1 /*-
2  * Copyright (c) 2002-2003 Networks Associates Technology, Inc.
3  * Copyright (c) 2004-2011 Dag-Erling Smørgrav
4  * All rights reserved.
5  *
6  * This software was developed for the FreeBSD Project by ThinkSec AS and
7  * Network Associates Laboratories, the Security Research Division of
8  * Network Associates, Inc.  under DARPA/SPAWAR contract N66001-01-C-8035
9  * ("CBOSS"), as part of the DARPA CHATS research program.
10  *
11  * Redistribution and use in source and binary forms, with or without
12  * modification, are permitted provided that the following conditions
13  * are met:
14  * 1. Redistributions of source code must retain the above copyright
15  *    notice, this list of conditions and the following disclaimer.
16  * 2. Redistributions in binary form must reproduce the above copyright
17  *    notice, this list of conditions and the following disclaimer in the
18  *    documentation and/or other materials provided with the distribution.
19  * 3. The name of the author may not be used to endorse or promote
20  *    products derived from this software without specific prior written
21  *    permission.
22  *
23  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
24  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
27  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33  * SUCH DAMAGE.
34  */
35 
36 #ifdef HAVE_CONFIG_H
37 # include "config.h"
38 #endif
39 
40 #include <errno.h>
41 #include <stdarg.h>
42 #include <stdio.h>
43 #include <stdlib.h>
44 #include <syslog.h>
45 
46 #include <security/pam_appl.h>
47 
48 #include "openpam_impl.h"
49 #include "openpam_asprintf.h"
50 
51 int openpam_debug = 0;
52 
53 #if !defined(openpam_log)
54 
55 /*
56  * OpenPAM extension
57  *
58  * Log a message through syslog
59  */
60 
61 void
62 openpam_log(int level, const char *fmt, ...)
63 {
64 	va_list ap;
65 	int priority;
66 	int serrno;
67 
68 	switch (level) {
69 	case PAM_LOG_LIBDEBUG:
70 	case PAM_LOG_DEBUG:
71 		if (!openpam_debug)
72 			return;
73 		priority = LOG_DEBUG;
74 		break;
75 	case PAM_LOG_VERBOSE:
76 		priority = LOG_INFO;
77 		break;
78 	case PAM_LOG_NOTICE:
79 		priority = LOG_NOTICE;
80 		break;
81 	case PAM_LOG_ERROR:
82 	default:
83 		priority = LOG_ERR;
84 		break;
85 	}
86 	serrno = errno;
87 	va_start(ap, fmt);
88 	vsyslog(priority, fmt, ap);
89 	va_end(ap);
90 	errno = serrno;
91 }
92 
93 #else
94 
95 void
96 _openpam_log(int level, const char *func, const char *fmt, ...)
97 {
98 	va_list ap;
99 	char *format;
100 	int priority;
101 	int serrno;
102 
103 	switch (level) {
104 	case PAM_LOG_LIBDEBUG:
105 	case PAM_LOG_DEBUG:
106 		if (!openpam_debug)
107 			return;
108 		priority = LOG_DEBUG;
109 		break;
110 	case PAM_LOG_VERBOSE:
111 		priority = LOG_INFO;
112 		break;
113 	case PAM_LOG_NOTICE:
114 		priority = LOG_NOTICE;
115 		break;
116 	case PAM_LOG_ERROR:
117 	default:
118 		priority = LOG_ERR;
119 		break;
120 	}
121 	serrno = errno;
122 	va_start(ap, fmt);
123 	if (asprintf(&format, "in %s(): %s", func, fmt) > 0) {
124 		errno = serrno;
125 		vsyslog(priority, format, ap);
126 		FREE(format);
127 	} else {
128 		errno = serrno;
129 		vsyslog(priority, fmt, ap);
130 	}
131 	va_end(ap);
132 	errno = serrno;
133 }
134 
135 #endif
136 
137 /**
138  * The =openpam_log function logs messages using =syslog.
139  * It is primarily intended for internal use by the library and modules.
140  *
141  * The =level argument indicates the importance of the message.
142  * The following levels are defined:
143  *
144  *	=PAM_LOG_LIBDEBUG:
145  *		Debugging messages.
146  *		For internal use only.
147  *	=PAM_LOG_DEBUG:
148  *		Debugging messages.
149  *		These messages are normally not logged unless the global
150  *		integer variable :openpam_debug is set to a non-zero
151  *		value, in which case they are logged with a =syslog
152  *		priority of =LOG_DEBUG.
153  *	=PAM_LOG_VERBOSE:
154  *		Information about the progress of the authentication
155  *		process, or other non-essential messages.
156  *		These messages are logged with a =syslog priority of
157  *		=LOG_INFO.
158  *	=PAM_LOG_NOTICE:
159  *		Messages relating to non-fatal errors.
160  *		These messages are logged with a =syslog priority of
161  *		=LOG_NOTICE.
162  *	=PAM_LOG_ERROR:
163  *		Messages relating to serious errors.
164  *		These messages are logged with a =syslog priority of
165  *		=LOG_ERR.
166  *
167  * The remaining arguments are a =printf format string and the
168  * corresponding arguments.
169  *
170  * The =openpam_log function does not modify the value of :errno.
171  */
172