diff options
author | Sumit Bose <sbose@redhat.com> | 2016-03-17 17:20:52 +0100 |
---|---|---|
committer | Lukas Slebodnik <lslebodn@redhat.com> | 2016-06-09 13:08:26 +0200 |
commit | d86224608ff60ec5cc7e7cbf9e53d8a04e083530 (patch) | |
tree | 8d3a0984008b8baf942d8ee86ab2dd125d87403d /src/responder | |
parent | 325ed9f92f1ea1f348fd7913229faecf3dc1d40b (diff) | |
download | sssd-d86224608ff60ec5cc7e7cbf9e53d8a04e083530.tar.gz sssd-d86224608ff60ec5cc7e7cbf9e53d8a04e083530.tar.xz sssd-d86224608ff60ec5cc7e7cbf9e53d8a04e083530.zip |
p11: add PKCS11_LOGIN_TOKEN_NAME environment variable
The PKCS11_LOGIN_TOKEN_NAME environment variable is e.g. used by the
Gnome Settings Daemon to determine the name of the token used for login.
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Diffstat (limited to 'src/responder')
-rw-r--r-- | src/responder/pam/pamsrv_p11.c | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/src/responder/pam/pamsrv_p11.c b/src/responder/pam/pamsrv_p11.c index 4d35e1d34..8a9497a09 100644 --- a/src/responder/pam/pamsrv_p11.c +++ b/src/responder/pam/pamsrv_p11.c @@ -504,10 +504,15 @@ errno_t pam_check_cert_recv(struct tevent_req *req, TALLOC_CTX *mem_ctx, return EOK; } +/* The PKCS11_LOGIN_TOKEN_NAME environment variable is e.g. used by the Gnome + * Settings Daemon to determine the name of the token used for login */ +#define PKCS11_LOGIN_TOKEN_ENV_NAME "PKCS11_LOGIN_TOKEN_NAME" + errno_t add_pam_cert_response(struct pam_data *pd, const char *user, const char *token_name) { uint8_t *msg = NULL; + char *env = NULL; size_t user_len; size_t msg_len; size_t slot_len; @@ -533,6 +538,26 @@ errno_t add_pam_cert_response(struct pam_data *pd, const char *user, ret = pam_add_response(pd, SSS_PAM_CERT_INFO, msg_len, msg); talloc_free(msg); + if (ret != EOK) { + DEBUG(SSSDBG_OP_FAILURE, + "pam_add_response failed to add certificate info.\n"); + return ret; + } + + env = talloc_asprintf(pd, "%s=%s", PKCS11_LOGIN_TOKEN_ENV_NAME, token_name); + if (env == NULL) { + DEBUG(SSSDBG_OP_FAILURE, "talloc_asprintf failed.\n"); + return ENOMEM; + } + + ret = pam_add_response(pd, SSS_PAM_ENV_ITEM, strlen(env) + 1, + (uint8_t *)env); + talloc_free(env); + if (ret != EOK) { + DEBUG(SSSDBG_OP_FAILURE, + "pam_add_response failed to add environment variable.\n"); + return ret; + } return ret; } |