source: openpam/trunk/lib/libpam/pam_get_user.c @ 913

Last change on this file since 913 was 913, checked in by Dag-Erling Smørgrav, 4 years ago

Newer versions of clang take nonnull annotations into account not only
when compiling code that calls the function, but also when compiling the
function itself. This means that NULL checks in the function trigger
condition-always-false warnings. We have a choice between disabling these
warnings, removing the nonnull annotations, or removing the NULL checks.
We prefer to keep the annotations and warnings and remove the checks. In
all cases, passing NULL to the function in question will result in a
segmentation fault, which is often easier to debug than an error return,
especially when most of these checks were for the PAM handle, which can only
be NULL if the caller ignored an error return from pam_start().

  • Property svn:eol-style set to native
  • Property svn:keywords set to Id
File size: 4.5 KB
Line 
1/*-
2 * Copyright (c) 2002-2003 Networks Associates Technology, Inc.
3 * Copyright (c) 2004-2017 Dag-Erling Smørgrav
4 * All rights reserved.
5 *
6 * This software was developed for the FreeBSD Project by ThinkSec AS and
7 * Network Associates Laboratories, the Security Research Division of
8 * Network Associates, Inc.  under DARPA/SPAWAR contract N66001-01-C-8035
9 * ("CBOSS"), as part of the DARPA CHATS research program.
10 *
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
13 * are met:
14 * 1. Redistributions of source code must retain the above copyright
15 *    notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 *    notice, this list of conditions and the following disclaimer in the
18 *    documentation and/or other materials provided with the distribution.
19 * 3. The name of the author may not be used to endorse or promote
20 *    products derived from this software without specific prior written
21 *    permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * SUCH DAMAGE.
34 *
35 * $Id: pam_get_user.c 913 2017-01-21 15:11:12Z des $
36 */
37
38#ifdef HAVE_CONFIG_H
39# include "config.h"
40#endif
41
42#include <sys/param.h>
43
44#include <stdlib.h>
45
46#include <security/pam_appl.h>
47#include <security/openpam.h>
48
49#include "openpam_impl.h"
50
51static const char user_prompt[] = "Login:";
52
53/*
54 * XSSO 4.2.1
55 * XSSO 6 page 52
56 *
57 * Retrieve user name
58 */
59
60int
61pam_get_user(pam_handle_t *pamh,
62        const char **user,
63        const char *prompt)
64{
65        char prompt_buf[1024];
66        size_t prompt_size;
67        const void *promptp;
68        char *resp;
69        int r;
70
71        ENTER();
72        r = pam_get_item(pamh, PAM_USER, (const void **)user);
73        if (r == PAM_SUCCESS && *user != NULL)
74                RETURNC(PAM_SUCCESS);
75        /* pam policy overrides the module's choice */
76        if ((promptp = openpam_get_option(pamh, "user_prompt")) != NULL)
77                prompt = promptp;
78        /* no prompt provided, see if there is one tucked away somewhere */
79        if (prompt == NULL) {
80                r = pam_get_item(pamh, PAM_USER_PROMPT, &promptp);
81                if (r == PAM_SUCCESS && promptp != NULL)
82                        prompt = promptp;
83        }
84        /* fall back to hardcoded default */
85        if (prompt == NULL)
86                prompt = user_prompt;
87        /* expand */
88        prompt_size = sizeof prompt_buf;
89        r = openpam_subst(pamh, prompt_buf, &prompt_size, prompt);
90        if (r == PAM_SUCCESS && prompt_size <= sizeof prompt_buf)
91                prompt = prompt_buf;
92        r = pam_prompt(pamh, PAM_PROMPT_ECHO_ON, &resp, "%s", prompt);
93        if (r != PAM_SUCCESS)
94                RETURNC(r);
95        r = pam_set_item(pamh, PAM_USER, resp);
96        FREE(resp);
97        if (r != PAM_SUCCESS)
98                RETURNC(r);
99        r = pam_get_item(pamh, PAM_USER, (const void **)user);
100        RETURNC(r);
101}
102
103/*
104 * Error codes:
105 *
106 *      =pam_get_item
107 *      =pam_prompt
108 *      =pam_set_item
109 *      !PAM_SYMBOL_ERR
110 */
111
112/**
113 * The =pam_get_user function returns the name of the target user, as
114 * specified to =pam_start.
115 * If no user was specified, nor set using =pam_set_item, =pam_get_user
116 * will prompt for a user name.
117 * Either way, a pointer to the user name is stored in the location
118 * pointed to by the =user argument, and the corresponding PAM item is
119 * updated.
120 *
121 * The =prompt argument specifies a prompt to use if no user name is
122 * cached.
123 * If it is =NULL, the =PAM_USER_PROMPT item will be used.
124 * If that item is also =NULL, a hardcoded default prompt will be used.
125 * Additionally, when =pam_get_user is called from a service module, the
126 * prompt may be affected by module options as described below.
127 * The prompt is then expanded using =openpam_subst before it is passed to
128 * the conversation function.
129 *
130 * MODULE OPTIONS
131 *
132 * When called by a service module, =pam_get_user will recognize the
133 * following module options:
134 *
135 *      ;user_prompt:
136 *              Prompt to use when asking for the user name.
137 *              This option overrides both the =prompt argument and the
138 *              =PAM_USER_PROMPT item.
139 *
140 * >pam_conv
141 * >pam_get_item
142 * >pam_get_authtok
143 * >openpam_get_option
144 * >openpam_subst
145 */
Note: See TracBrowser for help on using the repository browser.