191100Sdes/*- 2115619Sdes * Copyright (c) 2002-2003 Networks Associates Technology, Inc. 3228690Sdes * Copyright (c) 2004-2011 Dag-Erling Sm��rgrav 491100Sdes * All rights reserved. 591100Sdes * 691100Sdes * This software was developed for the FreeBSD Project by ThinkSec AS and 799158Sdes * Network Associates Laboratories, the Security Research Division of 899158Sdes * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 999158Sdes * ("CBOSS"), as part of the DARPA CHATS research program. 1091100Sdes * 1191100Sdes * Redistribution and use in source and binary forms, with or without 1291100Sdes * modification, are permitted provided that the following conditions 1391100Sdes * are met: 1491100Sdes * 1. Redistributions of source code must retain the above copyright 1591100Sdes * notice, this list of conditions and the following disclaimer. 1691100Sdes * 2. Redistributions in binary form must reproduce the above copyright 1791100Sdes * notice, this list of conditions and the following disclaimer in the 1891100Sdes * documentation and/or other materials provided with the distribution. 1991100Sdes * 3. The name of the author may not be used to endorse or promote 2091100Sdes * products derived from this software without specific prior written 2191100Sdes * permission. 2291100Sdes * 2391100Sdes * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 2491100Sdes * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 2591100Sdes * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 2691100Sdes * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 2791100Sdes * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 2891100Sdes * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 2991100Sdes * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 3091100Sdes * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 3191100Sdes * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 3291100Sdes * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 3391100Sdes * SUCH DAMAGE. 3491100Sdes * 35255376Sdes * $Id: openpam_set_option.c 648 2013-03-05 17:54:27Z des $ 3691100Sdes */ 3791100Sdes 38228690Sdes#ifdef HAVE_CONFIG_H 39228690Sdes# include "config.h" 40228690Sdes#endif 41228690Sdes 4291100Sdes#include <sys/param.h> 4391100Sdes 4491100Sdes#include <stdio.h> 4591100Sdes#include <stdlib.h> 4691100Sdes#include <string.h> 4791100Sdes 4891100Sdes#include <security/pam_appl.h> 4991100Sdes 5091100Sdes#include "openpam_impl.h" 51255376Sdes#include "openpam_asprintf.h" 5291100Sdes 5391100Sdes/* 5491100Sdes * OpenPAM extension 5591100Sdes * 5691100Sdes * Sets the value of a module option 5791100Sdes */ 5891100Sdes 5991100Sdesint 6091100Sdesopenpam_set_option(pam_handle_t *pamh, 6191100Sdes const char *option, 6291100Sdes const char *value) 6391100Sdes{ 6491100Sdes pam_chain_t *cur; 6591100Sdes char *opt, **optv; 6691100Sdes size_t len; 6791100Sdes int i; 6891100Sdes 69110503Sdes ENTERS(option); 7091100Sdes if (pamh == NULL || pamh->current == NULL || option == NULL) 71107937Sdes RETURNC(PAM_SYSTEM_ERR); 7291100Sdes cur = pamh->current; 7391100Sdes for (len = 0; option[len] != '\0'; ++len) 7491100Sdes if (option[len] == '=') 7591100Sdes break; 7691100Sdes for (i = 0; i < cur->optc; ++i) { 7791100Sdes if (strncmp(cur->optv[i], option, len) == 0 && 7891100Sdes (cur->optv[i][len] == '\0' || cur->optv[i][len] == '=')) 7991100Sdes break; 8091100Sdes } 8191684Sdes if (value == NULL) { 8291684Sdes /* remove */ 8391684Sdes if (i == cur->optc) 84107937Sdes RETURNC(PAM_SUCCESS); 8591684Sdes for (free(cur->optv[i]); i < cur->optc; ++i) 8691684Sdes cur->optv[i] = cur->optv[i + 1]; 8791684Sdes cur->optv[i] = NULL; 88107937Sdes RETURNC(PAM_SUCCESS); 8991684Sdes } 90115619Sdes if (asprintf(&opt, "%.*s=%s", (int)len, option, value) < 0) 91107937Sdes RETURNC(PAM_BUF_ERR); 9291100Sdes if (i == cur->optc) { 9391684Sdes /* add */ 9491100Sdes optv = realloc(cur->optv, sizeof(char *) * (cur->optc + 2)); 9591100Sdes if (optv == NULL) { 96115619Sdes FREE(opt); 97107937Sdes RETURNC(PAM_BUF_ERR); 9891100Sdes } 9991100Sdes optv[i] = opt; 10091100Sdes optv[i + 1] = NULL; 10191100Sdes cur->optv = optv; 10291100Sdes ++cur->optc; 10391684Sdes } else { 10491684Sdes /* replace */ 105115619Sdes FREE(cur->optv[i]); 10691684Sdes cur->optv[i] = opt; 10791100Sdes } 108107937Sdes RETURNC(PAM_SUCCESS); 10991100Sdes} 11091100Sdes 11191100Sdes/* 11291100Sdes * Error codes: 11391100Sdes * 11491100Sdes * PAM_SYSTEM_ERR 11591100Sdes * PAM_BUF_ERR 11691100Sdes */ 11791100Sdes 11891100Sdes/** 11991100Sdes * The =openpam_set_option function sets the specified option in the 12091100Sdes * context of the currently executing service module. 121115619Sdes * 122115619Sdes * >openpam_get_option 12391100Sdes */ 124