1 /*-
2 * Copyright (c) 2002-2003 Networks Associates Technology, Inc.
3 * Copyright (c) 2004-2013 Dag-Erling Smørgrav
4 * All rights reserved.
5 *
6 * This software was developed for the FreeBSD Project by ThinkSec AS and
7 * Network Associates Laboratories, the Security Research Division of
8 * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035
9 * ("CBOSS"), as part of the DARPA CHATS research program.
10 *
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
13 * are met:
14 * 1. Redistributions of source code must retain the above copyright
15 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in the
18 * documentation and/or other materials provided with the distribution.
19 * 3. The name of the author may not be used to endorse or promote
20 * products derived from this software without specific prior written
21 * permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * SUCH DAMAGE.
34 */
35
36 #ifdef HAVE_CONFIG_H
37 # include "config.h"
38 #endif
39
40 #include <dlfcn.h>
41 #include <stdlib.h>
42 #include <string.h>
43
44 #include <security/pam_appl.h>
45
46 #include "openpam_impl.h"
47
48 /*
49 * Locate a matching dynamic or static module.
50 */
51
52 pam_module_t *
openpam_load_module(const char * modulename)53 openpam_load_module(const char *modulename)
54 {
55 pam_module_t *module;
56
57 module = openpam_dynamic(modulename);
58 openpam_log(PAM_LOG_DEBUG, "%s dynamic %s",
59 (module == NULL) ? "no" : "using", modulename);
60
61 #ifdef OPENPAM_STATIC_MODULES
62 /* look for a static module */
63 if (module == NULL && strchr(modulename, '/') == NULL) {
64 module = openpam_static(modulename);
65 openpam_log(PAM_LOG_DEBUG, "%s static %s",
66 (module == NULL) ? "no" : "using", modulename);
67 }
68 #endif
69 if (module == NULL) {
70 openpam_log(PAM_LOG_ERROR, "no %s found", modulename);
71 return (NULL);
72 }
73 return (module);
74 }
75
76
77 /*
78 * Release a module.
79 * XXX highly thread-unsafe
80 */
81
82 static void
openpam_release_module(pam_module_t * module)83 openpam_release_module(pam_module_t *module)
84 {
85
86 if (module == NULL)
87 return;
88 if (module->dlh == NULL)
89 /* static module */
90 return;
91 dlclose(module->dlh);
92 openpam_log(PAM_LOG_DEBUG, "releasing %s", module->path);
93 FREE(module->path);
94 FREE(module);
95 }
96
97
98 /*
99 * Destroy a chain, freeing all its links and releasing the modules
100 * they point to.
101 */
102
103 static void
openpam_destroy_chain(pam_chain_t * chain)104 openpam_destroy_chain(pam_chain_t *chain)
105 {
106
107 if (chain == NULL)
108 return;
109 openpam_destroy_chain(chain->next);
110 chain->next = NULL;
111 FREEV(chain->optc, chain->optv);
112 openpam_release_module(chain->module);
113 chain->module = NULL;
114 FREE(chain);
115 }
116
117
118 /*
119 * Clear the chains and release the modules
120 */
121
122 void
openpam_clear_chains(pam_chain_t * policy[])123 openpam_clear_chains(pam_chain_t *policy[])
124 {
125 int i;
126
127 for (i = 0; i < PAM_NUM_FACILITIES; ++i) {
128 openpam_destroy_chain(policy[i]);
129 policy[i] = NULL;
130 }
131 }
132
133 /*
134 * NOPARSE
135 */
136