1.1.1
by Alberto Gonzalez Iniesta
Import upstream version 1.99+2.rc6 |
1 |
/*
|
2 |
* If you want to dynamically load libpam using dlopen() or something,
|
|
3 |
* then dlopen( ' this shared object ' ); It takes care of exporting
|
|
4 |
* the right symbols to any modules loaded by libpam.
|
|
5 |
*
|
|
6 |
* Modified by JY for use with openvpn-pam-auth
|
|
7 |
*/
|
|
8 |
||
9 |
#include <stdio.h> |
|
10 |
#include <dlfcn.h> |
|
11 |
#include <security/pam_appl.h> |
|
12 |
#include <security/_pam_macros.h> |
|
13 |
||
14 |
#include "pamdl.h" |
|
15 |
||
16 |
static void *libpam_h = NULL; |
|
17 |
||
18 |
#define RESOLVE_PAM_FUNCTION(x, y, z, err) \
|
|
19 |
{ \
|
|
20 |
union { const void *tpointer; y (*fn) z ; } fptr; \
|
|
21 |
fptr.tpointer = dlsym(libpam_h, #x); real_##x = fptr.fn; \
|
|
22 |
if (real_##x == NULL) { \
|
|
23 |
fprintf (stderr, "PAMDL: unable to resolve '%s': %s\n", #x, dlerror()); \
|
|
24 |
return err; \
|
|
25 |
} \
|
|
26 |
}
|
|
27 |
||
28 |
int
|
|
29 |
dlopen_pam (const char *so) |
|
30 |
{
|
|
31 |
if (libpam_h == NULL) |
|
32 |
{
|
|
33 |
libpam_h = dlopen(so, RTLD_GLOBAL|RTLD_NOW); |
|
34 |
}
|
|
35 |
return libpam_h != NULL; |
|
36 |
}
|
|
37 |
||
38 |
void
|
|
39 |
dlclose_pam (void) |
|
40 |
{
|
|
41 |
if (libpam_h != NULL) |
|
42 |
{
|
|
43 |
dlclose(libpam_h); |
|
44 |
libpam_h = NULL; |
|
45 |
}
|
|
46 |
}
|
|
47 |
||
48 |
int pam_start(const char *service_name, const char *user, |
|
49 |
const struct pam_conv *pam_conversation, |
|
50 |
pam_handle_t **pamh) |
|
51 |
{
|
|
52 |
int (*real_pam_start)(const char *, const char *, |
|
53 |
const struct pam_conv *, |
|
54 |
pam_handle_t **); |
|
55 |
RESOLVE_PAM_FUNCTION(pam_start, int, (const char *, const char *, |
|
56 |
const struct pam_conv *, |
|
57 |
pam_handle_t **), PAM_ABORT); |
|
58 |
return real_pam_start(service_name, user, pam_conversation, pamh); |
|
59 |
}
|
|
60 |
||
61 |
int pam_end(pam_handle_t *pamh, int pam_status) |
|
62 |
{
|
|
63 |
int (*real_pam_end)(pam_handle_t *, int); |
|
64 |
RESOLVE_PAM_FUNCTION(pam_end, int, (pam_handle_t *, int), PAM_ABORT); |
|
65 |
return real_pam_end(pamh, pam_status); |
|
66 |
}
|
|
67 |
||
68 |
int pam_set_item(pam_handle_t *pamh, int item_type, const void *item) |
|
69 |
{
|
|
70 |
int (*real_pam_set_item)(pam_handle_t *, int, const void *); |
|
71 |
RESOLVE_PAM_FUNCTION(pam_set_item, int, |
|
72 |
(pam_handle_t *, int, const void *), PAM_ABORT); |
|
73 |
return real_pam_set_item(pamh, item_type, item); |
|
74 |
}
|
|
75 |
||
76 |
int pam_get_item(const pam_handle_t *pamh, int item_type, const void **item) |
|
77 |
{
|
|
78 |
int (*real_pam_get_item)(const pam_handle_t *, int, const void **); |
|
79 |
RESOLVE_PAM_FUNCTION(pam_get_item, int, |
|
80 |
(const pam_handle_t *, int, const void **), |
|
81 |
PAM_ABORT); |
|
82 |
return real_pam_get_item(pamh, item_type, item); |
|
83 |
}
|
|
84 |
||
85 |
int pam_fail_delay(pam_handle_t *pamh, unsigned int musec_delay) |
|
86 |
{
|
|
87 |
int (*real_pam_fail_delay)(pam_handle_t *, unsigned int); |
|
88 |
RESOLVE_PAM_FUNCTION(pam_fail_delay, int, (pam_handle_t *, unsigned int), |
|
89 |
PAM_ABORT); |
|
90 |
return real_pam_fail_delay(pamh, musec_delay); |
|
91 |
}
|
|
92 |
||
93 |
typedef const char * const_char_pointer; |
|
94 |
||
95 |
const_char_pointer pam_strerror(pam_handle_t *pamh, int errnum) |
|
96 |
{
|
|
97 |
const_char_pointer (*real_pam_strerror)(pam_handle_t *, int); |
|
98 |
RESOLVE_PAM_FUNCTION(pam_strerror, const_char_pointer, |
|
99 |
(pam_handle_t *, int), NULL); |
|
100 |
return real_pam_strerror(pamh, errnum); |
|
101 |
}
|
|
102 |
||
103 |
int pam_putenv(pam_handle_t *pamh, const char *name_value) |
|
104 |
{
|
|
105 |
int (*real_pam_putenv)(pam_handle_t *, const char *); |
|
106 |
RESOLVE_PAM_FUNCTION(pam_putenv, int, (pam_handle_t *, const char *), |
|
107 |
PAM_ABORT); |
|
108 |
return real_pam_putenv(pamh, name_value); |
|
109 |
}
|
|
110 |
||
111 |
const_char_pointer pam_getenv(pam_handle_t *pamh, const char *name) |
|
112 |
{
|
|
113 |
const_char_pointer (*real_pam_getenv)(pam_handle_t *, const char *); |
|
114 |
RESOLVE_PAM_FUNCTION(pam_getenv, const_char_pointer, |
|
115 |
(pam_handle_t *, const char *), NULL); |
|
116 |
return real_pam_getenv(pamh, name); |
|
117 |
}
|
|
118 |
||
119 |
typedef char ** char_ppointer; |
|
120 |
char_ppointer pam_getenvlist(pam_handle_t *pamh) |
|
121 |
{
|
|
122 |
char_ppointer (*real_pam_getenvlist)(pam_handle_t *); |
|
123 |
RESOLVE_PAM_FUNCTION(pam_getenvlist, char_ppointer, (pam_handle_t *), |
|
124 |
NULL); |
|
125 |
return real_pam_getenvlist(pamh); |
|
126 |
}
|
|
127 |
||
128 |
/* Authentication management */
|
|
129 |
||
130 |
int pam_authenticate(pam_handle_t *pamh, int flags) |
|
131 |
{
|
|
132 |
int (*real_pam_authenticate)(pam_handle_t *, int); |
|
133 |
RESOLVE_PAM_FUNCTION(pam_authenticate, int, (pam_handle_t *, int), |
|
134 |
PAM_ABORT); |
|
135 |
return real_pam_authenticate(pamh, flags); |
|
136 |
}
|
|
137 |
||
138 |
int pam_setcred(pam_handle_t *pamh, int flags) |
|
139 |
{
|
|
140 |
int (*real_pam_setcred)(pam_handle_t *, int); |
|
141 |
RESOLVE_PAM_FUNCTION(pam_setcred, int, (pam_handle_t *, int), PAM_ABORT); |
|
142 |
return real_pam_setcred(pamh, flags); |
|
143 |
}
|
|
144 |
||
145 |
/* Account Management API's */
|
|
146 |
||
147 |
int pam_acct_mgmt(pam_handle_t *pamh, int flags) |
|
148 |
{
|
|
149 |
int (*real_pam_acct_mgmt)(pam_handle_t *, int); |
|
150 |
RESOLVE_PAM_FUNCTION(pam_acct_mgmt, int, (pam_handle_t *, int), PAM_ABORT); |
|
151 |
return real_pam_acct_mgmt(pamh, flags); |
|
152 |
}
|
|
153 |
||
154 |
/* Session Management API's */
|
|
155 |
||
156 |
int pam_open_session(pam_handle_t *pamh, int flags) |
|
157 |
{
|
|
158 |
int (*real_pam_open_session)(pam_handle_t *, int); |
|
159 |
RESOLVE_PAM_FUNCTION(pam_open_session, int, (pam_handle_t *, int), |
|
160 |
PAM_ABORT); |
|
161 |
return real_pam_open_session(pamh, flags); |
|
162 |
}
|
|
163 |
||
164 |
int pam_close_session(pam_handle_t *pamh, int flags) |
|
165 |
{
|
|
166 |
int (*real_pam_close_session)(pam_handle_t *, int); |
|
167 |
RESOLVE_PAM_FUNCTION(pam_close_session, int, (pam_handle_t *, int), |
|
168 |
PAM_ABORT); |
|
169 |
return real_pam_close_session(pamh, flags); |
|
170 |
}
|
|
171 |
||
172 |
/* Password Management API's */
|
|
173 |
||
174 |
int pam_chauthtok(pam_handle_t *pamh, int flags) |
|
175 |
{
|
|
176 |
int (*real_pam_chauthtok)(pam_handle_t *, int); |
|
177 |
RESOLVE_PAM_FUNCTION(pam_chauthtok, int, (pam_handle_t *, int), PAM_ABORT); |
|
178 |
return real_pam_chauthtok(pamh, flags); |
|
179 |
}
|