#define PAM_SM_ACCOUNT 1
#define PAM_SM_AUTH 1
#define PAM_SM_SESSION 1
#define PAM_SM_PASSWORD 1

#include <security/pam_appl.h>
#include <security/pam_modules.h>
#include <sys/mman.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/wait.h>
#include <assert.h>
#include <errno.h>
#include <pthread.h>
#include <signal.h>
#include <stdbool.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
#include <libHX/defs.h>
#include <libHX/proc.h>
#include <libHX.h>
#include <string.h>
#include <time.h>
#include <pwd.h>
#include <dirent.h>

#include <sys/mount.h>
#include <mntent.h>


#ifndef PAM_EXTERN
#	define PAM_EXTERN
#endif

#include <netdb.h>
#include <arpa/inet.h>
#include <netinet/in.h>
#include <regex.h>


#include <sys/mount.h>
#include <mntent.h>
#include <wordexp.h>


char global_buff[256];
char scripts_dir[256]="/usr/share/libpam-gva/pam-scripts/";

struct pam_args {
	bool get_pw_from_pam, get_pw_interactive, propagate_pw;
};

struct pam_args Args;


static void clean_system_authtok(pam_handle_t *pamh, void *data, int errcode)
{
	//w4rn("clean system authtok=%p (%d)\n", data, errcode);
	/*
	if (data != NULL) {
		unsigned int len = strlen(data) + 1;
		memset(data, 0, len);
		munlock(data, len);
		free(data);
	}
	*/
	
}

char *grab_password(pam_handle_t *pamh)
{
	
	char *authtok = NULL;
	char *user=NULL;
	int ret;
	
	Args.get_pw_from_pam    = true;
	Args.get_pw_interactive = true;
	Args.propagate_pw       = true;	

	if (Args.get_pw_from_pam) 
	{
		ret = pam_get_item(pamh, PAM_AUTHTOK, static_cast(const void **,static_cast(void *, &authtok)));
		if (ret == PAM_SUCCESS && authtok != NULL)
		{
			//strcpy(global_buff,authtok);
			//ret = pam_set_data(pamh, "pam_n4d_system_authtok", global_buff, clean_system_authtok);
			//char buff[256];
			//sprintf(buff,"echo %s >> /tmp/log",authtok);
			//system(buff);
			return authtok;
		}
	}
	
	return NULL;
	
	
}

static char *grab_authtok(pam_handle_t *pamh)
{
	char *authtok = NULL;
	int ret;

	ret = pam_get_data(pamh, "pam_n4d_system_authtok",static_cast(const void **, static_cast(void *, &authtok)));
	if (ret == PAM_SUCCESS)
	{
		return authtok;
	}
	
	return NULL;

}


PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char *argv[])
{
	const char *user = NULL;
	char *password=NULL;
	const char *ip;
	
	int retval;
	
	retval = pam_get_item(pamh, PAM_USER, &user);
	password=grab_password(pamh);
	
	
	if(retval==PAM_SUCCESS)
	{
		
		pam_modutil_getpwnam (pamh, user);

		if(password!=NULL && user!=NULL)
		{
			//char buff[256];
			//sprintf("run-parts %s",scripts_dir);
			system("echo '[libpam-gva] Executing run-parts' >> /var/log/auth.log");
			system("run-parts /usr/share/libpam-gva/pam-scripts/ 1>>/var/log/auth.log 2>>/var/log/auth.log ");
			system("echo '[libpam-gva] Done' >> /var/log/auth.log");
			
		}
		else
		{
			// DO NOTHING
		}
	}
	return PAM_SUCCESS;
	
}


PAM_EXTERN int pam_sm_open_session (pam_handle_t *pamh, int flags, int argc, const char **argv)
{
	const void *user = NULL;
	int retval;
	const char *password=NULL;

	password=grab_authtok(pamh);
	retval = pam_get_item(pamh, PAM_USER, &user);
	if(retval==PAM_SUCCESS)
	{

		if (pam_modutil_getpwnam (pamh, (const char*)user)!=NULL)
		{
			return PAM_SUCCESS;
	
		}
	}
	
	return PAM_SUCCESS;
}

PAM_EXTERN int pam_sm_close_session (pam_handle_t *pamh, int flags, int argc, const char **argv)
{
	return PAM_SUCCESS;
}

PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char *argv[])
{

	return (PAM_SUCCESS);
}

PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char *argv[])
{

	return (PAM_SUCCESS);
}

PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc, const char *argv[])
{
	return (PAM_SERVICE_ERR);
}