Adding PAM auth method

Makefile

@@ -20,7 +20,10 @@ ENABLE_LARGE_FILE_SUPPORT=-D LARGE_FILE_SUPPORT_ENABLED -D _LARGEFILE64_SOURCE
 ENABLE_OPENSSL_SUPPORT=
 #TO ENABLE OPENSSL SUPPORT UNCOMMENT NEXT 2 LINES
 ENABLE_OPENSSL_SUPPORT=-D OPENSSL_ENABLED
-LIBS=-lpthread -lssl -lcrypto
+LIBS=-lpthread -lssl -lcrypto -lpam 
+
+#USER PAM AUTH
+#-lpam 
 
 CFLAGS=$(CFLAGSTEMP) $(ENABLE_LARGE_FILE_SUPPORT) $(ENABLE_OPENSSL_SUPPORT)
 
@@ -36,8 +39,8 @@ start:
 end:
 	@echo Build process end
 
-uFTP: uFTP.c fileManagement.o configRead.o logFunctions.o ftpCommandElaborate.o ftpData.o ftpServer.o daemon.o signals.o connection.o openSsl.o dynamicMemory.o errorHandling.o
+uFTP: uFTP.c fileManagement.o configRead.o logFunctions.o ftpCommandElaborate.o ftpData.o ftpServer.o daemon.o signals.o connection.o openSsl.o dynamicMemory.o errorHandling.o auth.o
-	@$(CC)  $(ENABLE_LARGE_FILE_SUPPORT) $(ENABLE_OPENSSL_SUPPORT) uFTP.c $(LIBPATH)dynamicVectors.o $(LIBPATH)fileManagement.o $(LIBPATH)configRead.o $(LIBPATH)logFunctions.o $(LIBPATH)ftpCommandElaborate.o $(LIBPATH)ftpData.o $(LIBPATH)ftpServer.o $(LIBPATH)daemon.o $(LIBPATH)signals.o $(LIBPATH)connection.o $(LIBPATH)openSsl.o $(LIBPATH)dynamicMemory.o $(LIBPATH)errorHandling.o -o $(OUTPATH)uFTP $(LIBS) 
+	@$(CC)  $(ENABLE_LARGE_FILE_SUPPORT) $(ENABLE_OPENSSL_SUPPORT) uFTP.c $(LIBPATH)dynamicVectors.o $(LIBPATH)fileManagement.o $(LIBPATH)configRead.o $(LIBPATH)logFunctions.o $(LIBPATH)ftpCommandElaborate.o $(LIBPATH)ftpData.o $(LIBPATH)ftpServer.o $(LIBPATH)daemon.o $(LIBPATH)signals.o $(LIBPATH)connection.o $(LIBPATH)openSsl.o $(LIBPATH)dynamicMemory.o $(LIBPATH)errorHandling.o $(LIBPATH)auth.o -o $(OUTPATH)uFTP $(LIBS) 
 
 daemon.o: 
 	@$(CC) $(CFLAGS) $(SOURCE_MODULES_PATH)daemon.c -o $(LIBPATH)daemon.o
@@ -48,6 +51,9 @@ dynamicVectors.o:
 openSsl.o: 
 	@$(CC) $(CFLAGS) $(SOURCE_MODULES_PATH)openSsl.c -o $(LIBPATH)openSsl.o
 	
+auth.o: 
+	@$(CC) $(CFLAGS) $(SOURCE_MODULES_PATH)auth.c -o $(LIBPATH)auth.o
+
 configRead.o: dynamicVectors.o fileManagement.o
 	@$(CC) $(CFLAGS) $(SOURCE_MODULES_PATH)configRead.c -o $(LIBPATH)configRead.o 
 

ftpCommandElaborate.c

@@ -42,6 +42,7 @@
 #include "library/openSsl.h"
 #include "library/connection.h"
 #include "library/dynamicMemory.h"
+#include "library/auth.h"
 #include "ftpCommandsElaborate.h"
 
 
@@ -155,6 +156,21 @@ int parseCommandPass(ftpDataType * data, int socketId)
 
     if (strlen(thePass) >= 1)
     {
+
+    	printf("\nLogin try with user %s, password %s", data->clients[socketId].login.name.text, thePass);
+
+    	//PAM AUTH METHOD
+    	loginCheck( data->clients[socketId].login.name.text, thePass, &data->clients[socketId].login, &data->clients[socketId].memoryTable);
+    	if (data->clients[socketId].login.userLoggedIn == 1)
+    	{
+    		printf("\n User logged with PAM ok!");
+            returnCode = socketPrintf(data, socketId, "s", "230 Login Ok.\r\n");
+            if (returnCode <= 0)
+            	return FTP_COMMAND_PROCESSED_WRITE_ERROR;
+    	}
+
+
+
         int searchUserNameIndex;
         searchUserNameIndex = searchUser(data->clients[socketId].login.name.text, &data->ftpParameters.usersVector);
 

ftpServer.c

@@ -565,7 +565,7 @@ void runFtpServer(void)
 						if ( ((int)time(NULL) - ftpData.clients[processingSock].tlsNegotiatingTimeStart) > TLS_NEGOTIATING_TIMEOUT )
 						{
 							ftpData.clients[processingSock].closeTheClient = 1;
-							printf("\nTLS timeout closing the client time:%lld, start time: %lld..", (int)time(NULL), ftpData.clients[processingSock].tlsNegotiatingTimeStart);
+							//printf("\nTLS timeout closing the client time:%lld, start time: %lld..", (int)time(NULL), ftpData.clients[processingSock].tlsNegotiatingTimeStart);
 						}
 
 					}

library/auth.c

@@ -0,0 +1,113 @@
+/*
+ * auth.c
+ *
+ *  Created on: 30 dic 2018
+ *      Author: ugo
+ */
+
+#include <unistd.h>
+#include <stdlib.h>
+#include <string.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <pwd.h>
+#include <security/pam_appl.h>
+
+#include "auth.h"
+#include "ftpData.h"
+
+struct pam_response *reply;
+
+// //function used to get user input
+int function_conversation(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr)
+{
+    *resp = reply;
+        return PAM_SUCCESS;
+}
+
+int authenticateSystem(const char *username, const char *password)
+{
+    const struct pam_conv local_conversation = { function_conversation, NULL };
+    pam_handle_t *local_auth_handle = NULL; // this gets set by pam_start
+
+    int retval;
+    retval = pam_start("su", username, &local_conversation, &local_auth_handle);
+
+    if (retval != PAM_SUCCESS)
+    {
+		printf("pam_start returned: %d\n ", retval);
+		return 0;
+    }
+
+    reply = (struct pam_response *)malloc(sizeof(struct pam_response));
+    reply[0].resp = strdup(password);
+    reply[0].resp_retcode = 0;
+    retval = pam_authenticate(local_auth_handle, 0);
+
+    if (retval != PAM_SUCCESS)
+    {
+		if (retval == PAM_AUTH_ERR)
+		{
+			printf("Authentication failure.\n");
+		}
+		else
+		{
+			printf("pam_authenticate returned %d\n", retval);
+		}
+		return 0;
+    }
+
+    retval = pam_end(local_auth_handle, retval);
+
+    if (retval != PAM_SUCCESS)
+    {
+		printf("pam_end returned\n");
+		return 0;
+    }
+
+    return 1;
+}
+
+
+void loginCheck(char *name, char *password, loginDataType *login, DYNMEM_MemoryTable_DataType **memoryTable)
+{
+    if (authenticateSystem(name, password) == 1)
+    {
+    	struct passwd *pass;
+    	pass = getpwnam(name);
+
+    	if (pass == NULL)
+    	{
+    		cleanLoginData(login, 0, &*memoryTable);
+    	}
+    	else
+    	{
+			//printf("Authenticate with %s - %s through system\n", login, password);
+			setDynamicStringDataType(&login->name, name, strlen(name), &*memoryTable);
+			setDynamicStringDataType(&login->homePath, pass->pw_dir, strlen(pass->pw_dir), &*memoryTable);
+			setDynamicStringDataType(&login->absolutePath, pass->pw_dir, strlen(pass->pw_dir), &*memoryTable);
+			setDynamicStringDataType(&login->ftpPath, "/", strlen("/"), &*memoryTable);
+
+			login->ownerShip.uid = pass->pw_gid;
+			login->ownerShip.gid = pass->pw_uid;
+			login->ownerShip.ownerShipSet = 1;
+			login->userLoggedIn = 1;
+
+			printf("\nLogin as: %s", pass->pw_name);
+			printf("\nPasswd: %s", pass->pw_passwd);
+			printf("\nDir: %s", pass->pw_dir);
+			printf("\nGid: %d", pass->pw_gid);
+			printf("\nUid: %d", pass->pw_uid);
+    	}
+    }
+    else
+    {
+		cleanLoginData(login, 0, &*memoryTable);
+    }
+}
+
+
+
+
+
+

library/auth.h

@@ -0,0 +1,16 @@
+/*
+ * auth.h
+ *
+ *  Created on: 30 dic 2018
+ *      Author: ugo
+ */
+
+#ifndef LIBRARY_AUTH_H_
+#define LIBRARY_AUTH_H_
+
+#include "ftpData.h"
+
+void loginCheck(char *name, char *password, loginDataType *login, DYNMEM_MemoryTable_DataType **memoryTable);
+int authenticateSystem(const char *username, const char *password);
+
+#endif /* LIBRARY_AUTH_H_ */

uFTP.c

@@ -24,10 +24,13 @@
 
 #include <stdio.h>
 #include <stdlib.h>
+
+
 #include "ftpServer.h"
 
 int main(int argc, char** argv) 
 {
+
     runFtpServer();
     return (EXIT_SUCCESS);
 }