Add the DragonFly cvs id and perform general cleanups on cvs/rcs/sccs ids. Most
[dragonfly.git] / contrib / libpam / libpam / pam_private.h
CommitLineData
984263bc
MD
1/*
2 * pam_private.h
3 *
4 * $Id: pam_private.h,v 1.12 1997/04/05 06:57:37 morgan Exp morgan $
5 * $FreeBSD: src/contrib/libpam/libpam/pam_private.h,v 1.1.1.1.6.2 2001/06/11 15:28:12 markm Exp $
1de703da 6 * $DragonFly: src/contrib/libpam/libpam/Attic/pam_private.h,v 1.2 2003/06/17 04:24:03 dillon Exp $
984263bc
MD
7 *
8 * This is the Linux-PAM Library Private Header. It contains things
9 * internal to the Linux-PAM library. Things not needed by either an
10 * application or module.
11 *
12 * Please see end of file for copyright.
13 *
14 * Creator: Marc Ewing.
15 * Maintained: AGM
16 *
17 * $Log: pam_private.h,v $
18 */
19
20#ifndef _PAM_PRIVATE_H
21#define _PAM_PRIVATE_H
22
23/* this is not used at the moment --- AGM */
24#define LIBPAM_VERSION 65
25
26#include <security/pam_appl.h>
27#include <security/pam_modules.h>
28
29/* the Linux-PAM configuration file */
30
31#define PAM_CONFIG "/etc/pam.conf"
32#define PAM_CONFIG_D "/etc/pam.d"
33#define PAM_CONFIG_DF "/etc/pam.d/%s"
34
35#define PAM_DEFAULT_SERVICE "other" /* lower case */
36#define PAM_DEFAULT_SERVICE_FILE PAM_CONFIG_D "/" PAM_DEFAULT_SERVICE
37
38#ifdef PAM_LOCKING
39/*
40 * the Linux-PAM lock file. If it exists Linux-PAM will abort. Use it
41 * to block access to libpam
42 */
43#define PAM_LOCK_FILE "/var/lock/subsys/PAM"
44#endif
45
46/* components of the pam_handle structure */
47
48struct handler {
49 int must_fail;
50 int (*func)(pam_handle_t *pamh, int flags, int argc, char **argv);
51 int actions[_PAM_RETURN_VALUES];
52 int argc;
53 char **argv;
54 struct handler *next;
55};
56
57struct loaded_module {
58 char *name;
59 int type; /* PAM_STATIC_MOD or PAM_DYNAMIC_MOD */
60 void *dl_handle;
61};
62
63#define PAM_MT_DYNAMIC_MOD 0
64#define PAM_MT_STATIC_MOD 1
65#define PAM_MT_FAULTY_MOD 2
66
67struct handlers {
68 struct handler *authenticate;
69 struct handler *setcred;
70 struct handler *acct_mgmt;
71 struct handler *open_session;
72 struct handler *close_session;
73 struct handler *chauthtok;
74};
75
76struct service {
77 struct loaded_module *module; /* Only used for dynamic loading */
78 int modules_allocated;
79 int modules_used;
80 int handlers_loaded;
81
82 struct handlers conf; /* the configured handlers */
83 struct handlers other; /* the default handlers */
84};
85
86/*
87 * Environment helper functions
88 */
89
90#define PAM_ENV_CHUNK 10 /* chunks of memory calloc()'d *
91 * at once */
92
93struct pam_environ {
94 int entries; /* the number of pointers available */
95 int requested; /* the number of pointers used: *
96 * 1 <= requested <= entries */
97 char **list; /* the environment storage (a list *
98 * of pointers to malloc() memory) */
99};
100
101#include <sys/time.h>
102
103typedef enum { PAM_FALSE, PAM_TRUE } _pam_boolean;
104
105struct _pam_fail_delay {
106 _pam_boolean set;
107 unsigned int delay;
108 time_t begin;
109 const void *delay_fn_ptr;
110};
111
112struct _pam_former_state {
113/* this is known and set by _pam_dispatch() */
114 int choice; /* which flavor of module function did we call? */
115
116/* state info for the _pam_dispatch_aux() function */
117 int depth; /* how deep in the stack were we? */
118 int impression; /* the impression at that time */
119 int status; /* the status before returning incomplete */
120
121/* state info used by pam_get_user() function */
122 int want_user;
123 char *prompt; /* saved prompt information */
124
125/* state info for the pam_chauthtok() function */
126 _pam_boolean update;
127};
128
129struct pam_handle {
130 char *authtok;
131 struct pam_conv *pam_conversation;
132 char *oldauthtok;
133 char *prompt; /* for use by pam_get_user() */
134 char *service_name;
135 char *user;
136 char *rhost;
137 char *ruser;
138 char *tty;
139 struct pam_log_state pam_default_log; /* for ident etc., log state */
140 struct pam_data *data;
141 struct pam_environ *env; /* structure to maintain environment list */
142 struct _pam_fail_delay fail_delay; /* helper function for easy delays */
143 struct service handlers;
144 struct _pam_former_state former; /* library state - support for
145 event driven applications */
146};
147
148/* Values for select arg to _pam_dispatch() */
149#define PAM_NOT_STACKED 0
150#define PAM_AUTHENTICATE 1
151#define PAM_SETCRED 2
152#define PAM_ACCOUNT 3
153#define PAM_OPEN_SESSION 4
154#define PAM_CLOSE_SESSION 5
155#define PAM_CHAUTHTOK 6
156
157#define _PAM_ACTION_IS_JUMP(x) ((x) > 0)
158#define _PAM_ACTION_IGNORE 0
159#define _PAM_ACTION_OK -1
160#define _PAM_ACTION_DONE -2
161#define _PAM_ACTION_BAD -3
162#define _PAM_ACTION_DIE -4
163#define _PAM_ACTION_RESET -5
164/* Add any new entries here. Will need to change ..._UNDEF and then
165 * need to change pam_tokens.h */
166#define _PAM_ACTION_UNDEF -6 /* this is treated as an error
167 ( = _PAM_ACTION_BAD) */
168
169/* character tables for parsing config files */
170extern const char * const _pam_token_actions[-_PAM_ACTION_UNDEF];
171extern const char * const _pam_token_returns[_PAM_RETURN_VALUES+1];
172
173/*
174 * internally defined functions --- these should not be directly
175 * called by applications or modules
176 */
177int _pam_dispatch(pam_handle_t *pamh, int flags, int choice);
178
179/* Free various allocated structures and dlclose() the libs */
180int _pam_free_handlers(pam_handle_t *pamh);
181
182/* Parse config file, allocate handler structures, dlopen() */
183int _pam_init_handlers(pam_handle_t *pamh);
184
185/* Set all hander stuff to 0/NULL - called once from pam_start() */
186void _pam_start_handlers(pam_handle_t *pamh);
187
188/* environment helper functions */
189
190/* create the environment structure */
191int _pam_make_env(pam_handle_t *pamh);
192
193/* delete the environment structure */
194void _pam_drop_env(pam_handle_t *pamh);
195
196#ifdef LINUX_PAM
197
198/* these functions deal with failure delays as required by the
199 authentication modules and application. Their *interface* is likely
200 to remain the same although their function is hopefully going to
201 improve */
202
203/* reset the timer to no-delay */
204void _pam_reset_timer(pam_handle_t *pamh);
205
206/* this sets the clock ticking */
207void _pam_start_timer(pam_handle_t *pamh);
208
209/* this waits for the clock to stop ticking if status != PAM_SUCCESS */
210void _pam_await_timer(pam_handle_t *pamh, int status);
211
212
213#endif /* LINUX_PAM */
214
215typedef void (*voidfunc(void))(void);
216#ifdef PAM_STATIC
217
218/* The next two in ../modules/_pam_static/pam_static.c */
219
220/* Return pointer to data structure used to define a static module */
221struct pam_module * _pam_open_static_handler(char *path);
222
223/* Return pointer to function requested from static module */
224
225voidfunc *_pam_get_static_sym(struct pam_module *mod, const char *symname);
226
227#endif
228
229/* For now we just use a stack and linear search for module data. */
230/* If it becomes apparent that there is a lot of data, it should */
231/* changed to either a sorted list or a hash table. */
232
233struct pam_data {
234 char *name;
235 void *data;
236 void (*cleanup)(pam_handle_t *pamh, void *data, int error_status);
237 struct pam_data *next;
238};
239
240void _pam_free_data(pam_handle_t *pamh, int status);
241
242int _pam_strCMP(const char *s, const char *t);
243char *_pam_StrTok(char *from, const char *format, char **next);
244
245char *_pam_strdup(const char *s);
246
247int _pam_mkargv(char *s, char ***argv, int *argc);
248
249void _pam_sanitize(pam_handle_t *pamh);
250
251void _pam_set_default_control(int *control_array, int default_action);
252
253void _pam_parse_control(int *control_array, char *tok);
254
255/*
256 * XXX - Take care with this. It could confuse the logic of a trailing
257 * else
258 */
259
260#define IF_NO_PAMH(X,pamh,ERR) \
261if ((pamh) == NULL) { \
262 pam_system_log(NULL, NULL, LOG_ERR, X ": NULL pam handle passed"); \
263 return ERR; \
264}
265
266/* Definition for the default username prompt used by pam_get_user() */
267
268#define PAM_DEFAULT_PROMPT "Please enter username: "
269
270/*
271 * pam_system_log default ident/facility..
272 */
273
274#define PAM_LOG_STATE_DEFAULT { \
275 PAM_LOG_STATE_IDENT, \
276 PAM_LOG_STATE_OPTION, \
277 PAM_LOG_STATE_FACILITY \
278}
279
280/*
281 * include some helpful macros
282 */
283
284#include <security/_pam_macros.h>
285
286/*
287 * Copyright (C) 1995 by Red Hat Software, Marc Ewing
288 * Copyright (c) 1996-8, Andrew G. Morgan <morgan@linux.kernel.org>
289 *
290 * All rights reserved
291 *
292 * Redistribution and use in source and binary forms, with or without
293 * modification, are permitted provided that the following conditions
294 * are met:
295 * 1. Redistributions of source code must retain the above copyright
296 * notice, and the entire permission notice in its entirety,
297 * including the disclaimer of warranties.
298 * 2. Redistributions in binary form must reproduce the above copyright
299 * notice, this list of conditions and the following disclaimer in the
300 * documentation and/or other materials provided with the distribution.
301 * 3. The name of the author may not be used to endorse or promote
302 * products derived from this software without specific prior
303 * written permission.
304 *
305 * ALTERNATIVELY, this product may be distributed under the terms of
306 * the GNU Public License, in which case the provisions of the GPL are
307 * required INSTEAD OF the above restrictions. (This clause is
308 * necessary due to a potential bad interaction between the GPL and
309 * the restrictions contained in a BSD-style copyright.)
310 *
311 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
312 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
313 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
314 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
315 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
316 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
317 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
318 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
319 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
320 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
321 * OF THE POSSIBILITY OF SUCH DAMAGE.
322 */
323
324#endif /* _PAM_PRIVATE_H_ */