From: miha-q <>
Date: Mon, 14 Aug 2023 18:01:18 +0000 (-0400)
Subject: Mon Aug 14 02:01:18 PM EDT 2023
X-Git-Url: http://www.foleosoft.com/?a=commitdiff_plain;h=e261c60b3490989c6a0e65af3423b2b796cbb49f;p=CryptoFoleo.git

Mon Aug 14 02:01:18 PM EDT 2023
---

diff --git a/src/pam b/src/pam
new file mode 100755
index 0000000..b603d34
Binary files /dev/null and b/src/pam differ
diff --git a/src/pam.c b/src/pam.c
index 736efc6..aa39d17 100644
--- a/src/pam.c
+++ b/src/pam.c
@@ -8,35 +8,55 @@
 #include <unistd.h>
 #include <sys/types.h>
 #include <pwd.h>
+#include <stdlib.h>
+#include <stdbool.h>
+#include <string.h>
+#include <security/pam_appl.h>
+
+static int pamconv(int num_msg, const struct pam_message **msg,
+        struct pam_response **resp, void *appdata_ptr)
+{
+    char *pass = malloc(strlen(appdata_ptr)+1);
+    strcpy(pass, appdata_ptr);
+
+    int i;
 
-static int pam_conv_func(int num_msg, const struct pam_message **msg,
-                         struct pam_response **resp, void *appdata_ptr) {
-    *resp = (struct pam_response *)malloc(num_msg * sizeof(struct pam_response));
-    for (int i = 0; i < num_msg; i++) {
-        resp[i]->resp = strdup((char *)appdata_ptr);
-        resp[i]->resp_retcode = 0;
+    *resp = calloc(num_msg, sizeof(struct pam_response));
+
+    for (i = 0; i < num_msg; ++i)
+    {
+        /* Ignore all PAM messages except prompting for hidden input */
+        if (msg[i]->msg_style != PAM_PROMPT_ECHO_OFF)
+            continue;
+
+        /* Assume PAM is only prompting for the password as hidden input */
+        resp[i]->resp = pass;
     }
+
     return PAM_SUCCESS;
 }
 
-uint8_t pam(uint8_t* username, uint8_t* password)
+bool checkAuthentication(const char *user, const char *pass)
 {
-    struct passwd *p;
-    p = getpwuid(geteuid());
-    if (p == NULL) return 0;
-    if (username == NULL) username = p->pw_name;
+    /* use own PAM conversation function just responding with the
+       password passed here */
+    struct pam_conv conv = { &pamconv, (void *)pass };
 
-    pam_handle_t *pamh = NULL;
-    struct pam_conv conv = { pam_conv_func, NULL };
+    pam_handle_t *handle;
+    int authResult;
 
-    conv.appdata_ptr = (void*)password;
+    pam_start("shutterd", user, &conv, &handle);
+    authResult = pam_authenticate(handle,
+            PAM_SILENT|PAM_DISALLOW_NULL_AUTHTOK);
+    pam_end(handle, authResult);
+
+    return (authResult == PAM_SUCCESS);
+}
 
-    int retval = pam_start("login", username, &conv, &pamh);
 
-    if (retval == PAM_SUCCESS)
-        retval = pam_authenticate(pamh, 0);
+void main()
+{
+	printf("%i\n", checkAuthentication("home", "jasopoint"));
 
-    if (pamh) pam_end(pamh, retval);
-    return retval == PAM_SUCCESS;
 }
-#endif
\ No newline at end of file
+#endif
diff --git a/src/test b/src/test
new file mode 100755
index 0000000..289a101
Binary files /dev/null and b/src/test differ
diff --git a/src/test.c b/src/test.c
new file mode 100644
index 0000000..86f30fa
--- /dev/null
+++ b/src/test.c
@@ -0,0 +1,24 @@
+#include <stdio.h>
+#include <shadow.h>
+#include <string.h>
+#include <crypt.h>
+#include <stdlib.h>
+#include <stdint.h>
+#include <pwd.h>
+
+uint8_t authenticate(const char *username, const char* password)
+{
+	struct spwd* pw;
+	pw = getspnam(username);
+	if (!pw)
+	{
+		fprintf(stderr, "authenticate(): Permission denied.\n");
+		return 0;
+	}
+	const char* hashedPassword = crypt(password, pw->sp_pwdp);
+	return strcmp(hashedPassword, pw->sp_pwdp) == 0;
+}
+
+void main()
+{
+}
diff --git a/src/test2.c b/src/test2.c
new file mode 100644
index 0000000..8d04889
--- /dev/null
+++ b/src/test2.c
@@ -0,0 +1,51 @@
+
+uint8_t authenticate(const char *username, const char* password) {
+    struct spwd spw;
+    struct spwd *result;
+    char *buf;
+    size_t bufsize;
+    int s;
+
+    bufsize = sysconf(_SC_GETPW_R_SIZE_MAX);
+    if (bufsize == -1) {
+        bufsize = 16384; // use a default size if sysconf returns indeterminate size
+    }
+
+    buf = malloc(bufsize);
+    if (buf == NULL) {
+        perror("malloc");
+        exit(EXIT_FAILURE);
+    }
+
+    s = getspnam_r(username, &spw, buf, bufsize, &result);
+    if (result == NULL) {
+        if (s == 0) {
+            fprintf(stderr, "User not found\n");
+        } else {
+            perror("getspnam_r");
+        }
+        free(buf);
+        return 0;
+    }
+
+    const char *hashedPassword = crypt(password, spw.sp_pwdp);
+    
+    int status = strcmp(hashedPassword, spw.sp_pwdp) == 0;
+    free(buf);
+    return status;
+}
+
+int main(int argc, char **argv) {
+    if (argc != 3) {
+        printf("Usage: %s <username> <password>\n", argv[0]);
+        return 1;
+    }
+
+    if (authenticate(argv[1], argv[2])) {
+        printf("Authenticated!\n");
+    } else {
+        printf("Authentication failed.\n");
+    }
+
+    return 0;
+}