|
[x]
Posted via EE Mobile
|
||
Search, ask, and monitor your questions on the go with EE Mobile. Visit Experts Exchange from your mobile device and never be out of touch again. |
||
| 07/14/2009 at 02:13PM PDT, ID: 24570279 |
|
[x]
Attachment Details
|
||
|
[x]
The Solution Rating System
|
||
With so many solutions, how can you tell which solutions are most likely to help you and which ones are not? To provide you with a tool to use, we rate our solutions based on various elements that most accurately determine if a solution is a quality solution. To explain what factors affect the solution rating, here are the elements we take into consideration when formulating our solution rating.
Your Input Matters If you have any suggestions that you would like to make for our rating system, please ask a question in the Suggestions Zone of Community Support. Thank you! |
||
1: 2: 3: 4: 5: 6: 7: 8: 9: 10: 11: 12: 13: 14: 15: 16: 17: 18: 19: 20: 21: 22: 23: 24: 25: 26: 27: 28: 29: 30: 31: 32: 33: 34: 35: 36: 37: 38: 39: 40: 41: 42: 43: 44: 45: 46: 47: 48: 49: 50: 51: 52: 53: 54: 55: 56: 57: 58: 59: 60: 61: 62: 63: 64: 65: 66: 67: 68: 69: 70: 71: 72: 73: 74: 75: 76: 77: 78: 79: 80: 81: 82: 83: 84: 85: 86: 87: 88: 89: 90: 91: 92: 93: 94: 95: 96: 97: 98: 99: 100: 101: 102: 103: 104: 105: 106: 107: 108: 109: 110: |
#!/usr/bin/perl
# OpenVPN PAM AUTHENTICATON
# This script can be used to add PAM-based authentication
# to OpenVPN 2.0. The OpenVPN client must provide
# a username/password, using the --auth-user-pass directive.
# The OpenVPN server should specify --auth-user-pass-verify
# with this script as the argument and the 'via-file' method
# specified. The server can also optionally specify
# --client-cert-not-required and/or --username-as-common-name.
# SCRIPT OPERATION
# Return success or failure status based on whether or not a
# given username/password authenticates using PAM.
# Caller should write username/password as two lines in a file
# which is passed to this script as a command line argument.
# CAVEATS
# * Requires Authen::PAM module, which may also
# require the pam-devel package.
# * May need to be run as root in order to
# access username/password file.
use Authen::PAM;
use POSIX;
# This "conversation function" will pass
# $password to PAM when it asks for it.
sub my_conv_func {
my @res;
while ( @_ ) {
my $code = shift;
my $msg = shift;
my $ans = "";
$ans = $password if $msg =~ /[Pp]assword/;
push @res, (PAM_SUCCESS(),$ans);
}
push @res, PAM_SUCCESS();
return @res;
}
# Identify service type to PAM
$service = "login";
# Get username/password from file
if ($ARG = shift @ARGV) {
if (!open (UPFILE, "<$ARG")) {
print "Could not open username/password file: $ARG\n";
use Authen::PAM;
use POSIX;
# This "conversation function" will pass
# $password to PAM when it asks for it.
sub my_conv_func {
my @res;
while ( @_ ) {
my $code = shift;
my $msg = shift;
my $ans = "";
$ans = $password if $msg =~ /[Pp]assword/;
push @res, (PAM_SUCCESS(),$ans);
}
push @res, PAM_SUCCESS();
return @res;
}
# Identify service type to PAM
$service = "login";
# Get username/password from file
if ($ARG = shift @ARGV) {
if (!open (UPFILE, "<$ARG")) {
print "Could not open username/password file: $ARG\n";
if (!$username || !$password) {
print "Username/password not found in file: $ARG\n";
exit 1;
}
chomp $username;
chomp $password;
close (UPFILE);
# Initialize PAM object
if (!ref($pamh = new Authen::PAM($service, $username, \&my_conv_func))) {
print "Authen::PAM init failed\n";
exit 1;
}
# Authenticate with PAM
$res = $pamh->pam_authenticate;
# Return success or failure
if ($res == PAM_SUCCESS()) {
exit 1;
} else {
print "Auth '$username' failed, PAM said: ", $pamh->pam_strerror($res), "\n";
exit 0;
}
|
Advertisement
