2015-04-23 13:58:57 +02:00
|
|
|
// Copyright 2014 The Gogs Authors. All rights reserved.
|
2022-11-27 13:20:29 -05:00
|
|
|
// SPDX-License-Identifier: MIT
|
2015-04-23 13:58:57 +02:00
|
|
|
|
2021-08-24 11:47:09 -05:00
|
|
|
//go:build pam
|
|
|
|
|
2015-04-23 13:58:57 +02:00
|
|
|
package pam
|
|
|
|
|
|
|
|
import (
|
|
|
|
"errors"
|
|
|
|
|
|
|
|
"github.com/msteinert/pam"
|
|
|
|
)
|
|
|
|
|
2020-10-23 05:10:29 -05:00
|
|
|
// Supported is true when built with PAM
|
|
|
|
var Supported = true
|
|
|
|
|
2016-11-27 14:03:59 +08:00
|
|
|
// Auth pam auth service
|
2020-02-23 16:52:05 -03:00
|
|
|
func Auth(serviceName, userName, passwd string) (string, error) {
|
2015-04-23 13:58:57 +02:00
|
|
|
t, err := pam.StartFunc(serviceName, userName, func(s pam.Style, msg string) (string, error) {
|
|
|
|
switch s {
|
|
|
|
case pam.PromptEchoOff:
|
|
|
|
return passwd, nil
|
|
|
|
case pam.PromptEchoOn, pam.ErrorMsg, pam.TextInfo:
|
|
|
|
return "", nil
|
|
|
|
}
|
|
|
|
return "", errors.New("Unrecognized PAM message style")
|
|
|
|
})
|
|
|
|
if err != nil {
|
2020-02-23 16:52:05 -03:00
|
|
|
return "", err
|
2015-04-23 13:58:57 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
if err = t.Authenticate(0); err != nil {
|
2020-02-23 16:52:05 -03:00
|
|
|
return "", err
|
2015-04-23 13:58:57 +02:00
|
|
|
}
|
2022-03-13 17:40:47 +01:00
|
|
|
|
2022-03-10 02:00:05 +00:00
|
|
|
if err = t.AcctMgmt(0); err != nil {
|
2022-03-13 17:40:47 +01:00
|
|
|
return "", err
|
|
|
|
}
|
2015-04-23 13:58:57 +02:00
|
|
|
|
2020-02-23 16:52:05 -03:00
|
|
|
// PAM login names might suffer transformations in the PAM stack.
|
|
|
|
// We should take whatever the PAM stack returns for it.
|
|
|
|
return t.GetItem(pam.User)
|
2015-04-23 13:58:57 +02:00
|
|
|
}
|