mirrors/ngircd
1
0
Fork 0
mirror of https://github.com/osmarks/ngircd.git synced 2025-11-05 00:12:59 +00:00
Code Issues Releases Wiki Activity

New configuration option "NoPAM" to disable PAM

Browse Source 
When the "NoPAM" configuration option is set and ngIRCd is compiled
with support for PAM, ngIRCd will not call any PAM functions: all
connection attemps without password will succeed instead and all
connection attemps with password will fail.

If ngIRCd is compiled without PAM support, this option is a dummy
option and nothing changes: the global server password will still be
in effect.
This commit is contained in:
Alexander Barton
2010-07-13 15:10:35 +02:00
parent 37ee0a3313
commit f369177617
5 changed files with 23 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/ngircd/conf.c
View File

@@ -331,6 +331,7 @@ Conf_Test( void )
printf(" PredefChannelsOnly = %s\n", yesno_to_str(Conf_PredefChannelsOnly));
printf(" NoDNS = %s\n", yesno_to_str(Conf_NoDNS));
printf(" NoIdent = %s\n", yesno_to_str(Conf_NoIdent));
printf(" NoPAM = %s\n", yesno_to_str(Conf_NoPAM));
#ifdef WANT_IPV6
printf(" ConnectIPv4 = %s\n", yesno_to_str(Conf_ConnectIPv6));
@@ -580,6 +581,7 @@ Set_Defaults(bool InitServers)
Conf_ConnectRetry = 60;
Conf_NoDNS = false;
Conf_NoIdent = false;
Conf_NoPAM = false;
Conf_Oper_Count = 0;
Conf_Channel_Count = 0;
@@ -986,6 +988,11 @@ Handle_GLOBAL( int Line, char *Var, char *Arg )
#endif
return;
}
if(strcasecmp(Var, "NoPAM") == 0) {
/* don't use PAM library to authenticate users */
Conf_NoPAM = Check_ArgIsTrue(Arg);
return;
}
#ifdef WANT_IPV6
/* the default setting for all the WANT_IPV6 special options is 'true' */
if( strcasecmp( Var, "ConnectIPv6" ) == 0 ) {

3
src/ngircd/conf.h
View File

@@ -152,6 +152,9 @@ GLOBAL bool Conf_NoDNS;
/* Disable IDENT lookups, even when compiled with support for it */
GLOBAL bool Conf_NoIdent;
/* Disable all usage of PAM, even when compiled with support for it */
GLOBAL bool Conf_NoPAM;
/*
* try to connect to remote systems using the ipv6 protocol,
* if they have an ipv6 address? (default yes)

5
src/ngircd/irc-login.c
View File

@@ -787,7 +787,10 @@ Hello_User(CLIENT * Client)
/* Sub process */
signal(SIGTERM, Proc_GenericSignalHandler);
Log_Init_Subprocess("Auth");
result = PAM_Authenticate(Client);
if (Conf_NoPAM) {
result = (Client_Password(Client)[0] == '\0');
} else
result = PAM_Authenticate(Client);
write(pipefd[1], &result, sizeof(result));
Log_Exit_Subprocess("Auth");
exit(0);