4 files changed, 207 insertions, 7 deletions

diff --git a/examples/Makefile.am b/examples/Makefile.am
index 722ec686..c4c3c261 100644
--- a/examples/Makefile.am
+++ b/examples/Makefile.am
@@ -11,4 +11,4 @@ AM_CFLAGS = -I$(top_srcdir)/libpam/include -I$(top_srcdir)/libpamc/include \
 LDADD = $(top_builddir)/libpam/libpam.la \
 	$(top_builddir)/libpam_misc/libpam_misc.la
 
-noinst_PROGRAMS = xsh vpass blank check_user
+noinst_PROGRAMS = xsh vpass blank check_user tty_conv
diff --git a/examples/Makefile.in b/examples/Makefile.in
index 456544f6..25bf4203 100644
--- a/examples/Makefile.in
+++ b/examples/Makefile.in
@@ -93,7 +93,7 @@ POST_UNINSTALL = :
 build_triplet = @build@
 host_triplet = @host@
 noinst_PROGRAMS = xsh$(EXEEXT) vpass$(EXEEXT) blank$(EXEEXT) \
-	check_user$(EXEEXT)
+	check_user$(EXEEXT) tty_conv$(EXEEXT)
 subdir = examples
 ACLOCAL_M4 = $(top_srcdir)/aclocal.m4
 am__aclocal_m4_deps = $(top_srcdir)/m4/attribute.m4 \
@@ -133,6 +133,11 @@ check_user_OBJECTS = check_user.$(OBJEXT)
 check_user_LDADD = $(LDADD)
 check_user_DEPENDENCIES = $(top_builddir)/libpam/libpam.la \
 	$(top_builddir)/libpam_misc/libpam_misc.la
+tty_conv_SOURCES = tty_conv.c
+tty_conv_OBJECTS = tty_conv.$(OBJEXT)
+tty_conv_LDADD = $(LDADD)
+tty_conv_DEPENDENCIES = $(top_builddir)/libpam/libpam.la \
+	$(top_builddir)/libpam_misc/libpam_misc.la
 vpass_SOURCES = vpass.c
 vpass_OBJECTS = vpass.$(OBJEXT)
 vpass_LDADD = $(LDADD)
@@ -159,7 +164,8 @@ DEFAULT_INCLUDES = -I.@am__isrc@ -I$(top_builddir)
 depcomp = $(SHELL) $(top_srcdir)/build-aux/depcomp
 am__maybe_remake_depfiles = depfiles
 am__depfiles_remade = ./$(DEPDIR)/blank.Po ./$(DEPDIR)/check_user.Po \
-	./$(DEPDIR)/vpass.Po ./$(DEPDIR)/xsh.Po
+	./$(DEPDIR)/tty_conv.Po ./$(DEPDIR)/vpass.Po \
+	./$(DEPDIR)/xsh.Po
 am__mv = mv -f
 COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
 	$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
@@ -179,8 +185,8 @@ AM_V_CCLD = $(am__v_CCLD_@AM_V@)
 am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@)
 am__v_CCLD_0 = @echo "  CCLD    " $@;
 am__v_CCLD_1 = 
-SOURCES = blank.c check_user.c vpass.c xsh.c
-DIST_SOURCES = blank.c check_user.c vpass.c xsh.c
+SOURCES = blank.c check_user.c tty_conv.c vpass.c xsh.c
+DIST_SOURCES = blank.c check_user.c tty_conv.c vpass.c xsh.c
 am__can_run_installinfo = \
   case $$AM_UPDATE_INFO_DIR in \
     n|no|NO) false;; \
@@ -233,6 +239,7 @@ CYGPATH_W = @CYGPATH_W@
 DEFS = @DEFS@
 DEPDIR = @DEPDIR@
 DLLTOOL = @DLLTOOL@
+DOCBOOK_RNG = @DOCBOOK_RNG@
 DSYMUTIL = @DSYMUTIL@
 DUMPBIN = @DUMPBIN@
 ECHO_C = @ECHO_C@
@@ -245,11 +252,13 @@ EXEEXT = @EXEEXT@
 EXE_CFLAGS = @EXE_CFLAGS@
 EXE_LDFLAGS = @EXE_LDFLAGS@
 FGREP = @FGREP@
+FILECMD = @FILECMD@
 FO2PDF = @FO2PDF@
 GETTEXT_MACRO_VERSION = @GETTEXT_MACRO_VERSION@
 GMSGFMT = @GMSGFMT@
 GMSGFMT_015 = @GMSGFMT_015@
 GREP = @GREP@
+HTML_STYLESHEET = @HTML_STYLESHEET@
 INSTALL = @INSTALL@
 INSTALL_DATA = @INSTALL_DATA@
 INSTALL_PROGRAM = @INSTALL_PROGRAM@
@@ -281,12 +290,14 @@ LIBSELINUX = @LIBSELINUX@
 LIBTOOL = @LIBTOOL@
 LIPO = @LIPO@
 LN_S = @LN_S@
+LOGIND_CFLAGS = @LOGIND_CFLAGS@
 LTLIBICONV = @LTLIBICONV@
 LTLIBINTL = @LTLIBINTL@
 LTLIBOBJS = @LTLIBOBJS@
 LT_SYS_LIBRARY_PATH = @LT_SYS_LIBRARY_PATH@
 MAKEINFO = @MAKEINFO@
 MANIFEST_TOOL = @MANIFEST_TOOL@
+MAN_STYLESHEET = @MAN_STYLESHEET@
 MKDIR_P = @MKDIR_P@
 MSGFMT = @MSGFMT@
 MSGFMT_015 = @MSGFMT_015@
@@ -309,6 +320,7 @@ PACKAGE_TARNAME = @PACKAGE_TARNAME@
 PACKAGE_URL = @PACKAGE_URL@
 PACKAGE_VERSION = @PACKAGE_VERSION@
 PATH_SEPARATOR = @PATH_SEPARATOR@
+PDF_STYLESHEET = @PDF_STYLESHEET@
 PKG_CONFIG = @PKG_CONFIG@
 PKG_CONFIG_LIBDIR = @PKG_CONFIG_LIBDIR@
 PKG_CONFIG_PATH = @PKG_CONFIG_PATH@
@@ -319,12 +331,16 @@ SECUREDIR = @SECUREDIR@
 SED = @SED@
 SET_MAKE = @SET_MAKE@
 SHELL = @SHELL@
-STRINGPARAM_HMAC = @STRINGPARAM_HMAC@
+STRINGPARAM_PROFILECONDITIONS = @STRINGPARAM_PROFILECONDITIONS@
 STRINGPARAM_VENDORDIR = @STRINGPARAM_VENDORDIR@
 STRIP = @STRIP@
+SYSTEMD_CFLAGS = @SYSTEMD_CFLAGS@
+SYSTEMD_LIBS = @SYSTEMD_LIBS@
 TIRPC_CFLAGS = @TIRPC_CFLAGS@
 TIRPC_LIBS = @TIRPC_LIBS@
+TXT_STYLESHEET = @TXT_STYLESHEET@
 USE_NLS = @USE_NLS@
+VENDOR_SCONFIGDIR = @VENDOR_SCONFIGDIR@
 VERSION = @VERSION@
 WARN_CFLAGS = @WARN_CFLAGS@
 XGETTEXT = @XGETTEXT@
@@ -449,6 +465,10 @@ check_user$(EXEEXT): $(check_user_OBJECTS) $(check_user_DEPENDENCIES) $(EXTRA_ch
 	@rm -f check_user$(EXEEXT)
 	$(AM_V_CCLD)$(LINK) $(check_user_OBJECTS) $(check_user_LDADD) $(LIBS)
 
+tty_conv$(EXEEXT): $(tty_conv_OBJECTS) $(tty_conv_DEPENDENCIES) $(EXTRA_tty_conv_DEPENDENCIES) 
+	@rm -f tty_conv$(EXEEXT)
+	$(AM_V_CCLD)$(LINK) $(tty_conv_OBJECTS) $(tty_conv_LDADD) $(LIBS)
+
 vpass$(EXEEXT): $(vpass_OBJECTS) $(vpass_DEPENDENCIES) $(EXTRA_vpass_DEPENDENCIES) 
 	@rm -f vpass$(EXEEXT)
 	$(AM_V_CCLD)$(LINK) $(vpass_OBJECTS) $(vpass_LDADD) $(LIBS)
@@ -465,6 +485,7 @@ distclean-compile:
 
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/blank.Po@am__quote@ # am--include-marker
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/check_user.Po@am__quote@ # am--include-marker
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tty_conv.Po@am__quote@ # am--include-marker
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/vpass.Po@am__quote@ # am--include-marker
 @AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/xsh.Po@am__quote@ # am--include-marker
 
@@ -629,6 +650,7 @@ clean-am: clean-generic clean-libtool clean-noinstPROGRAMS \
 distclean: distclean-am
 		-rm -f ./$(DEPDIR)/blank.Po
 	-rm -f ./$(DEPDIR)/check_user.Po
+	-rm -f ./$(DEPDIR)/tty_conv.Po
 	-rm -f ./$(DEPDIR)/vpass.Po
 	-rm -f ./$(DEPDIR)/xsh.Po
 	-rm -f Makefile
@@ -678,6 +700,7 @@ installcheck-am:
 maintainer-clean: maintainer-clean-am
 		-rm -f ./$(DEPDIR)/blank.Po
 	-rm -f ./$(DEPDIR)/check_user.Po
+	-rm -f ./$(DEPDIR)/tty_conv.Po
 	-rm -f ./$(DEPDIR)/vpass.Po
 	-rm -f ./$(DEPDIR)/xsh.Po
 	-rm -f Makefile
diff --git a/examples/tty_conv.c b/examples/tty_conv.c
new file mode 100644
index 00000000..23f0684c
--- /dev/null
+++ b/examples/tty_conv.c
@@ -0,0 +1,177 @@
+/* PlanC (hubenchang0515@outlook.com) -- an example application
+ * that implements a custom conversation */
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+#include <errno.h>
+#include <unistd.h>
+#include <termio.h>
+#include <security/pam_appl.h>
+
+/***************************************
+ * @brief echo off/on
+ * @param[in] fd file descriptor
+ * @param[in] off 1 - echo off，0 - echo on
+ ***************************************/
+static void echoOff(int fd, int off)
+{
+    struct termio tty;
+    if (ioctl(fd, TCGETA, &tty) < 0)
+    {
+        fprintf(stderr, "TCGETA failed: %s\n", strerror(errno));
+        return;
+    }
+
+    if (off)
+    {
+        tty.c_lflag &= ~(ECHO | ECHOE | ECHOK | ECHONL);
+        if (ioctl(fd, TCSETAF, &tty) < 0)
+        {
+            fprintf(stderr, "TCSETAF failed: %s\n", strerror(errno));
+        }
+    }
+    else
+    {
+        tty.c_lflag |= (ECHO | ECHOE | ECHOK | ECHONL);
+        if (ioctl(fd, TCSETAW, &tty) < 0)
+        {
+            fprintf(stderr, "TCSETAW failed: %s\n", strerror(errno));
+        }
+    }
+}
+
+/***************************************
+ * @brief echo off stdin
+ ***************************************/
+static void echoOffStdin(void)
+{
+    echoOff(fileno(stdin), 1);
+}
+
+/***************************************
+ * @brief echo on stdin
+ ***************************************/
+static void echoOnStdin(void)
+{
+    echoOff(fileno(stdin), 0);
+}
+
+/***************************************
+ * @brief read a line input
+ * @return the input string
+ ***************************************/
+static char *readline(void)
+{
+    char input[PAM_MAX_RESP_SIZE];
+    int i;
+
+    flockfile(stdin);
+    for (i = 0; i < PAM_MAX_RESP_SIZE; i++)
+    {
+        int ch = getchar_unlocked();
+        if (ch == '\n' || ch == '\r' ||ch == EOF)
+            break;
+        input[i] = ch;
+    }
+    funlockfile(stdin);
+    input[i] = '\0';
+
+    return (strdup(input));
+}
+
+/**************************************************
+ * @brief callback of PAM conversation
+ * @param[in] num_msg the count of message
+ * @param[in] msg PAM message
+ * @param[out] resp our response
+ * @param[in] appdata_ptr custom data passed by struct pam_conv.appdata_ptr
+ * @return state
+ **************************************************/
+static int conversation(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr)
+{
+    (void)(appdata_ptr);
+    int i;
+
+    /* check the count of message */
+    if (num_msg <= 0 || num_msg >= PAM_MAX_MSG_SIZE)
+    {
+        fprintf(stderr, "invalid num_msg(%d)\n", num_msg);
+        return PAM_CONV_ERR;
+    }
+
+    /* alloc memory for response */
+    if ((resp[0] = malloc(num_msg * sizeof(struct pam_response))) == NULL)
+    {
+        fprintf(stderr, "bad alloc\n");
+        return PAM_BUF_ERR;
+    }
+
+    /* response for message */
+    for (i = 0; i < num_msg; i++)
+    {
+        const struct pam_message *m = *msg + i;
+        struct pam_response *r = *resp + i;
+        r->resp_retcode = 0;    /* currently un-used, zero expected */
+        switch (m->msg_style)
+        {
+        case PAM_PROMPT_ECHO_OFF:   /* get the input with echo off, like the password */
+            printf("%s", m->msg);
+            echoOffStdin();
+            r->resp = readline();
+            echoOnStdin();
+            printf("\n");
+            break;
+
+        case PAM_PROMPT_ECHO_ON:    /* get the input with echo on, like the username */
+            printf("%s", m->msg);
+            r->resp = readline();
+            break;
+
+        case PAM_TEXT_INFO:         /* normal info */
+            printf("%s\n", m->msg);
+            break;
+
+        case PAM_ERROR_MSG:         /* error info */
+            fprintf(stderr, "%s\n", m->msg);
+            break;
+
+        default:
+            fprintf(stderr, "unexpected msg_style: %d\n", m->msg_style);
+            break;
+        }
+    }
+    return PAM_SUCCESS;
+}
+
+int main(void)
+{
+    struct pam_conv pam_conv = {conversation, NULL};
+    pam_handle_t *pamh;
+
+    /* echo on while exist, like Ctrl+C on input password */
+    atexit(echoOnStdin);
+
+    if (PAM_SUCCESS != pam_start("login", NULL, &pam_conv, &pamh))
+    {
+        fprintf(stderr, "pam_start failed\n");
+        return EXIT_FAILURE;
+    }
+
+    if (PAM_SUCCESS != pam_authenticate(pamh, 0))
+    {
+        fprintf(stderr, "pam_authenticate failed\n");
+        pam_end(pamh, 0);
+        return EXIT_FAILURE;
+    }
+
+    if (PAM_SUCCESS != pam_acct_mgmt(pamh, 0))
+    {
+        fprintf(stderr, "pam_acct_mgmt failed\n");
+        pam_end(pamh, 0);
+        return EXIT_FAILURE;
+    }
+
+    pam_end(pamh, 0);
+    return EXIT_SUCCESS;
+}
diff --git a/examples/xsh.c b/examples/xsh.c
index ef4dca0c..5b34fc17 100644
--- a/examples/xsh.c
+++ b/examples/xsh.c
@@ -80,7 +80,7 @@ int main(int argc, char **argv)
 	 tty = ttyname(fileno(stdin));
 	 if (tty) {
 	     retcode = pam_set_item(pamh, PAM_TTY, tty);
-	     bail_out(pamh,1,retcode,"pam_set_item(PAM_RHOST)");
+	     bail_out(pamh,1,retcode,"pam_set_item(PAM_TTY)");
 	 }
      }