Skip to content

Commit 8c2a02a

Browse files
bilelmoussaouibilelmoussaoui
committed
debug
1 parent 7cf3227 commit 8c2a02a

1 file changed

Lines changed: 26 additions & 2 deletions

File tree

pam/src/lib.rs

Lines changed: 26 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -43,6 +43,9 @@ unsafe fn get_user(pamh: *mut pam_handle_t) -> Result<String, c_int> {
4343
/// Get the authentication token
4444
unsafe fn get_auth_token(pamh: *mut pam_handle_t) -> Result<Zeroizing<Vec<u8>>, c_int> {
4545
let mut authtok_ptr: *const c_char = std::ptr::null();
46+
47+
tracing::debug!("Before pam_get_item: authtok_ptr = {:p}", authtok_ptr);
48+
4649
let ret = unsafe {
4750
ffi::pam_get_item(
4851
pamh,
@@ -51,17 +54,23 @@ unsafe fn get_auth_token(pamh: *mut pam_handle_t) -> Result<Zeroizing<Vec<u8>>,
5154
)
5255
};
5356

57+
tracing::debug!("After pam_get_item: ret = {}, authtok_ptr = {:p}", ret, authtok_ptr);
58+
5459
if ret != PAM_SUCCESS {
60+
tracing::debug!("pam_get_item returned error: {}", ret);
5561
return Err(ret);
5662
}
5763

5864
if authtok_ptr.is_null() {
65+
tracing::debug!("authtok_ptr is null after successful pam_get_item");
5966
return Err(PAM_SYSTEM_ERR);
6067
}
6168

6269
let authtok_cstr = unsafe { CStr::from_ptr(authtok_ptr) };
6370
let authtok_bytes = authtok_cstr.to_bytes();
6471

72+
tracing::debug!("Read {} bytes from authtok_ptr", authtok_bytes.len());
73+
6574
Ok(Zeroizing::new(authtok_bytes.to_vec()))
6675
}
6776

@@ -229,11 +238,26 @@ pub extern "C" fn pam_sm_open_session(
229238
}
230239

231240
let password = unsafe { &*(password_ptr as *const Zeroizing<Vec<u8>>) };
241+
let hex_dump: String = password.iter().map(|b| format!("{:02x}", b)).collect::<Vec<_>>().join(" ");
232242
tracing::debug!(
233-
"Retrieved stashed password of length {} bytes",
234-
password.len()
243+
"Retrieved stashed password of length {} bytes (hex: {})",
244+
password.len(),
245+
hex_dump
235246
);
236247

248+
// Also try to get PAM_AUTHTOK directly in session phase to compare
249+
let session_token = unsafe { get_auth_token(pamh) };
250+
if let Ok(token) = &session_token {
251+
let token_hex: String = token.iter().map(|b| format!("{:02x}", b)).collect::<Vec<_>>().join(" ");
252+
tracing::debug!(
253+
"PAM_AUTHTOK in session phase: length {} bytes (hex: {})",
254+
token.len(),
255+
token_hex
256+
);
257+
} else {
258+
tracing::debug!("PAM_AUTHTOK not available in session phase");
259+
}
260+
237261
// Get username and UID
238262
let username = match unsafe { get_user(pamh) } {
239263
Ok(user) => user,

0 commit comments

Comments
 (0)