUSR1\n");
|
||||||
reinvoke:
|
reinvoke:
|
||||||
call_conversation(pamh, PAM_TEXT_INFO, msg1, NULL);
|
call_conversation(pamh, PAM_TEXT_INFO, msg1, NULL);
|
||||||
call_conversation(pamh, PAM_PROMPT_ECHO_OFF, msg2, NULL);
|
call_conversation(pamh, PAM_PROMPT_ECHO_OFF, msg2, NULL);
|
||||||
|
@ -233,7 +233,7 @@ int parent(int pid, pam_handle_t *pamh, int need_call_conv)
|
||||||
signal(SIGUSR1, SIG_DFL);
|
signal(SIGUSR1, SIG_DFL);
|
||||||
waitpid(pid, &child_status, 0);
|
waitpid(pid, &child_status, 0);
|
||||||
} else {
|
} else {
|
||||||
logger("Waiting for the GUI child process to exit...\n");
|
pam_logger("Waiting for the GUI child process to exit...\n");
|
||||||
//由于sudo命令在进入pam认证时,会阻塞来自终端的SIGINT以及SIGQUIT信号,导致使用
|
//由于sudo命令在进入pam认证时,会阻塞来自终端的SIGINT以及SIGQUIT信号,导致使用
|
||||||
//pam认证时,按下Ctrl+C无反应,认证完成后,sudo会退出,这里为了简单,取消了阻塞
|
//pam认证时,按下Ctrl+C无反应,认证完成后,sudo会退出,这里为了简单,取消了阻塞
|
||||||
//信号,捕获信号但不做处理,在认证完成后,恢复原本阻塞状态
|
//信号,捕获信号但不做处理,在认证完成后,恢复原本阻塞状态
|
||||||
|
@ -244,7 +244,7 @@ int parent(int pid, pam_handle_t *pamh, int need_call_conv)
|
||||||
signal(SIGINT,handler);
|
signal(SIGINT,handler);
|
||||||
|
|
||||||
waitpid(pid, &child_status, 0);
|
waitpid(pid, &child_status, 0);
|
||||||
logger("GUI child process has exited.\n");
|
pam_logger("GUI child process has exited.\n");
|
||||||
sigprocmask(SIG_SETMASK,&mask,NULL);
|
sigprocmask(SIG_SETMASK,&mask,NULL);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -256,23 +256,23 @@ int parent(int pid, pam_handle_t *pamh, int need_call_conv)
|
||||||
if (WIFEXITED(child_status))
|
if (WIFEXITED(child_status))
|
||||||
bio_result = WEXITSTATUS(child_status);
|
bio_result = WEXITSTATUS(child_status);
|
||||||
else /* This may be because the GUI child process is invoked under console. */
|
else /* This may be because the GUI child process is invoked under console. */
|
||||||
logger("The GUI-Child process terminate abnormally.\n");
|
pam_logger("The GUI-Child process terminate abnormally.\n");
|
||||||
|
|
||||||
if (bio_result == BIO_SUCCESS) {
|
if (bio_result == BIO_SUCCESS) {
|
||||||
if(!enable_biometric_authentication(pamh) && !enable_qrcode_authentication(pamh)) {
|
if(!enable_biometric_authentication(pamh) && !enable_qrcode_authentication(pamh)) {
|
||||||
logger("disable biometric authentication.\n");
|
pam_logger("disable biometric authentication.\n");
|
||||||
return PAM_SYSTEM_ERR;
|
return PAM_SYSTEM_ERR;
|
||||||
}
|
}
|
||||||
logger("pam_biometric.so return PAM_SUCCESS\n");
|
pam_logger("pam_biometric.so return PAM_SUCCESS\n");
|
||||||
return PAM_SUCCESS;
|
return PAM_SUCCESS;
|
||||||
} else if (bio_result == BIO_IGNORE) {
|
} else if (bio_result == BIO_IGNORE) {
|
||||||
/* Override msg1 to empty the label. We are ready to enter the password module. */
|
/* Override msg1 to empty the label. We are ready to enter the password module. */
|
||||||
call_conversation(pamh, PAM_TEXT_INFO, "", NULL);
|
call_conversation(pamh, PAM_TEXT_INFO, "", NULL);
|
||||||
ukui_biometric_lock = 1;
|
ukui_biometric_lock = 1;
|
||||||
logger("pam_biometric.so return PAM_IGNORE\n");
|
pam_logger("pam_biometric.so return PAM_IGNORE\n");
|
||||||
return PAM_IGNORE;
|
return PAM_IGNORE;
|
||||||
} else {
|
} else {
|
||||||
logger("pam_biometric.so return PAM_SYSTEM_ERR\n");
|
pam_logger("pam_biometric.so return PAM_SYSTEM_ERR\n");
|
||||||
ukui_biometric_lock = 1;
|
ukui_biometric_lock = 1;
|
||||||
return PAM_SYSTEM_ERR;
|
return PAM_SYSTEM_ERR;
|
||||||
}
|
}
|
||||||
|
@ -295,10 +295,10 @@ void check_and_set_env(pam_handle_t *pamh, char **xdisp, char **xauth)
|
||||||
*xdisp=getenv("DISPLAY");
|
*xdisp=getenv("DISPLAY");
|
||||||
*xauth=getenv("XAUTHORITY");
|
*xauth=getenv("XAUTHORITY");
|
||||||
if (*xdisp == 0)
|
if (*xdisp == 0)
|
||||||
logger("Warning: DISPLAY env is still empty, "
|
pam_logger("Warning: DISPLAY env is still empty, "
|
||||||
"this is not an error if you are using terminal\n");
|
"this is not an error if you are using terminal\n");
|
||||||
if (*xauth == 0)
|
if (*xauth == 0)
|
||||||
logger("Warning: XAUTHORITY env is still empty, "
|
pam_logger("Warning: XAUTHORITY env is still empty, "
|
||||||
"this is not an error if you are using terminal\n");
|
"this is not an error if you are using terminal\n");
|
||||||
|
|
||||||
}
|
}
|
||||||
|
@ -318,13 +318,13 @@ int biometric_auth_independent(pam_handle_t *pamh , char *service, int need_call
|
||||||
unsigned int pid;
|
unsigned int pid;
|
||||||
pid = fork();
|
pid = fork();
|
||||||
if (pid < 0) {
|
if (pid < 0) {
|
||||||
logger("Fork Error!\n");
|
pam_logger("Fork Error!\n");
|
||||||
return PAM_SYSTEM_ERR;
|
return PAM_SYSTEM_ERR;
|
||||||
} else if (pid != 0) {
|
} else if (pid != 0) {
|
||||||
return parent(pid, pamh, need_call_conv);
|
return parent(pid, pamh, need_call_conv);
|
||||||
} else {
|
} else {
|
||||||
child(service, username, xdisp);
|
child(service, username, xdisp);
|
||||||
logger("Should never reach here.\n");
|
pam_logger("Should never reach here.\n");
|
||||||
return PAM_SYSTEM_ERR;
|
return PAM_SYSTEM_ERR;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -332,34 +332,34 @@ int biometric_auth_independent(pam_handle_t *pamh , char *service, int need_call
|
||||||
/* Biometric processing function fot polkit-1 */
|
/* Biometric processing function fot polkit-1 */
|
||||||
int biometric_auth_polkit()
|
int biometric_auth_polkit()
|
||||||
{
|
{
|
||||||
logger("Current service is polkit-1\n");
|
pam_logger("Current service is polkit-1\n");
|
||||||
const char *fifo_name = "/tmp/bio.fifo";
|
const char *fifo_name = "/tmp/bio.fifo";
|
||||||
if(access(fifo_name, F_OK) == -1) {
|
if(access(fifo_name, F_OK) == -1) {
|
||||||
int res = mkfifo(fifo_name, 0777);
|
int res = mkfifo(fifo_name, 0777);
|
||||||
if(res != 0) {
|
if(res != 0) {
|
||||||
logger("Can't create FIFO file\n");
|
pam_logger("Can't create FIFO file\n");
|
||||||
return PAM_SYSTEM_ERR;
|
return PAM_SYSTEM_ERR;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
int fifo_rd = open(fifo_name, O_RDONLY);
|
int fifo_rd = open(fifo_name, O_RDONLY);
|
||||||
if (fifo_rd == -1)
|
if (fifo_rd == -1)
|
||||||
return PAM_SYSTEM_ERR;
|
return PAM_SYSTEM_ERR;
|
||||||
logger("Before reading FIFO\n");
|
pam_logger("Before reading FIFO\n");
|
||||||
char buffer[8] = {0};
|
char buffer[8] = {0};
|
||||||
if(read(fifo_rd, buffer, 8) == -1)
|
if(read(fifo_rd, buffer, 8) == -1)
|
||||||
return PAM_SYSTEM_ERR;
|
return PAM_SYSTEM_ERR;
|
||||||
logger("After reading FIFO\n");
|
pam_logger("After reading FIFO\n");
|
||||||
int result_code;
|
int result_code;
|
||||||
sscanf(buffer, "%d", &result_code);
|
sscanf(buffer, "%d", &result_code);
|
||||||
remove(fifo_name);
|
remove(fifo_name);
|
||||||
if (result_code == BIO_SUCCESS) {
|
if (result_code == BIO_SUCCESS) {
|
||||||
logger("pam_biometric.so return PAM_SUCCESS\n");
|
pam_logger("pam_biometric.so return PAM_SUCCESS\n");
|
||||||
return PAM_SUCCESS;
|
return PAM_SUCCESS;
|
||||||
} else if (result_code == BIO_IGNORE) {
|
} else if (result_code == BIO_IGNORE) {
|
||||||
logger("pam_biometric.so return PAM_IGNORE\n");
|
pam_logger("pam_biometric.so return PAM_IGNORE\n");
|
||||||
return PAM_IGNORE;
|
return PAM_IGNORE;
|
||||||
} else {
|
} else {
|
||||||
logger("pam_biometric.so return PAM_SYSTEM_ERR\n");
|
pam_logger("pam_biometric.so return PAM_SYSTEM_ERR\n");
|
||||||
return PAM_SYSTEM_ERR;
|
return PAM_SYSTEM_ERR;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -384,7 +384,7 @@ int biometric_auth_embeded(pam_handle_t *pamh)
|
||||||
return PAM_IGNORE;
|
return PAM_IGNORE;
|
||||||
else if (strcmp(resp, BIOMETRIC_SUCCESS) == 0){
|
else if (strcmp(resp, BIOMETRIC_SUCCESS) == 0){
|
||||||
if(!enable_biometric_authentication(pamh) && !enable_qrcode_authentication(pamh)) {
|
if(!enable_biometric_authentication(pamh) && !enable_qrcode_authentication(pamh)) {
|
||||||
logger("disable biometric authentication.\n");
|
pam_logger("disable biometric authentication.\n");
|
||||||
return PAM_SYSTEM_ERR;
|
return PAM_SYSTEM_ERR;
|
||||||
}
|
}
|
||||||
return PAM_SUCCESS;
|
return PAM_SUCCESS;
|
||||||
|
@ -481,15 +481,15 @@ int enable_by_polkit()
|
||||||
char buf[1024];
|
char buf[1024];
|
||||||
|
|
||||||
if( (file = fopen(BIO_COM_FILE, "r")) == NULL) {
|
if( (file = fopen(BIO_COM_FILE, "r")) == NULL) {
|
||||||
logger("open communication file failed: %s\n", strerror(errno));
|
pam_logger("open communication file failed: %s\n", strerror(errno));
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
memset(buf, 0, sizeof(buf));
|
memset(buf, 0, sizeof(buf));
|
||||||
fgets(buf, sizeof(buf), file);
|
fgets(buf, sizeof(buf), file);
|
||||||
fclose(file);
|
fclose(file);
|
||||||
if(remove(BIO_COM_FILE) < 0)
|
if(remove(BIO_COM_FILE) < 0)
|
||||||
logger("remove communication file failed: %s\n", strerror(errno));
|
pam_logger("remove communication file failed: %s\n", strerror(errno));
|
||||||
logger("%s\n", buf);
|
pam_logger("%s\n", buf);
|
||||||
if(strcmp(buf, "polkit-ukui-authentication-agent-1") == 0)
|
if(strcmp(buf, "polkit-ukui-authentication-agent-1") == 0)
|
||||||
return 1;
|
return 1;
|
||||||
return 0;
|
return 0;
|
||||||
|
@ -508,12 +508,12 @@ int enable_biometric_authentication(pam_handle_t *pamh)
|
||||||
char line[1024], is_enable[16];
|
char line[1024], is_enable[16];
|
||||||
int i;
|
int i;
|
||||||
if((file = fopen(conf_file_user, "r")) == NULL){
|
if((file = fopen(conf_file_user, "r")) == NULL){
|
||||||
logger("open configure file failed: %s\n", strerror(errno));
|
pam_logger("open configure file failed: %s\n", strerror(errno));
|
||||||
} else {
|
} else {
|
||||||
while(fgets(line, sizeof(line), file)) {
|
while(fgets(line, sizeof(line), file)) {
|
||||||
i = sscanf(line, "EnableAuth=%15s\n", is_enable);
|
i = sscanf(line, "EnableAuth=%15s\n", is_enable);
|
||||||
if(i > 0) {
|
if(i > 0) {
|
||||||
logger("EnableAuth=%s\n", is_enable);
|
pam_logger("EnableAuth=%s\n", is_enable);
|
||||||
is_found = 1;
|
is_found = 1;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
@ -533,13 +533,13 @@ int enable_biometric_authentication(pam_handle_t *pamh)
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
if((file = fopen(conf_file, "r")) == NULL){
|
if((file = fopen(conf_file, "r")) == NULL){
|
||||||
logger("open configure file failed: %s\n", strerror(errno));
|
pam_logger("open configure file failed: %s\n", strerror(errno));
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
while(fgets(line, sizeof(line), file)) {
|
while(fgets(line, sizeof(line), file)) {
|
||||||
i = sscanf(line, "EnableAuth=%15s\n", is_enable);
|
i = sscanf(line, "EnableAuth=%15s\n", is_enable);
|
||||||
if(i > 0) {
|
if(i > 0) {
|
||||||
logger("EnableAuth=%s\n", is_enable);
|
pam_logger("EnableAuth=%s\n", is_enable);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -563,12 +563,12 @@ int enable_qrcode_authentication(pam_handle_t *pamh)
|
||||||
char line[1024], is_enable[16];
|
char line[1024], is_enable[16];
|
||||||
int i;
|
int i;
|
||||||
if((file = fopen(conf_file_user, "r")) == NULL){
|
if((file = fopen(conf_file_user, "r")) == NULL){
|
||||||
logger("open configure file failed: %s\n", strerror(errno));
|
pam_logger("open configure file failed: %s\n", strerror(errno));
|
||||||
} else {
|
} else {
|
||||||
while(fgets(line, sizeof(line), file)) {
|
while(fgets(line, sizeof(line), file)) {
|
||||||
i = sscanf(line, "EnableQRCode=%15s\n", is_enable);
|
i = sscanf(line, "EnableQRCode=%15s\n", is_enable);
|
||||||
if(i > 0) {
|
if(i > 0) {
|
||||||
logger("EnableQRCode=%s\n", is_enable);
|
pam_logger("EnableQRCode=%s\n", is_enable);
|
||||||
is_found = 1;
|
is_found = 1;
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
|
@ -588,13 +588,13 @@ int enable_qrcode_authentication(pam_handle_t *pamh)
|
||||||
int i;
|
int i;
|
||||||
|
|
||||||
if((file = fopen(conf_file, "r")) == NULL){
|
if((file = fopen(conf_file, "r")) == NULL){
|
||||||
logger("open configure file failed: %s\n", strerror(errno));
|
pam_logger("open configure file failed: %s\n", strerror(errno));
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
while(fgets(line, sizeof(line), file)) {
|
while(fgets(line, sizeof(line), file)) {
|
||||||
i = sscanf(line, "EnableQRCode=%15s\n", is_enable);
|
i = sscanf(line, "EnableQRCode=%15s\n", is_enable);
|
||||||
if(i > 0) {
|
if(i > 0) {
|
||||||
logger("EnableQRCode=%s\n", is_enable);
|
pam_logger("EnableQRCode=%s\n", is_enable);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -614,13 +614,13 @@ int enable_biometric_auth_double()
|
||||||
|
|
||||||
|
|
||||||
if((file = fopen(conf_file, "r")) == NULL){
|
if((file = fopen(conf_file, "r")) == NULL){
|
||||||
logger("open configure file failed: %s\n", strerror(errno));
|
pam_logger("open configure file failed: %s\n", strerror(errno));
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
while(fgets(line, sizeof(line), file)) {
|
while(fgets(line, sizeof(line), file)) {
|
||||||
i = sscanf(line, "DoubleAuth=%s\n", is_enable);
|
i = sscanf(line, "DoubleAuth=%s\n", is_enable);
|
||||||
if(i > 0) {
|
if(i > 0) {
|
||||||
logger("DoubleAuth=%s\n", is_enable);
|
pam_logger("DoubleAuth=%s\n", is_enable);
|
||||||
break;
|
break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
@ -639,26 +639,26 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc,
|
||||||
{
|
{
|
||||||
for(int i = 0; i < argc; i++) {
|
for(int i = 0; i < argc; i++) {
|
||||||
if(strcmp(argv[i], "debug") == 0) {
|
if(strcmp(argv[i], "debug") == 0) {
|
||||||
enable_debug = 1;
|
pam_enable_debug = 1;
|
||||||
log_prefix = "PAM_BIO";
|
pam_log_prefix = "PAM_BIO";
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
logger("Invoke libpam_biometric.so module\n");
|
pam_logger("Invoke libpam_biometric.so module\n");
|
||||||
|
|
||||||
char *service = 0;
|
char *service = 0;
|
||||||
|
|
||||||
if((!enable_biometric_authentication(pamh) && !enable_qrcode_authentication(pamh)) || ukui_biometric_lock) {
|
if((!enable_biometric_authentication(pamh) && !enable_qrcode_authentication(pamh)) || ukui_biometric_lock) {
|
||||||
logger("disable biometric authentication.\n");
|
pam_logger("disable biometric authentication.\n");
|
||||||
return PAM_IGNORE;
|
return PAM_IGNORE;
|
||||||
}
|
}
|
||||||
logger("enable biometric authentication.\n");
|
pam_logger("enable biometric authentication.\n");
|
||||||
|
|
||||||
pam_get_item(pamh, PAM_SERVICE, (const void **)&service);
|
pam_get_item(pamh, PAM_SERVICE, (const void **)&service);
|
||||||
|
|
||||||
/* Service filter */
|
/* Service filter */
|
||||||
if (!service_filter(service)){
|
if (!service_filter(service)){
|
||||||
logger("Service <%s> should not use biometric-authentication\n", service);
|
pam_logger("Service <%s> should not use biometric-authentication\n", service);
|
||||||
return PAM_IGNORE;
|
return PAM_IGNORE;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -666,7 +666,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc,
|
||||||
if (strcmp(service, "lightdm") == 0) {
|
if (strcmp(service, "lightdm") == 0) {
|
||||||
char buf[128];
|
char buf[128];
|
||||||
get_greeter_session(buf, sizeof(buf));
|
get_greeter_session(buf, sizeof(buf));
|
||||||
logger("current greeter: %s\n", buf);
|
pam_logger("current greeter: %s\n", buf);
|
||||||
|
|
||||||
if(strcmp(buf, "ukui-greeter") == 0 || strcmp(buf, "ukui-greeter-wayland") == 0)
|
if(strcmp(buf, "ukui-greeter") == 0 || strcmp(buf, "ukui-greeter-wayland") == 0)
|
||||||
return biometric_auth_embeded(pamh);
|
return biometric_auth_embeded(pamh);
|
||||||
|
@ -679,7 +679,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc,
|
||||||
if(enable_by_polkit())
|
if(enable_by_polkit())
|
||||||
return biometric_auth_embeded(pamh);
|
return biometric_auth_embeded(pamh);
|
||||||
else
|
else
|
||||||
logger("[PAM_BIOMETRIC]: It's not polkit-ukui-authentication-agent-1.\n");
|
pam_logger("[PAM_BIOMETRIC]: It's not polkit-ukui-authentication-agent-1.\n");
|
||||||
}
|
}
|
||||||
else if (strcmp(service, "sudo") == 0)
|
else if (strcmp(service, "sudo") == 0)
|
||||||
return biometric_auth_independent(pamh, "sudo", 0);
|
return biometric_auth_independent(pamh, "sudo", 0);
|
||||||
|
@ -694,7 +694,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc,
|
||||||
return biometric_auth_independent(pamh, "biotest", 1);
|
return biometric_auth_independent(pamh, "biotest", 1);
|
||||||
#endif
|
#endif
|
||||||
else
|
else
|
||||||
logger("Service <%s> slip through the service filter\n", service);
|
pam_logger("Service <%s> slip through the service filter\n", service);
|
||||||
return PAM_IGNORE;
|
return PAM_IGNORE;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue