pam_vbox.cpp@ 94184

Last change on this file since 94184 was 94184, checked in by vboxsync, 3 years ago
Main: Guest Properties: notify lesteners that property was deleted (additional fixes in r150441, r150442, r150443, r150445), bugref:10185.
Property svn:eol-style set to `native` Property svn:keywords set to `Author Date Id Revision`
File size: 30.3 KB

Line
1	/* $Id: pam_vbox.cpp 94184 2022-03-11 18:24:17Z vboxsync $ */
2	/** @file
3	* pam_vbox - PAM module for auto logons.
4	*/
5
6	/*
7	* Copyright (C) 2008-2022 Oracle Corporation
8	*
9	* This file is part of VirtualBox Open Source Edition (OSE), as
10	* available from http://www.virtualbox.org. This file is free software;
11	* you can redistribute it and/or modify it under the terms of the GNU
12	* General Public License (GPL) as published by the Free Software
13	* Foundation, in version 2 as it comes in the "COPYING" file of the
14	* VirtualBox OSE distribution. VirtualBox OSE is distributed in the
15	* hope that it will be useful, but WITHOUT ANY WARRANTY of any kind.
16	*/
17
18
19	/*********************************************************************************************************************************
20	* Header Files *
21	*********************************************************************************************************************************/
22	#define PAM_SM_AUTH
23	#define PAM_SM_ACCOUNT
24	#define PAM_SM_PASSWORD
25	#define PAM_SM_SESSION
26
27	#ifdef DEBUG
28	# define PAM_DEBUG
29	#endif
30
31	#include <security/pam_appl.h>
32	#ifdef RT_OS_LINUX
33	# include <security/_pam_macros.h>
34	#endif
35
36	#include <pwd.h>
37	#include <syslog.h>
38	#include <stdlib.h>
39
40	#include <iprt/assert.h>
41	#include <iprt/buildconfig.h>
42	#include <iprt/err.h>
43	#include <iprt/env.h>
44	#include <iprt/initterm.h>
45	#include <iprt/mem.h>
46	#include <iprt/stream.h>
47	#include <iprt/string.h>
48	#include <iprt/thread.h>
49	#include <iprt/time.h>
50
51	#include <VBox/VBoxGuestLib.h>
52
53	#include <VBox/log.h>
54	#include <VBox/HostServices/GuestPropertySvc.h>
55
56	#define VBOX_MODULE_NAME "pam_vbox"
57
58	#define VBOX_PAM_FLAG_SILENT "PAM_SILENT"
59	#define VBOX_PAM_FLAG_DISALLOW_NULL_AUTHTOK "PAM_DISALLOW_NULL_AUTHTOK"
60	#define VBOX_PAM_FLAG_ESTABLISH_CRED "PAM_ESTABLISH_CRED"
61	#define VBOX_PAM_FLAG_DELETE_CRED "PAM_DELETE_CRED"
62	#define VBOX_PAM_FLAG_REINITIALIZE_CRED "PAM_REINITIALIZE_CRED"
63	#define VBOX_PAM_FLAG_REFRESH_CRED "PAM_REFRESH_CRED"
64
65	RT_C_DECLS_BEGIN
66	DECLEXPORT(int) pam_sm_authenticate(pam_handle_t hPAM, int iFlags, int argc, const char *argv);
67	DECLEXPORT(int) pam_sm_setcred(pam_handle_t hPAM, int iFlags, int argc, const char *argv);
68	DECLEXPORT(int) pam_sm_acct_mgmt(pam_handle_t hPAM, int iFlags, int argc, const char *argv);
69	DECLEXPORT(int) pam_sm_open_session(pam_handle_t hPAM, int iFlags, int argc, const char *argv);
70	DECLEXPORT(int) pam_sm_close_session(pam_handle_t hPAM, int iFlags, int argc, const char *argv);
71	DECLEXPORT(int) pam_sm_chauthtok(pam_handle_t hPAM, int iFlags, int argc, const char *argv);
72	RT_C_DECLS_END
73
74	/** For debugging. */
75	#ifdef DEBUG
76	static pam_handle_t *g_pam_handle;
77	static int g_verbosity = 99;
78	#else
79	static int g_verbosity = 0;
80	#endif
81
82	/**
83	* User-provided thread data for the credentials waiting thread.
84	*/
85	typedef struct PAMVBOXTHREAD
86	{
87	/** The PAM handle. */
88	pam_handle_t *hPAM;
89	/** The timeout (in ms) to wait for credentials. */
90	uint32_t uTimeoutMS;
91	/** The overall result of the thread operation. */
92	int rc;
93	} PAMVBOXTHREAD, *PPAMVBOXTHREAD;
94
95	/**
96	* Write to system log.
97	*
98	* @param pszBuf Buffer to write to the log (NULL-terminated)
99	*/
100	static void pam_vbox_writesyslog(char *pszBuf)
101	{
102	#ifdef RT_OS_LINUX
103	openlog("pam_vbox", LOG_PID, LOG_AUTHPRIV);
104	syslog(LOG_ERR, "%s", pszBuf);
105	closelog();
106	#elif defined(RT_OS_SOLARIS)
107	syslog(LOG_ERR, "pam_vbox: %s\n", pszBuf);
108	#endif
109	}
110
111
112	/**
113	* Displays an error message.
114	*
115	* @param hPAM PAM handle.
116	* @param pszFormat The message text.
117	* @param ... Format arguments.
118	*/
119	static void pam_vbox_error(pam_handle_t hPAM, const char pszFormat, ...)
120	{
121	RT_NOREF1(hPAM);
122	va_list va;
123	char *buf;
124	va_start(va, pszFormat);
125	if (RT_SUCCESS(RTStrAPrintfV(&buf, pszFormat, va)))
126	{
127	LogRel(("%s: Error: %s", VBOX_MODULE_NAME, buf));
128	pam_vbox_writesyslog(buf);
129	RTStrFree(buf);
130	}
131	va_end(va);
132	}
133
134
135	/**
136	* Displays a debug message.
137	*
138	* @param hPAM PAM handle.
139	* @param pszFormat The message text.
140	* @param ... Format arguments.
141	*/
142	static void pam_vbox_log(pam_handle_t hPAM, const char pszFormat, ...)
143	{
144	RT_NOREF1(hPAM);
145	if (g_verbosity)
146	{
147	va_list va;
148	char *buf;
149	va_start(va, pszFormat);
150	if (RT_SUCCESS(RTStrAPrintfV(&buf, pszFormat, va)))
151	{
152	/* Only do normal logging in debug mode; could contain
153	* sensitive data! */
154	LogRel(("%s: %s", VBOX_MODULE_NAME, buf));
155	/* Log to syslog */
156	pam_vbox_writesyslog(buf);
157	RTStrFree(buf);
158	}
159	va_end(va);
160	}
161	}
162
163
164	/**
165	* Sets a message using PAM's conversation function.
166	*
167	* @return IPRT status code.
168	* @param hPAM PAM handle.
169	* @param iStyle Style of message (0 = Information, 1 = Prompt
170	* echo off, 2 = Prompt echo on, 3 = Error).
171	* @param pszText Message text to set.
172	*/
173	static int vbox_set_msg(pam_handle_t hPAM, int iStyle, const char pszText)
174	{
175	AssertPtrReturn(hPAM, VERR_INVALID_POINTER);
176	AssertPtrReturn(pszText, VERR_INVALID_POINTER);
177
178	if (!iStyle)
179	iStyle = PAM_TEXT_INFO;
180
181	int rc = VINF_SUCCESS;
182
183	pam_message msg;
184	msg.msg_style = iStyle;
185	#ifdef RT_OS_SOLARIS
186	msg.msg = (char*)pszText;
187	#else
188	msg.msg = pszText;
189	#endif
190
191	#ifdef RT_OS_SOLARIS
192	pam_conv *conv = NULL;
193	int pamrc = pam_get_item(hPAM, PAM_CONV, (void **)&conv);
194	#else
195	const pam_conv *conv = NULL;
196	int pamrc = pam_get_item(hPAM, PAM_CONV, (const void **)&conv);
197	#endif
198	if ( pamrc == PAM_SUCCESS
199	&& conv)
200	{
201	pam_response *resp = NULL;
202	#ifdef RT_OS_SOLARIS
203	pam_message *msg_p = &msg;
204	#else
205	const pam_message *msg_p = &msg;
206	#endif
207	pam_vbox_log(hPAM, "Showing message \"%s\" (type %d)", pszText, iStyle);
208
209	pamrc = conv->conv(1 /* One message only */, &msg_p, &resp, conv->appdata_ptr);
210	if (resp != NULL) /* If we use PAM_TEXT_INFO we never will get something back! */
211	{
212	if (resp->resp)
213	{
214	pam_vbox_log(hPAM, "Response to message \"%s\" was \"%s\"",
215	pszText, resp->resp);
216	/** @todo Save response! */
217	free(resp->resp);
218	}
219	free(resp);
220	}
221	}
222	else
223	rc = VERR_NOT_FOUND;
224	return rc;
225	}
226
227
228	/**
229	* Initializes pam_vbox.
230	*
231	* @return IPRT status code.
232	* @param hPAM PAM handle.
233	*/
234	static int pam_vbox_init(pam_handle_t *hPAM)
235	{
236	#ifdef DEBUG
237	g_pam_handle = hPAM; /* hack for getting assertion text */
238	#endif
239
240	/* Don't make assertions panic because the PAM stack +
241	* the current logon module won't work anymore (or just restart).
242	* This could result in not able to log into the system anymore. */
243	RTAssertSetMayPanic(false);
244
245	pam_vbox_log(hPAM, "pam_vbox: %sr%s, running on %s\n",
246	RTBldCfgVersion(), RTBldCfgRevisionStr(), RTBldCfgTargetArch());
247
248	int rc = RTR3InitDll(0);
249	if (RT_FAILURE(rc))
250	{
251	pam_vbox_error(hPAM, "pam_vbox_init: could not init runtime! rc=%Rrc. Aborting\n", rc);
252	return PAM_SUCCESS; /* Jump out as early as we can to not mess around. */
253	}
254
255	pam_vbox_log(hPAM, "pam_vbox_init: runtime initialized\n");
256	if (RT_SUCCESS(rc))
257	{
258	rc = VbglR3InitUser();
259	if (RT_FAILURE(rc))
260	{
261	switch(rc)
262	{
263	case VERR_ACCESS_DENIED:
264	pam_vbox_error(hPAM, "pam_vbox_init: access is denied to guest driver! Please make sure you run with sufficient rights. Aborting\n");
265	break;
266
267	case VERR_FILE_NOT_FOUND:
268	pam_vbox_error(hPAM, "pam_vbox_init: guest driver not found! Guest Additions installed? Aborting\n");
269	break;
270
271	default:
272	pam_vbox_error(hPAM, "pam_vbox_init: could not init VbglR3 library! rc=%Rrc. Aborting\n", rc);
273	break;
274	}
275	}
276	pam_vbox_log(hPAM, "pam_vbox_init: guest lib initialized\n");
277	}
278
279	if (RT_SUCCESS(rc))
280	{
281	char *rhost = NULL;
282	char *tty = NULL;
283	char *prompt = NULL;
284	#ifdef RT_OS_SOLARIS
285	pam_get_item(hPAM, PAM_RHOST, (void**) &rhost);
286	pam_get_item(hPAM, PAM_TTY, (void**) &tty);
287	pam_get_item(hPAM, PAM_USER_PROMPT, (void**) &prompt);
288	#else
289	pam_get_item(hPAM, PAM_RHOST, (const void**) &rhost);
290	pam_get_item(hPAM, PAM_TTY, (const void**) &tty);
291	pam_get_item(hPAM, PAM_USER_PROMPT, (const void**) &prompt);
292	#endif
293	pam_vbox_log(hPAM, "pam_vbox_init: rhost=%s, tty=%s, prompt=%s\n",
294	rhost ? rhost : "<none>", tty ? tty : "<none>", prompt ? prompt : "<none>");
295	}
296
297	return rc;
298	}
299
300
301	/**
302	* Shuts down pam_vbox.
303	*
304	* @return IPRT status code.
305	* @param hPAM PAM handle.
306	*/
307	static void pam_vbox_shutdown(pam_handle_t *hPAM)
308	{
309	RT_NOREF1(hPAM);
310	VbglR3Term();
311	}
312
313
314	/**
315	* Checks for credentials provided by the host / HGCM.
316	*
317	* @return IPRT status code. VERR_NOT_FOUND if no credentials are available,
318	* VINF_SUCCESS on successful retrieval or another IPRT error.
319	* @param hPAM PAM handle.
320	*/
321	static int pam_vbox_check_creds(pam_handle_t *hPAM)
322	{
323	int rc = VbglR3CredentialsQueryAvailability();
324	if (RT_FAILURE(rc))
325	{
326	if (rc != VERR_NOT_FOUND)
327	pam_vbox_error(hPAM, "pam_vbox_check_creds: could not query for credentials! rc=%Rrc. Aborting\n", rc);
328	#ifdef DEBUG
329	else
330	pam_vbox_log(hPAM, "pam_vbox_check_creds: no credentials available\n");
331	#endif
332	}
333	else
334	{
335	char *pszUsername;
336	char *pszPassword;
337	char *pszDomain;
338
339	rc = VbglR3CredentialsRetrieve(&pszUsername, &pszPassword, &pszDomain);
340	if (RT_FAILURE(rc))
341	{
342	pam_vbox_error(hPAM, "pam_vbox_check_creds: could not retrieve credentials! rc=%Rrc. Aborting\n", rc);
343	}
344	else
345	{
346	#ifdef DEBUG
347	pam_vbox_log(hPAM, "pam_vbox_check_creds: credentials retrieved: user=%s, password=%s, domain=%s\n",
348	pszUsername, pszPassword, pszDomain);
349	#else
350	/* Don't log passwords in release mode! */
351	pam_vbox_log(hPAM, "pam_vbox_check_creds: credentials retrieved: user=%s, password=XXX, domain=%s\n",
352	pszUsername, pszDomain);
353	#endif
354	/* Fill credentials into PAM. */
355	int pamrc = pam_set_item(hPAM, PAM_USER, pszUsername);
356	if (pamrc != PAM_SUCCESS)
357	{
358	pam_vbox_error(hPAM, "pam_vbox_check_creds: could not set user name! pamrc=%d, msg=%s. Aborting\n",
359	pamrc, pam_strerror(hPAM, pamrc));
360	}
361	else
362	{
363	pamrc = pam_set_item(hPAM, PAM_AUTHTOK, pszPassword);
364	if (pamrc != PAM_SUCCESS)
365	pam_vbox_error(hPAM, "pam_vbox_check_creds: could not set password! pamrc=%d, msg=%s. Aborting\n",
366	pamrc, pam_strerror(hPAM, pamrc));
367
368	}
369	/** @todo Add handling domains as well. */
370	VbglR3CredentialsDestroy(pszUsername, pszPassword, pszDomain,
371	3 /* Three wipe passes */);
372	pam_vbox_log(hPAM, "pam_vbox_check_creds: returned with pamrc=%d, msg=%s\n",
373	pamrc, pam_strerror(hPAM, pamrc));
374	}
375	}
376
377	#ifdef DEBUG
378	pam_vbox_log(hPAM, "pam_vbox_check_creds: returned with rc=%Rrc\n", rc);
379	#endif
380	return rc;
381	}
382
383	/**
384	* Reads a guest property.
385	*
386	* @return IPRT status code.
387	* @param hPAM PAM handle.
388	* @param uClientID Guest property service client ID.
389	* @param pszKey Key (name) of guest property to read.
390	* @param fReadOnly Indicates whether this key needs to be
391	* checked if it only can be read (and not written)
392	* by the guest.
393	* @param pszValue Buffer where to store the key's value.
394	* @param cbValue Size of buffer (in bytes).
395	*/
396	static int pam_vbox_read_prop(pam_handle_t *hPAM, uint32_t uClientID,
397	const char *pszKey, bool fReadOnly,
398	char *pszValue, size_t cbValue)
399	{
400	AssertPtrReturn(hPAM, VERR_INVALID_POINTER);
401	AssertReturn(uClientID, VERR_INVALID_PARAMETER);
402	AssertPtrReturn(pszKey, VERR_INVALID_POINTER);
403	AssertPtrReturn(pszValue, VERR_INVALID_POINTER);
404
405	int rc;
406
407	uint64_t u64Timestamp = 0;
408	char *pszValTemp;
409	char *pszFlags = NULL;
410	/* The buffer for storing the data and its initial size. We leave a bit
411	* of space here in case the maximum values are raised. */
412	void *pvBuf = NULL;
413	uint32_t cbBuf = GUEST_PROP_MAX_VALUE_LEN + GUEST_PROP_MAX_FLAGS_LEN + _1K;
414
415	/* Because there is a race condition between our reading the size of a
416	* property and the guest updating it, we loop a few times here and
417	* hope. Actually this should never go wrong, as we are generous
418	* enough with buffer space. */
419	for (unsigned i = 0; i < 10; i++)
420	{
421	void *pvTmpBuf = RTMemRealloc(pvBuf, cbBuf);
422	if (pvTmpBuf)
423	{
424	pvBuf = pvTmpBuf;
425	rc = VbglR3GuestPropRead(uClientID, pszKey, pvBuf, cbBuf,
426	&pszValTemp, &u64Timestamp, &pszFlags,
427	&cbBuf);
428	}
429	else
430	rc = VERR_NO_MEMORY;
431
432	switch (rc)
433	{
434	case VERR_BUFFER_OVERFLOW:
435	{
436	/* Buffer too small, try it with a bigger one next time. */
437	cbBuf += _1K;
438	continue; /* Try next round. */
439	}
440
441	default:
442	break;
443	}
444
445	/* Everything except VERR_BUFFER_OVERLOW makes us bail out ... */
446	break;
447	}
448
449	if (RT_SUCCESS(rc))
450	{
451	/* Check security bits. */
452	if (pszFlags)
453	{
454	if ( fReadOnly
455	&& !RTStrStr(pszFlags, "RDONLYGUEST"))
456	{
457	/* If we want a property which is read-only on the guest
458	* and it is not marked as such, deny access! */
459	pam_vbox_error(hPAM, "pam_vbox_read_prop: key \"%s\" should be read-only on guest but it is not\n",
460	pszKey);
461	rc = VERR_ACCESS_DENIED;
462	}
463	}
464	else /* No flags, no access! */
465	{
466	pam_vbox_error(hPAM, "pam_vbox_read_prop: key \"%s\" contains no/wrong flags (%s)\n",
467	pszKey, pszFlags);
468	rc = VERR_ACCESS_DENIED;
469	}
470
471	if (RT_SUCCESS(rc))
472	{
473	/* If everything went well copy property value to our destination buffer. */
474	if (!RTStrPrintf(pszValue, cbValue, "%s", pszValTemp))
475	{
476	pam_vbox_error(hPAM, "pam_vbox_read_prop: could not store value of key \"%s\"\n",
477	pszKey);
478	rc = VERR_INVALID_PARAMETER;
479	}
480
481	if (RT_SUCCESS(rc))
482	pam_vbox_log(hPAM, "pam_vbox_read_prop: read key \"%s\"=\"%s\"\n",
483	pszKey, pszValue);
484	}
485	}
486
487	pam_vbox_log(hPAM, "pam_vbox_read_prop: read key \"%s\" with rc=%Rrc\n",
488	pszKey, rc);
489	return rc;
490	}
491
492
493	/**
494	* Waits for a guest property to be changed.
495	*
496	* @return IPRT status code.
497	* @param hPAM PAM handle.
498	* @param uClientID Guest property service client ID.
499	* @param pszKey Key (name) of guest property to wait for.
500	* @param uTimeoutMS Timeout (in ms) to wait for the change. Specify
501	* RT_INDEFINITE_WAIT to wait indefinitly.
502	*/
503	static int pam_vbox_wait_prop(pam_handle_t *hPAM, uint32_t uClientID,
504	const char *pszKey, uint32_t uTimeoutMS)
505	{
506	AssertPtrReturn(hPAM, VERR_INVALID_POINTER);
507	AssertReturn(uClientID, VERR_INVALID_PARAMETER);
508	AssertPtrReturn(pszKey, VERR_INVALID_POINTER);
509
510	int rc;
511
512	/* The buffer for storing the data and its initial size. We leave a bit
513	* of space here in case the maximum values are raised. */
514	void *pvBuf = NULL;
515	uint32_t cbBuf = GUEST_PROP_MAX_NAME_LEN + GUEST_PROP_MAX_VALUE_LEN + GUEST_PROP_MAX_FLAGS_LEN + _1K;
516
517	for (int i = 0; i < 10; i++)
518	{
519	void *pvTmpBuf = RTMemRealloc(pvBuf, cbBuf);
520	if (pvTmpBuf)
521	{
522	char *pszName = NULL;
523	char *pszValue = NULL;
524	uint64_t u64TimestampOut = 0;
525	char *pszFlags = NULL;
526
527	pvBuf = pvTmpBuf;
528	rc = VbglR3GuestPropWait(uClientID, pszKey, pvBuf, cbBuf,
529	0 /* Last timestamp; just wait for next event */, uTimeoutMS,
530	&pszName, &pszValue, &u64TimestampOut,
531	&pszFlags, &cbBuf, NULL /* pfWasDeleted */);
532	}
533	else
534	rc = VERR_NO_MEMORY;
535
536	if (rc == VERR_BUFFER_OVERFLOW)
537	{
538	/* Buffer too small, try it with a bigger one next time. */
539	cbBuf += _1K;
540	continue; /* Try next round. */
541	}
542
543	/* Everything except VERR_BUFFER_OVERLOW makes us bail out ... */
544	break;
545	}
546
547	return rc;
548	}
549
550	/**
551	* Thread function waiting for credentials to arrive.
552	*
553	* @return IPRT status code.
554	* @param hThreadSelf Thread handle.
555	* @param pvUser Pointer to a PAMVBOXTHREAD structure providing
556	* required data used / set by the thread.
557	*/
558	static DECLCALLBACK(int) pam_vbox_wait_thread(RTTHREAD hThreadSelf, void *pvUser)
559	{
560	RT_NOREF1(hThreadSelf);
561	PPAMVBOXTHREAD pUserData = (PPAMVBOXTHREAD)pvUser;
562	AssertPtr(pUserData);
563
564	int rc = VINF_SUCCESS;
565	/* Get current time stamp to later calculate rest of timeout left. */
566	uint64_t u64StartMS = RTTimeMilliTS();
567
568	uint32_t uClientID = 0;
569	rc = VbglR3GuestPropConnect(&uClientID);
570	if (RT_FAILURE(rc))
571	{
572	pam_vbox_error(pUserData->hPAM, "pam_vbox_wait_thread: Unable to connect to guest property service, rc=%Rrc\n", rc);
573	}
574	else
575	{
576	pam_vbox_log(pUserData->hPAM, "pam_vbox_wait_thread: clientID=%u\n", uClientID);
577
578	for (;;)
579	{
580
581	if (uClientID)
582	{
583	rc = pam_vbox_wait_prop(pUserData->hPAM, uClientID,
584	"/VirtualBox/GuestAdd/PAM/CredsWaitAbort",
585	500 /* Wait 500ms, same as VBoxGINA/VBoxCredProv. */);
586	switch (rc)
587	{
588	case VINF_SUCCESS:
589	/* Somebody (guest/host) wants to abort waiting for credentials. */
590	break;
591
592	case VERR_INTERRUPTED:
593	pam_vbox_error(pUserData->hPAM, "pam_vbox_wait_thread: The abort notification request timed out or was interrupted\n");
594	break;
595
596	case VERR_TIMEOUT:
597	/* We did not receive an abort message within time. */
598	break;
599
600	case VERR_TOO_MUCH_DATA:
601	pam_vbox_error(pUserData->hPAM, "pam_vbox_wait_thread: Temporarily unable to get abort notification\n");
602	break;
603
604	default:
605	pam_vbox_error(pUserData->hPAM, "pam_vbox_wait_thread: The abort notification request failed with rc=%Rrc\n", rc);
606	break;
607	}
608
609	if (RT_SUCCESS(rc)) /* Abort waiting. */
610	{
611	pam_vbox_log(pUserData->hPAM, "pam_vbox_wait_thread: Got notification to abort waiting\n");
612	rc = VERR_CANCELLED;
613	break;
614	}
615	}
616
617	if ( RT_SUCCESS(rc)
618	\|\| rc == VERR_TIMEOUT)
619	{
620	rc = pam_vbox_check_creds(pUserData->hPAM);
621	if (RT_SUCCESS(rc))
622	{
623	/* Credentials retrieved. */
624	break; /* Thread no longer is required, bail out. */
625	}
626	else if (rc == VERR_NOT_FOUND)
627	{
628	/* No credentials found, but try next round (if there's
629	* time left for) ... */
630	RTThreadSleep(500); /* Wait 500 ms. */
631	}
632	else
633	break; /* Something bad happend ... */
634	}
635	else
636	break;
637
638	/* Calculate timeout value left after process has been started. */
639	uint64_t u64Elapsed = RTTimeMilliTS() - u64StartMS;
640	/* Is it time to bail out? */
641	if (pUserData->uTimeoutMS < u64Elapsed)
642	{
643	pam_vbox_log(pUserData->hPAM, "pam_vbox_wait_thread: Waiting thread has reached timeout (%dms), exiting ...\n",
644	pUserData->uTimeoutMS);
645	rc = VERR_TIMEOUT;
646	break;
647	}
648	}
649	}
650	VbglR3GuestPropDisconnect(uClientID);
651
652	/* Save result. */
653	pUserData->rc = rc; /** @todo Use ASMAtomicXXX? */
654
655	int rc2 = RTThreadUserSignal(RTThreadSelf());
656	AssertRC(rc2);
657
658	pam_vbox_log(pUserData->hPAM, "pam_vbox_wait_thread: Waiting thread returned with rc=%Rrc\n", rc);
659	return rc;
660	}
661
662	/**
663	* Waits for credentials to arrive by creating and waiting for a thread.
664	*
665	* @return IPRT status code.
666	* @param hPAM PAM handle.
667	* @param uClientID Guest property service client ID.
668	* @param uTimeoutMS Timeout (in ms) to wait for the change. Specify
669	* RT_INDEFINITE_WAIT to wait indefinitly.
670	*/
671	static int pam_vbox_wait_for_creds(pam_handle_t *hPAM, uint32_t uClientID, uint32_t uTimeoutMS)
672	{
673	RT_NOREF1(uClientID);
674	PAMVBOXTHREAD threadData;
675	threadData.hPAM = hPAM;
676	threadData.uTimeoutMS = uTimeoutMS;
677
678	RTTHREAD threadWait;
679	int rc = RTThreadCreate(&threadWait, pam_vbox_wait_thread,
680	(void *)&threadData, 0,
681	RTTHREADTYPE_DEFAULT, 0 /* Flags */, "pam_vbox");
682	if (RT_SUCCESS(rc))
683	{
684	pam_vbox_log(hPAM, "pam_vbox_wait_for_creds: Waiting for credentials (%dms) ...\n", uTimeoutMS);
685	/* Wait for thread to initialize. */
686	/** @todo We can do something else here in the meantime later. */
687	rc = RTThreadUserWait(threadWait, RT_INDEFINITE_WAIT);
688	if (RT_SUCCESS(rc))
689	rc = threadData.rc; /* Get back thread result to take further actions. */
690	}
691	else
692	pam_vbox_error(hPAM, "pam_vbox_wait_for_creds: Creating thread failed with rc=%Rrc\n", rc);
693
694	pam_vbox_log(hPAM, "pam_vbox_wait_for_creds: Waiting for credentials returned with rc=%Rrc\n", rc);
695	return rc;
696	}
697
698	DECLEXPORT(int) pam_sm_authenticate(pam_handle_t hPAM, int iFlags, int argc, const char *argv)
699	{
700	RT_NOREF1(iFlags);
701
702	/* Parse arguments. */
703	for (int i = 0; i < argc; i++)
704	{
705	if (!RTStrICmp(argv[i], "debug"))
706	g_verbosity = 1;
707	else
708	pam_vbox_error(hPAM, "pam_vbox_authenticate: unknown command line argument \"%s\"\n", argv[i]);
709	}
710	pam_vbox_log(hPAM, "pam_vbox_authenticate called\n");
711
712	int rc = pam_vbox_init(hPAM);
713	if (RT_FAILURE(rc))
714	return PAM_SUCCESS; /* Jump out as early as we can to not mess around. */
715
716	bool fFallback = true;
717
718	uint32_t uClientId;
719	rc = VbglR3GuestPropConnect(&uClientId);
720	if (RT_SUCCESS(rc))
721	{
722	char szVal[256];
723	rc = pam_vbox_read_prop(hPAM, uClientId,
724	"/VirtualBox/GuestAdd/PAM/CredsWait",
725	true /* Read-only on guest */,
726	szVal, sizeof(szVal));
727	if (RT_SUCCESS(rc))
728	{
729	/* All calls which are checked against rc2 are not critical, e.g. it does
730	* not matter if they succeed or not. */
731	uint32_t uTimeoutMS = RT_INDEFINITE_WAIT; /* Wait infinite by default. */
732	int rc2 = pam_vbox_read_prop(hPAM, uClientId,
733	"/VirtualBox/GuestAdd/PAM/CredsWaitTimeout",
734	true /* Read-only on guest */,
735	szVal, sizeof(szVal));
736	if (RT_SUCCESS(rc2))
737	{
738	uTimeoutMS = RTStrToUInt32(szVal);
739	if (!uTimeoutMS)
740	{
741	pam_vbox_error(hPAM, "pam_vbox_authenticate: invalid waiting timeout value specified, defaulting to infinite timeout\n");
742	uTimeoutMS = RT_INDEFINITE_WAIT;
743	}
744	else
745	uTimeoutMS = uTimeoutMS * 1000; /* Make ms out of s. */
746	}
747
748	rc2 = pam_vbox_read_prop(hPAM, uClientId,
749	"/VirtualBox/GuestAdd/PAM/CredsMsgWaiting",
750	true /* Read-only on guest */,
751	szVal, sizeof(szVal));
752	const char *pszWaitMsg = NULL;
753	if (RT_SUCCESS(rc2))
754	pszWaitMsg = szVal;
755
756	rc2 = vbox_set_msg(hPAM, 0 /* Info message */,
757	pszWaitMsg ? pszWaitMsg : "Waiting for credentials ...");
758	if (RT_FAILURE(rc2)) /* Not critical. */
759	pam_vbox_error(hPAM, "pam_vbox_authenticate: error setting waiting information message, rc=%Rrc\n", rc2);
760
761	if (RT_SUCCESS(rc))
762	{
763	/* Before we actuall wait for credentials just make sure we didn't already get credentials
764	* set so that we can skip waiting for them ... */
765	rc = pam_vbox_check_creds(hPAM);
766	if (rc == VERR_NOT_FOUND)
767	{
768	rc = pam_vbox_wait_for_creds(hPAM, uClientId, uTimeoutMS);
769	if (rc == VERR_TIMEOUT)
770	{
771	pam_vbox_log(hPAM, "pam_vbox_authenticate: no credentials given within time\n");
772
773	rc2 = pam_vbox_read_prop(hPAM, uClientId,
774	"/VirtualBox/GuestAdd/PAM/CredsMsgWaitTimeout",
775	true /* Read-only on guest */,
776	szVal, sizeof(szVal));
777	if (RT_SUCCESS(rc2))
778	{
779	rc2 = vbox_set_msg(hPAM, 0 /* Info message */, szVal);
780	AssertRC(rc2);
781	}
782	}
783	else if (rc == VERR_CANCELLED)
784	{
785	pam_vbox_log(hPAM, "pam_vbox_authenticate: waiting aborted\n");
786
787	rc2 = pam_vbox_read_prop(hPAM, uClientId,
788	"/VirtualBox/GuestAdd/PAM/CredsMsgWaitAbort",
789	true /* Read-only on guest */,
790	szVal, sizeof(szVal));
791	if (RT_SUCCESS(rc2))
792	{
793	rc2 = vbox_set_msg(hPAM, 0 /* Info message */, szVal);
794	AssertRC(rc2);
795	}
796	}
797	}
798
799	/* If we got here we don't need the fallback, so just deactivate it. */
800	fFallback = false;
801	}
802	}
803
804	VbglR3GuestPropDisconnect(uClientId);
805	}
806
807	if (fFallback)
808	{
809	pam_vbox_log(hPAM, "pam_vbox_authenticate: falling back to old method\n");
810
811	/* If anything went wrong in the code above we just do a credentials
812	* check like it was before: Try retrieving the stuff and authenticating. */
813	int rc2 = pam_vbox_check_creds(hPAM);
814	if (RT_SUCCESS(rc))
815	rc = rc2;
816	}
817
818	pam_vbox_shutdown(hPAM);
819
820	pam_vbox_log(hPAM, "pam_vbox_authenticate: overall result rc=%Rrc\n", rc);
821
822	/* Never report an error here because if no credentials from the host are available or something
823	* went wrong we then let do the authentication by the next module in the stack. */
824
825	/* We report success here because this is all we can do right now -- we passed the credentials
826	* to the next PAM module in the block above which then might do a shadow (like pam_unix/pam_unix2)
827	* password verification to "really" authenticate the user. */
828	return PAM_SUCCESS;
829	}
830
831
832	DECLEXPORT(int) pam_sm_setcred(pam_handle_t hPAM, int iFlags, int argc, const char *argv)
833	{
834	pam_vbox_log(hPAM, "pam_vbox_setcred called, iFlags=0x%x\n", iFlags);
835	for (int i = 0; i < argc; i++)
836	pam_vbox_log(hPAM, "pam_vbox_setcred: argv[%d] = %s\n", i, argv[i]);
837	return PAM_SUCCESS;
838	}
839
840
841	DECLEXPORT(int) pam_sm_acct_mgmt(pam_handle_t hPAM, int iFlags, int argc, const char *argv)
842	{
843	RT_NOREF3(iFlags, argc, argv);
844	pam_vbox_log(hPAM, "pam_vbox_acct_mgmt called\n");
845	return PAM_SUCCESS;
846	}
847
848
849	DECLEXPORT(int) pam_sm_open_session(pam_handle_t hPAM, int iFlags, int argc, const char *argv)
850	{
851	RT_NOREF3(iFlags, argc, argv);
852	pam_vbox_log(hPAM, "pam_vbox_open_session called\n");
853	RTPrintf("This session was provided by VirtualBox Guest Additions. Have a lot of fun!\n");
854	return PAM_SUCCESS;
855	}
856
857
858	DECLEXPORT(int) pam_sm_close_session(pam_handle_t hPAM, int iFlags, int argc, const char *argv)
859	{
860	RT_NOREF3(iFlags, argc, argv);
861	pam_vbox_log(hPAM, "pam_vbox_close_session called\n");
862	return PAM_SUCCESS;
863	}
864
865
866	DECLEXPORT(int) pam_sm_chauthtok(pam_handle_t hPAM, int iFlags, int argc, const char *argv)
867	{
868	RT_NOREF3(iFlags, argc, argv);
869	pam_vbox_log(hPAM, "pam_vbox_sm_chauthtok called\n");
870	return PAM_SUCCESS;
871	}
872
873
874	#ifdef DEBUG
875	RTDECL(void) RTAssertMsg1Weak(const char pszExpr, unsigned uLine, const char pszFile, const char *pszFunction)
876	{
877	pam_vbox_log(g_pam_handle,
878	"\n!!Assertion Failed!!\n"
879	"Expression: %s\n"
880	"Location : %s(%d) %s\n",
881	pszExpr, pszFile, uLine, pszFunction);
882	RTAssertMsg1(pszExpr, uLine, pszFile, pszFunction);
883	}
884	#endif
885

Note: See TracBrowser for help on using the repository browser.

source: vbox/trunk/src/VBox/Additions/common/pam/pam_vbox.cpp@ 94184

Download in other formats: