1/*- 2 * Copyright (c) 2002-2003 Networks Associates Technology, Inc. 3 * Copyright (c) 2004-2007 Dag-Erling Smørgrav 4 * All rights reserved. 5 * 6 * This software was developed for the FreeBSD Project by ThinkSec AS and 7 * Network Associates Laboratories, the Security Research Division of 8 * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035 9 * ("CBOSS"), as part of the DARPA CHATS research program. 10 * 11 * Redistribution and use in source and binary forms, with or without 12 * modification, are permitted provided that the following conditions 13 * are met: 14 * 1. Redistributions of source code must retain the above copyright 15 * notice, this list of conditions and the following disclaimer. 16 * 2. Redistributions in binary form must reproduce the above copyright 17 * notice, this list of conditions and the following disclaimer in the 18 * documentation and/or other materials provided with the distribution. 19 * 3. The name of the author may not be used to endorse or promote 20 * products derived from this software without specific prior written 21 * permission. 22 * 23 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 26 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 33 * SUCH DAMAGE. 34 * 35 * $Id: pam_get_item.c 408 2007-12-21 11:36:24Z des $ 36 */ 37 38#include <sys/param.h> 39 40#include <security/pam_appl.h> 41 42#include "openpam_impl.h" 43 44const char *_pam_item_name[PAM_NUM_ITEMS] = { 45 "(NO ITEM)", 46 "PAM_SERVICE", 47 "PAM_USER", 48 "PAM_TTY", 49 "PAM_RHOST", 50 "PAM_CONV", 51 "PAM_AUTHTOK", 52 "PAM_OLDAUTHTOK", 53 "PAM_RUSER", 54 "PAM_USER_PROMPT", 55 "PAM_REPOSITORY", 56 "PAM_AUTHTOK_PROMPT", 57 "PAM_OLDAUTHTOK_PROMPT" 58}; 59 60/* 61 * XSSO 4.2.1 62 * XSSO 6 page 46 63 * 64 * Get PAM information 65 */ 66 67int 68pam_get_item(const pam_handle_t *pamh, 69 int item_type, 70 const void **item) 71{ 72 73 ENTERI(item_type); 74 if (pamh == NULL) 75 RETURNC(PAM_SYSTEM_ERR); 76 switch (item_type) { 77 case PAM_SERVICE: 78 case PAM_USER: 79 case PAM_AUTHTOK: 80 case PAM_OLDAUTHTOK: 81 case PAM_TTY: 82 case PAM_RHOST: 83 case PAM_RUSER: 84 case PAM_CONV: 85 case PAM_USER_PROMPT: 86 case PAM_AUTHTOK_PROMPT: 87 case PAM_OLDAUTHTOK_PROMPT: 88 case PAM_REPOSITORY: 89 *item = pamh->item[item_type]; 90 RETURNC(PAM_SUCCESS); 91 default: 92 RETURNC(PAM_SYMBOL_ERR); 93 } 94} 95 96/* 97 * Error codes: 98 * 99 * PAM_SYMBOL_ERR 100 * PAM_SYSTEM_ERR 101 */ 102 103/** 104 * The =pam_get_item function stores a pointer to the item specified by 105 * the =item_type argument in the location specified by the =item 106 * argument. 107 * The item is retrieved from the PAM context specified by the =pamh 108 * argument. 109 * The following item types are recognized: 110 * 111 * =PAM_SERVICE: 112 * The name of the requesting service. 113 * =PAM_USER: 114 * The name of the user the application is trying to 115 * authenticate. 116 * =PAM_TTY: 117 * The name of the current terminal. 118 * =PAM_RHOST: 119 * The name of the applicant's host. 120 * =PAM_CONV: 121 * A =struct pam_conv describing the current conversation 122 * function. 123 * =PAM_AUTHTOK: 124 * The current authentication token. 125 * =PAM_OLDAUTHTOK: 126 * The expired authentication token. 127 * =PAM_RUSER: 128 * The name of the applicant. 129 * =PAM_USER_PROMPT: 130 * The prompt to use when asking the applicant for a user 131 * name to authenticate as. 132 * =PAM_AUTHTOK_PROMPT: 133 * The prompt to use when asking the applicant for an 134 * authentication token. 135 * =PAM_OLDAUTHTOK_PROMPT: 136 * The prompt to use when asking the applicant for an 137 * expired authentication token prior to changing it. 138 * 139 * See =pam_start for a description of =struct pam_conv. 140 * 141 * >pam_set_item 142 */ 143