openpam_get_feature.c revision 236099
1236099Sdes/*- 2236099Sdes * Copyright (c) 2012 Dag-Erling Sm��rgrav 3236099Sdes * All rights reserved. 4236099Sdes * 5236099Sdes * Redistribution and use in source and binary forms, with or without 6236099Sdes * modification, are permitted provided that the following conditions 7236099Sdes * are met: 8236099Sdes * 1. Redistributions of source code must retain the above copyright 9236099Sdes * notice, this list of conditions and the following disclaimer 10236099Sdes * in this position and unchanged. 11236099Sdes * 2. Redistributions in binary form must reproduce the above copyright 12236099Sdes * notice, this list of conditions and the following disclaimer in the 13236099Sdes * documentation and/or other materials provided with the distribution. 14236099Sdes * 3. The name of the author may not be used to endorse or promote 15236099Sdes * products derived from this software without specific prior written 16236099Sdes * permission. 17236099Sdes * 18236099Sdes * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 19236099Sdes * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20236099Sdes * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21236099Sdes * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 22236099Sdes * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23236099Sdes * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24236099Sdes * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25236099Sdes * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26236099Sdes * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27236099Sdes * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28236099Sdes * SUCH DAMAGE. 29236099Sdes * 30236099Sdes * $Id: openpam_get_feature.c 608 2012-05-17 16:00:13Z des $ 31236099Sdes */ 32236099Sdes 33236099Sdes#ifdef HAVE_CONFIG_H 34236099Sdes# include "config.h" 35236099Sdes#endif 36236099Sdes 37236099Sdes#include <security/pam_appl.h> 38236099Sdes#include <security/openpam.h> 39236099Sdes 40236099Sdes#include "openpam_impl.h" 41236099Sdes 42236099Sdes/* 43236099Sdes * OpenPAM extension 44236099Sdes * 45236099Sdes * Query the state of an optional feature. 46236099Sdes */ 47236099Sdes 48236099Sdesint 49236099Sdesopenpam_get_feature(int feature, int *onoff) 50236099Sdes{ 51236099Sdes 52236099Sdes ENTERF(feature); 53236099Sdes if (feature < 0 || feature >= OPENPAM_NUM_FEATURES) 54236099Sdes RETURNC(PAM_SYMBOL_ERR); 55236099Sdes *onoff = openpam_features[feature].onoff; 56236099Sdes RETURNC(PAM_SUCCESS); 57236099Sdes} 58236099Sdes 59236099Sdes/* 60236099Sdes * Error codes: 61236099Sdes * 62236099Sdes * PAM_SYMBOL_ERR 63236099Sdes */ 64236099Sdes 65236099Sdes/** 66236099Sdes * EXPERIMENTAL 67236099Sdes * 68236099Sdes * The =openpam_get_feature function stores the current state of the 69236099Sdes * specified feature in the variable pointed to by its =onoff argument. 70236099Sdes * 71236099Sdes * The following features are recognized: 72236099Sdes * 73236099Sdes * =OPENPAM_RESTRICT_SERVICE_NAME: 74236099Sdes * Disallow path separators in service names. 75236099Sdes * This feature is enabled by default. 76236099Sdes * Disabling it allows the application to specify the path to 77236099Sdes * the desired policy file directly. 78236099Sdes * 79236099Sdes * =OPENPAM_VERIFY_POLICY_FILE: 80236099Sdes * Verify the ownership and permissions of the policy file 81236099Sdes * and the path leading up to it. 82236099Sdes * This feature is enabled by default. 83236099Sdes * 84236099Sdes * =OPENPAM_RESTRICT_MODULE_NAME: 85236099Sdes * Disallow path separators in module names. 86236099Sdes * This feature is disabled by default. 87236099Sdes * Enabling it prevents the use of modules in non-standard 88236099Sdes * locations. 89236099Sdes * 90236099Sdes * =OPENPAM_VERIFY_MODULE_FILE: 91236099Sdes * Verify the ownership and permissions of each loadable 92236099Sdes * module and the path leading up to it. 93236099Sdes * This feature is enabled by default. 94236099Sdes * 95236099Sdes * 96236099Sdes * >openpam_set_feature 97236099Sdes * 98236099Sdes * AUTHOR DES 99236099Sdes */ 100