path: root/modules/pam_debug/pam_debug.c

/* pam_permit module */

/*
 * $Id$
 *
 * Written by Andrew Morgan <morgan@kernel.org> 2001/02/04
 *
 */

#define DEFAULT_USER "nobody"

#include <stdio.h>

/*
 * This module is intended as a debugging aide for determining how
 * the PAM stack is operating.
 *
 * here, we make definitions for the externally accessible functions
 * in this file (these definitions are required for static modules
 * but strongly encouraged generally) they are used to instruct the
 * modules include file to define their prototypes.
 */

#define PAM_SM_AUTH
#define PAM_SM_ACCOUNT
#define PAM_SM_SESSION
#define PAM_SM_PASSWORD

#include <security/pam_modules.h>
#include <security/_pam_macros.h>

#define _PAM_ACTION_UNDEF (-10)
#include "../../libpam/pam_tokens.h"

/* --- authentication management functions --- */

static int state(pam_handle_t *pamh, const char *text)
{
    int retval;
    struct pam_conv *conv;
    struct pam_message msg[1], *mesg[1];
    struct pam_response *response;

    retval = pam_get_item(pamh, PAM_CONV, (const void **)&conv);
    if ((retval != PAM_SUCCESS) || (conv == NULL)) {
	D(("failed to obtain conversation function"));
	return PAM_ABORT;
    }

    msg[0].msg_style = PAM_TEXT_INFO;
    msg[0].msg = text;
    mesg[0] = &msg[0];

    retval = conv->conv(1, (const struct pam_message **) mesg,
			&response, conv->appdata_ptr);
    if (retval != PAM_SUCCESS) {
	D(("conversation failed"));
    }

    return retval;
}

static int parse_args(int retval, const char *event,
		      pam_handle_t *pamh, int argc, const char **argv)
{
    int i;

    for (i=0; i<argc; ++i) {
	int length = strlen(event);
	if (!strncmp(event, argv[i], length) && (argv[i][length] == '=')) {
	    int j;
	    const char *return_string = argv[i] + (length+1);

	    for (j=0; j<_PAM_RETURN_VALUES; ++j) {
		if (!strcmp(return_string, _pam_token_returns[j])) {
		    retval = j;
		    state(pamh, argv[i]);
		    break;
		}
	    }
	    break;
	}
    }

    return retval;
}

PAM_EXTERN
int pam_sm_authenticate(pam_handle_t *pamh, int flags, int argc,
			const char **argv)
{
    int retval;
    const char *user=NULL;

    /*
     * authentication requires we know who the user wants to be
     */
    retval = pam_get_user(pamh, &user, NULL);
    if (retval != PAM_SUCCESS) {
	D(("get user returned error: %s", pam_strerror(pamh,retval)));
	return retval;
    }
    if (user == NULL || *user == '\0') {
	D(("username not known"));
	pam_set_item(pamh, PAM_USER, (const void *) DEFAULT_USER);
    }
    user = NULL;                                            /* clean up */

    retval = parse_args(PAM_SUCCESS, "auth", pamh, argc, argv);

    return retval;
}

PAM_EXTERN
int pam_sm_setcred(pam_handle_t *pamh, int flags, int argc, 
		   const char **argv)
{
    return parse_args(PAM_SUCCESS, "cred", pamh, argc, argv);
}

/* --- account management functions --- */

PAM_EXTERN
int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, int argc,
		     const char **argv)
{
    return parse_args(PAM_SUCCESS, "acct", pamh, argc, argv);
}

/* --- password management --- */

PAM_EXTERN
int pam_sm_chauthtok(pam_handle_t *pamh, int flags, int argc,
		     const char **argv)
{
    if (flags & PAM_PRELIM_CHECK) {
	return parse_args(PAM_SUCCESS, "prechauthtok", pamh, argc, argv);
    } else {
	return parse_args(PAM_SUCCESS, "chauthtok", pamh, argc, argv);
    }
}

/* --- session management --- */

PAM_EXTERN
int pam_sm_open_session(pam_handle_t *pamh,int flags,int argc,
			const char **argv)
{
    return parse_args(PAM_SUCCESS, "open_session", pamh, argc, argv);
}

PAM_EXTERN
int pam_sm_close_session(pam_handle_t *pamh,int flags,int argc
			 ,const char **argv)
{
    return parse_args(PAM_SUCCESS, "close_session", pamh, argc, argv);
}

/* end of module definition */

#ifdef PAM_STATIC

/* static module data */

struct pam_module _pam_permit_modstruct = {
    "pam_debug",
    pam_sm_authenticate,
    pam_sm_setcred,
    pam_sm_acct_mgmt,
    pam_sm_open_session,
    pam_sm_close_session,
    pam_sm_chauthtok
};

#endif