hikari/hikari_unlocker.c

#include <pwd.h>
#include <security/pam_appl.h>
#include <stdbool.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <strings.h>
#include <sys/mman.h>
#include <unistd.h>

static char *input_buffer = NULL;

#define INPUT_BUFFER_SIZE 1024

static int
conversation_handler(int num_msg,
		const struct pam_message **msg,
		struct pam_response **resp,
		void *data)
{
	struct pam_response *pam_reply = calloc(num_msg, sizeof(struct pam_response));

	if (pam_reply == NULL) {
		return PAM_ABORT;
	}
	*resp = pam_reply;
	for (int i = 0; i < num_msg; ++i) {
		switch (msg[i]->msg_style) {
			case PAM_PROMPT_ECHO_OFF:
			case PAM_PROMPT_ECHO_ON:
				pam_reply[i].resp = strdup(input_buffer);
				if (pam_reply[i].resp == NULL) {
					return PAM_ABORT;
				}
				break;

			case PAM_ERROR_MSG:
			case PAM_TEXT_INFO:
				break;
		}
	}
	return PAM_SUCCESS;
}

bool
check_password(const char *username)
{
	const struct pam_conv conv = {
		.conv = conversation_handler,
		.appdata_ptr = NULL,
	};

	bool success = false;
	pam_handle_t *auth_handle = NULL;
	if (pam_start("hikari-unlocker", username, &conv, &auth_handle) !=
			PAM_SUCCESS) {
		return false;
	}

	read(0, input_buffer, INPUT_BUFFER_SIZE - 1);
	int pam_status = pam_authenticate(auth_handle, 0);
	memset(input_buffer, 0, INPUT_BUFFER_SIZE);
	success = pam_status == PAM_SUCCESS;
	write(1, &success, sizeof(bool));

	pam_end(auth_handle, pam_status);

	return success;
}

int
main(int argc, char **argv)
{
	char input;
	bool success = false;
	struct passwd *passwd = getpwuid(getuid());

	input_buffer = malloc(INPUT_BUFFER_SIZE);
	memset(input_buffer, 0, INPUT_BUFFER_SIZE);
	mlock(input_buffer, INPUT_BUFFER_SIZE);

	while (!success) {
		success = check_password(passwd->pw_name);
	}

	munlock(input_buffer, INPUT_BUFFER_SIZE);
	free(input_buffer);

	return 0;
}