Branch data Line data Source code
1 : : /*
2 : : SSSD
3 : :
4 : : Utilities to for tha pam_data structure
5 : :
6 : : Authors:
7 : : Sumit Bose <sbose@redhat.com>
8 : :
9 : : Copyright (C) 2009 Red Hat
10 : :
11 : : This program is free software; you can redistribute it and/or modify
12 : : it under the terms of the GNU General Public License as published by
13 : : the Free Software Foundation; either version 3 of the License, or
14 : : (at your option) any later version.
15 : :
16 : : This program is distributed in the hope that it will be useful,
17 : : but WITHOUT ANY WARRANTY; without even the implied warranty of
18 : : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 : : GNU General Public License for more details.
20 : :
21 : : You should have received a copy of the GNU General Public License
22 : : along with this program. If not, see <http://www.gnu.org/licenses/>.
23 : : */
24 : :
25 : : #include "providers/data_provider.h"
26 : :
27 : :
28 : : #define PD_STR_COPY(el) do { \
29 : : if (old_pd->el != NULL) { \
30 : : pd->el = talloc_strdup(pd, old_pd->el); \
31 : : if (pd->el == NULL) { \
32 : : DEBUG(1, ("talloc_strdup failed.\n")); \
33 : : goto failed; \
34 : : } \
35 : : } \
36 : : } while(0)
37 : :
38 : : #define PD_MEM_COPY(el, size) do { \
39 : : if (old_pd->el != NULL) { \
40 : : pd->el = talloc_memdup(pd, old_pd->el, (size)); \
41 : : if (pd->el == NULL) { \
42 : : DEBUG(1, ("talloc_memdup failed.\n")); \
43 : : goto failed; \
44 : : } \
45 : : } \
46 : : } while(0)
47 : :
48 : : #define PAM_SAFE_ITEM(item) item ? item : "not set"
49 : :
50 : 0 : static const char *pamcmd2str(int cmd) {
51 [ # # # # : 0 : switch (cmd) {
# # # # ]
52 : : case SSS_PAM_AUTHENTICATE:
53 : : return "PAM_AUTHENTICATE";
54 : : case SSS_PAM_SETCRED:
55 : 0 : return "PAM_SETCRED";
56 : : case SSS_PAM_ACCT_MGMT:
57 : 0 : return "PAM_ACCT_MGMT";
58 : : case SSS_PAM_OPEN_SESSION:
59 : 0 : return "PAM_OPEN_SESSION";
60 : : case SSS_PAM_CLOSE_SESSION:
61 : 0 : return "PAM_CLOSE_SESSION";
62 : : case SSS_PAM_CHAUTHTOK:
63 : 0 : return "PAM_CHAUTHTOK";
64 : : case SSS_PAM_CHAUTHTOK_PRELIM:
65 : 0 : return "PAM_CHAUTHTOK_PRELIM";
66 : : default:
67 : 0 : return "UNKNOWN";
68 : : }
69 : : }
70 : :
71 : 0 : int pam_data_destructor(void *ptr)
72 : : {
73 : 0 : struct pam_data *pd = talloc_get_type(ptr, struct pam_data);
74 : :
75 [ # # ][ # # ]: 0 : if (pd->authtok_size != 0 && pd->authtok != NULL) {
76 : 0 : memset(pd->authtok, 0, pd->authtok_size);
77 : 0 : pd->authtok_size = 0;
78 : : }
79 : :
80 [ # # ][ # # ]: 0 : if (pd->newauthtok_size != 0 && pd->newauthtok != NULL) {
81 : 0 : memset(pd->newauthtok, 0, pd->newauthtok_size);
82 : 0 : pd->newauthtok_size = 0;
83 : : }
84 : :
85 : 0 : return EOK;
86 : : }
87 : :
88 : 0 : struct pam_data *create_pam_data(TALLOC_CTX *mem_ctx)
89 : : {
90 : : struct pam_data *pd;
91 : :
92 : 0 : pd = talloc_zero(mem_ctx, struct pam_data);
93 [ # # ]: 0 : if (pd == NULL) {
94 [ # # ][ # # ]: 0 : DEBUG(1, ("talloc_zero failed.\n"));
[ # # ][ # # ]
[ # # ]
95 : : return NULL;
96 : : }
97 : :
98 : 0 : talloc_set_destructor((TALLOC_CTX *) pd, pam_data_destructor);
99 : :
100 : 0 : return pd;
101 : : }
102 : :
103 : 0 : errno_t copy_pam_data(TALLOC_CTX *mem_ctx, struct pam_data *old_pd,
104 : : struct pam_data **new_pd)
105 : : {
106 : 0 : struct pam_data *pd = NULL;
107 : :
108 : 0 : pd = create_pam_data(mem_ctx);
109 [ # # ]: 0 : if (pd == NULL) {
110 [ # # ][ # # ]: 0 : DEBUG(1, ("create_pam_data failed.\n"));
[ # # ][ # # ]
[ # # ]
111 : : return ENOMEM;
112 : : }
113 : :
114 : 0 : pd->cmd = old_pd->cmd;
115 : 0 : pd->authtok_type = old_pd->authtok_type;
116 : 0 : pd->authtok_size = old_pd->authtok_size;
117 : 0 : pd->newauthtok_type = old_pd->newauthtok_type;
118 : 0 : pd->newauthtok_size = old_pd->newauthtok_size;
119 : 0 : pd->priv = old_pd->priv;
120 : :
121 [ # # ][ # # ]: 0 : PD_STR_COPY(domain);
[ # # ][ # # ]
[ # # ][ # # ]
[ # # ]
122 [ # # ][ # # ]: 0 : PD_STR_COPY(user);
[ # # ][ # # ]
[ # # ][ # # ]
[ # # ]
123 [ # # ][ # # ]: 0 : PD_STR_COPY(service);
[ # # ][ # # ]
[ # # ][ # # ]
[ # # ]
124 [ # # ][ # # ]: 0 : PD_STR_COPY(tty);
[ # # ][ # # ]
[ # # ][ # # ]
[ # # ]
125 [ # # ][ # # ]: 0 : PD_STR_COPY(ruser);
[ # # ][ # # ]
[ # # ][ # # ]
[ # # ]
126 [ # # ][ # # ]: 0 : PD_STR_COPY(rhost);
[ # # ][ # # ]
[ # # ][ # # ]
[ # # ]
127 [ # # ][ # # ]: 0 : PD_MEM_COPY(authtok, old_pd->authtok_size);
[ # # ][ # # ]
[ # # ][ # # ]
[ # # ]
128 [ # # ][ # # ]: 0 : PD_MEM_COPY(newauthtok, old_pd->newauthtok_size);
[ # # ][ # # ]
[ # # ][ # # ]
[ # # ]
129 : 0 : pd->cli_pid = old_pd->cli_pid;
130 : :
131 : 0 : *new_pd = pd;
132 : :
133 : 0 : return EOK;
134 : :
135 : : failed:
136 : 0 : talloc_free(pd);
137 : 0 : return ENOMEM;
138 : : }
139 : :
140 : 0 : void pam_print_data(int l, struct pam_data *pd)
141 : : {
142 [ # # ][ # # ]: 0 : DEBUG(l, ("command: %s\n", pamcmd2str(pd->cmd)));
[ # # ][ # # ]
[ # # ]
143 [ # # ][ # # ]: 0 : DEBUG(l, ("domain: %s\n", PAM_SAFE_ITEM(pd->domain)));
[ # # ][ # # ]
[ # # ][ # # ]
144 [ # # ][ # # ]: 0 : DEBUG(l, ("user: %s\n", PAM_SAFE_ITEM(pd->user)));
[ # # ][ # # ]
[ # # ][ # # ]
145 [ # # ][ # # ]: 0 : DEBUG(l, ("service: %s\n", PAM_SAFE_ITEM(pd->service)));
[ # # ][ # # ]
[ # # ][ # # ]
146 [ # # ][ # # ]: 0 : DEBUG(l, ("tty: %s\n", PAM_SAFE_ITEM(pd->tty)));
[ # # ][ # # ]
[ # # ][ # # ]
147 [ # # ][ # # ]: 0 : DEBUG(l, ("ruser: %s\n", PAM_SAFE_ITEM(pd->ruser)));
[ # # ][ # # ]
[ # # ][ # # ]
148 [ # # ][ # # ]: 0 : DEBUG(l, ("rhost: %s\n", PAM_SAFE_ITEM(pd->rhost)));
[ # # ][ # # ]
[ # # ][ # # ]
149 [ # # ][ # # ]: 0 : DEBUG(l, ("authtok type: %d\n", pd->authtok_type));
[ # # ][ # # ]
[ # # ]
150 [ # # ][ # # ]: 0 : DEBUG(l, ("authtok size: %d\n", pd->authtok_size));
[ # # ][ # # ]
[ # # ]
151 [ # # ][ # # ]: 0 : DEBUG(l, ("newauthtok type: %d\n", pd->newauthtok_type));
[ # # ][ # # ]
[ # # ]
152 [ # # ][ # # ]: 0 : DEBUG(l, ("newauthtok size: %d\n", pd->newauthtok_size));
[ # # ][ # # ]
[ # # ]
153 [ # # ][ # # ]: 0 : DEBUG(l, ("priv: %d\n", pd->priv));
[ # # ][ # # ]
[ # # ]
154 [ # # ][ # # ]: 0 : DEBUG(l, ("cli_pid: %d\n", pd->cli_pid));
[ # # ][ # # ]
[ # # ]
155 : 0 : }
156 : :
157 : 0 : int pam_add_response(struct pam_data *pd, enum response_type type,
158 : : int len, const uint8_t *data)
159 : : {
160 : : struct response_data *new;
161 : :
162 : 0 : new = talloc(pd, struct response_data);
163 [ # # ]: 0 : if (new == NULL) return ENOMEM;
164 : :
165 : 0 : new->type = type;
166 : 0 : new->len = len;
167 : 0 : new->data = talloc_memdup(pd, data, len);
168 [ # # ]: 0 : if (new->data == NULL) return ENOMEM;
169 : 0 : new->do_not_send_to_client = false;
170 : 0 : new->next = pd->resp_list;
171 : 0 : pd->resp_list = new;
172 : :
173 : 0 : return EOK;
174 : : }
|
