Vendor import of OpenPAM Digitalis.
This commit is contained in:
parent
4cb68ea5f3
commit
31c521e9ea
@ -14,15 +14,17 @@ or indirectly, with patches, criticism, suggestions, or ideas:
|
||||
Andrew Morgan <morgan@transmeta.com>
|
||||
Brian Fundakowski Feldman <green@freebsd.org>
|
||||
Darren J. Moffat <Darren.Moffat@sun.com>
|
||||
Dmitry V. Levin <ldv@altlinux.org>
|
||||
Eric Melville <eric@freebsd.org>
|
||||
Gary Winiger <Gary.Winiger@sun.com>
|
||||
Joe Marcus Clarke <marcus@marcuscom.com>
|
||||
Juli Mallett <jmallett@freebsd.org>
|
||||
Mark Murray <markm@freebsd.org>
|
||||
Mike Petullo <mike@flyn.org>
|
||||
Mikko Työläjärvi <mbsd@pacbell.net>
|
||||
Robert Watson <rwatson@freebsd.org>
|
||||
Ruslan Ermilov <ru@freebsd.org>
|
||||
Solar Designer <solar@openwall.com>
|
||||
Takanori Saneto <sanewo@ba2.so-net.ne.jp>
|
||||
|
||||
$P4: //depot/projects/openpam/CREDITS#6 $
|
||||
$P4: //depot/projects/openpam/CREDITS#8 $
|
||||
|
@ -1,3 +1,22 @@
|
||||
OpenPAM Digitalis 2003-06-01
|
||||
|
||||
- ENHANCE: Completely rewrite the configuration parser and add
|
||||
support for the "include" control flag.
|
||||
|
||||
- ENHANCE: Improve portability to NetBSD, OpenBSD and Linux.
|
||||
|
||||
- ENHANCE: Lots of additional paranoia.
|
||||
|
||||
- BUGFIX: The sample su(1) application dropped privileges before
|
||||
forking instead of after.
|
||||
|
||||
- ENHANCE: Document openpam_log(3).
|
||||
|
||||
- ENHANCE: Other minor documentation fixes.
|
||||
|
||||
Thanks to Dmitry V. Levin <ldv@altlinux.org> for considerable
|
||||
assistance with this release.
|
||||
============================================================================
|
||||
OpenPAM Dianthus 2003-05-02
|
||||
|
||||
- BUGFIX: Initialize some potentially uninitialized variables.
|
||||
@ -223,4 +242,4 @@ OpenPAM Calamite 2002-02-09
|
||||
|
||||
First (beta) release.
|
||||
============================================================================
|
||||
$P4: //depot/projects/openpam/HISTORY#18 $
|
||||
$P4: //depot/projects/openpam/HISTORY#19 $
|
||||
|
@ -1,5 +1,5 @@
|
||||
|
||||
Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
All rights reserved.
|
||||
|
||||
This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,4 +31,4 @@ LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
SUCH DAMAGE.
|
||||
|
||||
$P4: //depot/projects/openpam/LICENSE#5 $
|
||||
$P4: //depot/projects/openpam/LICENSE#6 $
|
||||
|
@ -1,5 +1,5 @@
|
||||
#
|
||||
# $P4: //depot/projects/openpam/MANIFEST#13 $
|
||||
# $P4: //depot/projects/openpam/MANIFEST#16 $
|
||||
#
|
||||
CREDITS
|
||||
HISTORY
|
||||
@ -7,9 +7,11 @@ INSTALL
|
||||
LICENSE
|
||||
MANIFEST
|
||||
Makefile
|
||||
Makefile.inc
|
||||
README
|
||||
RELNOTES
|
||||
bin/Makefile
|
||||
bin/Makefile.inc
|
||||
bin/su/Makefile
|
||||
bin/su/su.c
|
||||
doc/Makefile
|
||||
@ -21,6 +23,7 @@ doc/man/openpam_free_data.3
|
||||
doc/man/openpam_get_option.3
|
||||
doc/man/openpam_log.3
|
||||
doc/man/openpam_nullconv.3
|
||||
doc/man/openpam_readline.3
|
||||
doc/man/openpam_restore_cred.3
|
||||
doc/man/openpam_set_option.3
|
||||
doc/man/openpam_ttyconv.3
|
||||
@ -76,6 +79,7 @@ lib/openpam_impl.h
|
||||
lib/openpam_load.c
|
||||
lib/openpam_log.c
|
||||
lib/openpam_nullconv.c
|
||||
lib/openpam_readline.c
|
||||
lib/openpam_restore_cred.c
|
||||
lib/openpam_set_option.c
|
||||
lib/openpam_static.c
|
||||
|
@ -1,5 +1,5 @@
|
||||
#-
|
||||
# Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
# Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
# All rights reserved.
|
||||
#
|
||||
# This software was developed for the FreeBSD Project by ThinkSec AS
|
||||
@ -32,7 +32,7 @@
|
||||
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
# SUCH DAMAGE.
|
||||
#
|
||||
# $P4: //depot/projects/openpam/Makefile#7 $
|
||||
# $P4: //depot/projects/openpam/Makefile#8 $
|
||||
#
|
||||
|
||||
SUBDIR =
|
||||
|
8
contrib/openpam/Makefile.inc
Normal file
8
contrib/openpam/Makefile.inc
Normal file
@ -0,0 +1,8 @@
|
||||
# $P4: //depot/projects/openpam/Makefile.inc#2 $
|
||||
|
||||
DESTDIR ?= /usr
|
||||
BINDIR = /bin
|
||||
LIBDIR = /lib
|
||||
|
||||
SHLIB_MAJOR = 2
|
||||
SHLIB_MINOR = 0
|
@ -1,13 +1,18 @@
|
||||
|
||||
Release notes for OpenPAM Dianthus
|
||||
==================================
|
||||
Release notes for OpenPAM Digitalis
|
||||
===================================
|
||||
|
||||
This is a maintenance release incorporating a number of minor patches
|
||||
accumulated since the previous release.
|
||||
This release incorporates several major changes and improvements and
|
||||
should be considered BETA QUALITY.
|
||||
|
||||
This release corresponds to the code used in FreeBSD-CURRENT as of the
|
||||
release date. It may or may not build on other platforms; previous
|
||||
releases have been built on NetBSD and (with partial success) MacOS X.
|
||||
release date. It is also known to build cleanly on NetBSD 1.6,
|
||||
OpenBSD 3.1, and a number of glibc-based Linux platforms (with BSD
|
||||
make installed). It may or may not build on other platforms; you will
|
||||
need a BSD-compatible make(1) (NetBSD's make(1) is easy to port to
|
||||
most POSIX platforms). Previous versions were successfully built on
|
||||
MacOS X 10.1, but there seem to be issues with the heavily modified
|
||||
version of GCC 3.1 that ships with MacOS X 10.2.
|
||||
|
||||
The library itself is complete. Documentation exists in the form of
|
||||
man pages for the library functions. These man pages are generated by
|
||||
@ -26,4 +31,4 @@ proper credit for your contribution.
|
||||
|
||||
Please direct bug reports and inquiries to des@freebsd.org.
|
||||
|
||||
$P4: //depot/projects/openpam/RELNOTES#15 $
|
||||
$P4: //depot/projects/openpam/RELNOTES#18 $
|
||||
|
@ -1,5 +1,5 @@
|
||||
#-
|
||||
# Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
# Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
# All rights reserved.
|
||||
#
|
||||
# This software was developed for the FreeBSD Project by ThinkSec AS
|
||||
@ -32,7 +32,7 @@
|
||||
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
# SUCH DAMAGE.
|
||||
#
|
||||
# $P4: //depot/projects/openpam/bin/Makefile#6 $
|
||||
# $P4: //depot/projects/openpam/bin/Makefile#7 $
|
||||
#
|
||||
|
||||
SUBDIR =
|
||||
|
3
contrib/openpam/bin/Makefile.inc
Normal file
3
contrib/openpam/bin/Makefile.inc
Normal file
@ -0,0 +1,3 @@
|
||||
# $P4: //depot/projects/openpam/bin/Makefile.inc#1 $
|
||||
|
||||
.include "../Makefile.inc"
|
@ -1,5 +1,5 @@
|
||||
#-
|
||||
# Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
# Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
# All rights reserved.
|
||||
#
|
||||
# This software was developed for the FreeBSD Project by ThinkSec AS
|
||||
@ -32,13 +32,13 @@
|
||||
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
# SUCH DAMAGE.
|
||||
#
|
||||
# $P4: //depot/projects/openpam/bin/su/Makefile#5 $
|
||||
# $P4: //depot/projects/openpam/bin/su/Makefile#8 $
|
||||
#
|
||||
|
||||
PROG = su
|
||||
WARNS ?= 4
|
||||
CFLAGS += -I${.CURDIR}/../../include
|
||||
DPADD = ${.OBJDIR}/../../lib/libpam.so
|
||||
DPADD = ${.OBJDIR}/../../lib/libpam.a
|
||||
LDADD = -L${.OBJDIR}/../../lib -R${.OBJDIR}/../../lib -lpam
|
||||
NOMAN = YES
|
||||
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,13 +31,14 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/bin/su/su.c#8 $
|
||||
* $P4: //depot/projects/openpam/bin/su/su.c#12 $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
#include <sys/wait.h>
|
||||
|
||||
#include <err.h>
|
||||
#include <grp.h>
|
||||
#include <pwd.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
@ -81,9 +82,17 @@ main(int argc, char *argv[])
|
||||
argc -= optind;
|
||||
argv += optind;
|
||||
|
||||
if (argc > 0) {
|
||||
user = *argv;
|
||||
--argc;
|
||||
++argv;
|
||||
} else {
|
||||
user = "root";
|
||||
}
|
||||
|
||||
/* initialize PAM */
|
||||
pamc.conv = &openpam_ttyconv;
|
||||
pam_start("su", argc ? *argv : "root", &pamc, &pamh);
|
||||
pam_start("su", user, &pamc, &pamh);
|
||||
|
||||
/* set some items */
|
||||
gethostname(hostname, sizeof(hostname));
|
||||
@ -117,20 +126,6 @@ main(int argc, char *argv[])
|
||||
if (pam_err != PAM_SUCCESS || (pwd = getpwnam(user)) == NULL)
|
||||
goto pamerr;
|
||||
|
||||
/* set uid and groups */
|
||||
if (initgroups(pwd->pw_name, pwd->pw_gid) == -1) {
|
||||
warn("initgroups()");
|
||||
goto err;
|
||||
}
|
||||
if (setgid(pwd->pw_gid) == -1) {
|
||||
warn("setgid()");
|
||||
goto err;
|
||||
}
|
||||
if (setuid(pwd->pw_uid) == -1) {
|
||||
warn("setuid()");
|
||||
goto err;
|
||||
}
|
||||
|
||||
/* export PAM environment */
|
||||
if ((pam_envlist = pam_getenvlist(pamh)) != NULL) {
|
||||
for (pam_env = pam_envlist; *pam_env != NULL; ++pam_env) {
|
||||
@ -154,7 +149,21 @@ main(int argc, char *argv[])
|
||||
warn("fork()");
|
||||
goto err;
|
||||
case 0:
|
||||
/* child: start a shell */
|
||||
/* child: give up privs and start a shell */
|
||||
|
||||
/* set uid and groups */
|
||||
if (initgroups(pwd->pw_name, pwd->pw_gid) == -1) {
|
||||
warn("initgroups()");
|
||||
_exit(1);
|
||||
}
|
||||
if (setgid(pwd->pw_gid) == -1) {
|
||||
warn("setgid()");
|
||||
_exit(1);
|
||||
}
|
||||
if (setuid(pwd->pw_uid) == -1) {
|
||||
warn("setuid()");
|
||||
_exit(1);
|
||||
}
|
||||
execve(*args, args, environ);
|
||||
warn("execve()");
|
||||
_exit(1);
|
||||
@ -170,9 +179,7 @@ main(int argc, char *argv[])
|
||||
}
|
||||
|
||||
pamerr:
|
||||
pam_end(pamh, pam_err);
|
||||
fprintf(stderr, "Sorry\n");
|
||||
exit(1);
|
||||
err:
|
||||
pam_end(pamh, pam_err);
|
||||
exit(1);
|
||||
|
@ -1,5 +1,5 @@
|
||||
#-
|
||||
# Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
# Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
# All rights reserved.
|
||||
#
|
||||
# This software was developed for the FreeBSD Project by ThinkSec AS
|
||||
@ -32,7 +32,7 @@
|
||||
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
# SUCH DAMAGE.
|
||||
#
|
||||
# $P4: //depot/projects/openpam/doc/Makefile#4 $
|
||||
# $P4: //depot/projects/openpam/doc/Makefile#5 $
|
||||
#
|
||||
|
||||
SUBDIR =
|
||||
|
@ -1,5 +1,5 @@
|
||||
#-
|
||||
# Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
# Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
# All rights reserved.
|
||||
#
|
||||
# This software was developed for the FreeBSD Project by ThinkSec AS
|
||||
@ -32,7 +32,7 @@
|
||||
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
# SUCH DAMAGE.
|
||||
#
|
||||
# $P4: //depot/projects/openpam/doc/man/Makefile#11 $
|
||||
# $P4: //depot/projects/openpam/doc/man/Makefile#13 $
|
||||
#
|
||||
|
||||
GENDOC = ${.CURDIR}/../../misc/gendoc.pl
|
||||
@ -73,6 +73,7 @@ OMAN += openpam_free_data.3
|
||||
OMAN += openpam_get_option.3
|
||||
OMAN += openpam_log.3
|
||||
OMAN += openpam_nullconv.3
|
||||
OMAN += openpam_readline.3
|
||||
OMAN += openpam_restore_cred.3
|
||||
OMAN += openpam_set_option.3
|
||||
OMAN += openpam_ttyconv.3
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt OPENPAM 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -42,6 +42,7 @@
|
||||
.Nm openpam_get_option ,
|
||||
.Nm openpam_log ,
|
||||
.Nm openpam_nullconv ,
|
||||
.Nm openpam_readline ,
|
||||
.Nm openpam_restore_cred ,
|
||||
.Nm openpam_set_option ,
|
||||
.Nm openpam_ttyconv ,
|
||||
@ -68,6 +69,8 @@
|
||||
.Fn openpam_log "int level" "const char *fmt" "..."
|
||||
.Ft int
|
||||
.Fn openpam_nullconv "int n" "const struct pam_message **msg" "struct pam_response **resp" "void *data"
|
||||
.Ft char *
|
||||
.Fn openpam_readline "FILE *f" "int *lineno" "size_t *lenp"
|
||||
.Ft int
|
||||
.Fn openpam_restore_cred "pam_handle_t *pamh"
|
||||
.Ft int
|
||||
@ -108,6 +111,7 @@ standardization.
|
||||
.Xr openpam_get_option 3 ,
|
||||
.Xr openpam_log 3 ,
|
||||
.Xr openpam_nullconv 3 ,
|
||||
.Xr openpam_readline 3 ,
|
||||
.Xr openpam_restore_cred 3 ,
|
||||
.Xr openpam_set_option 3 ,
|
||||
.Xr openpam_ttyconv 3 ,
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt OPENPAM_BORROW_CRED 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt OPENPAM_FREE_DATA 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt OPENPAM_GET_OPTION 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -54,6 +54,7 @@ function returns the value of the specified
|
||||
option in the context of the currently executing service module, or
|
||||
.Dv NULL
|
||||
if the option is not set or no module is currently executing.
|
||||
.Pp
|
||||
.Sh RETURN VALUES
|
||||
The
|
||||
.Nm
|
||||
@ -61,6 +62,7 @@ function returns
|
||||
.Dv NULL
|
||||
on failure.
|
||||
.Sh SEE ALSO
|
||||
.Xr openpam_set_option 3 ,
|
||||
.Xr pam 3
|
||||
.Sh STANDARDS
|
||||
The
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,12 +33,12 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt OPENPAM_LOG 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
.Nm openpam_log
|
||||
.Nd it). Do the next best thing
|
||||
.Nd log a message through syslog
|
||||
.Sh LIBRARY
|
||||
.Lb libpam
|
||||
.Sh SYNOPSIS
|
||||
@ -48,9 +48,56 @@
|
||||
.Ft void
|
||||
.Fn openpam_log "int level" "const char *fmt" "..."
|
||||
.Sh DESCRIPTION
|
||||
No description available.
|
||||
The
|
||||
.Nm
|
||||
function logs messages using
|
||||
.Xr syslog 3 .
|
||||
It is primarily
|
||||
intended for internal use by the library and modules.
|
||||
.Pp
|
||||
The
|
||||
.Va level
|
||||
argument indicates the importance of the message. The
|
||||
following levels are defined:
|
||||
.Bl -tag -width 18n
|
||||
.It Dv PAM_LOG_DEBUG
|
||||
Debugging messages. These messages are normally not
|
||||
logged unless the global integer variable
|
||||
.Va _openpam_debug
|
||||
is set to a non-zero value, in which case they are logged
|
||||
with a
|
||||
.Xr syslog 3
|
||||
priority of
|
||||
.Dv LOG_DEBUG .
|
||||
.It Dv PAM_LOG_VERBOSE
|
||||
Information about the progress of the authentication
|
||||
process, or other non-essential messages. These messages
|
||||
are logged with a
|
||||
.Xr syslog 3
|
||||
priority of
|
||||
.Dv LOG_INFO .
|
||||
.It Dv PAM_LOG_NOTICE
|
||||
Messages relating to non-fatal errors. These messages are
|
||||
logged with a
|
||||
.Xr syslog 3
|
||||
priority of
|
||||
.Dv LOG_NOTICE .
|
||||
.It Dv PAM_LOG_ERROR
|
||||
Messages relating to serious errors. These messages are
|
||||
logged with a
|
||||
.Xr syslog 3
|
||||
priority of
|
||||
.Dv LOG_ERR .
|
||||
.El
|
||||
.Pp
|
||||
The remaining arguments are a
|
||||
.Xr printf 3
|
||||
format string and the
|
||||
corresponding arguments.
|
||||
.Sh SEE ALSO
|
||||
.Xr pam 3
|
||||
.Xr pam 3 ,
|
||||
.Xr printf 3 ,
|
||||
.Xr syslog 3
|
||||
.Sh STANDARDS
|
||||
The
|
||||
.Nm
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt OPENPAM_NULLCONV 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -79,6 +79,7 @@ Conversation failure.
|
||||
.Sh SEE ALSO
|
||||
.Xr openpam_ttyconv 3 ,
|
||||
.Xr pam 3 ,
|
||||
.Xr pam_authenticate 3 ,
|
||||
.Xr pam_chauthtok 3 ,
|
||||
.Xr pam_prompt 3 ,
|
||||
.Xr pam_set_item 3 ,
|
||||
|
107
contrib/openpam/doc/man/openpam_readline.3
Normal file
107
contrib/openpam/doc/man/openpam_readline.3
Normal file
@ -0,0 +1,107 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
.\" Network Associates Laboratories, the Security Research Division of
|
||||
.\" Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035
|
||||
.\" ("CBOSS"), as part of the DARPA CHATS research program.
|
||||
.\"
|
||||
.\" Redistribution and use in source and binary forms, with or without
|
||||
.\" modification, are permitted provided that the following conditions
|
||||
.\" are met:
|
||||
.\" 1. Redistributions of source code must retain the above copyright
|
||||
.\" notice, this list of conditions and the following disclaimer.
|
||||
.\" 2. Redistributions in binary form must reproduce the above copyright
|
||||
.\" notice, this list of conditions and the following disclaimer in the
|
||||
.\" documentation and/or other materials provided with the distribution.
|
||||
.\" 3. The name of the author may not be used to endorse or promote
|
||||
.\" products derived from this software without specific prior written
|
||||
.\" permission.
|
||||
.\"
|
||||
.\" THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
||||
.\" ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
.\" IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
.\" ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||
.\" FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
.\" DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
.\" OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
.\" HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
.\" LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
.\" SUCH DAMAGE.
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd June 1, 2003
|
||||
.Dt OPENPAM_READLINE 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
.Nm openpam_readline
|
||||
.Nd read a line from a file
|
||||
.Sh LIBRARY
|
||||
.Lb libpam
|
||||
.Sh SYNOPSIS
|
||||
.In sys/types.h
|
||||
.In security/pam_appl.h
|
||||
.In security/openpam.h
|
||||
.Ft char *
|
||||
.Fn openpam_readline "FILE *f" "int *lineno" "size_t *lenp"
|
||||
.Sh DESCRIPTION
|
||||
The
|
||||
.Nm
|
||||
function reads a line from a file, and returns it
|
||||
in a NUL-terminated buffer allocated with
|
||||
.Xr malloc 3 .
|
||||
.Pp
|
||||
The
|
||||
.Nm
|
||||
function performs a certain amount of processing
|
||||
on the data it reads.
|
||||
Comments (introduced by a hash sign) are stripped, as is leading and
|
||||
trailing whitespace.
|
||||
Any amount of linear whitespace is collapsed to a single space.
|
||||
Blank lines are ignored.
|
||||
If a line ends in a backslash, the backslash is stripped and the next
|
||||
line is appended.
|
||||
.Pp
|
||||
If
|
||||
.Va lineno
|
||||
is not
|
||||
.Dv NULL ,
|
||||
the integer variable it points to is
|
||||
incremented every time a newline character is read.
|
||||
.Pp
|
||||
If
|
||||
.Va lenp
|
||||
is not
|
||||
.Dv NULL ,
|
||||
the length of the line (not including the
|
||||
terminating NUL character) is stored in the variable it points to.
|
||||
.Pp
|
||||
The caller is responsible for releasing the returned buffer by passing
|
||||
it to
|
||||
.Xr free 3 .
|
||||
.Sh RETURN VALUES
|
||||
The
|
||||
.Nm
|
||||
function returns
|
||||
.Dv NULL
|
||||
on failure.
|
||||
.Sh SEE ALSO
|
||||
.Xr free 3 ,
|
||||
.Xr malloc 3 ,
|
||||
.Xr pam 3
|
||||
.Sh STANDARDS
|
||||
The
|
||||
.Nm
|
||||
function is an OpenPAM extension.
|
||||
.Sh AUTHORS
|
||||
The
|
||||
.Nm
|
||||
function and this manual page were developed for the FreeBSD Project
|
||||
by ThinkSec AS and Network Associates Laboratories, the Security
|
||||
Research Division of Network Associates, Inc. under DARPA/SPAWAR
|
||||
contract N66001-01-C-8035
|
||||
.Pq Dq CBOSS ,
|
||||
as part of the DARPA CHATS research program.
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt OPENPAM_RESTORE_CRED 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt OPENPAM_SET_OPTION 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -52,6 +52,7 @@ The
|
||||
.Nm
|
||||
function sets the specified option in the
|
||||
context of the currently executing service module.
|
||||
.Pp
|
||||
.Sh RETURN VALUES
|
||||
The
|
||||
.Nm
|
||||
@ -63,6 +64,7 @@ Memory buffer error.
|
||||
System error.
|
||||
.El
|
||||
.Sh SEE ALSO
|
||||
.Xr openpam_get_option 3 ,
|
||||
.Xr pam 3 ,
|
||||
.Xr pam_strerror 3
|
||||
.Sh STANDARDS
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt OPENPAM_TTYCONV 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -57,7 +57,7 @@ of most text-based interactive programs.
|
||||
The
|
||||
.Nm
|
||||
function allows the application to specify a
|
||||
timeout for user input by setting the global variable
|
||||
timeout for user input by setting the global integer variable
|
||||
.Va openpam_ttyconv_timeout
|
||||
to the length of the timeout in seconds.
|
||||
.Pp
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt PAM 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt PAM_ACCT_MGMT 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
@ -64,7 +64,7 @@ Fail if the user's authentication token is null.
|
||||
.El
|
||||
.Pp
|
||||
If any other bits are set,
|
||||
.Xr pam_authenticate 3
|
||||
.Nm
|
||||
will return
|
||||
.Dv PAM_SYMBOL_ERR .
|
||||
.Sh RETURN VALUES
|
||||
@ -95,7 +95,6 @@ Unknown user.
|
||||
.El
|
||||
.Sh SEE ALSO
|
||||
.Xr pam 3 ,
|
||||
.Xr pam_authenticate 3 ,
|
||||
.Xr pam_strerror 3
|
||||
.Sh STANDARDS
|
||||
.Rs
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt PAM_AUTHENTICATE 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt PAM_CHAUTHTOK 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt PAM_CLOSE_SESSION 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
.\" SUCH DAMAGE.
|
||||
.\"
|
||||
.\" $P4: //depot/projects/openpam/doc/man/pam_conv.3#2 $
|
||||
.\" $P4: //depot/projects/openpam/doc/man/pam_conv.3#3 $
|
||||
.\"
|
||||
.Dd May 27, 2002
|
||||
.Dt PAM_CONV 3
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt PAM_END 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt PAM_ERROR 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt PAM_GET_AUTHTOK 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt PAM_GET_DATA 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt PAM_GET_ITEM 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt PAM_GET_USER 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt PAM_GETENV 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt PAM_GETENVLIST 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt PAM_INFO 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt PAM_OPEN_SESSION 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt PAM_PROMPT 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt PAM_PUTENV 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt PAM_SET_DATA 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt PAM_SET_ITEM 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt PAM_SETCRED 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt PAM_SETENV 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt PAM_SM_ACCT_MGMT 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt PAM_SM_AUTHENTICATE 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt PAM_SM_CHAUTHTOK 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt PAM_SM_CLOSE_SESSION 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt PAM_SM_OPEN_SESSION 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt PAM_SM_SETCRED 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt PAM_START 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt PAM_STRERROR 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt PAM_VERROR 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt PAM_VINFO 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
.\"-
|
||||
.\" Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
.\" Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
.\" All rights reserved.
|
||||
.\"
|
||||
.\" This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -33,7 +33,7 @@
|
||||
.\"
|
||||
.\" $P4$
|
||||
.\"
|
||||
.Dd May 2, 2003
|
||||
.Dd June 1, 2003
|
||||
.Dt PAM_VPROMPT 3
|
||||
.Os
|
||||
.Sh NAME
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/include/security/openpam.h#21 $
|
||||
* $P4: //depot/projects/openpam/include/security/openpam.h#24 $
|
||||
*/
|
||||
|
||||
#ifndef _SECURITY_OPENPAM_H_INCLUDED
|
||||
@ -118,6 +118,18 @@ pam_vprompt(pam_handle_t *_pamh,
|
||||
const char *_fmt,
|
||||
va_list _ap);
|
||||
|
||||
/*
|
||||
* Read cooked lines.
|
||||
* Checking for FOPEN_MAX is a fairly reliable way to detect the presence
|
||||
* of <stdio.h>
|
||||
*/
|
||||
#ifdef FOPEN_MAX
|
||||
char *
|
||||
openpam_readline(FILE *_f,
|
||||
int *_lineno,
|
||||
size_t *_lenp);
|
||||
#endif
|
||||
|
||||
/*
|
||||
* Log levels
|
||||
*/
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,14 +31,14 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/include/security/openpam_version.h#7 $
|
||||
* $P4: //depot/projects/openpam/include/security/openpam_version.h#9 $
|
||||
*/
|
||||
|
||||
#ifndef _OPENPAM_VERSION_H_INCLUDED
|
||||
#define _OPENPAM_VERSION_H_INCLUDED
|
||||
|
||||
#define _OPENPAM
|
||||
#define _OPENPAM_VERSION 20030502
|
||||
#define _OPENPAM_RELEASE "Dianthus"
|
||||
#define _OPENPAM_VERSION 20030601
|
||||
#define _OPENPAM_RELEASE "Digitalis"
|
||||
|
||||
#endif
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/include/security/pam_appl.h#11 $
|
||||
* $P4: //depot/projects/openpam/include/security/pam_appl.h#13 $
|
||||
*/
|
||||
|
||||
#ifndef _PAM_APPL_H_INCLUDED
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/include/security/pam_constants.h#20 $
|
||||
* $P4: //depot/projects/openpam/include/security/pam_constants.h#22 $
|
||||
*/
|
||||
|
||||
#ifndef _PAM_CONSTANTS_H_INCLUDED
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/include/security/pam_modules.h#8 $
|
||||
* $P4: //depot/projects/openpam/include/security/pam_modules.h#9 $
|
||||
*/
|
||||
|
||||
#ifndef _PAM_MODULES_H_INCLUDED
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/include/security/pam_types.h#9 $
|
||||
* $P4: //depot/projects/openpam/include/security/pam_types.h#11 $
|
||||
*/
|
||||
|
||||
#ifndef _PAM_TYPES_H_INCLUDED
|
||||
|
@ -1,5 +1,5 @@
|
||||
#-
|
||||
# Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
# Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
# All rights reserved.
|
||||
#
|
||||
# This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,18 +31,21 @@
|
||||
# OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
# SUCH DAMAGE.
|
||||
#
|
||||
# $P4: //depot/projects/openpam/lib/Makefile#16 $
|
||||
# $P4: //depot/projects/openpam/lib/Makefile#21 $
|
||||
#
|
||||
|
||||
LIB = pam
|
||||
SHLIB_MAJOR = 2
|
||||
SHLIB_MINOR = 0
|
||||
|
||||
WARNS ?= 4
|
||||
NO_WERROR = yes
|
||||
CFLAGS += -I${.CURDIR}/../include
|
||||
CFLAGS += -DLIB_MAJ=${SHLIB_MAJOR}
|
||||
|
||||
OSNAME != uname -s
|
||||
.if ${OSNAME} == "Linux"
|
||||
LDADD += -ldl
|
||||
.endif
|
||||
|
||||
SRCS =
|
||||
SRCS += openpam_borrow_cred.c
|
||||
SRCS += openpam_configure.c
|
||||
@ -54,6 +57,7 @@ SRCS += openpam_get_option.c
|
||||
SRCS += openpam_load.c
|
||||
SRCS += openpam_log.c
|
||||
SRCS += openpam_nullconv.c
|
||||
SRCS += openpam_readline.c
|
||||
SRCS += openpam_restore_cred.c
|
||||
SRCS += openpam_set_option.c
|
||||
SRCS += openpam_static.c
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,11 +31,12 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/openpam_borrow_cred.c#4 $
|
||||
* $P4: //depot/projects/openpam/lib/openpam_borrow_cred.c#9 $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
|
||||
#include <grp.h>
|
||||
#include <pwd.h>
|
||||
#include <stdlib.h>
|
||||
#include <unistd.h>
|
||||
@ -75,20 +76,20 @@ openpam_borrow_cred(pam_handle_t *pamh,
|
||||
scred->euid = geteuid();
|
||||
scred->egid = getegid();
|
||||
r = getgroups(NGROUPS_MAX, scred->groups);
|
||||
if (r == -1) {
|
||||
free(scred);
|
||||
if (r < 0) {
|
||||
FREE(scred);
|
||||
RETURNC(PAM_SYSTEM_ERR);
|
||||
}
|
||||
scred->ngroups = r;
|
||||
r = pam_set_data(pamh, PAM_SAVED_CRED, scred, &openpam_free_data);
|
||||
if (r != PAM_SUCCESS) {
|
||||
free(scred);
|
||||
FREE(scred);
|
||||
RETURNC(r);
|
||||
}
|
||||
if (geteuid() == pwd->pw_uid)
|
||||
RETURNC(PAM_SUCCESS);
|
||||
if (initgroups(pwd->pw_name, pwd->pw_gid) == -1 ||
|
||||
setegid(pwd->pw_gid) == -1 || seteuid(pwd->pw_uid) == -1) {
|
||||
if (initgroups(pwd->pw_name, pwd->pw_gid) < 0 ||
|
||||
setegid(pwd->pw_gid) < 0 || seteuid(pwd->pw_uid) < 0) {
|
||||
openpam_restore_cred(pamh);
|
||||
RETURNC(PAM_SYSTEM_ERR);
|
||||
}
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/openpam_configure.c#6 $
|
||||
* $P4: //depot/projects/openpam/lib/openpam_configure.c#10 $
|
||||
*/
|
||||
|
||||
#include <ctype.h>
|
||||
@ -44,169 +44,223 @@
|
||||
|
||||
#include "openpam_impl.h"
|
||||
|
||||
#define PAM_CONF_STYLE 0
|
||||
#define PAM_D_STYLE 1
|
||||
#define MAX_LINE_LEN 1024
|
||||
#define MAX_OPTIONS 256
|
||||
const char *_pam_facility_name[PAM_NUM_FACILITIES] = {
|
||||
[PAM_ACCOUNT] = "account",
|
||||
[PAM_AUTH] = "auth",
|
||||
[PAM_PASSWORD] = "password",
|
||||
[PAM_SESSION] = "session",
|
||||
};
|
||||
|
||||
const char *_pam_control_flag_name[PAM_NUM_CONTROL_FLAGS] = {
|
||||
[PAM_BINDING] = "binding",
|
||||
[PAM_OPTIONAL] = "optional",
|
||||
[PAM_REQUIRED] = "required",
|
||||
[PAM_REQUISITE] = "requisite",
|
||||
[PAM_SUFFICIENT] = "sufficient",
|
||||
};
|
||||
|
||||
static int openpam_load_chain(pam_handle_t *, const char *, pam_facility_t);
|
||||
|
||||
/*
|
||||
* Matches a word against the first one in a string.
|
||||
* Returns non-zero if they match.
|
||||
*/
|
||||
static int
|
||||
openpam_read_policy_file(pam_chain_t *policy[],
|
||||
const char *service,
|
||||
const char *filename,
|
||||
int style)
|
||||
match_word(const char *str, const char *word)
|
||||
{
|
||||
char buf[MAX_LINE_LEN], *p, *q;
|
||||
const char *optv[MAX_OPTIONS + 1];
|
||||
int ch, chain, flag, line, optc, n, r;
|
||||
size_t len;
|
||||
FILE *f;
|
||||
|
||||
n = 0;
|
||||
while (*str && tolower(*str) == tolower(*word))
|
||||
++str, ++word;
|
||||
return (*str == ' ' && *word == '\0');
|
||||
}
|
||||
|
||||
/*
|
||||
* Return a pointer to the next word (or the final NUL) in a string.
|
||||
*/
|
||||
static const char *
|
||||
next_word(const char *str)
|
||||
{
|
||||
|
||||
/* skip current word */
|
||||
while (*str && *str != ' ')
|
||||
++str;
|
||||
/* skip whitespace */
|
||||
while (*str == ' ')
|
||||
++str;
|
||||
return (str);
|
||||
}
|
||||
|
||||
/*
|
||||
* Return a malloc()ed copy of the first word in a string.
|
||||
*/
|
||||
static char *
|
||||
dup_word(const char *str)
|
||||
{
|
||||
const char *end;
|
||||
char *word;
|
||||
|
||||
for (end = str; *end && *end != ' '; ++end)
|
||||
/* nothing */ ;
|
||||
if (asprintf(&word, "%.*s", (int)(end - str), str) < 0)
|
||||
return (NULL);
|
||||
return (word);
|
||||
}
|
||||
|
||||
/*
|
||||
* Return the length of the first word in a string.
|
||||
*/
|
||||
static int
|
||||
wordlen(const char *str)
|
||||
{
|
||||
int i;
|
||||
|
||||
for (i = 0; str[i] && str[i] != ' '; ++i)
|
||||
/* nothing */ ;
|
||||
return (i);
|
||||
}
|
||||
|
||||
typedef enum { pam_conf_style, pam_d_style } openpam_style_t;
|
||||
|
||||
/*
|
||||
* Extracts given chains from a policy file.
|
||||
*/
|
||||
static int
|
||||
openpam_read_chain(pam_handle_t *pamh,
|
||||
const char *service,
|
||||
pam_facility_t facility,
|
||||
const char *filename,
|
||||
openpam_style_t style)
|
||||
{
|
||||
pam_chain_t *this, **next;
|
||||
const char *p, *q;
|
||||
int count, i, lineno, ret;
|
||||
pam_facility_t fclt;
|
||||
pam_control_t ctlf;
|
||||
char *line, *name;
|
||||
FILE *f;
|
||||
|
||||
if ((f = fopen(filename, "r")) == NULL) {
|
||||
openpam_log(errno == ENOENT ? PAM_LOG_DEBUG : PAM_LOG_NOTICE,
|
||||
"%s: %m", filename);
|
||||
return (0);
|
||||
}
|
||||
openpam_log(PAM_LOG_DEBUG, "looking for '%s' in %s",
|
||||
service, filename);
|
||||
this = NULL;
|
||||
count = lineno = 0;
|
||||
while ((line = openpam_readline(f, &lineno, NULL)) != NULL) {
|
||||
p = line;
|
||||
|
||||
for (line = 1; fgets(buf, MAX_LINE_LEN, f) != NULL; ++line) {
|
||||
if ((len = strlen(buf)) == 0)
|
||||
continue;
|
||||
|
||||
/* check for overflow */
|
||||
if (buf[--len] != '\n' && !feof(f)) {
|
||||
openpam_log(PAM_LOG_ERROR, "%s: line %d too long",
|
||||
filename, line);
|
||||
openpam_log(PAM_LOG_ERROR, "%s: ignoring line %d",
|
||||
filename, line);
|
||||
while ((ch = fgetc(f)) != EOF)
|
||||
if (ch == '\n')
|
||||
break;
|
||||
continue;
|
||||
}
|
||||
|
||||
/* strip comments and trailing whitespace */
|
||||
if ((p = strchr(buf, '#')) != NULL)
|
||||
len = p - buf ? p - buf - 1 : p - buf;
|
||||
while (len > 0 && isspace(buf[len - 1]))
|
||||
--len;
|
||||
if (len == 0)
|
||||
continue;
|
||||
buf[len] = '\0';
|
||||
p = q = buf;
|
||||
|
||||
/* check service name */
|
||||
if (style == PAM_CONF_STYLE) {
|
||||
for (q = p = buf; *q != '\0' && !isspace(*q); ++q)
|
||||
/* nothing */;
|
||||
if (*q == '\0')
|
||||
goto syntax_error;
|
||||
*q++ = '\0';
|
||||
if (strcmp(p, service) != 0)
|
||||
/* match service name */
|
||||
if (style == pam_conf_style) {
|
||||
if (!match_word(p, service)) {
|
||||
FREE(line);
|
||||
continue;
|
||||
openpam_log(PAM_LOG_DEBUG, "%s: line %d matches '%s'",
|
||||
filename, line, service);
|
||||
}
|
||||
p = next_word(p);
|
||||
}
|
||||
|
||||
/* match facility name */
|
||||
for (fclt = 0; fclt < PAM_NUM_FACILITIES; ++fclt)
|
||||
if (match_word(p, _pam_facility_name[fclt]))
|
||||
break;
|
||||
if (fclt == PAM_NUM_FACILITIES) {
|
||||
openpam_log(PAM_LOG_NOTICE,
|
||||
"%s(%d): invalid facility '%.*s' (ignored)",
|
||||
filename, lineno, wordlen(p), p);
|
||||
goto fail;
|
||||
}
|
||||
if (facility != fclt && facility != PAM_FACILITY_ANY) {
|
||||
FREE(line);
|
||||
continue;
|
||||
}
|
||||
p = next_word(p);
|
||||
|
||||
/* get module type */
|
||||
for (p = q; isspace(*p); ++p)
|
||||
/* nothing */;
|
||||
for (q = p; *q != '\0' && !isspace(*q); ++q)
|
||||
/* nothing */;
|
||||
if (q == p || *q == '\0')
|
||||
goto syntax_error;
|
||||
*q++ = '\0';
|
||||
if (strcmp(p, "auth") == 0) {
|
||||
chain = PAM_AUTH;
|
||||
} else if (strcmp(p, "account") == 0) {
|
||||
chain = PAM_ACCOUNT;
|
||||
} else if (strcmp(p, "session") == 0) {
|
||||
chain = PAM_SESSION;
|
||||
} else if (strcmp(p, "password") == 0) {
|
||||
chain = PAM_PASSWORD;
|
||||
} else {
|
||||
openpam_log(PAM_LOG_ERROR,
|
||||
"%s: invalid module type on line %d: '%s'",
|
||||
filename, line, p);
|
||||
/* include other chain */
|
||||
if (match_word(p, "include")) {
|
||||
p = next_word(p);
|
||||
if (*next_word(p) != '\0')
|
||||
openpam_log(PAM_LOG_NOTICE,
|
||||
"%s(%d): garbage at end of 'include' line",
|
||||
filename, lineno);
|
||||
if ((name = dup_word(p)) == NULL)
|
||||
goto syserr;
|
||||
ret = openpam_load_chain(pamh, name, fclt);
|
||||
fprintf(stderr, "include %s returned %d\n", name, ret);
|
||||
FREE(name);
|
||||
if (ret < 0)
|
||||
goto fail;
|
||||
count += ret;
|
||||
FREE(line);
|
||||
continue;
|
||||
}
|
||||
|
||||
/* get control flag */
|
||||
for (p = q; isspace(*p); ++p)
|
||||
/* nothing */;
|
||||
for (q = p; *q != '\0' && !isspace(*q); ++q)
|
||||
/* nothing */;
|
||||
if (q == p || *q == '\0')
|
||||
goto syntax_error;
|
||||
*q++ = '\0';
|
||||
if (strcmp(p, "required") == 0) {
|
||||
flag = PAM_REQUIRED;
|
||||
} else if (strcmp(p, "requisite") == 0) {
|
||||
flag = PAM_REQUISITE;
|
||||
} else if (strcmp(p, "sufficient") == 0) {
|
||||
flag = PAM_SUFFICIENT;
|
||||
} else if (strcmp(p, "optional") == 0) {
|
||||
flag = PAM_OPTIONAL;
|
||||
} else if (strcmp(p, "binding") == 0) {
|
||||
flag = PAM_BINDING;
|
||||
} else {
|
||||
/* allocate new entry */
|
||||
if ((this = calloc(1, sizeof *this)) == NULL)
|
||||
goto syserr;
|
||||
|
||||
/* control flag */
|
||||
for (ctlf = 0; ctlf < PAM_NUM_CONTROL_FLAGS; ++ctlf)
|
||||
if (match_word(p, _pam_control_flag_name[ctlf]))
|
||||
break;
|
||||
if (ctlf == PAM_NUM_CONTROL_FLAGS) {
|
||||
openpam_log(PAM_LOG_ERROR,
|
||||
"%s: invalid control flag on line %d: '%s'",
|
||||
filename, line, p);
|
||||
continue;
|
||||
"%s(%d): invalid control flag '%.*s'",
|
||||
filename, lineno, wordlen(p), p);
|
||||
goto fail;
|
||||
}
|
||||
this->flag = ctlf;
|
||||
|
||||
/* get module name */
|
||||
for (p = q; isspace(*p); ++p)
|
||||
/* nothing */;
|
||||
for (q = p; *q != '\0' && !isspace(*q); ++q)
|
||||
/* nothing */;
|
||||
if (q == p)
|
||||
goto syntax_error;
|
||||
|
||||
/* get options */
|
||||
for (optc = 0; *q != '\0' && optc < MAX_OPTIONS; ++optc) {
|
||||
*q++ = '\0';
|
||||
while (isspace(*q))
|
||||
++q;
|
||||
optv[optc] = q;
|
||||
while (*q != '\0' && !isspace(*q))
|
||||
++q;
|
||||
}
|
||||
optv[optc] = NULL;
|
||||
if (*q != '\0') {
|
||||
*q = '\0';
|
||||
/* module name */
|
||||
p = next_word(p);
|
||||
if (*p == '\0') {
|
||||
openpam_log(PAM_LOG_ERROR,
|
||||
"%s: too many options on line %d",
|
||||
filename, line);
|
||||
"%s(%d): missing module name",
|
||||
filename, lineno);
|
||||
goto fail;
|
||||
}
|
||||
if ((name = dup_word(p)) == NULL)
|
||||
goto syserr;
|
||||
this->module = openpam_load_module(name);
|
||||
FREE(name);
|
||||
if (this->module == NULL)
|
||||
goto fail;
|
||||
|
||||
/* module options */
|
||||
p = q = next_word(p);
|
||||
while (*q != '\0') {
|
||||
++this->optc;
|
||||
q = next_word(q);
|
||||
}
|
||||
this->optv = calloc(this->optc + 1, sizeof(char *));
|
||||
if (this->optv == NULL)
|
||||
goto syserr;
|
||||
for (i = 0; i < this->optc; ++i) {
|
||||
if ((this->optv[i] = dup_word(p)) == NULL)
|
||||
goto syserr;
|
||||
p = next_word(p);
|
||||
}
|
||||
|
||||
/*
|
||||
* Finally, add the module at the end of the
|
||||
* appropriate chain and bump the counter.
|
||||
*/
|
||||
r = openpam_add_module(policy, chain, flag, p, optc, optv);
|
||||
if (r != PAM_SUCCESS)
|
||||
return (-r);
|
||||
++n;
|
||||
continue;
|
||||
syntax_error:
|
||||
openpam_log(PAM_LOG_ERROR, "%s: syntax error on line %d",
|
||||
filename, line);
|
||||
openpam_log(PAM_LOG_DEBUG, "%s: line %d: [%s]",
|
||||
filename, line, q);
|
||||
openpam_log(PAM_LOG_ERROR, "%s: ignoring line %d",
|
||||
filename, line);
|
||||
/* hook it up */
|
||||
for (next = &pamh->chains[fclt]; *next != NULL;
|
||||
next = &(*next)->next)
|
||||
/* nothing */ ;
|
||||
*next = this;
|
||||
this = NULL;
|
||||
++count;
|
||||
|
||||
/* next please... */
|
||||
FREE(line);
|
||||
}
|
||||
|
||||
if (ferror(f))
|
||||
openpam_log(PAM_LOG_ERROR, "%s: %m", filename);
|
||||
|
||||
if (!feof(f))
|
||||
goto syserr;
|
||||
fclose(f);
|
||||
return (n);
|
||||
return (count);
|
||||
syserr:
|
||||
openpam_log(PAM_LOG_ERROR, "%s: %m", filename);
|
||||
fail:
|
||||
FREE(this);
|
||||
FREE(line);
|
||||
fclose(f);
|
||||
return (-1);
|
||||
}
|
||||
|
||||
static const char *openpam_policy_path[] = {
|
||||
@ -217,9 +271,14 @@ static const char *openpam_policy_path[] = {
|
||||
NULL
|
||||
};
|
||||
|
||||
/*
|
||||
* Locates the policy file for a given service and reads the given chains
|
||||
* from it.
|
||||
*/
|
||||
static int
|
||||
openpam_load_policy(pam_chain_t *policy[],
|
||||
const char *service)
|
||||
openpam_load_chain(pam_handle_t *pamh,
|
||||
const char *service,
|
||||
pam_facility_t facility)
|
||||
{
|
||||
const char **path;
|
||||
char *filename;
|
||||
@ -229,24 +288,20 @@ openpam_load_policy(pam_chain_t *policy[],
|
||||
for (path = openpam_policy_path; *path != NULL; ++path) {
|
||||
len = strlen(*path);
|
||||
if ((*path)[len - 1] == '/') {
|
||||
filename = malloc(len + strlen(service) + 1);
|
||||
if (filename == NULL) {
|
||||
openpam_log(PAM_LOG_ERROR, "malloc(): %m");
|
||||
if (asprintf(&filename, "%s%s", *path, service) < 0) {
|
||||
openpam_log(PAM_LOG_ERROR, "asprintf(): %m");
|
||||
return (-PAM_BUF_ERR);
|
||||
}
|
||||
strcpy(filename, *path);
|
||||
strcat(filename, service);
|
||||
r = openpam_read_policy_file(policy,
|
||||
service, filename, PAM_D_STYLE);
|
||||
free(filename);
|
||||
r = openpam_read_chain(pamh, service, facility,
|
||||
filename, pam_d_style);
|
||||
FREE(filename);
|
||||
} else {
|
||||
r = openpam_read_policy_file(policy,
|
||||
service, *path, PAM_CONF_STYLE);
|
||||
r = openpam_read_chain(pamh, service, facility,
|
||||
*path, pam_conf_style);
|
||||
}
|
||||
if (r != 0)
|
||||
return (r);
|
||||
}
|
||||
|
||||
return (0);
|
||||
}
|
||||
|
||||
@ -260,34 +315,21 @@ int
|
||||
openpam_configure(pam_handle_t *pamh,
|
||||
const char *service)
|
||||
{
|
||||
pam_chain_t *other[PAM_NUM_CHAINS] = { 0 };
|
||||
int i, n, r;
|
||||
pam_facility_t fclt;
|
||||
|
||||
/* try own configuration first */
|
||||
r = openpam_load_policy(pamh->chains, service);
|
||||
if (r < 0)
|
||||
return (-r);
|
||||
for (i = n = 0; i < PAM_NUM_CHAINS; ++i) {
|
||||
if (pamh->chains[i] != NULL)
|
||||
++n;
|
||||
}
|
||||
if (n == PAM_NUM_CHAINS)
|
||||
return (PAM_SUCCESS);
|
||||
if (openpam_load_chain(pamh, service, PAM_FACILITY_ANY) < 0)
|
||||
goto load_err;
|
||||
|
||||
/* fill in the blanks with "other" */
|
||||
openpam_load_policy(other, PAM_OTHER);
|
||||
if (r < 0)
|
||||
return (-r);
|
||||
for (i = n = 0; i < PAM_NUM_CHAINS; ++i) {
|
||||
if (pamh->chains[i] == NULL) {
|
||||
pamh->chains[i] = other[i];
|
||||
other[i] = NULL;
|
||||
}
|
||||
if (pamh->chains[i] != NULL)
|
||||
++n;
|
||||
for (fclt = 0; fclt < PAM_NUM_FACILITIES; ++fclt) {
|
||||
if (pamh->chains[fclt] != NULL)
|
||||
continue;
|
||||
if (openpam_load_chain(pamh, PAM_OTHER, fclt) < 0)
|
||||
goto load_err;
|
||||
}
|
||||
openpam_clear_chains(other);
|
||||
return (n > 0 ? PAM_SUCCESS : PAM_SYSTEM_ERR);
|
||||
return (PAM_SUCCESS);
|
||||
load_err:
|
||||
openpam_clear_chains(pamh->chains);
|
||||
return (PAM_SYSTEM_ERR);
|
||||
}
|
||||
|
||||
/*
|
||||
@ -295,5 +337,4 @@ openpam_configure(pam_handle_t *pamh,
|
||||
*
|
||||
* Error codes:
|
||||
* PAM_SYSTEM_ERR
|
||||
* PAM_BUF_ERR
|
||||
*/
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/openpam_dispatch.c#19 $
|
||||
* $P4: //depot/projects/openpam/lib/openpam_dispatch.c#21 $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/openpam_dynamic.c#7 $
|
||||
* $P4: //depot/projects/openpam/lib/openpam_dynamic.c#13 $
|
||||
*/
|
||||
|
||||
#include <dlfcn.h>
|
||||
@ -43,6 +43,10 @@
|
||||
|
||||
#include "openpam_impl.h"
|
||||
|
||||
#ifndef RTLD_NOW
|
||||
#define RTLD_NOW RTLD_LAZY
|
||||
#endif
|
||||
|
||||
/*
|
||||
* OpenPAM internal
|
||||
*
|
||||
@ -62,18 +66,18 @@ openpam_dynamic(const char *path)
|
||||
goto buf_err;
|
||||
|
||||
/* try versioned module first, then unversioned module */
|
||||
if (asprintf(&vpath, "%s.%d", path, LIB_MAJ) == -1)
|
||||
if (asprintf(&vpath, "%s.%d", path, LIB_MAJ) < 0)
|
||||
goto buf_err;
|
||||
if ((dlh = dlopen(vpath, RTLD_NOW)) == NULL) {
|
||||
openpam_log(PAM_LOG_DEBUG, "%s: %s", vpath, dlerror());
|
||||
*strrchr(vpath, '.') = '\0';
|
||||
if ((dlh = dlopen(vpath, RTLD_NOW)) == NULL) {
|
||||
openpam_log(PAM_LOG_DEBUG, "%s: %s", vpath, dlerror());
|
||||
free(module);
|
||||
FREE(module);
|
||||
return (NULL);
|
||||
}
|
||||
}
|
||||
free(vpath);
|
||||
FREE(vpath);
|
||||
if ((module->path = strdup(path)) == NULL)
|
||||
goto buf_err;
|
||||
module->dlh = dlh;
|
||||
@ -88,7 +92,7 @@ openpam_dynamic(const char *path)
|
||||
openpam_log(PAM_LOG_ERROR, "%m");
|
||||
if (dlh != NULL)
|
||||
dlclose(dlh);
|
||||
free(module);
|
||||
FREE(module);
|
||||
return (NULL);
|
||||
}
|
||||
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/openpam_findenv.c#10 $
|
||||
* $P4: //depot/projects/openpam/lib/openpam_findenv.c#12 $
|
||||
*/
|
||||
|
||||
#include <string.h>
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/openpam_free_data.c#3 $
|
||||
* $P4: //depot/projects/openpam/lib/openpam_free_data.c#5 $
|
||||
*/
|
||||
|
||||
#include <stdlib.h>
|
||||
@ -54,7 +54,7 @@ openpam_free_data(pam_handle_t *pamh, void *data, int status)
|
||||
ENTER();
|
||||
(void)pamh;
|
||||
(void)status;
|
||||
free(data);
|
||||
FREE(data);
|
||||
RETURNV();
|
||||
}
|
||||
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/openpam_get_option.c#6 $
|
||||
* $P4: //depot/projects/openpam/lib/openpam_get_option.c#10 $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -73,12 +73,10 @@ openpam_get_option(pam_handle_t *pamh,
|
||||
RETURNS(NULL);
|
||||
}
|
||||
|
||||
/*
|
||||
* NOLIST
|
||||
*/
|
||||
|
||||
/**
|
||||
* The =openpam_get_option function returns the value of the specified
|
||||
* option in the context of the currently executing service module, or
|
||||
* =NULL if the option is not set or no module is currently executing.
|
||||
*
|
||||
* >openpam_set_option
|
||||
*/
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2001 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2001-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/openpam_impl.h#21 $
|
||||
* $P4: //depot/projects/openpam/lib/openpam_impl.h#27 $
|
||||
*/
|
||||
|
||||
#ifndef _OPENPAM_IMPL_H_INCLUDED
|
||||
@ -49,21 +49,26 @@ extern int _openpam_debug;
|
||||
/*
|
||||
* Control flags
|
||||
*/
|
||||
#define PAM_REQUIRED 1
|
||||
#define PAM_REQUISITE 2
|
||||
#define PAM_SUFFICIENT 3
|
||||
#define PAM_OPTIONAL 4
|
||||
#define PAM_BINDING 5
|
||||
#define PAM_NUM_CONTROLFLAGS 6
|
||||
typedef enum {
|
||||
PAM_BINDING,
|
||||
PAM_REQUIRED,
|
||||
PAM_REQUISITE,
|
||||
PAM_SUFFICIENT,
|
||||
PAM_OPTIONAL,
|
||||
PAM_NUM_CONTROL_FLAGS
|
||||
} pam_control_t;
|
||||
|
||||
/*
|
||||
* Chains
|
||||
* Facilities
|
||||
*/
|
||||
#define PAM_AUTH 0
|
||||
#define PAM_ACCOUNT 1
|
||||
#define PAM_SESSION 2
|
||||
#define PAM_PASSWORD 3
|
||||
#define PAM_NUM_CHAINS 4
|
||||
typedef enum {
|
||||
PAM_FACILITY_ANY = -1,
|
||||
PAM_AUTH = 0,
|
||||
PAM_ACCOUNT,
|
||||
PAM_SESSION,
|
||||
PAM_PASSWORD,
|
||||
PAM_NUM_FACILITIES
|
||||
} pam_facility_t;
|
||||
|
||||
typedef struct pam_chain pam_chain_t;
|
||||
struct pam_chain {
|
||||
@ -86,7 +91,7 @@ struct pam_handle {
|
||||
char *service;
|
||||
|
||||
/* chains */
|
||||
pam_chain_t *chains[PAM_NUM_CHAINS];
|
||||
pam_chain_t *chains[PAM_NUM_FACILITIES];
|
||||
pam_chain_t *current;
|
||||
int primitive;
|
||||
|
||||
@ -112,17 +117,18 @@ struct pam_saved_cred {
|
||||
|
||||
#define PAM_OTHER "other"
|
||||
|
||||
int openpam_configure(pam_handle_t *, const char *);
|
||||
int openpam_dispatch(pam_handle_t *, int, int);
|
||||
int openpam_findenv(pam_handle_t *, const char *, size_t);
|
||||
int openpam_add_module(pam_chain_t **, int, int,
|
||||
const char *, int, const char **);
|
||||
void openpam_clear_chains(pam_chain_t **);
|
||||
int openpam_configure(pam_handle_t *, const char *);
|
||||
int openpam_dispatch(pam_handle_t *, int, int);
|
||||
int openpam_findenv(pam_handle_t *, const char *, size_t);
|
||||
pam_module_t *openpam_load_module(const char *);
|
||||
void openpam_clear_chains(pam_chain_t **);
|
||||
|
||||
#ifdef OPENPAM_STATIC_MODULES
|
||||
pam_module_t *openpam_static(const char *);
|
||||
pam_module_t *openpam_static(const char *);
|
||||
#endif
|
||||
pam_module_t *openpam_dynamic(const char *);
|
||||
pam_module_t *openpam_dynamic(const char *);
|
||||
|
||||
#define FREE(p) do { free((p)); (p) = NULL; } while (0)
|
||||
|
||||
#ifdef DEBUG
|
||||
#define ENTER() openpam_log(PAM_LOG_DEBUG, "entering")
|
||||
@ -131,16 +137,16 @@ pam_module_t *openpam_dynamic(const char *);
|
||||
openpam_log(PAM_LOG_DEBUG, "entering: %s", _pam_item_name[i]); \
|
||||
else \
|
||||
openpam_log(PAM_LOG_DEBUG, "entering: %d", (i)); \
|
||||
} while (0);
|
||||
} while (0)
|
||||
#define ENTERN(n) do { \
|
||||
openpam_log(PAM_LOG_DEBUG, "entering: %d", (n)); \
|
||||
} while (0);
|
||||
} while (0)
|
||||
#define ENTERS(s) do { \
|
||||
if ((s) == NULL) \
|
||||
openpam_log(PAM_LOG_DEBUG, "entering: NULL"); \
|
||||
else \
|
||||
openpam_log(PAM_LOG_DEBUG, "entering: '%s'", (s)); \
|
||||
} while (0);
|
||||
} while (0)
|
||||
#define RETURNV() openpam_log(PAM_LOG_DEBUG, "returning")
|
||||
#define RETURNC(c) do { \
|
||||
if ((c) >= 0 && (c) < PAM_NUM_ERRORS) \
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/openpam_load.c#15 $
|
||||
* $P4: //depot/projects/openpam/lib/openpam_load.c#19 $
|
||||
*/
|
||||
|
||||
#include <dlfcn.h>
|
||||
@ -67,7 +67,7 @@ static pam_module_t *modules;
|
||||
* found modules to speed up the process.
|
||||
*/
|
||||
|
||||
static pam_module_t *
|
||||
pam_module_t *
|
||||
openpam_load_module(const char *path)
|
||||
{
|
||||
pam_module_t *module;
|
||||
@ -136,8 +136,8 @@ openpam_release_module(pam_module_t *module)
|
||||
if (module == modules)
|
||||
modules = module->next;
|
||||
openpam_log(PAM_LOG_DEBUG, "releasing %s", module->path);
|
||||
free(module->path);
|
||||
free(module);
|
||||
FREE(module->path);
|
||||
FREE(module);
|
||||
}
|
||||
|
||||
|
||||
@ -154,52 +154,10 @@ openpam_destroy_chain(pam_chain_t *chain)
|
||||
openpam_destroy_chain(chain->next);
|
||||
chain->next = NULL;
|
||||
while (chain->optc--)
|
||||
free(chain->optv[chain->optc]);
|
||||
free(chain->optv);
|
||||
FREE(chain->optv[chain->optc]);
|
||||
FREE(chain->optv);
|
||||
openpam_release_module(chain->module);
|
||||
free(chain);
|
||||
}
|
||||
|
||||
/*
|
||||
* Add a module to a chain.
|
||||
*/
|
||||
|
||||
int
|
||||
openpam_add_module(pam_chain_t *policy[],
|
||||
int chain,
|
||||
int flag,
|
||||
const char *modpath,
|
||||
int optc,
|
||||
const char *optv[])
|
||||
{
|
||||
pam_chain_t *new, *iterator;
|
||||
|
||||
if ((new = calloc(1, sizeof *new)) == NULL)
|
||||
goto buf_err;
|
||||
if ((new->optv = malloc(sizeof(char *) * (optc + 1))) == NULL)
|
||||
goto buf_err;
|
||||
while (optc--)
|
||||
if ((new->optv[new->optc++] = strdup(*optv++)) == NULL)
|
||||
goto buf_err;
|
||||
new->optv[new->optc] = NULL;
|
||||
new->flag = flag;
|
||||
if ((new->module = openpam_load_module(modpath)) == NULL) {
|
||||
openpam_destroy_chain(new);
|
||||
return (PAM_OPEN_ERR);
|
||||
}
|
||||
if ((iterator = policy[chain]) != NULL) {
|
||||
while (iterator->next != NULL)
|
||||
iterator = iterator->next;
|
||||
iterator->next = new;
|
||||
} else {
|
||||
policy[chain] = new;
|
||||
}
|
||||
return (PAM_SUCCESS);
|
||||
|
||||
buf_err:
|
||||
openpam_log(PAM_LOG_ERROR, "%m");
|
||||
openpam_destroy_chain(new);
|
||||
return (PAM_BUF_ERR);
|
||||
FREE(chain);
|
||||
}
|
||||
|
||||
|
||||
@ -212,7 +170,7 @@ openpam_clear_chains(pam_chain_t *policy[])
|
||||
{
|
||||
int i;
|
||||
|
||||
for (i = 0; i < PAM_NUM_CHAINS; ++i)
|
||||
for (i = 0; i < PAM_NUM_FACILITIES; ++i)
|
||||
openpam_destroy_chain(policy[i]);
|
||||
}
|
||||
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/openpam_log.c#18 $
|
||||
* $P4: //depot/projects/openpam/lib/openpam_log.c#23 $
|
||||
*/
|
||||
|
||||
#include <ctype.h>
|
||||
@ -47,57 +47,12 @@
|
||||
|
||||
int _openpam_debug = 0;
|
||||
|
||||
#if defined(openpam_log)
|
||||
#if !defined(openpam_log)
|
||||
|
||||
/*
|
||||
* OpenPAM extension
|
||||
*
|
||||
* Log a message through syslog(3)
|
||||
*/
|
||||
|
||||
void
|
||||
_openpam_log(int level, const char *func, const char *fmt, ...)
|
||||
{
|
||||
va_list ap;
|
||||
char *format;
|
||||
int len, priority;
|
||||
|
||||
switch (level) {
|
||||
case PAM_LOG_DEBUG:
|
||||
if (!_openpam_debug)
|
||||
return;
|
||||
priority = LOG_DEBUG;
|
||||
break;
|
||||
case PAM_LOG_VERBOSE:
|
||||
priority = LOG_INFO;
|
||||
break;
|
||||
case PAM_LOG_NOTICE:
|
||||
priority = LOG_NOTICE;
|
||||
break;
|
||||
case PAM_LOG_ERROR:
|
||||
default:
|
||||
priority = LOG_ERR;
|
||||
break;
|
||||
}
|
||||
va_start(ap, fmt);
|
||||
for (len = strlen(fmt); len > 0 && isspace(fmt[len]); len--)
|
||||
/* nothing */;
|
||||
if ((format = malloc(strlen(func) + len + 16)) != NULL) {
|
||||
sprintf(format, "in %s(): %.*s\n", func, len, fmt);
|
||||
vsyslog(priority, format, ap);
|
||||
free(format);
|
||||
} else {
|
||||
vsyslog(priority, fmt, ap);
|
||||
}
|
||||
va_end(ap);
|
||||
}
|
||||
|
||||
#else
|
||||
|
||||
/*
|
||||
* If openpam_log isn't defined as a macro, we're on a platform that
|
||||
* doesn't support varadic macros (or it does but we aren't aware of
|
||||
* it). Do the next best thing.
|
||||
* Log a message through syslog
|
||||
*/
|
||||
|
||||
void
|
||||
@ -128,8 +83,67 @@ openpam_log(int level, const char *fmt, ...)
|
||||
va_end(ap);
|
||||
}
|
||||
|
||||
#else
|
||||
|
||||
void
|
||||
_openpam_log(int level, const char *func, const char *fmt, ...)
|
||||
{
|
||||
va_list ap;
|
||||
char *format;
|
||||
int priority;
|
||||
|
||||
switch (level) {
|
||||
case PAM_LOG_DEBUG:
|
||||
if (!_openpam_debug)
|
||||
return;
|
||||
priority = LOG_DEBUG;
|
||||
break;
|
||||
case PAM_LOG_VERBOSE:
|
||||
priority = LOG_INFO;
|
||||
break;
|
||||
case PAM_LOG_NOTICE:
|
||||
priority = LOG_NOTICE;
|
||||
break;
|
||||
case PAM_LOG_ERROR:
|
||||
default:
|
||||
priority = LOG_ERR;
|
||||
break;
|
||||
}
|
||||
va_start(ap, fmt);
|
||||
if (asprintf(&format, "in %s(): %s", func, fmt) > 0) {
|
||||
vsyslog(priority, format, ap);
|
||||
FREE(format);
|
||||
} else {
|
||||
vsyslog(priority, fmt, ap);
|
||||
}
|
||||
va_end(ap);
|
||||
}
|
||||
|
||||
#endif
|
||||
|
||||
/*
|
||||
* NOLIST
|
||||
/**
|
||||
* The =openpam_log function logs messages using =syslog. It is primarily
|
||||
* intended for internal use by the library and modules.
|
||||
*
|
||||
* The =level argument indicates the importance of the message. The
|
||||
* following levels are defined:
|
||||
*
|
||||
* =PAM_LOG_DEBUG:
|
||||
* Debugging messages. These messages are normally not
|
||||
* logged unless the global integer variable :_openpam_debug
|
||||
* is set to a non-zero value, in which case they are logged
|
||||
* with a =syslog priority of =LOG_DEBUG.
|
||||
* =PAM_LOG_VERBOSE:
|
||||
* Information about the progress of the authentication
|
||||
* process, or other non-essential messages. These messages
|
||||
* are logged with a =syslog priority of =LOG_INFO.
|
||||
* =PAM_LOG_NOTICE:
|
||||
* Messages relating to non-fatal errors. These messages are
|
||||
* logged with a =syslog priority of =LOG_NOTICE.
|
||||
* =PAM_LOG_ERROR:
|
||||
* Messages relating to serious errors. These messages are
|
||||
* logged with a =syslog priority of =LOG_ERR.
|
||||
*
|
||||
* The remaining arguments are a =printf format string and the
|
||||
* corresponding arguments.
|
||||
*/
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/openpam_nullconv.c#4 $
|
||||
* $P4: //depot/projects/openpam/lib/openpam_nullconv.c#6 $
|
||||
*/
|
||||
|
||||
#include <sys/types.h>
|
||||
@ -62,8 +62,6 @@ openpam_nullconv(int n,
|
||||
}
|
||||
|
||||
/*
|
||||
* NOLIST
|
||||
*
|
||||
* Error codes:
|
||||
*
|
||||
* PAM_CONV_ERR
|
||||
|
154
contrib/openpam/lib/openpam_readline.c
Normal file
154
contrib/openpam/lib/openpam_readline.c
Normal file
@ -0,0 +1,154 @@
|
||||
/*-
|
||||
* Copyright (c) 2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
* Network Associates Laboratories, the Security Research Division of
|
||||
* Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035
|
||||
* ("CBOSS"), as part of the DARPA CHATS research program.
|
||||
*
|
||||
* Redistribution and use in source and binary forms, with or without
|
||||
* modification, are permitted provided that the following conditions
|
||||
* are met:
|
||||
* 1. Redistributions of source code must retain the above copyright
|
||||
* notice, this list of conditions and the following disclaimer.
|
||||
* 2. Redistributions in binary form must reproduce the above copyright
|
||||
* notice, this list of conditions and the following disclaimer in the
|
||||
* documentation and/or other materials provided with the distribution.
|
||||
* 3. The name of the author may not be used to endorse or promote
|
||||
* products derived from this software without specific prior written
|
||||
* permission.
|
||||
*
|
||||
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
|
||||
* ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
||||
* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
||||
* ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
||||
* FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
||||
* DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
||||
* OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
||||
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
||||
* LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/openpam_readline.c#2 $
|
||||
*/
|
||||
|
||||
#include <ctype.h>
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
|
||||
#include <security/pam_appl.h>
|
||||
#include "openpam_impl.h"
|
||||
|
||||
#define MIN_LINE_LENGTH 128
|
||||
|
||||
/*
|
||||
* OpenPAM extension
|
||||
*
|
||||
* Read a line from a file.
|
||||
*/
|
||||
|
||||
char *
|
||||
openpam_readline(FILE *f, int *lineno, size_t *lenp)
|
||||
{
|
||||
char *line;
|
||||
size_t len, size;
|
||||
int ch;
|
||||
|
||||
if ((line = malloc(MIN_LINE_LENGTH)) == NULL)
|
||||
return (NULL);
|
||||
size = MIN_LINE_LENGTH;
|
||||
len = 0;
|
||||
|
||||
#define line_putch(ch) do { \
|
||||
if (len >= size - 1) { \
|
||||
char *tmp = realloc(line, size *= 2); \
|
||||
if (tmp == NULL) \
|
||||
goto fail; \
|
||||
line = tmp; \
|
||||
} \
|
||||
line[len++] = ch; \
|
||||
line[len] = '\0'; \
|
||||
} while (0)
|
||||
|
||||
for (;;) {
|
||||
ch = fgetc(f);
|
||||
/* strip comment */
|
||||
if (ch == '#') {
|
||||
do {
|
||||
ch = fgetc(f);
|
||||
} while (ch != EOF && ch != '\n');
|
||||
}
|
||||
/* eof */
|
||||
if (ch == EOF) {
|
||||
/* remove trailing whitespace */
|
||||
while (len > 0 && isspace(line[len - 1]))
|
||||
--len;
|
||||
line[len] = '\0';
|
||||
if (len == 0)
|
||||
goto fail;
|
||||
break;
|
||||
}
|
||||
/* eol */
|
||||
if (ch == '\n') {
|
||||
if (lineno != NULL)
|
||||
++*lineno;
|
||||
|
||||
/* remove trailing whitespace */
|
||||
while (len > 0 && isspace(line[len - 1]))
|
||||
--len;
|
||||
line[len] = '\0';
|
||||
/* skip blank lines */
|
||||
if (len == 0)
|
||||
continue;
|
||||
/* continuation */
|
||||
if (line[len - 1] == '\\') {
|
||||
line[--len] = '\0';
|
||||
/* fall through to whitespace case */
|
||||
} else {
|
||||
break;
|
||||
}
|
||||
}
|
||||
/* whitespace */
|
||||
if (isspace(ch)) {
|
||||
/* ignore leading whitespace */
|
||||
/* collapse linear whitespace */
|
||||
if (len > 0 && line[len - 1] != ' ')
|
||||
line_putch(' ');
|
||||
continue;
|
||||
}
|
||||
/* anything else */
|
||||
line_putch(ch);
|
||||
}
|
||||
|
||||
if (lenp != NULL)
|
||||
*lenp = len;
|
||||
return (line);
|
||||
fail:
|
||||
FREE(line);
|
||||
return (NULL);
|
||||
}
|
||||
|
||||
/**
|
||||
* The =openpam_readline function reads a line from a file, and returns it
|
||||
* in a NUL-terminated buffer allocated with =malloc.
|
||||
*
|
||||
* The =openpam_readline function performs a certain amount of processing
|
||||
* on the data it reads.
|
||||
* Comments (introduced by a hash sign) are stripped, as is leading and
|
||||
* trailing whitespace.
|
||||
* Any amount of linear whitespace is collapsed to a single space.
|
||||
* Blank lines are ignored.
|
||||
* If a line ends in a backslash, the backslash is stripped and the next
|
||||
* line is appended.
|
||||
*
|
||||
* If =lineno is not =NULL, the integer variable it points to is
|
||||
* incremented every time a newline character is read.
|
||||
*
|
||||
* If =lenp is not =NULL, the length of the line (not including the
|
||||
* terminating NUL character) is stored in the variable it points to.
|
||||
*
|
||||
* The caller is responsible for releasing the returned buffer by passing
|
||||
* it to =free.
|
||||
*/
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,11 +31,12 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/openpam_restore_cred.c#4 $
|
||||
* $P4: //depot/projects/openpam/lib/openpam_restore_cred.c#8 $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
|
||||
#include <grp.h>
|
||||
#include <pwd.h>
|
||||
#include <stdlib.h>
|
||||
#include <unistd.h>
|
||||
@ -63,9 +64,9 @@ openpam_restore_cred(pam_handle_t *pamh)
|
||||
if (scred == NULL)
|
||||
RETURNC(PAM_SYSTEM_ERR);
|
||||
if (scred->euid != geteuid()) {
|
||||
if (seteuid(scred->euid) == -1 ||
|
||||
setgroups(scred->ngroups, scred->groups) == -1 ||
|
||||
setegid(scred->egid) == -1)
|
||||
if (seteuid(scred->euid) < 0 ||
|
||||
setgroups(scred->ngroups, scred->groups) < 0 ||
|
||||
setegid(scred->egid) < 0)
|
||||
RETURNC(PAM_SYSTEM_ERR);
|
||||
}
|
||||
pam_set_data(pamh, PAM_SAVED_CRED, NULL, NULL);
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/openpam_set_option.c#7 $
|
||||
* $P4: //depot/projects/openpam/lib/openpam_set_option.c#13 $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -82,14 +82,13 @@ openpam_set_option(pam_handle_t *pamh,
|
||||
cur->optv[i] = NULL;
|
||||
RETURNC(PAM_SUCCESS);
|
||||
}
|
||||
if ((opt = malloc(len + strlen(value) + 2)) == NULL)
|
||||
if (asprintf(&opt, "%.*s=%s", (int)len, option, value) < 0)
|
||||
RETURNC(PAM_BUF_ERR);
|
||||
sprintf(opt, "%.*s=%s", (int)len, option, value);
|
||||
if (i == cur->optc) {
|
||||
/* add */
|
||||
optv = realloc(cur->optv, sizeof(char *) * (cur->optc + 2));
|
||||
if (optv == NULL) {
|
||||
free(opt);
|
||||
FREE(opt);
|
||||
RETURNC(PAM_BUF_ERR);
|
||||
}
|
||||
optv[i] = opt;
|
||||
@ -98,15 +97,13 @@ openpam_set_option(pam_handle_t *pamh,
|
||||
++cur->optc;
|
||||
} else {
|
||||
/* replace */
|
||||
free(cur->optv[i]);
|
||||
FREE(cur->optv[i]);
|
||||
cur->optv[i] = opt;
|
||||
}
|
||||
RETURNC(PAM_SUCCESS);
|
||||
}
|
||||
|
||||
/*
|
||||
* NOLIST
|
||||
*
|
||||
* Error codes:
|
||||
*
|
||||
* PAM_SYSTEM_ERR
|
||||
@ -116,4 +113,6 @@ openpam_set_option(pam_handle_t *pamh,
|
||||
/**
|
||||
* The =openpam_set_option function sets the specified option in the
|
||||
* context of the currently executing service module.
|
||||
*
|
||||
* >openpam_get_option
|
||||
*/
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/openpam_static.c#5 $
|
||||
* $P4: //depot/projects/openpam/lib/openpam_static.c#6 $
|
||||
*/
|
||||
|
||||
#include <string.h>
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/openpam_ttyconv.c#15 $
|
||||
* $P4: //depot/projects/openpam/lib/openpam_ttyconv.c#20 $
|
||||
*/
|
||||
|
||||
#include <sys/types.h>
|
||||
@ -179,15 +179,12 @@ openpam_ttyconv(int n,
|
||||
RETURNC(PAM_SUCCESS);
|
||||
fail:
|
||||
while (i)
|
||||
free(resp[--i]);
|
||||
free(*resp);
|
||||
*resp = NULL;
|
||||
FREE(resp[--i]);
|
||||
FREE(*resp);
|
||||
RETURNC(PAM_CONV_ERR);
|
||||
}
|
||||
|
||||
/*
|
||||
* NOLIST
|
||||
*
|
||||
* Error codes:
|
||||
*
|
||||
* PAM_SYSTEM_ERR
|
||||
@ -201,7 +198,7 @@ openpam_ttyconv(int n,
|
||||
* of most text-based interactive programs.
|
||||
*
|
||||
* The =openpam_ttyconv function allows the application to specify a
|
||||
* timeout for user input by setting the global variable
|
||||
* timeout for user input by setting the global integer variable
|
||||
* :openpam_ttyconv_timeout to the length of the timeout in seconds.
|
||||
*
|
||||
* >openpam_nullconv
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/pam_acct_mgmt.c#11 $
|
||||
* $P4: //depot/projects/openpam/lib/pam_acct_mgmt.c#14 $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -78,6 +78,6 @@ pam_acct_mgmt(pam_handle_t *pamh,
|
||||
* =PAM_DISALLOW_NULL_AUTHTOK:
|
||||
* Fail if the user's authentication token is null.
|
||||
*
|
||||
* If any other bits are set, =pam_authenticate will return
|
||||
* If any other bits are set, =pam_acct_mgmt will return
|
||||
* =PAM_SYMBOL_ERR.
|
||||
*/
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/pam_authenticate.c#13 $
|
||||
* $P4: //depot/projects/openpam/lib/pam_authenticate.c#15 $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/pam_authenticate_secondary.c#7 $
|
||||
* $P4: //depot/projects/openpam/lib/pam_authenticate_secondary.c#8 $
|
||||
*/
|
||||
|
||||
#include <security/pam_appl.h>
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/pam_chauthtok.c#14 $
|
||||
* $P4: //depot/projects/openpam/lib/pam_chauthtok.c#16 $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/pam_close_session.c#11 $
|
||||
* $P4: //depot/projects/openpam/lib/pam_close_session.c#13 $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/pam_end.c#11 $
|
||||
* $P4: //depot/projects/openpam/lib/pam_end.c#13 $
|
||||
*/
|
||||
|
||||
#include <stdlib.h>
|
||||
@ -63,14 +63,14 @@ pam_end(pam_handle_t *pamh,
|
||||
if (dp->cleanup)
|
||||
(dp->cleanup)(pamh, dp->data, status);
|
||||
pamh->module_data = dp->next;
|
||||
free(dp->name);
|
||||
free(dp);
|
||||
FREE(dp->name);
|
||||
FREE(dp);
|
||||
}
|
||||
|
||||
/* clear environment */
|
||||
while (pamh->env_count)
|
||||
free(pamh->env[--pamh->env_count]);
|
||||
free(pamh->env);
|
||||
FREE(pamh->env[--pamh->env_count]);
|
||||
FREE(pamh->env);
|
||||
|
||||
/* clear chains */
|
||||
openpam_clear_chains(pamh->chains);
|
||||
@ -79,7 +79,7 @@ pam_end(pam_handle_t *pamh,
|
||||
for (i = 0; i < PAM_NUM_ITEMS; ++i)
|
||||
pam_set_item(pamh, i, NULL);
|
||||
|
||||
free(pamh);
|
||||
FREE(pamh);
|
||||
|
||||
RETURNC(PAM_SUCCESS);
|
||||
}
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/pam_error.c#8 $
|
||||
* $P4: //depot/projects/openpam/lib/pam_error.c#10 $
|
||||
*/
|
||||
|
||||
#include <stdarg.h>
|
||||
@ -41,6 +41,8 @@
|
||||
#include <security/pam_appl.h>
|
||||
#include <security/openpam.h>
|
||||
|
||||
#include "openpam_impl.h"
|
||||
|
||||
/*
|
||||
* OpenPAM extension
|
||||
*
|
||||
@ -59,7 +61,7 @@ pam_error(pam_handle_t *pamh,
|
||||
va_start(ap, fmt);
|
||||
r = pam_vprompt(pamh, PAM_ERROR_MSG, &rsp, fmt, ap);
|
||||
va_end(ap);
|
||||
free(rsp); /* ignore response */
|
||||
FREE(rsp); /* ignore response */
|
||||
return (r);
|
||||
}
|
||||
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/pam_get_authtok.c#21 $
|
||||
* $P4: //depot/projects/openpam/lib/pam_get_authtok.c#25 $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -109,19 +109,17 @@ pam_get_authtok(pam_handle_t *pamh,
|
||||
if (twice) {
|
||||
r = pam_prompt(pamh, style, &resp2, "Retype %s", prompt);
|
||||
if (r != PAM_SUCCESS) {
|
||||
free(resp);
|
||||
FREE(resp);
|
||||
RETURNC(r);
|
||||
}
|
||||
if (strcmp(resp, resp2) != 0) {
|
||||
free(resp);
|
||||
resp = NULL;
|
||||
}
|
||||
free(resp2);
|
||||
if (strcmp(resp, resp2) != 0)
|
||||
FREE(resp);
|
||||
FREE(resp2);
|
||||
}
|
||||
if (resp == NULL)
|
||||
RETURNC(PAM_TRY_AGAIN);
|
||||
r = pam_set_item(pamh, item, resp);
|
||||
free(resp);
|
||||
FREE(resp);
|
||||
if (r != PAM_SUCCESS)
|
||||
RETURNC(r);
|
||||
r = pam_get_item(pamh, item, (const void **)authtok);
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/pam_get_data.c#10 $
|
||||
* $P4: //depot/projects/openpam/lib/pam_get_data.c#12 $
|
||||
*/
|
||||
|
||||
#include <string.h>
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/pam_get_item.c#15 $
|
||||
* $P4: //depot/projects/openpam/lib/pam_get_item.c#17 $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/pam_get_mapped_authtok.c#7 $
|
||||
* $P4: //depot/projects/openpam/lib/pam_get_mapped_authtok.c#8 $
|
||||
*/
|
||||
|
||||
#include <security/pam_appl.h>
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/pam_get_mapped_username.c#7 $
|
||||
* $P4: //depot/projects/openpam/lib/pam_get_mapped_username.c#8 $
|
||||
*/
|
||||
|
||||
#include <security/pam_appl.h>
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/pam_get_user.c#14 $
|
||||
* $P4: //depot/projects/openpam/lib/pam_get_user.c#17 $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -75,7 +75,7 @@ pam_get_user(pam_handle_t *pamh,
|
||||
if (r != PAM_SUCCESS)
|
||||
RETURNC(r);
|
||||
r = pam_set_item(pamh, PAM_USER, resp);
|
||||
free(resp);
|
||||
FREE(resp);
|
||||
if (r != PAM_SUCCESS)
|
||||
RETURNC(r);
|
||||
r = pam_get_item(pamh, PAM_USER, (const void **)user);
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/pam_getenv.c#13 $
|
||||
* $P4: //depot/projects/openpam/lib/pam_getenv.c#16 $
|
||||
*/
|
||||
|
||||
#include <stdlib.h>
|
||||
@ -60,7 +60,7 @@ pam_getenv(pam_handle_t *pamh,
|
||||
RETURNS(NULL);
|
||||
if (name == NULL || strchr(name, '=') != NULL)
|
||||
RETURNS(NULL);
|
||||
if ((i = openpam_findenv(pamh, name, strlen(name))) == -1)
|
||||
if ((i = openpam_findenv(pamh, name, strlen(name))) < 0)
|
||||
RETURNS(NULL);
|
||||
for (str = pamh->env[i]; *str != '\0'; ++str) {
|
||||
if (*str == '=') {
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/pam_getenvlist.c#10 $
|
||||
* $P4: //depot/projects/openpam/lib/pam_getenvlist.c#12 $
|
||||
*/
|
||||
|
||||
#include <stdlib.h>
|
||||
@ -66,8 +66,8 @@ pam_getenvlist(pam_handle_t *pamh)
|
||||
for (i = 0; i < pamh->env_count; ++i) {
|
||||
if ((envlist[i] = strdup(pamh->env[i])) == NULL) {
|
||||
while (i)
|
||||
free(envlist[--i]);
|
||||
free(envlist);
|
||||
FREE(envlist[--i]);
|
||||
FREE(envlist);
|
||||
openpam_log(PAM_LOG_ERROR, "%s",
|
||||
pam_strerror(pamh, PAM_BUF_ERR));
|
||||
RETURNP(NULL);
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/pam_info.c#7 $
|
||||
* $P4: //depot/projects/openpam/lib/pam_info.c#9 $
|
||||
*/
|
||||
|
||||
#include <stdarg.h>
|
||||
@ -41,6 +41,8 @@
|
||||
#include <security/pam_appl.h>
|
||||
#include <security/openpam.h>
|
||||
|
||||
#include "openpam_impl.h"
|
||||
|
||||
/*
|
||||
* OpenPAM extension
|
||||
*
|
||||
@ -59,7 +61,7 @@ pam_info(pam_handle_t *pamh,
|
||||
va_start(ap, fmt);
|
||||
r = pam_vprompt(pamh, PAM_TEXT_INFO, &rsp, fmt, ap);
|
||||
va_end(ap);
|
||||
free(rsp); /* ignore response */
|
||||
FREE(rsp); /* ignore response */
|
||||
return (r);
|
||||
}
|
||||
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/pam_open_session.c#11 $
|
||||
* $P4: //depot/projects/openpam/lib/pam_open_session.c#13 $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/pam_prompt.c#8 $
|
||||
* $P4: //depot/projects/openpam/lib/pam_prompt.c#9 $
|
||||
*/
|
||||
|
||||
#include <sys/types.h>
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/pam_putenv.c#9 $
|
||||
* $P4: //depot/projects/openpam/lib/pam_putenv.c#12 $
|
||||
*/
|
||||
|
||||
#include <stdlib.h>
|
||||
@ -64,10 +64,10 @@ pam_putenv(pam_handle_t *pamh,
|
||||
RETURNC(PAM_SYSTEM_ERR);
|
||||
|
||||
/* see if the variable is already in the environment */
|
||||
if ((i = openpam_findenv(pamh, namevalue, p - namevalue)) != -1) {
|
||||
if ((i = openpam_findenv(pamh, namevalue, p - namevalue)) >= 0) {
|
||||
if ((p = strdup(namevalue)) == NULL)
|
||||
RETURNC(PAM_BUF_ERR);
|
||||
free(pamh->env[i]);
|
||||
FREE(pamh->env[i]);
|
||||
pamh->env[i] = p;
|
||||
RETURNC(PAM_SUCCESS);
|
||||
}
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/pam_set_data.c#12 $
|
||||
* $P4: //depot/projects/openpam/lib/pam_set_data.c#15 $
|
||||
*/
|
||||
|
||||
#include <stdlib.h>
|
||||
@ -73,7 +73,7 @@ pam_set_data(pam_handle_t *pamh,
|
||||
if ((dp = malloc(sizeof *dp)) == NULL)
|
||||
RETURNC(PAM_BUF_ERR);
|
||||
if ((dp->name = strdup(module_data_name)) == NULL) {
|
||||
free(dp);
|
||||
FREE(dp);
|
||||
RETURNC(PAM_BUF_ERR);
|
||||
}
|
||||
dp->data = data;
|
||||
|
@ -1,5 +1,5 @@
|
||||
/*-
|
||||
* Copyright (c) 2002 Networks Associates Technology, Inc.
|
||||
* Copyright (c) 2002-2003 Networks Associates Technology, Inc.
|
||||
* All rights reserved.
|
||||
*
|
||||
* This software was developed for the FreeBSD Project by ThinkSec AS and
|
||||
@ -31,7 +31,7 @@
|
||||
* OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
||||
* SUCH DAMAGE.
|
||||
*
|
||||
* $P4: //depot/projects/openpam/lib/pam_set_item.c#18 $
|
||||
* $P4: //depot/projects/openpam/lib/pam_set_item.c#21 $
|
||||
*/
|
||||
|
||||
#include <sys/param.h>
|
||||
@ -90,7 +90,7 @@ pam_set_item(pam_handle_t *pamh,
|
||||
}
|
||||
if (*slot != NULL) {
|
||||
memset(*slot, 0xd0, osize);
|
||||
free(*slot);
|
||||
FREE(*slot);
|
||||
}
|
||||
if (item != NULL) {
|
||||
if ((tmp = malloc(nsize)) == NULL)
|
||||
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue
Block a user