>From 28dc4fe5477f976935314046cf0b3ecd40256f46 Mon Sep 17 00:00:00 2001
From: Mats Erik Andersson <address@hidden>
Date: Fri, 26 Oct 2012 14:30:20 +0200
Subject: [PATCH 1/2] pam_shishi: Basic logging and first options.

---
 configure.ac                  |    7 ++++-
 extra/pam_shishi/pam_shishi.c |   49 +++++++++++++++++++++++++++++++++++++++++
 2 files changed, 54 insertions(+), 2 deletions(-)

diff --git a/configure.ac b/configure.ac
index 919fcfc..f1e9a12 100644
--- a/configure.ac
+++ b/configure.ac
@@ -119,9 +119,12 @@ AM_CONDITIONAL(ENABLE_SHISHID, test "$ac_cv_search_syslog" != "no")
 AC_ARG_ENABLE(pam,
   AC_HELP_STRING([--disable-pam], [Don't use PAM even if available]))
 if test "$enable_pam" != "no"; then
-	AC_CHECK_HEADERS(security/pam_appl.h)
-	AC_CHECK_HEADERS(security/pam_modules.h, [], [],
+	AC_CHECK_HEADERS([security/pam_appl.h security/pam_ext.h])
+	AC_CHECK_HEADERS([security/pam_modules.h security/openpam.h], [], [],
 	[
+#if HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
 #if HAVE_SECURITY_PAM_APPL_H
 #include <security/pam_appl.h>
 #endif
diff --git a/extra/pam_shishi/pam_shishi.c b/extra/pam_shishi/pam_shishi.c
index 6380f51..446998b 100644
--- a/extra/pam_shishi/pam_shishi.c
+++ b/extra/pam_shishi/pam_shishi.c
@@ -29,6 +29,7 @@
 #include <stdlib.h>
 #include <stdarg.h>
 #include <ctype.h>
+#include <string.h>
 #endif
 
 #include <shishi.h>
@@ -44,6 +45,10 @@
 #define PAM_SM_SESSION
 #define PAM_SM_PASSWORD
 
+#ifdef HAVE_SYS_TYPES_H
+#include <sys/types.h>
+#endif
+
 #ifdef HAVE_SECURITY_PAM_APPL_H
 #include <security/pam_appl.h>
 #endif
@@ -51,6 +56,17 @@
 #include <security/pam_modules.h>
 #endif
 
+#ifdef HAVE_SECURITY_PAM_EXT_H
+#include <syslog.h>
+#include <security/pam_ext.h>
+#define LINUXPAM_LOGGING 1
+#endif
+#ifdef HAVE_SECURITY_OPENPAM_H
+#include <security/openpam.h>
+#define OPENPAM_LOGGING 1
+#endif
+
+
 #if defined DEBUG_PAM && defined HAVE_SECURITY__PAM_MACROS_H
 #define DEBUG
 #include <security/_pam_macros.h>
@@ -66,6 +82,23 @@
 #endif
 #endif
 
+int debug;
+const char *realm;
+
+void
+parse_argv (int argc, const char **argv)
+{
+  int i;
+
+  for (i = 0; i < argc; i++)
+    {
+      if (!strcmp ("debug", argv[i]))
+	debug++;
+      else if (!strncmp ("realm=", argv[i], strlen ("realm=")))
+	realm = argv[i] + strlen ("realm=");
+    }
+}
+
 PAM_EXTERN int
 pam_sm_authenticate (pam_handle_t * pamh,
 		     int flags, int argc, const char **argv)
@@ -87,6 +120,8 @@ pam_sm_authenticate (pam_handle_t * pamh,
   for (i = 0; i < argc; i++)
     D (("argv[%d]=%s", i, argv[i]));
 
+  parse_argv (argc, argv);
+
   rc = shishi_init (&h);
   if (rc != SHISHI_OK)
     {
@@ -106,6 +141,20 @@ pam_sm_authenticate (pam_handle_t * pamh,
 
   shishi_principal_default_set (h, user);
 
+  if (realm && *realm)
+    shishi_realm_default_set (h, realm);
+
+  if (debug)
+    {
+#if defined LINUXPAM_LOGGING
+      pam_syslog (pamh, LOG_INFO, "Acting on address@hidden'.",
+		  shishi_principal_default (h), shishi_realm_default (h));
+#elif defined OPENPAM_LOGGING
+      openpam_log (PAM_LOG_VERBOSE, "Acting on address@hidden'.",
+		   shishi_principal_default (h), shishi_realm_default (h));
+#endif
+    }
+
   retval = pam_get_item (pamh, PAM_AUTHTOK, (const void **) &password);
   if (retval != PAM_SUCCESS)
     {
-- 
1.7.2.5