~ubuntu-branches/ubuntu/hardy/openvpn/hardy-security

Viewing changes to plugin/auth-pam/pamdl.c

Committer: Bazaar Package Importer
Author(s): Alberto Gonzalez Iniesta
Date: 2005-01-05 19:03:11 UTC
mfrom: (1.1.1 upstream)
Revision ID: james.westby@ubuntu.com-20050105190311-mvqzpuhmlvobg9nh

Tags: 1.99+2.rc6-1

http://bugs.debian.org/288669

* The 'Three Wise Men' release.
* New upstream release.
* Update README.Debian with comments on changed string remapping.
Thanks ron@debian.org for noting this first. (Closes: #288669)

files added:
base64.c

base64.h

cryptoapi.c

cryptoapi.h

debian/openvpn.if-down.d

debian/openvpn.if-up.d

debian/po/cs.po

debian/po/de.po

debian/po/ja.po

debian/po/pt_BR.po

debug

debug/valgrind-suppress

doclean

easy-rsa/Windows

easy-rsa/Windows/README.txt

easy-rsa/Windows/build-ca.bat

easy-rsa/Windows/build-dh.bat

easy-rsa/Windows/build-key-server.bat

easy-rsa/Windows/build-key.bat

easy-rsa/Windows/clean-all.bat

easy-rsa/Windows/index.txt.start

easy-rsa/Windows/revoke-key.bat

easy-rsa/Windows/serial.start

easy-rsa/Windows/vars.bat

easy-rsa/build-key-server

easy-rsa/list-crl

easy-rsa/make-crl

easy-rsa/revoke-crt

event.c

event.h

forward-inline.h

forward.c

forward.h

helper.c

helper.h

init.c

init.h

install-win32/openssl.bat

interval.c

list.c

list.h

makefile.w32-vc

manage.c

manage.h

management

management/management-notes.txt

mbuf.c

mbuf.h

mroute.c

mroute.h

mtcp.c

mtcp.h

mudp.c

mudp.h

multi.c

multi.h

ntlm.c

ntlm.h

occ-inline.h

occ.c

occ.h

openvpn-plugin.h

otime.c

otime.h

perf.c

perf.h

ping-inline.h

ping.c

ping.h

plugin

plugin.c

plugin.h

plugin/README

plugin/auth-pam

plugin/auth-pam/Makefile

plugin/auth-pam/README

plugin/auth-pam/auth-pam.c

plugin/auth-pam/pamdl.c

plugin/auth-pam/pamdl.h

plugin/down-root

plugin/down-root/Makefile

plugin/down-root/README

plugin/down-root/down-root.c

plugin/examples

plugin/examples/README

plugin/examples/build

plugin/examples/simple.c

plugin/examples/simple.def

plugin/examples/winbuild

pool.c

pool.h

proto.c

push.c

push.h

sample-config-files/client.conf

sample-config-files/server.conf

sample-keys/pass.crt

sample-keys/pass.key

sample-scripts/auth-pam.pl

sample-scripts/bridge-start

sample-scripts/bridge-stop

schedule.c

schedule.h

sig.c

sig.h

status.c

status.h

tap-win32/instance.c

tap-win32/lock.h

files removed:
encrypt_sign.h

inet_aton.c

io.c

io.h

mkinstalldirs

stamp-h.in

files modified:
ChangeLog

INSTALL

INSTALL-win32.txt

Makefile.am

Makefile.in

acinclude.m4

aclocal.m4

basic.h

buffer.c

buffer.h

circ_list.h

common.h

config-win32.h

config-win32.h.in

config.guess

config.h.in

config.sub

configure

configure.ac

contrib/multilevel-init.patch

crypto.c

crypto.h

debian/README.Debian

debian/changelog

debian/config

debian/control

debian/dirs

debian/openvpn.init.d

debian/po/ca.po

debian/po/da.po

debian/po/es.po

debian/po/fr.po

debian/po/templates.pot

debian/postinst

debian/rules

debian/templates

depcomp

easy-rsa/README

easy-rsa/openssl.cnf

easy-rsa/vars

errlevel.h

error.c

error.h

fragment.c

fragment.h

gremlin.c

gremlin.h

install-sh

install-win32/openvpn.nsi

install-win32/openvpn.nsi.in

install-win32/sample.ovpn.txt

interval.h

lzo.c

lzo.h

makefile.w32 *

memdbg.h

misc.c

misc.h

missing

mss.c

mtu.c

mtu.h

openvpn.8

openvpn.c

openvpn.h

openvpn.spec

openvpn.spec.in

options.c

options.h

packet_id.c

packet_id.h

proto.h

proxy.c

proxy.h

reliable.c

reliable.h

route.c

route.h

sample-config-files/firewall.sh

sample-config-files/loopback-client

sample-config-files/loopback-server

sample-config-files/static-home.conf

sample-config-files/static-office.conf

sample-config-files/tls-home.conf

sample-config-files/tls-office.conf

sample-config-files/xinetd-client-config

sample-config-files/xinetd-server-config

sample-keys/README

sample-keys/client.crt

sample-keys/client.key

sample-keys/server.crt

sample-keys/server.key

sample-keys/tmp-ca.crt

sample-keys/tmp-ca.key

sample-scripts/openvpn.init

service-win32/openvpnserv.c

service-win32/service.patch

session_id.c

session_id.h

shaper.c

shaper.h

socket.c

socket.h

socks.c

socks.h

ssl.c

ssl.h

syshead.h

tap-win32/SOURCES

tap-win32/common.h

tap-win32/constants.h

tap-win32/error.c

tap-win32/error.h

tap-win32/i386/OemWin2k.inf

tap-win32/macinfo.c

tap-win32/macinfo.h

tap-win32/mem.c

tap-win32/proto.h

tap-win32/prototypes.h

tap-win32/resource.rc

tap-win32/tapdrvr.c

tap-win32/types.h

thread.c

thread.h

tun.c

tun.h

win32.c

win32.h

Show diffs side-by-side

added added

removed removed

plugin/auth-pam/pamdl.c

* If you want to dynamically load libpam using dlopen() or something,

* then dlopen( ' this shared object ' ); It takes care of exporting

* the right symbols to any modules loaded by libpam.

* Modified by JY for use with openvpn-pam-auth

#include <stdio.h>

#include <dlfcn.h>

#include <security/pam_appl.h>

#include <security/_pam_macros.h>

#include "pamdl.h"

static void *libpam_h = NULL;

#define RESOLVE_PAM_FUNCTION(x, y, z, err) \

{ \

union { const void *tpointer; y (*fn) z ; } fptr; \

fptr.tpointer = dlsym(libpam_h, #x); real_##x = fptr.fn; \

if (real_##x == NULL) { \

fprintf (stderr, "PAMDL: unable to resolve '%s': %s\n", #x, dlerror()); \

return err; \

} \

}

int

dlopen_pam (const char *so)

{

if (libpam_h == NULL)

{

libpam_h = dlopen(so, RTLD_GLOBAL|RTLD_NOW);

}

return libpam_h != NULL;

}

void

dlclose_pam (void)

{

if (libpam_h != NULL)

{

dlclose(libpam_h);

libpam_h = NULL;

}

int pam_start(const char *service_name, const char *user,

const struct pam_conv *pam_conversation,

pam_handle_t **pamh)

{

int (*real_pam_start)(const char *, const char *,

const struct pam_conv *,

pam_handle_t **);

RESOLVE_PAM_FUNCTION(pam_start, int, (const char *, const char *,

const struct pam_conv *,

pam_handle_t **), PAM_ABORT);

return real_pam_start(service_name, user, pam_conversation, pamh);

}

int pam_end(pam_handle_t *pamh, int pam_status)

{

int (*real_pam_end)(pam_handle_t *, int);

RESOLVE_PAM_FUNCTION(pam_end, int, (pam_handle_t *, int), PAM_ABORT);

return real_pam_end(pamh, pam_status);

}

int pam_set_item(pam_handle_t *pamh, int item_type, const void *item)

{

int (*real_pam_set_item)(pam_handle_t *, int, const void *);

RESOLVE_PAM_FUNCTION(pam_set_item, int,

(pam_handle_t *, int, const void *), PAM_ABORT);

return real_pam_set_item(pamh, item_type, item);

}

int pam_get_item(const pam_handle_t *pamh, int item_type, const void **item)

{

int (*real_pam_get_item)(const pam_handle_t *, int, const void **);

RESOLVE_PAM_FUNCTION(pam_get_item, int,

(const pam_handle_t *, int, const void **),

PAM_ABORT);

return real_pam_get_item(pamh, item_type, item);

}

int pam_fail_delay(pam_handle_t *pamh, unsigned int musec_delay)

{

int (*real_pam_fail_delay)(pam_handle_t *, unsigned int);

RESOLVE_PAM_FUNCTION(pam_fail_delay, int, (pam_handle_t *, unsigned int),

PAM_ABORT);

return real_pam_fail_delay(pamh, musec_delay);

}

typedef const char * const_char_pointer;

const_char_pointer pam_strerror(pam_handle_t *pamh, int errnum)

{

const_char_pointer (*real_pam_strerror)(pam_handle_t *, int);

RESOLVE_PAM_FUNCTION(pam_strerror, const_char_pointer,

(pam_handle_t *, int), NULL);

100

return real_pam_strerror(pamh, errnum);

101

}

102

103

int pam_putenv(pam_handle_t *pamh, const char *name_value)

104

{

105

int (*real_pam_putenv)(pam_handle_t *, const char *);

106

RESOLVE_PAM_FUNCTION(pam_putenv, int, (pam_handle_t *, const char *),

107

PAM_ABORT);

108

return real_pam_putenv(pamh, name_value);

109

}

110

111

const_char_pointer pam_getenv(pam_handle_t *pamh, const char *name)

112

{

113

const_char_pointer (*real_pam_getenv)(pam_handle_t *, const char *);

114

RESOLVE_PAM_FUNCTION(pam_getenv, const_char_pointer,

115

(pam_handle_t *, const char *), NULL);

116

return real_pam_getenv(pamh, name);

117

}

118

119

typedef char ** char_ppointer;

120

char_ppointer pam_getenvlist(pam_handle_t *pamh)

121

{

122

char_ppointer (*real_pam_getenvlist)(pam_handle_t *);

123

RESOLVE_PAM_FUNCTION(pam_getenvlist, char_ppointer, (pam_handle_t *),

124

NULL);

125

return real_pam_getenvlist(pamh);

126

}

127

128

/* Authentication management */

129

130

int pam_authenticate(pam_handle_t *pamh, int flags)

131

{

132

int (*real_pam_authenticate)(pam_handle_t *, int);

133

RESOLVE_PAM_FUNCTION(pam_authenticate, int, (pam_handle_t *, int),

134

PAM_ABORT);

135

return real_pam_authenticate(pamh, flags);

136

}

137

138

int pam_setcred(pam_handle_t *pamh, int flags)

139

{

140

int (*real_pam_setcred)(pam_handle_t *, int);

141

RESOLVE_PAM_FUNCTION(pam_setcred, int, (pam_handle_t *, int), PAM_ABORT);

142

return real_pam_setcred(pamh, flags);

143

}

144

145

/* Account Management API's */

146

147

int pam_acct_mgmt(pam_handle_t *pamh, int flags)

148

{

149

int (*real_pam_acct_mgmt)(pam_handle_t *, int);

150

RESOLVE_PAM_FUNCTION(pam_acct_mgmt, int, (pam_handle_t *, int), PAM_ABORT);

151

return real_pam_acct_mgmt(pamh, flags);

152

}

153

154

/* Session Management API's */

155

156

int pam_open_session(pam_handle_t *pamh, int flags)

157

{

158

int (*real_pam_open_session)(pam_handle_t *, int);

159

RESOLVE_PAM_FUNCTION(pam_open_session, int, (pam_handle_t *, int),

160

PAM_ABORT);

161

return real_pam_open_session(pamh, flags);

162

}

163

164

int pam_close_session(pam_handle_t *pamh, int flags)

165

{

166

int (*real_pam_close_session)(pam_handle_t *, int);

167

RESOLVE_PAM_FUNCTION(pam_close_session, int, (pam_handle_t *, int),

168

PAM_ABORT);

169

return real_pam_close_session(pamh, flags);

170

}

171

172

/* Password Management API's */

173

174

int pam_chauthtok(pam_handle_t *pamh, int flags)

175

{

176

int (*real_pam_chauthtok)(pam_handle_t *, int);

177

RESOLVE_PAM_FUNCTION(pam_chauthtok, int, (pam_handle_t *, int), PAM_ABORT);

178

return real_pam_chauthtok(pamh, flags);

179

}

Older »