|
Packit |
6bd9ab |
/*
|
|
Packit |
6bd9ab |
common.h - common functions for PAM lookups
|
|
Packit |
6bd9ab |
|
|
Packit |
6bd9ab |
Copyright (C) 2009, 2010, 2011, 2012 Arthur de Jong
|
|
Packit |
6bd9ab |
|
|
Packit |
6bd9ab |
This library is free software; you can redistribute it and/or
|
|
Packit |
6bd9ab |
modify it under the terms of the GNU Lesser General Public
|
|
Packit |
6bd9ab |
License as published by the Free Software Foundation; either
|
|
Packit |
6bd9ab |
version 2.1 of the License, or (at your option) any later version.
|
|
Packit |
6bd9ab |
|
|
Packit |
6bd9ab |
This library is distributed in the hope that it will be useful,
|
|
Packit |
6bd9ab |
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
Packit |
6bd9ab |
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
Packit |
6bd9ab |
Lesser General Public License for more details.
|
|
Packit |
6bd9ab |
|
|
Packit |
6bd9ab |
You should have received a copy of the GNU Lesser General Public
|
|
Packit |
6bd9ab |
License along with this library; if not, write to the Free Software
|
|
Packit |
6bd9ab |
Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA
|
|
Packit |
6bd9ab |
02110-1301 USA
|
|
Packit |
6bd9ab |
*/
|
|
Packit |
6bd9ab |
|
|
Packit |
6bd9ab |
#ifndef PAM__COMMON_H
|
|
Packit |
6bd9ab |
#define PAM__COMMON_H 1
|
|
Packit |
6bd9ab |
|
|
Packit |
6bd9ab |
#include <stdio.h>
|
|
Packit |
6bd9ab |
|
|
Packit |
6bd9ab |
#include "nslcd.h"
|
|
Packit |
6bd9ab |
#include "common/nslcd-prot.h"
|
|
Packit |
6bd9ab |
#include "compat/attrs.h"
|
|
Packit |
6bd9ab |
|
|
Packit |
6bd9ab |
/* These are macros for handling read and write problems, they are
|
|
Packit |
6bd9ab |
PAM specific due to the return code so are defined here. They
|
|
Packit |
6bd9ab |
genrally close the open file, set an error code and return with
|
|
Packit |
6bd9ab |
an error status. */
|
|
Packit |
6bd9ab |
|
|
Packit |
6bd9ab |
/* Macro is called to handle errors in opening a client connection. */
|
|
Packit |
6bd9ab |
#define ERROR_OUT_OPENERROR \
|
|
Packit |
6bd9ab |
pam_syslog(pamh, LOG_ERR, "error opening connection to nslcd: %s", \
|
|
Packit |
6bd9ab |
strerror(errno)); \
|
|
Packit |
6bd9ab |
return PAM_AUTHINFO_UNAVAIL;
|
|
Packit |
6bd9ab |
|
|
Packit |
6bd9ab |
/* Macro is called to handle errors on read operations. */
|
|
Packit |
6bd9ab |
#define ERROR_OUT_READERROR(fp) \
|
|
Packit |
6bd9ab |
pam_syslog(pamh, LOG_ERR, "error reading from nslcd: %s", \
|
|
Packit |
6bd9ab |
strerror(errno)); \
|
|
Packit |
6bd9ab |
(void)tio_close(fp); \
|
|
Packit |
6bd9ab |
return PAM_AUTHINFO_UNAVAIL;
|
|
Packit |
6bd9ab |
|
|
Packit |
6bd9ab |
/* Macro is called to handle problems with too small a buffer. */
|
|
Packit |
6bd9ab |
#define ERROR_OUT_BUFERROR(fp) \
|
|
Packit |
6bd9ab |
pam_syslog(pamh, LOG_CRIT, "buffer %d bytes too small", tmpint32); \
|
|
Packit |
6bd9ab |
(void)tio_close(fp); \
|
|
Packit |
6bd9ab |
return PAM_SYSTEM_ERR;
|
|
Packit |
6bd9ab |
|
|
Packit |
6bd9ab |
/* This macro is called if there was a problem with a write
|
|
Packit |
6bd9ab |
operation. */
|
|
Packit |
6bd9ab |
#define ERROR_OUT_WRITEERROR(fp) \
|
|
Packit |
6bd9ab |
pam_syslog(pamh, LOG_ERR, "error writing to nslcd: %s", \
|
|
Packit |
6bd9ab |
strerror(errno)); \
|
|
Packit |
6bd9ab |
(void)tio_close(fp); \
|
|
Packit |
6bd9ab |
return PAM_AUTHINFO_UNAVAIL;
|
|
Packit |
6bd9ab |
|
|
Packit |
6bd9ab |
/* This macro is called if the read status code is not
|
|
Packit |
6bd9ab |
NSLCD_RESULT_BEGIN. */
|
|
Packit |
6bd9ab |
#define ERROR_OUT_NOSUCCESS(fp) \
|
|
Packit |
6bd9ab |
(void)tio_close(fp); \
|
|
Packit |
6bd9ab |
if (cfg->debug) \
|
|
Packit |
6bd9ab |
pam_syslog(pamh, LOG_DEBUG, "user not handled by nslcd"); \
|
|
Packit |
6bd9ab |
return PAM_USER_UNKNOWN;
|
|
Packit |
6bd9ab |
|
|
Packit |
6bd9ab |
/* This is a generic PAM request generation macro. The action
|
|
Packit |
6bd9ab |
parameter is the NSLCD_ACTION_.. action, the writefn is the
|
|
Packit |
6bd9ab |
operation for writing the parameter and readfn is the function
|
|
Packit |
6bd9ab |
name for reading a single result entry. The function is assumed
|
|
Packit |
6bd9ab |
to have result, buffer, buflen and errnop parameters that define
|
|
Packit |
6bd9ab |
the result structure, the user buffer with length and the
|
|
Packit |
6bd9ab |
errno to return. This macro should be called through some of
|
|
Packit |
6bd9ab |
the customized ones below. */
|
|
Packit |
6bd9ab |
#define PAM_REQUEST(action, debuglog, writefn, readfn) \
|
|
Packit |
6bd9ab |
TFILE *fp; \
|
|
Packit |
6bd9ab |
int32_t tmpint32; \
|
|
Packit |
6bd9ab |
if (cfg->debug) \
|
|
Packit |
6bd9ab |
debuglog; \
|
|
Packit |
6bd9ab |
/* open socket and write request */ \
|
|
Packit |
6bd9ab |
NSLCD_REQUEST(fp, action, writefn); \
|
|
Packit |
6bd9ab |
/* read response code */ \
|
|
Packit |
6bd9ab |
READ_RESPONSE_CODE(fp); \
|
|
Packit |
6bd9ab |
/* read the response */ \
|
|
Packit |
6bd9ab |
readfn; \
|
|
Packit |
6bd9ab |
/* close socket and we're done */ \
|
|
Packit |
6bd9ab |
(void)tio_close(fp); \
|
|
Packit |
6bd9ab |
return PAM_SUCCESS;
|
|
Packit |
6bd9ab |
|
|
Packit |
6bd9ab |
/* helper macro to read PAM status code (auto-translated from NSLCD PAM
|
|
Packit |
6bd9ab |
status code */
|
|
Packit |
6bd9ab |
#define READ_PAM_CODE(fp, i) \
|
|
Packit |
6bd9ab |
READ(fp, &tmpint32, sizeof(int32_t)); \
|
|
Packit |
6bd9ab |
(i) = nslcd2pam_rc(pamh, ntohl(tmpint32));
|
|
Packit |
6bd9ab |
|
|
Packit |
6bd9ab |
#endif /* not PAM__COMMON_H */
|