1*5ff07852Smrg /* $NetBSD: pam_deny.c,v 1.4 2013/10/19 22:57:46 mrg Exp $ */
2e7d22a2eSchristos
36f11bdf1Schristos /*-
46f11bdf1Schristos * Copyright 2001 Mark R V Murray
56f11bdf1Schristos * All rights reserved.
66f11bdf1Schristos *
76f11bdf1Schristos * Redistribution and use in source and binary forms, with or without
86f11bdf1Schristos * modification, are permitted provided that the following conditions
96f11bdf1Schristos * are met:
106f11bdf1Schristos * 1. Redistributions of source code must retain the above copyright
116f11bdf1Schristos * notice, this list of conditions and the following disclaimer.
126f11bdf1Schristos * 2. Redistributions in binary form must reproduce the above copyright
136f11bdf1Schristos * notice, this list of conditions and the following disclaimer in the
146f11bdf1Schristos * documentation and/or other materials provided with the distribution.
156f11bdf1Schristos *
166f11bdf1Schristos * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
176f11bdf1Schristos * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
186f11bdf1Schristos * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
196f11bdf1Schristos * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
206f11bdf1Schristos * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
216f11bdf1Schristos * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
226f11bdf1Schristos * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
236f11bdf1Schristos * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
246f11bdf1Schristos * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
256f11bdf1Schristos * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
266f11bdf1Schristos * SUCH DAMAGE.
276f11bdf1Schristos */
286f11bdf1Schristos
296f11bdf1Schristos #include <sys/cdefs.h>
30e7d22a2eSchristos #ifdef __FreeBSD__
316f11bdf1Schristos __FBSDID("$FreeBSD: src/lib/libpam/modules/pam_deny/pam_deny.c,v 1.9 2002/04/12 22:27:19 des Exp $");
32e7d22a2eSchristos #else
33*5ff07852Smrg __RCSID("$NetBSD: pam_deny.c,v 1.4 2013/10/19 22:57:46 mrg Exp $");
34e7d22a2eSchristos #endif
356f11bdf1Schristos
366f11bdf1Schristos #include <stddef.h>
373b0849f6Sperseant #include <string.h>
383b0849f6Sperseant #include <syslog.h>
396f11bdf1Schristos
406f11bdf1Schristos #define PAM_SM_AUTH
416f11bdf1Schristos #define PAM_SM_ACCOUNT
426f11bdf1Schristos #define PAM_SM_SESSION
436f11bdf1Schristos #define PAM_SM_PASSWORD
446f11bdf1Schristos
456f11bdf1Schristos #include <security/pam_appl.h>
466f11bdf1Schristos #include <security/pam_modules.h>
476f11bdf1Schristos
486f11bdf1Schristos PAM_EXTERN int
pam_sm_authenticate(pam_handle_t * pamh,int flags __unused,int argc __unused,const char * argv[]__unused)496f11bdf1Schristos pam_sm_authenticate(pam_handle_t *pamh, int flags __unused,
506f11bdf1Schristos int argc __unused, const char *argv[] __unused)
516f11bdf1Schristos {
526f11bdf1Schristos const char *user;
536f11bdf1Schristos int r;
546f11bdf1Schristos
556f11bdf1Schristos if ((r = pam_get_user(pamh, &user, NULL)) != PAM_SUCCESS)
566f11bdf1Schristos return (r);
576f11bdf1Schristos
586f11bdf1Schristos return (PAM_AUTH_ERR);
596f11bdf1Schristos }
606f11bdf1Schristos
616f11bdf1Schristos PAM_EXTERN int
pam_sm_setcred(pam_handle_t * pamh __unused,int flags __unused,int argc __unused,const char * argv[]__unused)626f11bdf1Schristos pam_sm_setcred(pam_handle_t *pamh __unused, int flags __unused,
636f11bdf1Schristos int argc __unused, const char *argv[] __unused)
646f11bdf1Schristos {
656f11bdf1Schristos
663b0849f6Sperseant return (PAM_CRED_ERR);
676f11bdf1Schristos }
686f11bdf1Schristos
696f11bdf1Schristos PAM_EXTERN int
pam_sm_acct_mgmt(pam_handle_t * pamh __unused,int flags __unused,int argc __unused,const char * argv[]__unused)706f11bdf1Schristos pam_sm_acct_mgmt(pam_handle_t *pamh __unused, int flags __unused,
716f11bdf1Schristos int argc __unused, const char *argv[] __unused)
726f11bdf1Schristos {
736f11bdf1Schristos
746f11bdf1Schristos return (PAM_AUTH_ERR);
756f11bdf1Schristos }
766f11bdf1Schristos
776f11bdf1Schristos PAM_EXTERN int
pam_sm_chauthtok(pam_handle_t * pamh __unused,int flags,int argc,const char * argv[])783b0849f6Sperseant pam_sm_chauthtok(pam_handle_t *pamh __unused, int flags,
793b0849f6Sperseant int argc, const char *argv[])
806f11bdf1Schristos {
81*5ff07852Smrg int prelim_ignore = 0;
823b0849f6Sperseant int i;
836f11bdf1Schristos
843b0849f6Sperseant for (i = 0; i < argc; i++) {
853b0849f6Sperseant if (strcmp(argv[i], "prelim_ignore") == 0)
863b0849f6Sperseant prelim_ignore = 1;
873b0849f6Sperseant else if (strcmp(argv[i], "debug") == 0)
88*5ff07852Smrg /* nothing */;
893b0849f6Sperseant else
903b0849f6Sperseant syslog(LOG_ERR, "illegal option %s", argv[i]);
913b0849f6Sperseant }
923b0849f6Sperseant
933b0849f6Sperseant if (flags & PAM_PRELIM_CHECK && prelim_ignore)
943b0849f6Sperseant return (PAM_IGNORE);
953b0849f6Sperseant else
963b0849f6Sperseant return (PAM_AUTHTOK_ERR);
976f11bdf1Schristos }
986f11bdf1Schristos
996f11bdf1Schristos PAM_EXTERN int
pam_sm_open_session(pam_handle_t * pamh __unused,int flags __unused,int argc __unused,const char * argv[]__unused)1006f11bdf1Schristos pam_sm_open_session(pam_handle_t *pamh __unused, int flags __unused,
1016f11bdf1Schristos int argc __unused, const char *argv[] __unused)
1026f11bdf1Schristos {
1036f11bdf1Schristos
1043b0849f6Sperseant return (PAM_SESSION_ERR);
1056f11bdf1Schristos }
1066f11bdf1Schristos
1076f11bdf1Schristos PAM_EXTERN int
pam_sm_close_session(pam_handle_t * pamh __unused,int flags __unused,int argc __unused,const char * argv[]__unused)1086f11bdf1Schristos pam_sm_close_session(pam_handle_t *pamh __unused, int flags __unused,
1096f11bdf1Schristos int argc __unused, const char *argv[] __unused)
1106f11bdf1Schristos {
1116f11bdf1Schristos
1123b0849f6Sperseant return (PAM_SESSION_ERR);
1136f11bdf1Schristos }
1146f11bdf1Schristos
1156f11bdf1Schristos PAM_MODULE_ENTRY("pam_deny");
116