summaryrefslogtreecommitdiff
path: root/modules/pam_issue/pam_issue.c
diff options
context:
space:
mode:
Diffstat (limited to 'modules/pam_issue/pam_issue.c')
-rw-r--r--modules/pam_issue/pam_issue.c310
1 files changed, 0 insertions, 310 deletions
diff --git a/modules/pam_issue/pam_issue.c b/modules/pam_issue/pam_issue.c
deleted file mode 100644
index 7a8a24d5..00000000
--- a/modules/pam_issue/pam_issue.c
+++ /dev/null
@@ -1,310 +0,0 @@
-/* pam_issue module - a simple /etc/issue parser to set PAM_USER_PROMPT
- *
- * Copyright 1999 by Ben Collins <bcollins@debian.org>
- *
- * Needs to be called before any other auth modules so we can setup the
- * user prompt before it's first used. Allows one argument option, which
- * is the full path to a file to be used for issue (uses /etc/issue as a
- * default) such as "issue=/etc/issue.telnet".
- *
- * We can also parse escapes within the the issue file (enabled by
- * default, but can be disabled with the "noesc" option). It's the exact
- * same parsing as util-linux's agetty program performs.
- *
- * Released under the GNU LGPL version 2 or later
- */
-
-#include "config.h"
-
-#include <string.h>
-#include <stdio.h>
-#include <stdlib.h>
-#include <sys/types.h>
-#include <sys/stat.h>
-#include <fcntl.h>
-#include <string.h>
-#include <unistd.h>
-#include <sys/utsname.h>
-#include <utmp.h>
-#include <time.h>
-#include <syslog.h>
-
-#define PAM_SM_AUTH
-
-#include <security/_pam_macros.h>
-#include <security/pam_modules.h>
-#include <security/pam_ext.h>
-
-static int _user_prompt_set = 0;
-
-static int read_issue_raw(pam_handle_t *pamh, FILE *fp, char **prompt);
-static int read_issue_quoted(pam_handle_t *pamh, FILE *fp, char **prompt);
-
-/* --- authentication management functions (only) --- */
-
-PAM_EXTERN int
-pam_sm_authenticate (pam_handle_t *pamh, int flags UNUSED,
- int argc, const char **argv)
-{
- int retval = PAM_SERVICE_ERR;
- FILE *fp;
- const char *issue_file = NULL;
- int parse_esc = 1;
- const void *item = NULL;
- const char *cur_prompt;
- char *issue_prompt = NULL;
-
- /* If we've already set the prompt, don't set it again */
- if(_user_prompt_set)
- return PAM_IGNORE;
-
- /* We set this here so if we fail below, we wont get further
- than this next time around (only one real failure) */
- _user_prompt_set = 1;
-
- for ( ; argc-- > 0 ; ++argv ) {
- if (!strncmp(*argv,"issue=",6)) {
- issue_file = 6 + *argv;
- D(("set issue_file to: %s", issue_file));
- } else if (!strcmp(*argv,"noesc")) {
- parse_esc = 0;
- D(("turning off escape parsing by request"));
- } else
- D(("unknown option passed: %s", *argv));
- }
-
- if (issue_file == NULL)
- issue_file = "/etc/issue";
-
- if ((fp = fopen(issue_file, "r")) == NULL) {
- pam_syslog(pamh, LOG_ERR, "error opening %s: %m", issue_file);
- return PAM_SERVICE_ERR;
- }
-
- if ((retval = pam_get_item(pamh, PAM_USER_PROMPT, &item)) != PAM_SUCCESS) {
- fclose(fp);
- return retval;
- }
-
- cur_prompt = item;
- if (cur_prompt == NULL)
- cur_prompt = "";
-
- if (parse_esc)
- retval = read_issue_quoted(pamh, fp, &issue_prompt);
- else
- retval = read_issue_raw(pamh, fp, &issue_prompt);
-
- fclose(fp);
-
- if (retval != PAM_SUCCESS)
- goto out;
-
- {
- size_t size = strlen(issue_prompt) + strlen(cur_prompt) + 1;
- char *new_prompt = realloc(issue_prompt, size);
-
- if (new_prompt == NULL) {
- pam_syslog(pamh, LOG_ERR, "out of memory");
- retval = PAM_BUF_ERR;
- goto out;
- }
- issue_prompt = new_prompt;
- }
-
- strcat(issue_prompt, cur_prompt);
- retval = pam_set_item(pamh, PAM_USER_PROMPT,
- (const void *) issue_prompt);
- out:
- _pam_drop(issue_prompt);
- return (retval == PAM_SUCCESS) ? PAM_IGNORE : retval;
-}
-
-PAM_EXTERN int
-pam_sm_setcred (pam_handle_t *pamh UNUSED, int flags UNUSED,
- int argc UNUSED, const char **argv UNUSED)
-{
- return PAM_IGNORE;
-}
-
-static int
-read_issue_raw(pam_handle_t *pamh, FILE *fp, char **prompt)
-{
- char *issue;
- struct stat st;
-
- *prompt = NULL;
-
- if (fstat(fileno(fp), &st) < 0) {
- pam_syslog(pamh, LOG_ERR, "stat error: %m");
- return PAM_SERVICE_ERR;
- }
-
- if ((issue = malloc(st.st_size + 1)) == NULL) {
- pam_syslog(pamh, LOG_ERR, "out of memory");
- return PAM_BUF_ERR;
- }
-
- if (fread(issue, 1, st.st_size, fp) != st.st_size) {
- pam_syslog(pamh, LOG_ERR, "read error: %m");
- _pam_drop(issue);
- return PAM_SERVICE_ERR;
- }
-
- issue[st.st_size] = '\0';
- *prompt = issue;
- return PAM_SUCCESS;
-}
-
-static int
-read_issue_quoted(pam_handle_t *pamh, FILE *fp, char **prompt)
-{
- int c;
- size_t size = 1024;
- char *issue;
- struct utsname uts;
-
- *prompt = NULL;
-
- if ((issue = malloc(size)) == NULL) {
- pam_syslog(pamh, LOG_ERR, "out of memory");
- return PAM_BUF_ERR;
- }
-
- issue[0] = '\0';
- (void) uname(&uts);
-
- while ((c = getc(fp)) != EOF) {
- char buf[1024];
-
- buf[0] = '\0';
- if (c == '\\') {
- if ((c = getc(fp)) == EOF)
- break;
- switch (c) {
- case 's':
- strncat(buf, uts.sysname, sizeof(buf) - 1);
- break;
- case 'n':
- strncat(buf, uts.nodename, sizeof(buf) - 1);
- break;
- case 'r':
- strncat(buf, uts.release, sizeof(buf) - 1);
- break;
- case 'v':
- strncat(buf, uts.version, sizeof(buf) - 1);
- break;
- case 'm':
- strncat(buf, uts.machine, sizeof(buf) - 1);
- break;
- case 'o':
- {
- char domainname[256];
-
- if (getdomainname(domainname, sizeof(domainname)) >= 0) {
- domainname[sizeof(domainname)-1] = '\0';
- strncat(buf, domainname, sizeof(buf) - 1);
- }
- }
- break;
- case 'd':
- case 't':
- {
- const char *weekday[] = {
- "Sun", "Mon", "Tue", "Wed", "Thu",
- "Fri", "Sat" };
- const char *month[] = {
- "Jan", "Feb", "Mar", "Apr", "May",
- "Jun", "Jul", "Aug", "Sep", "Oct",
- "Nov", "Dec" };
- time_t now;
- struct tm *tm;
-
- (void) time (&now);
- tm = localtime(&now);
-
- if (c == 'd')
- snprintf (buf, sizeof buf, "%s %s %d %d",
- weekday[tm->tm_wday], month[tm->tm_mon],
- tm->tm_mday, tm->tm_year + 1900);
- else
- snprintf (buf, sizeof buf, "%02d:%02d:%02d",
- tm->tm_hour, tm->tm_min, tm->tm_sec);
- }
- break;
- case 'l':
- {
- char *ttyn = ttyname(1);
- if (ttyn) {
- if (!strncmp(ttyn, "/dev/", 5))
- ttyn += 5;
- strncat(buf, ttyn, sizeof(buf) - 1);
- }
- }
- break;
- case 'u':
- case 'U':
- {
- unsigned int users = 0;
- struct utmp *ut;
- setutent();
- while ((ut = getutent())) {
- if (ut->ut_type == USER_PROCESS)
- ++users;
- }
- endutent();
- if (c == 'U')
- snprintf (buf, sizeof buf, "%u %s", users,
- (users == 1) ? "user" : "users");
- else
- snprintf (buf, sizeof buf, "%u", users);
- break;
- }
- default:
- buf[0] = c; buf[1] = '\0';
- }
- } else {
- buf[0] = c; buf[1] = '\0';
- }
-
- if ((strlen(issue) + strlen(buf)) + 1 > size) {
- char *new_issue;
-
- size += strlen(buf) + 1;
- new_issue = (char *) realloc (issue, size);
- if (new_issue == NULL) {
- _pam_drop(issue);
- return PAM_BUF_ERR;
- }
- issue = new_issue;
- strcat(issue, buf);
- }
- }
-
- if (ferror(fp)) {
- pam_syslog(pamh, LOG_ERR, "read error: %m");
- _pam_drop(issue);
- return PAM_SERVICE_ERR;
- }
-
- *prompt = issue;
- return PAM_SUCCESS;
-}
-
-#ifdef PAM_STATIC
-
-/* static module data */
-
-struct pam_module _pam_issue_modstruct = {
- "pam_issue",
- pam_sm_authenticate,
- pam_sm_setcred,
- NULL,
- NULL,
- NULL,
- NULL,
-};
-
-#endif
-
-/* end of module definition */
generated by cgit v1.2.3 (git 2.25.1) at 2024-04-16 07:48:46 +0000