You are currently not logged in! Enter your authentication credentials below to log in. You need to have cookies enabled to log in.
=head1 NAME auth/auth_pam =head1 DESCRIPTION This plugin checks the auth login / auth simple with a pam module. It needs the perl module Authen::PAM installed =head1 CONFIG The following parameters can be passed to auth/auth_pam =over 4 =item service <servicename> Default: smtpauth-login =back =head1 AUTHOR Written by Leonardo Helman <lhelman@pert(punto)com(punto)ar>. Pert Consultores SRL Argentina =head1 COPYRIGHT AND LICENSE Copyright (c) 2005 Leonardo Helman. Pert Consultores SRL Argentina This plugin is licensed under the same terms as the qpsmtpd package itself. Please see the LICENSE file included with qpsmtpd for details. =head1 VERSION $Id: auth_pam,v 1.7 2006/05/16 14:12:34 leoh Exp $ =cut sub register { my ( $self, $qp, %args ) = @_; my $config= { service=>"smtpauth-login", }; if (my @bad = grep { ! exists $config->{$_} } sort keys %args) { $self->log(LOGALERT, "invalid parameter(s): " . join(',',@bad)); } $config= {%$config, %args}; $self->{_auth_pam_config} = $config; $self->register_hook( "auth-plain", "authpam" ); $self->register_hook( "auth-login", "authpam" ); } sub authpam { use Qpsmtpd::Constants; my ($self, $transaction, $method, $user, $passClear, $passHash, $ticket)=@_; my $service= $self->{_auth_pam_config}->{service}; my $pamh; PAM_MY_FUNCS::set_vars( $user, $passClear ); $self->log(LOGINFO, "Authenticating $user" ); if ( ref($pamh = new Authen::PAM($service, $user, \&PAM_MY_FUNCS::checkpwd_conv_func)) ) { if ($pamh->pam_authenticate()==0) { PAM_MY_FUNCS::set_vars( "", "" ); $pamh = 0; # force Destructor (per docs) (invokes pam_close()) $self->log( LOGINFO, "authpam/$method - $user auth success" ); return ( OK, "authpam/$method" ); } } else { PAM_MY_FUNCS::set_vars( "", "" ); $self->log( LOGCRIT, "authpam/$method - $user Authen::PAM FAILED" ); return ( OK, "authpam/$method" ); } PAM_MY_FUNCS::set_vars( "", "" ); $self->log(LOGALERT, "authpam/$method - user not found" ) && return ( DENY, "authpam/$method - wrong username or password" ); } package PAM_MY_FUNCS; use Authen::PAM; use strict; my $user; my $passClear; sub set_vars { $user=shift; $passClear=shift; } # This function is not mod_perl safe, we need to do something about the # nested sub sub checkpwd_conv_func { my @res; while ( @_ ) { my $code = shift; my $msg = shift; my $ans = ""; $ans = $user if ($code == PAM_PROMPT_ECHO_ON() ); $ans = $passClear if ($code == PAM_PROMPT_ECHO_OFF() ); push @res, PAM_SUCCESS(), $ans; } push @res, PAM_SUCCESS(); return @res; } # vim:ft=perl: