2 * <security/pam_modules.h>
4 * $Id: pam_modules.h,v 1.8 1997/01/04 20:14:42 morgan Exp morgan $
5 * $FreeBSD: src/contrib/libpam/libpam/include/security/pam_modules.h,v 1.2.6.2 2001/06/11 15:28:14 markm Exp $
6 * $DragonFly: src/contrib/libpam/libpam/include/security/Attic/pam_modules.h,v 1.2 2003/06/17 04:24:03 dillon Exp $
8 * This header file documents the PAM SPI --- that is, interface
9 * between the PAM library and a PAM service library which is called
12 * Note, the copyright information is at end of file.
14 * $Log: pam_modules.h,v $
15 * Revision 1.8 1997/01/04 20:14:42 morgan
16 * moved PAM_DATA_SILENT to _pam_types.h so applications can use it too
18 * Revision 1.7 1996/11/10 19:57:08 morgan
19 * pam_get_user prototype.
21 * Revision 1.6 1996/09/05 06:18:45 morgan
22 * added some data error_status masks, changed prototype for cleanup()
24 * Revision 1.5 1996/06/02 07:58:37 morgan
25 * altered the way in which modules obtain static prototypes for
30 #ifndef _SECURITY_PAM_MODULES_H
31 #define _SECURITY_PAM_MODULES_H
34 * Define either PAM_STATIC or PAM_DYNAMIC, based on whether PIC
35 * compilation is being used.
37 #if !defined(PIC) && !defined(PAM_STATIC)
45 #include <linker_set.h>
48 #include <security/_pam_types.h> /* Linux-PAM common defined types */
50 /* these defines are used by pam_set_item() and pam_get_item() and are
51 * in addition to those found in <security/_pam_types.h> */
53 #define PAM_AUTHTOK 6 /* The authentication token (password) */
54 #define PAM_OLDAUTHTOK 7 /* The old authentication token */
56 /* -------------- The Linux-PAM Module PI ------------- */
58 extern int pam_set_data(pam_handle_t *pamh, const char *module_data_name,
60 void (*cleanup)(pam_handle_t *pamh, void *data,
62 extern int pam_get_data(const pam_handle_t *pamh,
63 const char *module_data_name, const void **data);
65 extern int pam_get_user(pam_handle_t *pamh, const char **user
66 , const char *prompt);
70 #define PAM_EXTERN static
73 const char *name; /* Name of the module */
75 /* These are function pointers to the module's key functions. */
77 int (*pam_sm_authenticate)(pam_handle_t *pamh, int flags,
78 int argc, const char **argv);
79 int (*pam_sm_setcred)(pam_handle_t *pamh, int flags,
80 int argc, const char **argv);
81 int (*pam_sm_acct_mgmt)(pam_handle_t *pamh, int flags,
82 int argc, const char **argv);
83 int (*pam_sm_open_session)(pam_handle_t *pamh, int flags,
84 int argc, const char **argv);
85 int (*pam_sm_close_session)(pam_handle_t *pamh, int flags,
86 int argc, const char **argv);
87 int (*pam_sm_chauthtok)(pam_handle_t *pamh, int flags,
88 int argc, const char **argv);
92 #define PAM_SM_AUTH_ENTRY pam_sm_authenticate
93 #define PAM_SM_SETCRED_ENTRY pam_sm_setcred
95 #define PAM_SM_AUTH_ENTRY NULL
96 #define PAM_SM_SETCRED_ENTRY NULL
100 #define PAM_SM_ACCOUNT_ENTRY pam_sm_acct_mgmt
102 #define PAM_SM_ACCOUNT_ENTRY NULL
105 #ifdef PAM_SM_SESSION
106 #define PAM_SM_OPEN_SESSION_ENTRY pam_sm_open_session
107 #define PAM_SM_CLOSE_SESSION_ENTRY pam_sm_close_session
109 #define PAM_SM_OPEN_SESSION_ENTRY NULL
110 #define PAM_SM_CLOSE_SESSION_ENTRY NULL
113 #ifdef PAM_SM_PASSWORD
114 #define PAM_SM_PASSWORD_ENTRY pam_sm_chauthtok
116 #define PAM_SM_PASSWORD_ENTRY NULL
119 #define PAM_MODULE_ENTRY(name) \
120 static struct pam_module _pam_modstruct = { \
123 PAM_SM_SETCRED_ENTRY, \
124 PAM_SM_ACCOUNT_ENTRY, \
125 PAM_SM_OPEN_SESSION_ENTRY, \
126 PAM_SM_CLOSE_SESSION_ENTRY, \
127 PAM_SM_PASSWORD_ENTRY \
129 DATA_SET(_pam_static_modules, _pam_modstruct)
131 #else /* !PAM_STATIC */
133 #define PAM_EXTERN extern
134 #define PAM_MODULE_ENTRY(name)
136 #endif /* PAM_STATIC */
138 /* Lots of files include pam_modules.h that don't need these
139 * declared. However, when they are declared static, they
140 * need to be defined later. So we have to protect C files
141 * that include these without wanting these functions defined.. */
143 #if (defined(PAM_STATIC) && defined(PAM_SM_AUTH)) || !defined(PAM_STATIC)
145 /* Authentication API's */
146 PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags,
147 int argc, const char **argv);
148 PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh, int flags,
149 int argc, const char **argv);
151 #endif /*(defined(PAM_STATIC) && defined(PAM_SM_AUTH))
152 || !defined(PAM_STATIC)*/
154 #if (defined(PAM_STATIC) && defined(PAM_SM_ACCOUNT)) || !defined(PAM_STATIC)
156 /* Account Management API's */
157 PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags,
158 int argc, const char **argv);
160 #endif /*(defined(PAM_STATIC) && defined(PAM_SM_ACCOUNT))
161 || !defined(PAM_STATIC)*/
163 #if (defined(PAM_STATIC) && defined(PAM_SM_SESSION)) || !defined(PAM_STATIC)
165 /* Session Management API's */
166 PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags,
167 int argc, const char **argv);
169 PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh, int flags,
170 int argc, const char **argv);
172 #endif /*(defined(PAM_STATIC) && defined(PAM_SM_SESSION))
173 || !defined(PAM_STATIC)*/
175 #if (defined(PAM_STATIC) && defined(PAM_SM_PASSWORD)) || !defined(PAM_STATIC)
177 /* Password Management API's */
178 PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
179 int argc, const char **argv);
181 #endif /*(defined(PAM_STATIC) && defined(PAM_SM_PASSWORD))
182 || !defined(PAM_STATIC)*/
184 /* The following two flags are for use across the Linux-PAM/module
185 * interface only. The Application is not permitted to use these
188 * The password service should only perform preliminary checks. No
189 * passwords should be updated. */
190 #define PAM_PRELIM_CHECK 0x4000
192 /* The password service should update passwords Note: PAM_PRELIM_CHECK
193 * and PAM_UPDATE_AUTHTOK can not both be set simultaneously! */
194 #define PAM_UPDATE_AUTHTOK 0x2000
198 * here are some proposed error status definitions for the
199 * 'error_status' argument used by the cleanup function associated
200 * with data items they should be logically OR'd with the error_status
201 * of the latest return from libpam -- new with .52 and positive
202 * impression from Sun although not official as of 1996/9/4 there are
203 * others in _pam_types.h -- they are for common module/app use.
206 #define PAM_DATA_REPLACE 0x20000000 /* used when replacing a data item */
208 /* take care of any compatibility issues */
209 #include <security/_pam_compat.h>
211 /* Copyright (C) Theodore Ts'o, 1996.
212 * Copyright (C) Andrew Morgan, 1996-8.
213 * All rights reserved.
215 * Redistribution and use in source and binary forms, with or without
216 * modification, are permitted provided that the following conditions
218 * 1. Redistributions of source code must retain the above copyright
219 * notice, and the entire permission notice in its entirety,
220 * including the disclaimer of warranties.
221 * 2. Redistributions in binary form must reproduce the above copyright
222 * notice, this list of conditions and the following disclaimer in the
223 * documentation and/or other materials provided with the distribution.
224 * 3. The name of the author may not be used to endorse or promote
225 * products derived from this software without specific prior
226 * written permission.
228 * ALTERNATIVELY, this product may be distributed under the terms of
229 * the GNU General Public License, in which case the provisions of the
230 * GNU GPL are required INSTEAD OF the above restrictions. (This
231 * clause is necessary due to a potential bad interaction between the
232 * GNU GPL and the restrictions contained in a BSD-style copyright.)
234 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
235 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
236 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
237 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
238 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
239 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
240 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
241 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
242 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
243 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
244 * OF THE POSSIBILITY OF SUCH DAMAGE. */
246 #endif /* _SECURITY_PAM_MODULES_H */