freebsd-dev/contrib/openpam/lib/libpam/openpam_configure.c

489 lines
12 KiB
C
Raw Normal View History

2002-04-14 18:28:22 +00:00
/*-
2003-06-01 12:54:03 +00:00
* Copyright (c) 2001-2003 Networks Associates Technology, Inc.
2017-02-19 21:00:46 +00:00
* Copyright (c) 2004-2015 Dag-Erling Smørgrav
2002-04-14 18:28:22 +00:00
* All rights reserved.
*
* This software was developed for the FreeBSD Project by ThinkSec AS and
2002-06-30 21:30:05 +00:00
* Network Associates Laboratories, the Security Research Division of
* Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035
* ("CBOSS"), as part of the DARPA CHATS research program.
2002-04-14 18:28:22 +00:00
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior written
* permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
* SUCH DAMAGE.
*
2017-02-19 21:00:46 +00:00
* $Id: openpam_configure.c 890 2016-01-11 16:22:09Z des $
2002-04-14 18:28:22 +00:00
*/
2011-12-18 17:08:40 +00:00
#ifdef HAVE_CONFIG_H
# include "config.h"
#endif
2012-05-26 14:23:18 +00:00
#include <sys/param.h>
2002-04-14 18:28:22 +00:00
#include <errno.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <security/pam_appl.h>
#include "openpam_impl.h"
2012-05-26 14:23:18 +00:00
#include "openpam_ctype.h"
#include "openpam_strlcat.h"
#include "openpam_strlcpy.h"
2002-04-14 18:28:22 +00:00
2011-12-18 17:08:40 +00:00
static int openpam_load_chain(pam_handle_t *, const char *, pam_facility_t);
2003-06-01 12:54:03 +00:00
2011-12-18 17:08:40 +00:00
/*
2012-05-26 14:23:18 +00:00
* Validate a service name.
2011-12-18 17:08:40 +00:00
*
2012-05-26 14:23:18 +00:00
* Returns a non-zero value if the argument points to a NUL-terminated
* string consisting entirely of characters in the POSIX portable filename
* character set, excluding the path separator character.
2003-06-01 12:54:03 +00:00
*/
static int
2012-05-26 14:23:18 +00:00
valid_service_name(const char *name)
2003-06-01 12:54:03 +00:00
{
2012-05-26 14:23:18 +00:00
const char *p;
2003-06-01 12:54:03 +00:00
2012-05-26 14:23:18 +00:00
if (OPENPAM_FEATURE(RESTRICT_SERVICE_NAME)) {
/* path separator not allowed */
for (p = name; *p != '\0'; ++p)
if (!is_pfcs(*p))
return (0);
} else {
/* path separator allowed */
for (p = name; *p != '\0'; ++p)
if (!is_pfcs(*p) && *p != '/')
return (0);
2011-12-18 17:08:40 +00:00
}
2012-05-26 14:23:18 +00:00
return (1);
2003-06-01 12:54:03 +00:00
}
/*
2011-12-18 17:08:40 +00:00
* Parse the facility name.
*
2012-05-26 14:23:18 +00:00
* Returns the corresponding pam_facility_t value, or -1 if the argument
* is not a valid facility name.
2003-06-01 12:54:03 +00:00
*/
2011-12-18 17:08:40 +00:00
static pam_facility_t
2012-05-26 14:23:18 +00:00
parse_facility_name(const char *name)
2003-06-01 12:54:03 +00:00
{
2011-12-18 17:08:40 +00:00
int i;
2003-06-01 12:54:03 +00:00
2011-12-18 17:08:40 +00:00
for (i = 0; i < PAM_NUM_FACILITIES; ++i)
2012-05-26 14:23:18 +00:00
if (strcmp(pam_facility_name[i], name) == 0)
return (i);
return ((pam_facility_t)-1);
2011-12-18 17:08:40 +00:00
}
/*
* Parse the control flag.
*
2012-05-26 14:23:18 +00:00
* Returns the corresponding pam_control_t value, or -1 if the argument is
* not a valid control flag name.
2011-12-18 17:08:40 +00:00
*/
static pam_control_t
2012-05-26 14:23:18 +00:00
parse_control_flag(const char *name)
2011-12-18 17:08:40 +00:00
{
int i;
for (i = 0; i < PAM_NUM_CONTROL_FLAGS; ++i)
2012-05-26 14:23:18 +00:00
if (strcmp(pam_control_flag_name[i], name) == 0)
return (i);
return ((pam_control_t)-1);
2011-12-18 17:08:40 +00:00
}
/*
2012-05-26 14:23:18 +00:00
* Validate a file name.
2011-12-18 17:08:40 +00:00
*
2012-05-26 14:23:18 +00:00
* Returns a non-zero value if the argument points to a NUL-terminated
* string consisting entirely of characters in the POSIX portable filename
* character set, including the path separator character.
2011-12-18 17:08:40 +00:00
*/
static int
2012-05-26 14:23:18 +00:00
valid_module_name(const char *name)
2011-12-18 17:08:40 +00:00
{
2012-05-26 14:23:18 +00:00
const char *p;
2011-12-18 17:08:40 +00:00
2012-05-26 14:23:18 +00:00
if (OPENPAM_FEATURE(RESTRICT_MODULE_NAME)) {
/* path separator not allowed */
for (p = name; *p != '\0'; ++p)
if (!is_pfcs(*p))
return (0);
2011-12-18 17:08:40 +00:00
} else {
2012-05-26 14:23:18 +00:00
/* path separator allowed */
for (p = name; *p != '\0'; ++p)
if (!is_pfcs(*p) && *p != '/')
return (0);
2011-12-18 17:08:40 +00:00
}
2012-05-26 14:23:18 +00:00
return (1);
2003-06-01 12:54:03 +00:00
}
2002-04-14 18:28:22 +00:00
2003-06-01 12:54:03 +00:00
typedef enum { pam_conf_style, pam_d_style } openpam_style_t;
/*
* Extracts given chains from a policy file.
2012-05-26 14:23:18 +00:00
*
* Returns the number of policy entries which were found for the specified
* service and facility, or -1 if a system error occurred or a syntax
* error was encountered.
2003-06-01 12:54:03 +00:00
*/
2002-04-14 18:28:22 +00:00
static int
2011-12-18 17:08:40 +00:00
openpam_parse_chain(pam_handle_t *pamh,
2002-04-14 18:28:22 +00:00
const char *service,
2003-06-01 12:54:03 +00:00
pam_facility_t facility,
2012-05-26 14:23:18 +00:00
FILE *f,
2002-04-14 18:28:22 +00:00
const char *filename,
2003-06-01 12:54:03 +00:00
openpam_style_t style)
2002-04-14 18:28:22 +00:00
{
2003-06-01 12:54:03 +00:00
pam_chain_t *this, **next;
pam_facility_t fclt;
pam_control_t ctlf;
2012-05-26 14:23:18 +00:00
char *name, *servicename, *modulename;
int count, lineno, ret, serrno;
char **wordv, *word;
int i, wordc;
2002-04-14 18:28:22 +00:00
2012-05-26 14:23:18 +00:00
count = 0;
2003-06-01 12:54:03 +00:00
this = NULL;
2011-12-18 17:08:40 +00:00
name = NULL;
lineno = 0;
2012-05-26 14:23:18 +00:00
wordc = 0;
wordv = NULL;
while ((wordv = openpam_readlinev(f, &lineno, &wordc)) != NULL) {
/* blank line? */
if (wordc == 0) {
FREEV(wordc, wordv);
continue;
}
i = 0;
/* check service name if necessary */
if (style == pam_conf_style &&
strcmp(wordv[i++], service) != 0) {
FREEV(wordc, wordv);
continue;
2003-06-01 12:54:03 +00:00
}
2002-04-14 18:28:22 +00:00
2012-05-26 14:23:18 +00:00
/* check facility name */
if ((word = wordv[i++]) == NULL ||
(fclt = parse_facility_name(word)) == (pam_facility_t)-1) {
2011-12-18 17:08:40 +00:00
openpam_log(PAM_LOG_ERROR,
"%s(%d): missing or invalid facility",
filename, lineno);
2014-09-15 09:40:30 +00:00
errno = EINVAL;
2003-06-01 12:54:03 +00:00
goto fail;
}
if (facility != fclt && facility != PAM_FACILITY_ANY) {
2012-05-26 14:23:18 +00:00
FREEV(wordc, wordv);
2002-04-14 18:28:22 +00:00
continue;
}
2011-12-18 17:08:40 +00:00
/* check for "include" */
2012-05-26 14:23:18 +00:00
if ((word = wordv[i++]) != NULL &&
strcmp(word, "include") == 0) {
if ((servicename = wordv[i++]) == NULL ||
!valid_service_name(servicename)) {
2011-12-18 17:08:40 +00:00
openpam_log(PAM_LOG_ERROR,
2012-05-26 14:23:18 +00:00
"%s(%d): missing or invalid service name",
2003-06-01 12:54:03 +00:00
filename, lineno);
2014-09-15 09:40:30 +00:00
errno = EINVAL;
2011-12-18 17:08:40 +00:00
goto fail;
}
2012-05-26 14:23:18 +00:00
if (wordv[i] != NULL) {
2011-12-18 17:08:40 +00:00
openpam_log(PAM_LOG_ERROR,
"%s(%d): garbage at end of line",
filename, lineno);
2014-09-15 09:40:30 +00:00
errno = EINVAL;
2011-12-18 17:08:40 +00:00
goto fail;
}
2012-05-26 14:23:18 +00:00
ret = openpam_load_chain(pamh, servicename, fclt);
FREEV(wordc, wordv);
2014-09-15 09:40:30 +00:00
if (ret < 0) {
/*
* Bogus errno, but this ensures that the
* outer loop does not just ignore the
* error and keep searching.
*/
if (errno == ENOENT)
errno = EINVAL;
2003-06-01 12:54:03 +00:00
goto fail;
2014-09-15 09:40:30 +00:00
}
2002-04-14 18:28:22 +00:00
continue;
}
2011-12-18 17:08:40 +00:00
/* get control flag */
2012-05-26 14:23:18 +00:00
if (word == NULL || /* same word we compared to "include" */
(ctlf = parse_control_flag(word)) == (pam_control_t)-1) {
2011-12-18 17:08:40 +00:00
openpam_log(PAM_LOG_ERROR,
"%s(%d): missing or invalid control flag",
filename, lineno);
2014-09-15 09:40:30 +00:00
errno = EINVAL;
2011-12-18 17:08:40 +00:00
goto fail;
}
2002-04-14 18:28:22 +00:00
2011-12-18 17:08:40 +00:00
/* get module name */
2012-05-26 14:23:18 +00:00
if ((modulename = wordv[i++]) == NULL ||
!valid_module_name(modulename)) {
2002-04-14 18:28:22 +00:00
openpam_log(PAM_LOG_ERROR,
2011-12-18 17:08:40 +00:00
"%s(%d): missing or invalid module name",
filename, lineno);
2014-09-15 09:40:30 +00:00
errno = EINVAL;
2003-06-01 12:54:03 +00:00
goto fail;
2002-04-14 18:28:22 +00:00
}
2011-12-18 17:08:40 +00:00
/* allocate new entry */
if ((this = calloc(1, sizeof *this)) == NULL)
goto syserr;
2003-06-01 12:54:03 +00:00
this->flag = ctlf;
2002-04-14 18:28:22 +00:00
2011-12-18 17:08:40 +00:00
/* load module */
2014-09-15 09:40:30 +00:00
if ((this->module = openpam_load_module(modulename)) == NULL) {
if (errno == ENOENT)
errno = ENOEXEC;
2003-06-01 12:54:03 +00:00
goto fail;
2014-09-15 09:40:30 +00:00
}
2002-04-14 18:28:22 +00:00
2012-05-26 14:23:18 +00:00
/*
* The remaining items in wordv are the module's
* arguments. We could set this->optv = wordv + i, but
* then free(this->optv) wouldn't work. Instead, we free
* the words we've already consumed, shift the rest up,
* and clear the tail end of the array.
*/
this->optc = wordc - i;
for (i = 0; i < wordc - this->optc; ++i) {
FREE(wordv[i]);
}
for (i = 0; i < this->optc; ++i) {
2012-05-26 14:23:18 +00:00
wordv[i] = wordv[wordc - this->optc + i];
wordv[wordc - this->optc + i] = NULL;
}
this->optv = wordv;
wordv = NULL;
wordc = 0;
2003-06-01 12:54:03 +00:00
/* hook it up */
for (next = &pamh->chains[fclt]; *next != NULL;
next = &(*next)->next)
/* nothing */ ;
*next = this;
this = NULL;
2012-05-26 14:23:18 +00:00
++count;
2003-06-01 12:54:03 +00:00
}
2012-05-26 14:23:18 +00:00
/*
* The loop ended because openpam_readword() returned NULL, which
* can happen for four different reasons: an I/O error (ferror(f)
* is true), a memory allocation failure (ferror(f) is false,
2014-09-15 09:40:30 +00:00
* feof(f) is false, errno is non-zero), the file ended with an
* unterminated quote or backslash escape (ferror(f) is false,
* feof(f) is true, errno is non-zero), or the end of the file was
* reached without error (ferror(f) is false, feof(f) is true,
* errno is zero).
2012-05-26 14:23:18 +00:00
*/
if (ferror(f) || errno != 0)
2003-06-01 12:54:03 +00:00
goto syserr;
2012-05-26 14:23:18 +00:00
if (!feof(f))
goto fail;
2002-04-14 18:28:22 +00:00
fclose(f);
2012-05-26 14:23:18 +00:00
return (count);
2011-12-18 17:08:40 +00:00
syserr:
2012-05-26 14:23:18 +00:00
serrno = errno;
2003-06-01 12:54:03 +00:00
openpam_log(PAM_LOG_ERROR, "%s: %m", filename);
2012-05-26 14:23:18 +00:00
errno = serrno;
/* fall through */
2011-12-18 17:08:40 +00:00
fail:
2012-05-26 14:23:18 +00:00
serrno = errno;
if (this && this->optc && this->optv)
FREEV(this->optc, this->optv);
2003-06-01 12:54:03 +00:00
FREE(this);
2012-05-26 14:23:18 +00:00
FREEV(wordc, wordv);
FREE(wordv);
2011-12-18 17:08:40 +00:00
FREE(name);
2003-06-01 12:54:03 +00:00
fclose(f);
2012-05-26 14:23:18 +00:00
errno = serrno;
return (-1);
2002-04-14 18:28:22 +00:00
}
2012-05-26 14:23:18 +00:00
/*
* Read the specified chains from the specified file.
*
* Returns 0 if the file exists but does not contain any matching lines.
*
* Returns -1 and sets errno to ENOENT if the file does not exist.
*
* Returns -1 and sets errno to some other non-zero value if the file
* exists but is unsafe or unreadable, or an I/O error occurs.
*/
static int
openpam_load_file(pam_handle_t *pamh,
const char *service,
pam_facility_t facility,
const char *filename,
openpam_style_t style)
{
FILE *f;
int ret, serrno;
/* attempt to open the file */
if ((f = fopen(filename, "r")) == NULL) {
serrno = errno;
openpam_log(errno == ENOENT ? PAM_LOG_DEBUG : PAM_LOG_ERROR,
"%s: %m", filename);
errno = serrno;
RETURNN(-1);
} else {
openpam_log(PAM_LOG_DEBUG, "found %s", filename);
}
/* verify type, ownership and permissions */
if (OPENPAM_FEATURE(VERIFY_POLICY_FILE) &&
openpam_check_desc_owner_perms(filename, fileno(f)) != 0) {
/* already logged the cause */
serrno = errno;
fclose(f);
errno = serrno;
RETURNN(-1);
}
/* parse the file */
ret = openpam_parse_chain(pamh, service, facility,
f, filename, style);
RETURNN(ret);
}
2003-06-01 12:54:03 +00:00
/*
* Locates the policy file for a given service and reads the given chains
* from it.
2012-05-26 14:23:18 +00:00
*
* Returns the number of policy entries which were found for the specified
* service and facility, or -1 if a system error occurred or a syntax
* error was encountered.
2003-06-01 12:54:03 +00:00
*/
2002-05-02 04:40:21 +00:00
static int
2003-06-01 12:54:03 +00:00
openpam_load_chain(pam_handle_t *pamh,
const char *service,
pam_facility_t facility)
2002-04-14 18:28:22 +00:00
{
2012-05-26 14:23:18 +00:00
const char *p, **path;
char filename[PATH_MAX];
2002-04-14 18:28:22 +00:00
size_t len;
2012-05-26 14:23:18 +00:00
openpam_style_t style;
2011-12-18 17:08:40 +00:00
int ret;
2002-04-14 18:28:22 +00:00
2012-05-26 14:23:18 +00:00
ENTERS(facility < 0 ? "any" : pam_facility_name[facility]);
/* either absolute or relative to cwd */
if (strchr(service, '/') != NULL) {
if ((p = strrchr(service, '.')) != NULL && strcmp(p, ".conf") == 0)
style = pam_conf_style;
else
style = pam_d_style;
ret = openpam_load_file(pamh, service, facility,
service, style);
RETURNN(ret);
}
/* search standard locations */
2002-04-14 18:28:22 +00:00
for (path = openpam_policy_path; *path != NULL; ++path) {
2012-05-26 14:23:18 +00:00
/* construct filename */
len = strlcpy(filename, *path, sizeof filename);
2017-02-19 21:00:46 +00:00
if (len >= sizeof filename) {
errno = ENAMETOOLONG;
RETURNN(-1);
}
2012-05-26 14:23:18 +00:00
if (filename[len - 1] == '/') {
len = strlcat(filename, service, sizeof filename);
if (len >= sizeof filename) {
errno = ENAMETOOLONG;
RETURNN(-1);
2002-04-14 18:28:22 +00:00
}
2012-05-26 14:23:18 +00:00
style = pam_d_style;
2002-04-14 18:28:22 +00:00
} else {
2012-05-26 14:23:18 +00:00
style = pam_conf_style;
2002-04-14 18:28:22 +00:00
}
2012-05-26 14:23:18 +00:00
ret = openpam_load_file(pamh, service, facility,
filename, style);
2014-09-15 09:40:30 +00:00
/* success */
if (ret > 0)
RETURNN(ret);
2012-05-26 14:23:18 +00:00
/* the file exists, but an error occurred */
if (ret == -1 && errno != ENOENT)
RETURNN(ret);
/* in pam.d style, an empty file counts as a hit */
if (ret == 0 && style == pam_d_style)
RETURNN(ret);
2002-04-14 18:28:22 +00:00
}
2012-05-26 14:23:18 +00:00
/* no hit */
2014-09-15 09:40:30 +00:00
errno = ENOENT;
RETURNN(-1);
2002-05-02 04:40:21 +00:00
}
/*
* OpenPAM internal
*
* Configure a service
*/
int
openpam_configure(pam_handle_t *pamh,
const char *service)
{
2003-06-01 12:54:03 +00:00
pam_facility_t fclt;
2012-05-26 14:23:18 +00:00
int serrno;
2011-12-18 17:08:40 +00:00
2012-05-26 14:23:18 +00:00
ENTERS(service);
if (!valid_service_name(service)) {
openpam_log(PAM_LOG_ERROR, "invalid service name");
RETURNC(PAM_SYSTEM_ERR);
}
2014-09-15 09:40:30 +00:00
if (openpam_load_chain(pamh, service, PAM_FACILITY_ANY) < 0) {
if (errno != ENOENT)
goto load_err;
}
2003-06-01 12:54:03 +00:00
for (fclt = 0; fclt < PAM_NUM_FACILITIES; ++fclt) {
if (pamh->chains[fclt] != NULL)
continue;
2017-02-19 21:00:46 +00:00
if (OPENPAM_FEATURE(FALLBACK_TO_OTHER)) {
if (openpam_load_chain(pamh, PAM_OTHER, fclt) < 0)
goto load_err;
}
2002-05-02 04:40:21 +00:00
}
2012-05-26 14:23:18 +00:00
RETURNC(PAM_SUCCESS);
2011-12-18 17:08:40 +00:00
load_err:
2012-05-26 14:23:18 +00:00
serrno = errno;
2003-06-01 12:54:03 +00:00
openpam_clear_chains(pamh->chains);
2012-05-26 14:23:18 +00:00
errno = serrno;
RETURNC(PAM_SYSTEM_ERR);
2002-04-14 18:28:22 +00:00
}
/*
* NODOC
*
* Error codes:
* PAM_SYSTEM_ERR
*/