int
pam_start(const char *service,
const char *user,
const struct pam_conv *pam_conv,
pam_handle_t **pamh)
{
char hostname[HOST_NAME_MAX + 1];
struct pam_handle *ph;
int r;
ENTER();
if ((ph = calloc(1, sizeof *ph)) == NULL)
RETURNC(PAM_BUF_ERR);
if ((r = pam_set_item(ph, PAM_SERVICE, service)) != PAM_SUCCESS)
goto fail;
if (gethostname(hostname, sizeof hostname) != 0)
strlcpy(hostname, "localhost", sizeof hostname);
if ((r = pam_set_item(ph, PAM_HOST, hostname)) != PAM_SUCCESS)
goto fail;
if ((r = pam_set_item(ph, PAM_USER, user)) != PAM_SUCCESS)
goto fail;
if ((r = pam_set_item(ph, PAM_CONV, pam_conv)) != PAM_SUCCESS)
goto fail;
if ((r = openpam_configure(ph, service)) != PAM_SUCCESS)
goto fail;
*pamh = ph;
openpam_log(PAM_LOG_DEBUG, "pam_start(\"%s\") succeeded", service);
RETURNC(PAM_SUCCESS);
fail:
pam_end(ph, r);
RETURNC(r);
}
int
pam_start(const char *service,
const char *user,
const struct pam_conv *pam_conv,
pam_handle_t **pamh)
{
char *hostname = NULL;
struct pam_handle *ph;
int r;
size_t hostname_size;
long h;
#ifdef _SC_HOST_NAME_MAX
h = sysconf(_SC_HOST_NAME_MAX);
#else
h = -1;
#endif
hostname_size = (size_t)(h < 10 ? 1024 : h) + 1;
ENTER();
if ((ph = calloc((size_t)1, sizeof *ph)) == NULL)
RETURNC(PAM_BUF_ERR);
if ((r = pam_set_item(ph, PAM_SERVICE, service)) != PAM_SUCCESS)
goto fail;
if ((hostname = malloc(hostname_size)) == NULL)
goto fail;
if (gethostname(hostname, hostname_size) != 0)
strlcpy(hostname, "localhost", hostname_size);
if ((r = pam_set_item(ph, PAM_HOST, hostname)) != PAM_SUCCESS)
goto fail;
if ((r = pam_set_item(ph, PAM_USER, user)) != PAM_SUCCESS)
goto fail;
if ((r = pam_set_item(ph, PAM_CONV, pam_conv)) != PAM_SUCCESS)
goto fail;
if ((r = openpam_configure(ph, service)) != PAM_SUCCESS)
goto fail;
free(hostname);
*pamh = ph;
openpam_log(PAM_LOG_DEBUG, "pam_start(\"%s\") succeeded", service);
RETURNC(PAM_SUCCESS);
fail:
free(hostname);
pam_end(ph, r);
RETURNC(r);
}
int
openpam_dump_policy(const char *service)
{
pam_handle_t *pamh;
char *name;
int fclt, ret;
if ((pamh = calloc(1, sizeof *pamh)) == NULL)
return (PAM_BUF_ERR);
if ((ret = openpam_configure(pamh, service)) != PAM_SUCCESS)
return (ret);
for (fclt = 0; fclt < PAM_NUM_FACILITIES; ++fclt) {
if (pamh->chains[fclt] != NULL) {
if ((name = openpam_chain_name(service, fclt)) == NULL)
return (PAM_BUF_ERR);
ret = openpam_dump_chain(name, pamh->chains[fclt]);
free(name);
if (ret != PAM_SUCCESS)
return (ret);
}
}
printf("static pam_policy_t pam_%s_policy = {\n", service);
printf("\t.service = \"%s\",\n", service);
printf("\t.chains = {\n");
for (fclt = 0; fclt < PAM_NUM_FACILITIES; ++fclt) {
if ((name = openpam_facility_index_name(fclt)) == NULL)
return (PAM_BUF_ERR);
printf("\t\t[%s] = ", name);
free(name);
if (pamh->chains[fclt] != NULL) {
if ((name = openpam_chain_name(service, fclt)) == NULL)
return (PAM_BUF_ERR);
printf("&%s_0,\n", name);
free(name);
} else {
printf("NULL,\n");
}
}
printf("\t},\n");
printf("};\n");
free(pamh);
return (PAM_SUCCESS);
}
