| 1 | /*- |
|---|
| 2 | * Copyright (c) 2002 Networks Associates Technology, Inc. |
|---|
| 3 | * All rights reserved. |
|---|
| 4 | * |
|---|
| 5 | * This software was developed for the FreeBSD Project by ThinkSec AS and |
|---|
| 6 | * Network Associates Laboratories, the Security Research Division of |
|---|
| 7 | * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 |
|---|
| 8 | * ("CBOSS"), as part of the DARPA CHATS research program. |
|---|
| 9 | * |
|---|
| 10 | * Redistribution and use in source and binary forms, with or without |
|---|
| 11 | * modification, are permitted provided that the following conditions |
|---|
| 12 | * are met: |
|---|
| 13 | * 1. Redistributions of source code must retain the above copyright |
|---|
| 14 | * notice, this list of conditions and the following disclaimer. |
|---|
| 15 | * 2. Redistributions in binary form must reproduce the above copyright |
|---|
| 16 | * notice, this list of conditions and the following disclaimer in the |
|---|
| 17 | * documentation and/or other materials provided with the distribution. |
|---|
| 18 | * 3. The name of the author may not be used to endorse or promote |
|---|
| 19 | * products derived from this software without specific prior written |
|---|
| 20 | * permission. |
|---|
| 21 | * |
|---|
| 22 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND |
|---|
| 23 | * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
|---|
| 24 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
|---|
| 25 | * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE |
|---|
| 26 | * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL |
|---|
| 27 | * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS |
|---|
| 28 | * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) |
|---|
| 29 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT |
|---|
| 30 | * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY |
|---|
| 31 | * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF |
|---|
| 32 | * SUCH DAMAGE. |
|---|
| 33 | * |
|---|
| 34 | * $P4: //depot/projects/openpam/lib/pam_get_item.c#14 $ |
|---|
| 35 | */ |
|---|
| 36 | |
|---|
| 37 | #include <sys/param.h> |
|---|
| 38 | |
|---|
| 39 | #include <security/pam_appl.h> |
|---|
| 40 | |
|---|
| 41 | #include "openpam_impl.h" |
|---|
| 42 | |
|---|
| 43 | /* |
|---|
| 44 | * XSSO 4.2.1 |
|---|
| 45 | * XSSO 6 page 46 |
|---|
| 46 | * |
|---|
| 47 | * Get PAM information |
|---|
| 48 | */ |
|---|
| 49 | |
|---|
| 50 | int |
|---|
| 51 | pam_get_item(pam_handle_t *pamh, |
|---|
| 52 | int item_type, |
|---|
| 53 | const void **item) |
|---|
| 54 | { |
|---|
| 55 | |
|---|
| 56 | ENTER(); |
|---|
| 57 | if (pamh == NULL) |
|---|
| 58 | RETURNC(PAM_SYSTEM_ERR); |
|---|
| 59 | switch (item_type) { |
|---|
| 60 | case PAM_SERVICE: |
|---|
| 61 | case PAM_USER: |
|---|
| 62 | case PAM_AUTHTOK: |
|---|
| 63 | case PAM_OLDAUTHTOK: |
|---|
| 64 | case PAM_TTY: |
|---|
| 65 | case PAM_RHOST: |
|---|
| 66 | case PAM_RUSER: |
|---|
| 67 | case PAM_CONV: |
|---|
| 68 | case PAM_USER_PROMPT: |
|---|
| 69 | case PAM_AUTHTOK_PROMPT: |
|---|
| 70 | case PAM_OLDAUTHTOK_PROMPT: |
|---|
| 71 | case PAM_REPOSITORY: |
|---|
| 72 | *item = pamh->item[item_type]; |
|---|
| 73 | RETURNC(PAM_SUCCESS); |
|---|
| 74 | default: |
|---|
| 75 | RETURNC(PAM_SYMBOL_ERR); |
|---|
| 76 | } |
|---|
| 77 | } |
|---|
| 78 | |
|---|
| 79 | /* |
|---|
| 80 | * Error codes: |
|---|
| 81 | * |
|---|
| 82 | * PAM_SYMBOL_ERR |
|---|
| 83 | * PAM_SYSTEM_ERR |
|---|
| 84 | */ |
|---|
| 85 | |
|---|
| 86 | /** |
|---|
| 87 | * The =pam_get_item function stores a pointer to the item specified by |
|---|
| 88 | * the =item_type argument in the location specified by the =item |
|---|
| 89 | * argument. |
|---|
| 90 | * The item is retrieved from the PAM context specified by the =pamh |
|---|
| 91 | * argument. |
|---|
| 92 | * The following item types are recognized: |
|---|
| 93 | * |
|---|
| 94 | * =PAM_SERVICE: |
|---|
| 95 | * The name of the requesting service. |
|---|
| 96 | * =PAM_USER: |
|---|
| 97 | * The name of the user the application is trying to |
|---|
| 98 | * authenticate. |
|---|
| 99 | * =PAM_TTY: |
|---|
| 100 | * The name of the current terminal. |
|---|
| 101 | * =PAM_RHOST: |
|---|
| 102 | * The name of the applicant's host. |
|---|
| 103 | * =PAM_CONV: |
|---|
| 104 | * A =struct pam_conv describing the current conversation |
|---|
| 105 | * function. |
|---|
| 106 | * =PAM_AUTHTOK: |
|---|
| 107 | * The current authentication token. |
|---|
| 108 | * =PAM_OLDAUTHTOK: |
|---|
| 109 | * The expired authentication token. |
|---|
| 110 | * =PAM_RUSER: |
|---|
| 111 | * The name of the applicant. |
|---|
| 112 | * =PAM_USER_PROMPT: |
|---|
| 113 | * The prompt to use when asking the applicant for a user |
|---|
| 114 | * name to authenticate as. |
|---|
| 115 | * =PAM_AUTHTOK_PROMPT: |
|---|
| 116 | * The prompt to use when asking the applicant for an |
|---|
| 117 | * authentication token. |
|---|
| 118 | * =PAM_OLDAUTHTOK_PROMPT: |
|---|
| 119 | * The prompt to use when asking the applicant for an |
|---|
| 120 | * expired authentication token prior to changing it. |
|---|
| 121 | * |
|---|
| 122 | * See =pam_start for a description of =struct pam_conv. |
|---|
| 123 | * |
|---|
| 124 | * >pam_set_item |
|---|
| 125 | */ |
|---|
