diff options
Diffstat (limited to 'pam-util/logging.h')
| -rw-r--r-- | pam-util/logging.h | 131 |
1 files changed, 131 insertions, 0 deletions
diff --git a/pam-util/logging.h b/pam-util/logging.h new file mode 100644 index 000000000000..bf95ea520ae2 --- /dev/null +++ b/pam-util/logging.h @@ -0,0 +1,131 @@ +/* + * Interface to standard PAM logging. + * + * The canonical version of this file is maintained in the rra-c-util package, + * which can be found at <https://www.eyrie.org/~eagle/software/rra-c-util/>. + * + * Written by Russ Allbery <eagle@eyrie.org> + * Copyright 2020 Russ Allbery <eagle@eyrie.org> + * Copyright 2006-2010, 2012-2013 + * The Board of Trustees of the Leland Stanford Junior University + * + * Permission is hereby granted, free of charge, to any person obtaining a + * copy of this software and associated documentation files (the "Software"), + * to deal in the Software without restriction, including without limitation + * the rights to use, copy, modify, merge, publish, distribute, sublicense, + * and/or sell copies of the Software, and to permit persons to whom the + * Software is furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL + * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER + * DEALINGS IN THE SOFTWARE. + * + * SPDX-License-Identifier: MIT + */ + +#ifndef PAM_UTIL_LOGGING_H +#define PAM_UTIL_LOGGING_H 1 + +#include <config.h> +#include <portable/macros.h> +#ifdef HAVE_KRB5 +# include <portable/krb5.h> +#endif +#include <portable/pam.h> + +#include <stddef.h> +#include <syslog.h> + +/* Forward declarations to avoid extra includes. */ +struct pam_args; + +BEGIN_DECLS + +/* Default to a hidden visibility for all internal functions. */ +#pragma GCC visibility push(hidden) + +/* + * Error reporting and debugging functions. For each log level, there are two + * functions. The _log function just prints out the message it's given. The + * _log_pam function does the same but appends the pam_strerror results for + * the provided status code if it is not PAM_SUCCESS. + */ +void putil_crit(struct pam_args *, const char *, ...) + __attribute__((__format__(printf, 2, 3))); +void putil_crit_pam(struct pam_args *, int, const char *, ...) + __attribute__((__format__(printf, 3, 4))); +void putil_err(struct pam_args *, const char *, ...) + __attribute__((__format__(printf, 2, 3))); +void putil_err_pam(struct pam_args *, int, const char *, ...) + __attribute__((__format__(printf, 3, 4))); +void putil_notice(struct pam_args *, const char *, ...) + __attribute__((__format__(printf, 2, 3))); +void putil_notice_pam(struct pam_args *, int, const char *, ...) + __attribute__((__format__(printf, 3, 4))); +void putil_debug(struct pam_args *, const char *, ...) + __attribute__((__format__(printf, 2, 3))); +void putil_debug_pam(struct pam_args *, int, const char *, ...) + __attribute__((__format__(printf, 3, 4))); + +/* + * The Kerberos versions of the PAM logging and debugging functions, which + * report the last Kerberos error. These are only available if built with + * Kerberos support. + */ +#ifdef HAVE_KRB5 +void putil_crit_krb5(struct pam_args *, int, const char *, ...) + __attribute__((__format__(printf, 3, 4))); +void putil_err_krb5(struct pam_args *, int, const char *, ...) + __attribute__((__format__(printf, 3, 4))); +void putil_notice_krb5(struct pam_args *, int, const char *, ...) + __attribute__((__format__(printf, 3, 4))); +void putil_debug_krb5(struct pam_args *, int, const char *, ...) + __attribute__((__format__(printf, 3, 4))); +#endif + +/* Log entry to a PAM function. */ +void putil_log_entry(struct pam_args *, const char *, int flags) + __attribute__((__nonnull__)); + +/* Log an authentication failure. */ +void putil_log_failure(struct pam_args *, const char *, ...) + __attribute__((__nonnull__, __format__(printf, 2, 3))); + +/* Undo default visibility change. */ +#pragma GCC visibility pop + +END_DECLS + +/* __func__ is C99, but not provided by all implementations. */ +#if (__STDC_VERSION__ < 199901L) && !defined(__func__) +# if (__GNUC__ >= 2) +# define __func__ __FUNCTION__ +# else +# define __func__ "<unknown>" +# endif +#endif + +/* Macros to record entry and exit from the main PAM functions. */ +#define ENTRY(args, flags) \ + do { \ + if (args->debug) \ + putil_log_entry((args), __func__, (flags)); \ + } while (0) +#define EXIT(args, pamret) \ + do { \ + if (args != NULL && args->debug) \ + pam_syslog( \ + (args)->pamh, LOG_DEBUG, "%s: exit (%s)", __func__, \ + ((pamret) == PAM_SUCCESS) \ + ? "success" \ + : (((pamret) == PAM_IGNORE) ? "ignore" : "failure")); \ + } while (0) + +#endif /* !PAM_UTIL_LOGGING_H */ |