#define BUF_SIZE 1024
#define MODULE_CHUNK 4
#define UNKNOWN_MODULE_PATH "<*unknown module path*>"
+#ifndef _PAM_ISA
+#define _PAM_ISA "."
+#endif
static int _pam_assemble_line(FILE *f, char *buf, int buf_len);
, this_service));
tok = _pam_StrTok(NULL, " \n\t", &nexttok);
- if (!_pam_strCMP("auth", tok)) {
+ if (tok == NULL) {
+ /* module type does not exist */
+ D(("_pam_init_handlers: empty module type for %s", this_service));
+ _pam_system_log(LOG_ERR, "(%s) empty module type", this_service);
+ module_type = (requested_module_type != PAM_T_ANY) ?
+ requested_module_type : PAM_T_AUTH; /* most sensitive */
+ must_fail = 1; /* install as normal but fail when dispatched */
+ } else if (!_pam_strCMP("auth", tok)) {
module_type = PAM_T_AUTH;
} else if (!_pam_strCMP("session", tok)) {
module_type = PAM_T_SESS;
actions[i++] = _PAM_ACTION_UNDEF);
}
tok = _pam_StrTok(NULL, " \n\t", &nexttok);
- if (!_pam_strCMP("required", tok)) {
+ if (tok == NULL) {
+ /* no module name given */
+ D(("_pam_init_handlers: no control flag supplied"));
+ _pam_system_log(LOG_ERR,
+ "(%s) no control flag supplied", this_service);
+ _pam_set_default_control(actions, _PAM_ACTION_BAD);
+ must_fail = 1;
+ } else if (!_pam_strCMP("required", tok)) {
D(("*PAM_F_REQUIRED*"));
actions[PAM_SUCCESS] = _PAM_ACTION_OK;
actions[PAM_NEW_AUTHTOK_REQD] = _PAM_ACTION_OK;
}
D(("_pam_init_handlers: initializing"));
-
+
/* First clean the service structure */
_pam_free_handlers(pamh);
*/
{
struct stat test_d;
-
+
/* Is there a PAM_CONFIG_D directory? */
if ( stat(PAM_CONFIG_D, &test_d) == 0 && S_ISDIR(test_d.st_mode) ) {
char *filename;
#ifdef PAM_SHL
const char *_sym, *_sym2;
#endif
- char *mod_full_path=NULL;
+ char *mod_full_path=NULL, *mod_full_isa_path=NULL, *isa=NULL;
servicefn func, func2;
int success;
dlopen(mod_path, RTLD_NOW);
# endif /* PAM_SHL */
D(("_pam_add_handler: dlopen'ed"));
+ if (mod->dl_handle == NULL) {
+ if (strstr(mod_path, "$ISA")) {
+ mod_full_isa_path = malloc(strlen(mod_path) + strlen(_PAM_ISA) + 1);
+ if (mod_full_isa_path == NULL) {
+ D(("_pam_handler: couldn't get memory for mod_path"));
+ _pam_system_log(LOG_ERR, "no memory for module path");
+ success = PAM_ABORT;
+ } else {
+ strcpy(mod_full_isa_path, mod_path);
+ isa = strstr(mod_full_isa_path, "$ISA");
+ if (isa) {
+ memmove(isa + strlen(_PAM_ISA), isa + 4, strlen(isa + 4) + 1);
+ memmove(isa, _PAM_ISA, strlen(_PAM_ISA));
+ }
+ mod->dl_handle =
+# ifdef PAM_SHL
+ shl_load(mod_full_isa_path, BIND_IMMEDIATE, 0L);
+# else /* PAM_SHL */
+ dlopen(mod_full_isa_path, RTLD_NOW);
+# endif /* PAM_SHL */
+ _pam_drop(mod_full_isa_path);
+ }
+ }
+ }
if (mod->dl_handle == NULL) {
D(("_pam_add_handler: dlopen(%s) failed", mod_path));
_pam_system_log(LOG_ERR, "unable to dlopen(%s)", mod_path);
/* indicate its name - later we will search for it by this */
if ((mod->name = _pam_strdup(mod_path)) == NULL) {
D(("_pam_handler: couldn't get memory for mod_path"));
- _pam_system_log(LOG_ERR, "no memory for module path", mod_path);
+ _pam_system_log(LOG_ERR, "no memory for module path");
success = PAM_ABORT;
}
}
/* now identify this module's functions - for non-faulty modules */
-
+
#ifdef PAM_DYNAMIC
if ((mod->type == PAM_MT_DYNAMIC_MOD) &&
# ifdef PAM_SHL
}
/* Free all the handlers */
-
+
_pam_free_handlers_aux(&(pamh->handlers.conf.authenticate));
_pam_free_handlers_aux(&(pamh->handlers.conf.setcred));
_pam_free_handlers_aux(&(pamh->handlers.conf.acct_mgmt));
pamh->handlers.module = NULL;
/* initialize the .conf and .other entries */
-
+
pamh->handlers.conf.authenticate = NULL;
pamh->handlers.conf.setcred = NULL;
pamh->handlers.conf.acct_mgmt = NULL;