Enable authenticate user using BSD password system

configure.ac

@@ -32,6 +32,10 @@ AM_CONDITIONAL(SESMAN_NOPAM, [test x$enable_pam != xyes])
 AC_ARG_ENABLE(kerberos, AS_HELP_STRING([--enable-kerberos],
               [Build kerberos support (default: no)]),
               [], [enable_kerberos=no])
+AC_ARG_ENABLE(bsd, AS_HELP_STRING([--enable-bsd],
+              [Build BSD auth support (default: no)]),
+              [bsd=true], [bsd=false])
+AM_CONDITIONAL(SESMAN_BSD, [test x$bsd = xtrue])
 AM_CONDITIONAL(SESMAN_KERBEROS, [test x$enable_kerberos = xyes])
 AC_ARG_ENABLE(pamuserpass, AS_HELP_STRING([--enable-pamuserpass],
               [Build pam userpass support (default: no)]),
@@ -78,8 +82,11 @@ if test "x$enable_pam" = "xyes"
 then
   if test "x$enable_kerberos" != "xyes"
   then
-    AC_CHECK_HEADER([security/pam_appl.h], [],
-      [AC_MSG_ERROR([please install libpam0g-dev or pam-devel])])
+    if test -z "$enable_bsd"
+    then
+      AC_CHECK_HEADER([security/pam_appl.h], [],
+        [AC_MSG_ERROR([please install libpam0g-dev or pam-devel])])
+    fi
   fi
 fi
 

sesman/Makefile.am

@@ -14,6 +14,10 @@ if SESMAN_NOPAM
 AUTH_C = verify_user.c
 AUTH_LIB = -lcrypt
 else
+if SESMAN_BSD
+AUTH_C = verify_user_bsd.c
+AUTH_LIB = 
+else
 if SESMAN_PAMUSERPASS
 AUTH_C = verify_user_pam_userpass.c
 AUTH_LIB = -lpam -lpam_userpass
@@ -27,6 +31,7 @@ AUTH_LIB = -lpam
 endif
 endif
 endif
+endif
 
 sbin_PROGRAMS = \
   xrdp-sesman

sesman/verify_user_bsd.c

@@ -0,0 +1,113 @@
+/*
+   This program is free software; you can redistribute it and/or modify
+   it under the terms of the GNU General Public License as published by
+   the Free Software Foundation; either version 2 of the License, or
+   (at your option) any later version.
+
+   This program is distributed in the hope that it will be useful,
+   but WITHOUT ANY WARRANTY; without even the implied warranty of
+   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+   GNU General Public License for more details.
+
+   You should have received a copy of the GNU General Public License
+   along with this program; if not, write to the Free Software
+   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
+
+   xrdp: A Remote Desktop Protocol server.
+   Copyright (C) Jay Sorg 2005-2008
+*/
+
+/**
+ *
+ * @file verify_user_user.c
+ * @brief Authenticate user using BSD password system
+ * @author Renaud Allard
+ *
+ */
+
+#include "sesman.h"
+
+#define _XOPEN_SOURCE
+#include <stdio.h>
+#include <sys/types.h>
+#include <stdlib.h>
+#include <unistd.h>
+#include <time.h>
+#include <login_cap.h>
+#include <bsd_auth.h>
+
+#ifndef SECS_PER_DAY
+#define SECS_PER_DAY (24L*3600L)
+#endif
+
+extern struct config_sesman* g_cfg; /* in sesman.c */
+
+/******************************************************************************/
+/* returns boolean */
+long DEFAULT_CC
+auth_userpass(char* user, char* pass)
+{
+	int ret = auth_userokay(user, NULL, "auth-xrdp", pass);
+	return ret;
+}
+
+/******************************************************************************/
+/* returns error */
+int DEFAULT_CC
+auth_start_session(long in_val, int in_display)
+{
+  return 0;
+}
+
+/******************************************************************************/
+int DEFAULT_CC
+auth_end(long in_val)
+{
+  return 0;
+}
+
+/******************************************************************************/
+int DEFAULT_CC
+auth_set_env(long in_val)
+{
+  return 0;
+}
+
+/******************************************************************************/
+int DEFAULT_CC
+auth_check_pwd_chg(char* user)
+{
+  return 0;
+}
+
+int DEFAULT_CC
+auth_change_pwd(char* user, char* newpwd)
+{
+  return 0;
+}
+
+/**
+ *
+ * @brief Password encryption
+ * @param pwd Old password
+ * @param pln Plaintext new password
+ * @param crp Crypted new password
+ *
+ */
+
+static int DEFAULT_CC
+auth_crypt_pwd(char* pwd, char* pln, char* crp)
+{
+  return 0;
+}
+
+/**
+ *
+ * @return 1 if the account is disabled, 0 otherwise
+ *
+ */
+static int DEFAULT_CC
+auth_account_disabled(struct spwd* stp)
+{
+  return 0;
+}