/* Source code from http://www.rkeene.org/projects/info/wiki/222, adapted by Camil Staps */

/* Define which PAM interfaces we provide */
#define PAM_SM_ACCOUNT
#define PAM_SM_AUTH
#define PAM_SM_PASSWORD
#define PAM_SM_SESSION

/* Include PAM headers */
#include <security/pam_appl.h>
#include <security/pam_modules.h>

/* Other headers */
#include <time.h>
#include <stdlib.h>
#include <stdio.h>
    
/* Our questions and answers */
const char * const q[5] = {
    "6*7",
    "the answer to life the universe and everything",
    "'forty two' in numbers",
    "the meaning of 'efa-polo roa' in Malagasi",
    "not 54" };
const char a[5] = {42, 42, 42, 42, 42};

/* PAM entry point for session creation */
int pam_sm_open_session(pam_handle_t *pamh, int flags, int argc, const char **argv) {
    return(PAM_IGNORE);
}

/* PAM entry point for session cleanup */
int pam_sm_close_session(pam_handle_t *pamh, int flags, int argc, const char **argv) {
    return(PAM_IGNORE);
}

/* PAM entry point for accounting */ 
int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc, const char **argv) {
    return(PAM_IGNORE);
}   
    
/* PAM entry point for authentication verification */
int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc, const char **argv) {
    const char* username;
    pam_get_user(pamh, &username, NULL);

    srand(time(NULL));
    int r = rand() % 5;
    printf("What is %s? ", q[r]);
    int resp;
    scanf("%d", &resp);
    
    if (resp == a[r]) {
        return(PAM_SUCCESS);
    } else {
        return(PAM_AUTH_ERR);
    }
}

/*
  PAM entry point for setting user credentials (that is, to actually
  establish the authenticated user's credentials to the service provider)
*/
int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, const char **argv) {
    return(PAM_IGNORE);
}

/* PAM entry point for authentication token (password) changes */
int pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc, const char **argv) {
    return(PAM_IGNORE);
}