LinuxGruppeIRB
/
pam-eid
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases 2 Wiki Activity

Switch from just saving XML data to parsing JSON data

This commit is contained in:
Gitea 2025-02-14 08:57:46 +01:00
parent 1c7ae192bb
commit e26a6116ec
7 changed files with 64 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
Changelog
View File

@ -1,3 +1,8 @@
2025-01-13 Christoph Pleger <pleger@irb.cs.tu-dortmund.de>
Release 4.0
+ Switch from just saving XML data to parsing JSON data
2024-10-08 Christoph Pleger <pleger@irb.cs.tu-dortmund.de> 2024-10-08 Christoph Pleger <pleger@irb.cs.tu-dortmund.de>
Release 3.0 Release 3.0

18
Makefile
View File

@ -4,8 +4,8 @@
ARCH := $(shell gcc -dumpmachine) ARCH := $(shell gcc -dumpmachine)
EXEC_OBJS := authorized_eid.o client.o add-eid.o EXEC_OBJS := authorized_eid.o client.o add-eid.o json.o
PAM_OBJS := pam_eid.o auth.o authorized_eid.o client.o PAM_OBJS := pam_eid.o auth.o authorized_eid.o client.o json.o
CURL_CFLAGS := $(shell /usr/bin/pkg-config --cflags libcurl) CURL_CFLAGS := $(shell /usr/bin/pkg-config --cflags libcurl)
CURL_LDFLAGS := $(shell /usr/bin/pkg-config --libs libcurl) CURL_LDFLAGS := $(shell /usr/bin/pkg-config --libs libcurl)
@ -16,9 +16,12 @@ PAM_LDFLAGS := $(shell /usr/bin/pkg-config --libs pam)
GLIB_CFLAGS := $(shell /usr/bin/pkg-config --cflags glib-2.0) GLIB_CFLAGS := $(shell /usr/bin/pkg-config --cflags glib-2.0)
GLIB_LDFLAGS := $(shell /usr/bin/pkg-config --libs glib-2.0) GLIB_LDFLAGS := $(shell /usr/bin/pkg-config --libs glib-2.0)
CFLAGS := -O2 -Wall -Werror -g -fPIC $(CURL_CFLAGS) $(PAM_CFLAGS) $(GLIB_CFLAGS) JSON_CFLAGS := $(shell /usr/bin/pkg-config --cflags libcjson)
EXEC_LDFLAGS := $(CURL_LDFLAGS) $(GLIB_LDFLAGS) JSON_LDFLAGS := $(shell /usr/bin/pkg-config --libs libcjson)
PAM_LDFLAGS := $(CURL_LDFLAGS) $(PAM_LDFLAGS) $(GLIB_LDFLAGS)
CFLAGS := -O2 -Wall -Werror -g -fPIC $(CURL_CFLAGS) $(PAM_CFLAGS) $(GLIB_CFLAGS) $(JSON_CFLAGS)
EXEC_LDFLAGS := $(CURL_LDFLAGS) $(GLIB_LDFLAGS) $(JSON_LDFLAGS)
PAM_LDFLAGS := $(CURL_LDFLAGS) $(PAM_LDFLAGS) $(GLIB_LDFLAGS) $(JSON_LDFLAGS)
all: pam_eid.so add-eid all: pam_eid.so add-eid
@ -29,10 +32,11 @@ add-eid: $(EXEC_OBJS)
gcc -o add-eid $(EXEC_OBJS) $(EXEC_LDFLAGS) gcc -o add-eid $(EXEC_OBJS) $(EXEC_LDFLAGS)
pam_eid.o: auth.h pam_eid.h pam_eid.o: auth.h pam_eid.h
auth.o: authorized_eid.h client.h auth.h pam_eid.h auth.o: authorized_eid.h client.h auth.h pam_eid.h json.h
add-eid.o: authorized_eid.h client.h add-eid.o: authorized_eid.h client.h json.h
authorized_eid.o: authorized_eid.h authorized_eid.o: authorized_eid.h
client.o: client.h client.o: client.h
json.o: json.h
install: all install: all
install -m 755 -d $(DESTDIR)/usr/lib/$(ARCH)/security install -m 755 -d $(DESTDIR)/usr/lib/$(ARCH)/security

18
add-eid.c
View File

@ -15,14 +15,15 @@
#include "authorized_eid.h" #include "authorized_eid.h"
#include "client.h" #include "client.h"
#include "json.h"
int main(int argc, char *argv[]) int main(int argc, char *argv[])
{ {
struct passwd *passwd; struct passwd *passwd;
FILE *authorized_eid; FILE *authorized_eid;
char *res1, *res2;
gchar *hash; gchar *hash;
CURL *curl; CURL *curl;
char *res;
if ((curl = curl_easy_init()) == NULL) if ((curl = curl_easy_init()) == NULL)
{ {
@ -31,15 +32,24 @@ int main(int argc, char *argv[])
} }
port = 24727; port = 24727;
res = eidResponse(curl); res1 = eidResponse(curl);
if (res == NULL) if (res1 == NULL)
{ {
fprintf(stderr, "Did not receive a valid result from the web\n"); fprintf(stderr, "Did not receive a valid result from the web\n");
exit(-2); exit(-2);
} }
hash = g_compute_checksum_for_string(G_CHECKSUM_SHA512, res, strlen(res)); res2 = json2txt(res1);
if (res2 == NULL)
{
fprintf(stderr, "The result from the web could not be parsed\n");
exit(-3);
}
hash = g_compute_checksum_for_string(G_CHECKSUM_SHA512, res2, strlen(res2));
free(res2);
errno = 0; errno = 0;
if ((passwd = getpwuid(geteuid())) == NULL) if ((passwd = getpwuid(geteuid())) == NULL)

31
auth.c
View File

@ -15,12 +15,14 @@
#include "authorized_eid.h" #include "authorized_eid.h"
#include "client.h" #include "client.h"
#include "auth.h" #include "auth.h"
#include "json.h"
#include "pam_eid.h" #include "pam_eid.h"
int auth(pam_handle_t *pamh, struct passwd *passwd, CURL *curl) int auth(pam_handle_t *pamh, struct passwd *passwd, CURL *curl)
{ {
char *fileEntry = NULL; char *fileEntry = NULL;
char *res = NULL; char *res1 = NULL;
char *res2 = NULL;
FILE *authorized_eid; FILE *authorized_eid;
gchar *hash; gchar *hash;
size_t n; size_t n;
@ -45,7 +47,7 @@ int auth(pam_handle_t *pamh, struct passwd *passwd, CURL *curl)
port = 41325; port = 41325;
if ((res = eidResponse(curl)) == NULL) if ((res1 = eidResponse(curl)) == NULL)
{ {
pam_syslog(pamh, LOG_ERR, "curl_easy_perform() failed: %s", errbuf); pam_syslog(pamh, LOG_ERR, "curl_easy_perform() failed: %s", errbuf);
r = PAM_SERVICE_ERR; r = PAM_SERVICE_ERR;
@ -56,10 +58,27 @@ int auth(pam_handle_t *pamh, struct passwd *passwd, CURL *curl)
{ {
pam_syslog(pamh, LOG_DEBUG, "curl_easy_perform() succeeded"); pam_syslog(pamh, LOG_DEBUG, "curl_easy_perform() succeeded");
pam_syslog(pamh, LOG_DEBUG, "The data read from web is: %s", pam_syslog(pamh, LOG_DEBUG, "The data read from web is: %s",
res); res1);
} }
hash = g_compute_checksum_for_string(G_CHECKSUM_SHA512, res, strlen(res)); res2 = json2txt(res1);
if (res2 == NULL)
{
pam_syslog(pamh, LOG_DEBUG, "The result from the web could not be parsed\n");
r = PAM_SERVICE_ERR;
goto cleanup;
}
if (params.debug)
{
pam_syslog(pamh, LOG_DEBUG, "json2txt() succeeded");
pam_syslog(pamh, LOG_DEBUG, "The result is: %s",
res2);
}
hash = g_compute_checksum_for_string(G_CHECKSUM_SHA512, res2, strlen(res2));
free(res2);
if (params.debug) if (params.debug)
{ {
@ -107,8 +126,8 @@ cleanup:
if (authorized_eid != NULL) if (authorized_eid != NULL)
fclose(authorized_eid); fclose(authorized_eid);
if (res != NULL) if (res1 != NULL)
free(res); free(res1);
if (fileEntry != NULL) if (fileEntry != NULL)
free(fileEntry); free(fileEntry);

4
client.c
View File

@ -10,8 +10,8 @@
#include "client.h" #include "client.h"
static const char action_eid[] = "tcTokenURL=https://www.autentapp.de/AusweisAuskunft/WebServiceRequesterServlet?mode=xml"; static const char action_eid[] = "tcTokenURL=https://www.autentapp.de/AusweisAuskunft/WebServiceRequesterServlet?mode=json";
static const char action_eid_ok[] = "<ns2:ResultMajor>http://www.bsi.bund.de/ecard/api/1.1/resultmajor#ok</ns2:ResultMajor>"; static const char action_eid_ok[] = "http://www.bsi.bund.de/ecard/api/1.1/resultmajor#ok";
char errbuf[CURL_ERROR_SIZE]; char errbuf[CURL_ERROR_SIZE];
int port; int port;

6
debian/changelog vendored
View File

@ -1,3 +1,9 @@
pam-eid (4.0-1) unstable; urgency=medium
* New upstream release
-- Christoph Pleger <pleger@irb.cs.tu-dortmund.de> Thu, 13 Feb 2025 18:56:49 +0100
pam-eid (3.0-1) unstable; urgency=medium pam-eid (3.0-1) unstable; urgency=medium
* New upstream release * New upstream release

1
debian/control vendored
View File

@ -8,6 +8,7 @@ Build-Depends:
libcurl4-gnutls-dev | libcurl4-openssl-dev, libcurl4-gnutls-dev | libcurl4-openssl-dev,
libglib2.0-dev, libglib2.0-dev,
libpam0g-dev, libpam0g-dev,
libcjson-dev,
pkgconf | pkg-config pkgconf | pkg-config
Standards-Version: 4.6.2 Standards-Version: 4.6.2