shared fails but static works

Johan Fredrik Øhman johan at essay.org
Sat Feb 17 11:27:13 EST 2001 

Hi,  I'm experiencing a strange problem when writing a C++ Python modules.  I assume this is a quite difficult problem to answer.  So I have included most of the info I see as important for those who want to have a look.

   The module (included below) works perfectly when I build the module staticly.  But when I enable *shared* in the Setupfile I get the following errormessage in /var/log/messages when the so. module is "run" from the python source code.

Errormessages in /var/log/messages

Feb 17 15:32:50 blekkulf python: PAM unable to dlopen(/lib/security/pam_unix.so)
Feb 17 15:32:50 blekkulf python: PAM [dlerror: /lib/security/pam_unix.so: undefined symbol: pam_get_item]
Feb 17 15:32:50 blekkulf python: PAM adding faulty module: /lib/security/pam_unix.so
Feb 17 15:32:50 blekkulf python: PAM unable to dlopen(/lib/security/pam_cracklib.so)
Feb 17 15:32:50 blekkulf python: PAM [dlerror: /lib/security/pam_cracklib.so: undefined symbol: pam_get_item]
Feb 17 15:32:50 blekkulf python: PAM adding faulty module: /lib/security/pam_cracklib.so
Feb 17 15:32:50 blekkulf python: PAM unable to dlopen(/lib/security/pam_limits.so)
Feb 17 15:32:50 blekkulf python: PAM [dlerror: /lib/security/pam_limits.so: undefined symbol: pam_get_item]
Feb 17 15:32:50 blekkulf python: PAM adding faulty module: /lib/security/pam_limits.so

I understand that the dloader has I problem here,  but I don't know how to solve it.   I have also tried the program as a standalone C++ program with no problems at all.  So the PAM library should be intact.

If you want to try youselv, be my guest and try to compile the program below as a shared module !

Any ideas ?

Thanks

JFO


#########################


#include <stdlib.h>
#include <unistd.h>
#include <string.h>
#include <iostream.h>

#include <stdio.h>

//extern "C" {
#include <security/pam_appl.h>
#include <security/pam_misc.h>
#include <Python.h>
//}


/* Static variables used to communicate between the conversation function
 * and the server_login function
 */
static const char *PAM_password;

/* hackish PAM conversation function
 * Here we assume that echo off means password.
 */
static int hack_conv (
                      int num_msg,
                      const struct pam_message **msg,
                      struct pam_response **resp,
                      void *)
{
#define COPY_STRING(s) (s) ? strdup(s) : (char*)NULL
  //cout << "PAM_PASSWORD:" << PAM_password <<"\n";
  struct pam_response *reply 
    = (struct pam_response*)malloc(sizeof(struct pam_response) * num_msg);
  if (!reply) return PAM_CONV_ERR;

  for (int replies = 0; replies < num_msg; replies++) {
    switch (msg[replies]->msg_style) {
    case PAM_PROMPT_ECHO_OFF:
      reply[replies].resp_retcode = PAM_SUCCESS;
      //cout << "PAM_PASSWORD:" << PAM_password <<"\n";
      reply[replies].resp = COPY_STRING(PAM_password);
      /* PAM frees resp */
      break;
    case PAM_TEXT_INFO:
      /* fall through */
    case PAM_ERROR_MSG:
      /* ignore it, but pam still wants a NULL response... */
      reply[replies].resp_retcode = PAM_SUCCESS;
      reply[replies].resp = NULL;
      break;
    case PAM_PROMPT_ECHO_ON:
      /* fall through */
    default:
      /* Must be an error of some sort... */
      free (reply);
      return PAM_CONV_ERR;
    }
  }
  *resp = reply;
  return PAM_SUCCESS;
}

static struct pam_conv hack_conversation = {
  &hack_conv,
  NULL
};


static int pam_check_pair(const char *user, const char *pass)
{
  //cout << "debug: user:" << user << pass;
  int retval;
  pam_handle_t *pamh = NULL;
  
  PAM_password = pass;
  
  retval = pam_start ("system-auth", user, &hack_conversation, &pamh);
  
  if (retval == PAM_SUCCESS) {
    retval = pam_authenticate(pamh, 0);
    //cout << "Returnvalue1: " << retval <<"\n";
    if (retval == PAM_SUCCESS){
      retval = pam_acct_mgmt(pamh, 0);
      //cout << "Returnvalue2: " << retval <<"\n";
    }
  }
  
  if (pamh != NULL)
    pam_end(pamh, PAM_SUCCESS);

  if (retval != PAM_SUCCESS){
    //cout << "Failure\n";
    return 0;
  }
  else {
    //cout << "Success\n";
    return 1;
  }
}


static PyObject* verify_user( PyObject *self, PyObject *args)
{
  char *user;
  char *password;
  int sts;

  if (!PyArg_ParseTuple(args, "ss", &user, &password))
    return NULL;
  //cout << "user: " << user  << " password: " << password;
  sts = pam_check_pair(user, password);
  return Py_BuildValue("i", sts);
}

static PyMethodDef jfopamMethods[] = {
  {"verify_user",  verify_user, METH_VARARGS},
  {NULL,      NULL}        /* Sentinel */
};

extern "C" void initjfopam()
  {
    (void) Py_InitModule("jfopam", jfopamMethods);
  }
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-list/attachments/20010217/83537e03/attachment.html>

More information about the Python-list mailing list