1 /*-
2  * Copyright (c) 2002-2003 Networks Associates Technology, Inc.
3  * Copyright (c) 2004-2011 Dag-Erling Smørgrav
4  * All rights reserved.
5  *
6  * This software was developed for the FreeBSD Project by ThinkSec AS and
7  * Network Associates Laboratories, the Security Research Division of
8  * Network Associates, Inc.  under DARPA/SPAWAR contract N66001-01-C-8035
9  * ("CBOSS"), as part of the DARPA CHATS research program.
10  *
11  * Redistribution and use in source and binary forms, with or without
12  * modification, are permitted provided that the following conditions
13  * are met:
14  * 1. Redistributions of source code must retain the above copyright
15  *    notice, this list of conditions and the following disclaimer.
16  * 2. Redistributions in binary form must reproduce the above copyright
17  *    notice, this list of conditions and the following disclaimer in the
18  *    documentation and/or other materials provided with the distribution.
19  * 3. The name of the author may not be used to endorse or promote
20  *    products derived from this software without specific prior written
21  *    permission.
22  *
23  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
24  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
27  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33  * SUCH DAMAGE.
34  *
35  * $OpenPAM: openpam_log.c 938 2017-04-30 21:34:42Z des $
36  */
37 
38 #ifdef HAVE_CONFIG_H
39 # include "config.h"
40 #endif
41 
42 #include <errno.h>
43 #include <stdarg.h>
44 #include <stdio.h>
45 #include <stdlib.h>
46 #include <syslog.h>
47 
48 #include <security/pam_appl.h>
49 
50 #include "openpam_impl.h"
51 #include "openpam_asprintf.h"
52 
53 int openpam_debug = 0;
54 
55 #if !defined(openpam_log)
56 
57 /*
58  * OpenPAM extension
59  *
60  * Log a message through syslog
61  */
62 
63 void
64 openpam_log(int level, const char *fmt, ...)
65 {
66 	va_list ap;
67 	int priority;
68 	int serrno;
69 
70 	switch (level) {
71 	case PAM_LOG_LIBDEBUG:
72 	case PAM_LOG_DEBUG:
73 		if (!openpam_debug)
74 			return;
75 		priority = LOG_DEBUG;
76 		break;
77 	case PAM_LOG_VERBOSE:
78 		priority = LOG_INFO;
79 		break;
80 	case PAM_LOG_NOTICE:
81 		priority = LOG_NOTICE;
82 		break;
83 	case PAM_LOG_ERROR:
84 	default:
85 		priority = LOG_ERR;
86 		break;
87 	}
88 	serrno = errno;
89 	va_start(ap, fmt);
90 	vsyslog(priority, fmt, ap);
91 	va_end(ap);
92 	errno = serrno;
93 }
94 
95 #else
96 
97 void
98 _openpam_log(int level, const char *func, const char *fmt, ...)
99 {
100 	va_list ap;
101 	char *format;
102 	int priority;
103 	int serrno;
104 
105 	switch (level) {
106 	case PAM_LOG_LIBDEBUG:
107 	case PAM_LOG_DEBUG:
108 		if (!openpam_debug)
109 			return;
110 		priority = LOG_DEBUG;
111 		break;
112 	case PAM_LOG_VERBOSE:
113 		priority = LOG_INFO;
114 		break;
115 	case PAM_LOG_NOTICE:
116 		priority = LOG_NOTICE;
117 		break;
118 	case PAM_LOG_ERROR:
119 	default:
120 		priority = LOG_ERR;
121 		break;
122 	}
123 	serrno = errno;
124 	va_start(ap, fmt);
125 	if (asprintf(&format, "in %s(): %s", func, fmt) > 0) {
126 		errno = serrno;
127 		vsyslog(priority, format, ap);
128 		FREE(format);
129 	} else {
130 		errno = serrno;
131 		vsyslog(priority, fmt, ap);
132 	}
133 	va_end(ap);
134 	errno = serrno;
135 }
136 
137 #endif
138 
139 /**
140  * The =openpam_log function logs messages using =syslog.
141  * It is primarily intended for internal use by the library and modules.
142  *
143  * The =level argument indicates the importance of the message.
144  * The following levels are defined:
145  *
146  *	=PAM_LOG_LIBDEBUG:
147  *		Debugging messages.
148  *		For internal use only.
149  *	=PAM_LOG_DEBUG:
150  *		Debugging messages.
151  *		These messages are normally not logged unless the global
152  *		integer variable :openpam_debug is set to a non-zero
153  *		value, in which case they are logged with a =syslog
154  *		priority of =LOG_DEBUG.
155  *	=PAM_LOG_VERBOSE:
156  *		Information about the progress of the authentication
157  *		process, or other non-essential messages.
158  *		These messages are logged with a =syslog priority of
159  *		=LOG_INFO.
160  *	=PAM_LOG_NOTICE:
161  *		Messages relating to non-fatal errors.
162  *		These messages are logged with a =syslog priority of
163  *		=LOG_NOTICE.
164  *	=PAM_LOG_ERROR:
165  *		Messages relating to serious errors.
166  *		These messages are logged with a =syslog priority of
167  *		=LOG_ERR.
168  *
169  * The remaining arguments are a =printf format string and the
170  * corresponding arguments.
171  *
172  * The =openpam_log function does not modify the value of :errno.
173  */
174