source: openpam/trunk/lib/openpam_dynamic.c @ 494

Last change on this file since 494 was 494, checked in by Dag-Erling Smørgrav, 8 years ago

nit

  • Property svn:keywords set to Id
File size: 4.5 KB
Line 
1/*-
2 * Copyright (c) 2002-2003 Networks Associates Technology, Inc.
3 * Copyright (c) 2004-2011 Dag-Erling Smørgrav
4 * All rights reserved.
5 *
6 * This software was developed for the FreeBSD Project by ThinkSec AS and
7 * Network Associates Laboratories, the Security Research Division of
8 * Network Associates, Inc.  under DARPA/SPAWAR contract N66001-01-C-8035
9 * ("CBOSS"), as part of the DARPA CHATS research program.
10 *
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
13 * are met:
14 * 1. Redistributions of source code must retain the above copyright
15 *    notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 *    notice, this list of conditions and the following disclaimer in the
18 *    documentation and/or other materials provided with the distribution.
19 * 3. The name of the author may not be used to endorse or promote
20 *    products derived from this software without specific prior written
21 *    permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * SUCH DAMAGE.
34 *
35 * $Id: openpam_dynamic.c 494 2011-11-20 02:58:34Z des $
36 */
37
38#ifdef HAVE_CONFIG_H
39# include "config.h"
40#endif
41
42#include <sys/types.h>
43#include <sys/stat.h>
44
45#include <dlfcn.h>
46#include <errno.h>
47#include <libgen.h>
48#include <stdio.h>
49#include <stdlib.h>
50#include <string.h>
51#include <unistd.h>
52
53#include <security/pam_appl.h>
54
55#include "openpam_impl.h"
56
57#ifndef RTLD_NOW
58#define RTLD_NOW RTLD_LAZY
59#endif
60
61/*
62 * OpenPAM internal
63 *
64 * Verify that a file or directory is owned by either root or the
65 * arbitrator and that it is not writable by group or other.
66 */
67
68static int
69check_owner_perms(const char *path)
70{
71        struct stat sb;
72
73        if (stat(path, &sb) != 0)
74                return (-1);
75        if ((sb.st_uid != 0 && sb.st_uid != geteuid()) ||
76            (sb.st_mode & (S_IWGRP|S_IWOTH)) != 0) {
77                openpam_log(PAM_LOG_ERROR,
78                    "%s: insecure ownership or permissions", path);
79                errno = EPERM;
80                return (-1);
81        }
82        return (0);
83}
84
85/*
86 * OpenPAM internal
87 *
88 * Perform sanity checks and attempt to load a module
89 */
90
91static void *
92try_dlopen(const char *modfn)
93{
94        char *moddn;
95        int ok, serrno;
96
97        /*
98         * BSD dirname(3) returns a pointer to a static buffer, while GNU
99         * dirname(3) modifies the input string.  Use a copy of the string
100         * so both cases work.
101         */
102        if ((moddn = strdup(modfn)) == NULL)
103                return (NULL);
104        ok = (check_owner_perms(dirname(moddn)) == 0 &&
105            check_owner_perms(modfn) == 0);
106        serrno = errno;
107        FREE(moddn);
108        errno = serrno;
109        return (ok ? dlopen(modfn, RTLD_NOW) : NULL);
110}
111   
112/*
113 * OpenPAM internal
114 *
115 * Locate a dynamically linked module
116 */
117
118pam_module_t *
119openpam_dynamic(const char *path)
120{
121        const pam_module_t *dlmodule;
122        pam_module_t *module;
123        const char *prefix;
124        char *vpath;
125        void *dlh;
126        int i, serrno;
127
128        dlh = NULL;
129
130        /* Prepend the standard prefix if not an absolute pathname. */
131        if (path[0] != '/')
132                prefix = OPENPAM_MODULES_DIR;
133        else
134                prefix = "";
135
136        /* try versioned module first, then unversioned module */
137        if (asprintf(&vpath, "%s%s.%d", prefix, path, LIB_MAJ) < 0)
138                goto err;
139        if ((dlh = try_dlopen(vpath)) == NULL && errno == ENOENT) {
140                *strrchr(vpath, '.') = '\0';
141                dlh = try_dlopen(vpath);
142        }
143        serrno = errno;
144        FREE(vpath);
145        errno = serrno;
146        if (dlh == NULL)
147                goto err;
148        if ((module = calloc(1, sizeof *module)) == NULL)
149                goto buf_err;
150        if ((module->path = strdup(path)) == NULL)
151                goto buf_err;
152        module->dlh = dlh;
153        dlmodule = dlsym(dlh, "_pam_module");
154        for (i = 0; i < PAM_NUM_PRIMITIVES; ++i) {
155                module->func[i] = dlmodule ? dlmodule->func[i] :
156                    (pam_func_t)dlsym(dlh, pam_sm_func_name[i]);
157                if (module->func[i] == NULL)
158                        openpam_log(PAM_LOG_DEBUG, "%s: %s(): %s",
159                            path, pam_sm_func_name[i], dlerror());
160        }
161        return (module);
162buf_err:
163        if (dlh != NULL)
164                dlclose(dlh);
165        FREE(module);
166err:
167        openpam_log(PAM_LOG_ERROR, "%m");
168        return (NULL);
169}
170
171/*
172 * NOPARSE
173 */
Note: See TracBrowser for help on using the repository browser.