Add support for escape sequences in the arguments (e.g. %u for user name)

Sponsored by:	DARPA, NAI Labs

2 files changed, 82 insertions, 24 deletions

diff --git a/lib/libpam/modules/pam_echo/pam_echo.8 b/lib/libpam/modules/pam_echo/pam_echo.8
index 062f513..efc7abb 100644
--- a/lib/libpam/modules/pam_echo/pam_echo.8
+++ b/lib/libpam/modules/pam_echo/pam_echo.8
@@ -1,6 +1,6 @@
 .\" Copyright (c) 2001 Mark R V Murray
 .\" All rights reserved.
-.\" Copyright (c) 2001 Networks Associates Technology, Inc.
+.\" Copyright (c) 2001,2003 Networks Associates Technology, Inc.
 .\" All rights reserved.
 .\"
 .\" Portions of this software were developed for the FreeBSD Project by
@@ -49,6 +49,37 @@
 .Sh DESCRIPTION
 The echo service module for PAM displays its arguments to the user,
 separated by spaces, using the current conversation function.
+.Pp
+If the
+.Cm %
+character occurs anywhere in the arguments to
+.Nm ,
+it is assumed to introduce one of the following escape sequences:
+.Bl -tag -width 4n
+.It Cm %H
+The name of the host on which the client runs
+.Pq Dv PAM_RHOST .
+.\".It Cm %h
+.\"The name of the host on which the server runs.
+.It Cm %s
+The current service name
+.Pq Dv PAM_SERVICE .
+.It Cm %t
+The name of the controlling tty
+.Pq Dv PAM_TTY .
+.It Cm %U
+The applicant's user name
+.Pq Dv PAM_RUSER .
+.It Cm %u
+The target account's user name
+.Pq Dv PAM_USER .
+.El
+.Pp
+Any other two-character sequence beginning with
+.Cm %
+expands to the character following the
+.Cm %
+character.
 .Sh SEE ALSO
 .Xr pam.conf 5 ,
 .Xr pam 8
diff --git a/lib/libpam/modules/pam_echo/pam_echo.c b/lib/libpam/modules/pam_echo/pam_echo.c
index 4ec0fd2..1076b90 100644
--- a/lib/libpam/modules/pam_echo/pam_echo.c
+++ b/lib/libpam/modules/pam_echo/pam_echo.c
@@ -1,5 +1,5 @@
 /*-
- * Copyright (c) 2001 Networks Associates Technology, Inc.
+ * Copyright (c) 2001,2003 Networks Associates Technology, Inc.
  * All rights reserved.
  *
  * This software was developed for the FreeBSD Project by ThinkSec AS and
@@ -47,32 +47,59 @@ static int
 _pam_echo(pam_handle_t *pamh, int flags,
     int argc, const char *argv[])
 {
-	struct pam_message msg;
-	const struct pam_message *msgp;
-	const struct pam_conv *pamc;
-	struct pam_response *resp;
+	char msg[PAM_MAX_MSG_SIZE];
+	const char *str, *p, *q;
+	int err, i, item;
 	size_t len;
-	int i, pam_err;
 
 	if (flags & PAM_SILENT)
 		return (PAM_SUCCESS);
-	pam_err = pam_get_item(pamh, PAM_CONV, (const void **)&pamc);
-	if (pam_err != PAM_SUCCESS)
-		return (pam_err);
-	for (i = 0, len = 0; i < argc; ++i)
-		len += strlen(argv[i]) + 1;
-	if ((msg.msg = malloc(len)) == NULL)
-		return (PAM_BUF_ERR);
-	for (i = 0, len = 0; i < argc; ++i)
-		len += sprintf(msg.msg + len, "%s%s", i ? " " : "", argv[i]);
-	msg.msg[len] = '\0';
-	msg.msg_style = PAM_TEXT_INFO;
-	msgp = &msg;
-	resp = NULL;
-	pam_err = (pamc->conv)(1, &msgp, &resp, pamc->appdata_ptr);
-	free(resp);
-	free(msg.msg);
-	return (pam_err);
+	for (i = 0, len = 0; i < argc && len < sizeof(msg) - 1; ++i) {
+		if (i > 0)
+			msg[len++] = ' ';
+		for (p = argv[i]; *p != '\0' && len < sizeof(msg) - 1; ++p) {
+			if (*p != '%' || p[1] == '\0') {
+				msg[len++] = *p;
+				continue;
+			}
+			switch (*++p) {
+			case 'H':
+				item = PAM_RHOST;
+				break;
+			case 'h':
+				/* not implemented */
+				item = -1;
+				break;
+			case 's':
+				item = PAM_SERVICE;
+				break;
+			case 't':
+				item = PAM_TTY;
+				break;
+			case 'U':
+				item = PAM_RUSER;
+				break;
+			case 'u':
+				item = PAM_USER;
+				break;
+			default:
+				item = -1;
+				msg[len++] = *p;
+				break;
+			}
+			if (item == -1)
+				continue;
+			err = pam_get_item(pamh, item, (const void **)&str);
+			if (err != PAM_SUCCESS)
+				return (err);
+			if (str == NULL)
+				str = "(null)";
+			for (q = str; *q != '\0' && len < sizeof(msg) - 1; ++q)
+				msg[len++] = *q;
+		}
+	}
+	msg[len] = '\0';
+	return (pam_info(pamh, "%s", msg));
 }
 
 PAM_EXTERN int