1*0d9d0fd8Schristos /* $NetBSD: openpam_features.c,v 1.4 2023/06/30 21:46:20 christos Exp $ */ 2201780c4Schristos 376e8c542Schristos /*- 44cb4af11Schristos * Copyright (c) 2012-2015 Dag-Erling Smørgrav 576e8c542Schristos * All rights reserved. 676e8c542Schristos * 776e8c542Schristos * Redistribution and use in source and binary forms, with or without 876e8c542Schristos * modification, are permitted provided that the following conditions 976e8c542Schristos * are met: 1076e8c542Schristos * 1. Redistributions of source code must retain the above copyright 1176e8c542Schristos * notice, this list of conditions and the following disclaimer. 1276e8c542Schristos * 2. Redistributions in binary form must reproduce the above copyright 1376e8c542Schristos * notice, this list of conditions and the following disclaimer in the 1476e8c542Schristos * documentation and/or other materials provided with the distribution. 1576e8c542Schristos * 3. The name of the author may not be used to endorse or promote 1676e8c542Schristos * products derived from this software without specific prior written 1776e8c542Schristos * permission. 1876e8c542Schristos * 1976e8c542Schristos * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 2076e8c542Schristos * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 2176e8c542Schristos * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 2276e8c542Schristos * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 2376e8c542Schristos * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 2476e8c542Schristos * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 2576e8c542Schristos * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 2676e8c542Schristos * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 2776e8c542Schristos * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 2876e8c542Schristos * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 2976e8c542Schristos * SUCH DAMAGE. 3076e8c542Schristos */ 3176e8c542Schristos 3276e8c542Schristos #ifdef HAVE_CONFIG_H 3376e8c542Schristos # include "config.h" 3476e8c542Schristos #endif 3576e8c542Schristos 36201780c4Schristos #include <sys/cdefs.h> 37*0d9d0fd8Schristos __RCSID("$NetBSD: openpam_features.c,v 1.4 2023/06/30 21:46:20 christos Exp $"); 38201780c4Schristos 3976e8c542Schristos #include <security/pam_appl.h> 4076e8c542Schristos 4176e8c542Schristos #include "openpam_impl.h" 4276e8c542Schristos 4376e8c542Schristos #define STRUCT_OPENPAM_FEATURE(name, descr, dflt) \ 4476e8c542Schristos [OPENPAM_##name] = { \ 4576e8c542Schristos "OPENPAM_" #name, \ 4676e8c542Schristos descr, \ 4776e8c542Schristos dflt \ 4876e8c542Schristos } 4976e8c542Schristos 5076e8c542Schristos struct openpam_feature openpam_features[OPENPAM_NUM_FEATURES] = { 5176e8c542Schristos STRUCT_OPENPAM_FEATURE( 5276e8c542Schristos RESTRICT_SERVICE_NAME, 5376e8c542Schristos "Disallow path separators in service names", 5476e8c542Schristos 1 5576e8c542Schristos ), 5676e8c542Schristos STRUCT_OPENPAM_FEATURE( 5776e8c542Schristos VERIFY_POLICY_FILE, 5876e8c542Schristos "Verify ownership and permissions of policy files", 5976e8c542Schristos 1 6076e8c542Schristos ), 6176e8c542Schristos STRUCT_OPENPAM_FEATURE( 6276e8c542Schristos RESTRICT_MODULE_NAME, 6376e8c542Schristos "Disallow path separators in module names", 6476e8c542Schristos 0 6576e8c542Schristos ), 6676e8c542Schristos STRUCT_OPENPAM_FEATURE( 6776e8c542Schristos VERIFY_MODULE_FILE, 6876e8c542Schristos "Verify ownership and permissions of module files", 6976e8c542Schristos 1 7076e8c542Schristos ), 714cb4af11Schristos STRUCT_OPENPAM_FEATURE( 724cb4af11Schristos FALLBACK_TO_OTHER, 734cb4af11Schristos "Fall back to \"other\" policy for empty chains", 744cb4af11Schristos 1 754cb4af11Schristos ), 7676e8c542Schristos }; 77