dist/openpam/lib/openpam_impl.h

   1 /*-
   2  * Copyright (c) 2001-2003 Networks Associates Technology, Inc.
   3  * Copyright (c) 2004-2007 Dag-Erling Smørgrav
   4  * All rights reserved.
   5  *
   6  * This software was developed for the FreeBSD Project by ThinkSec AS and
   7  * Network Associates Laboratories, the Security Research Division of
   8  * Network Associates, Inc.  under DARPA/SPAWAR contract N66001-01-C-8035
   9  * ("CBOSS"), as part of the DARPA CHATS research program.
  10  *
  11  * Redistribution and use in source and binary forms, with or without
  12  * modification, are permitted provided that the following conditions
  13  * are met:
  14  * 1. Redistributions of source code must retain the above copyright
  15  *    notice, this list of conditions and the following disclaimer.
  16  * 2. Redistributions in binary form must reproduce the above copyright
  17  *    notice, this list of conditions and the following disclaimer in the
  18  *    documentation and/or other materials provided with the distribution.
  19  * 3. The name of the author may not be used to endorse or promote
  20  *    products derived from this software without specific prior written
  21  *    permission.
  22  *
  23  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
  24  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  25  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  26  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  27  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  28  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  29  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  30  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  31  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  32  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  33  * SUCH DAMAGE.
  34  *
  35  * $Id: openpam_impl.h,v 1.5 2008/01/27 01:22:59 christos Exp $
  36  */
  37
  38 #ifndef _OPENPAM_IMPL_H_INCLUDED
  39 #define _OPENPAM_IMPL_H_INCLUDED
  40
  41 #ifdef HAVE_CONFIG_H
  42 # include <config.h>
  43 #endif
  44
  45 #include <security/openpam.h>
  46
  47 extern const char *_pam_func_name[PAM_NUM_PRIMITIVES];
  48 extern const char *_pam_sm_func_name[PAM_NUM_PRIMITIVES];
  49 extern const char *_pam_err_name[PAM_NUM_ERRORS];
  50 extern const char *_pam_item_name[PAM_NUM_ITEMS];
  51
  52 extern int _openpam_debug;
  53
  54 /*
  55  * Control flags
  56  */
  57 typedef enum {
  58         PAM_BINDING,
  59         PAM_REQUIRED,
  60         PAM_REQUISITE,
  61         PAM_SUFFICIENT,
  62         PAM_OPTIONAL,
  63         PAM_NUM_CONTROL_FLAGS
  64 } pam_control_t;
  65
  66 /*
  67  * Facilities
  68  */
  69 typedef enum {
  70         PAM_FACILITY_ANY = -1,
  71         PAM_AUTH = 0,
  72         PAM_ACCOUNT,
  73         PAM_SESSION,
  74         PAM_PASSWORD,
  75         PAM_NUM_FACILITIES
  76 } pam_facility_t;
  77
  78 typedef struct pam_chain pam_chain_t;
  79 struct pam_chain {
  80         pam_module_t    *module;
  81         int              flag;
  82         int              optc;
  83         char           **optv;
  84         pam_chain_t     *next;
  85 };
  86
  87 typedef struct pam_data pam_data_t;
  88 struct pam_data {
  89         char            *name;
  90         void            *data;
  91         void            (*cleanup)(pam_handle_t *, void *, int);
  92         pam_data_t      *next;
  93 };
  94
  95 struct pam_handle {
  96         char            *service;
  97
  98         /* chains */
  99         pam_chain_t     *chains[PAM_NUM_FACILITIES];
 100         pam_chain_t     *current;
 101         int              primitive;
 102
 103         /* items and data */
 104         void            *item[PAM_NUM_ITEMS];
 105         pam_data_t      *module_data;
 106
 107         /* environment list */
 108         char           **env;
 109         int              env_count;
 110         int              env_size;
 111 };
 112
 113 #ifdef NGROUPS_MAX
 114 #define PAM_SAVED_CRED "pam_saved_cred"
 115 struct pam_saved_cred {
 116         uid_t    euid;
 117         gid_t    egid;
 118         gid_t    groups[NGROUPS_MAX];
 119         int      ngroups;
 120 };
 121 #endif
 122
 123 #define PAM_OTHER       "other"
 124
 125 int              openpam_configure(pam_handle_t *, const char *);
 126 int              openpam_dispatch(pam_handle_t *, int, int);
 127 int              openpam_findenv(pam_handle_t *, const char *, size_t);
 128 pam_module_t    *openpam_load_module(const char *);
 129 void             openpam_clear_chains(pam_chain_t **);
 130
 131 #ifdef OPENPAM_STATIC_MODULES
 132 pam_module_t    *openpam_static(const char *);
 133 #endif
 134 pam_module_t    *openpam_dynamic(const char *);
 135
 136 #define FREE(p) do { free((p)); (p) = NULL; } while (/*CONSTCOND*/0)
 137
 138 #ifdef DEBUG
 139 #define ENTER() openpam_log(PAM_LOG_DEBUG, "entering")
 140 #define ENTERI(i) do { \
 141         int _i = (i); \
 142         if (_i > 0 && _i < PAM_NUM_ITEMS) \
 143                 openpam_log(PAM_LOG_DEBUG, "entering: %s", _pam_item_name[_i]); \
 144         else \
 145                 openpam_log(PAM_LOG_DEBUG, "entering: %d", _i); \
 146 } while (/*CONSTCOND*/0)
 147 #define ENTERN(n) do { \
 148         int _n = (n); \
 149         openpam_log(PAM_LOG_DEBUG, "entering: %d", _n); \
 150 } while (/*CONSTCOND*/0)
 151 #define ENTERS(s) do { \
 152         const char *_s = (s); \
 153         if (_s == NULL) \
 154                 openpam_log(PAM_LOG_DEBUG, "entering: NULL"); \
 155         else \
 156                 openpam_log(PAM_LOG_DEBUG, "entering: '%s'", _s); \
 157 } while (/*CONSTCOND*/0)
 158 #define RETURNV() openpam_log(PAM_LOG_DEBUG, "returning")
 159 #define RETURNC(c) do { \
 160         int _c = (c); \
 161         if (_c >= 0 && _c < PAM_NUM_ERRORS) \
 162                 openpam_log(PAM_LOG_DEBUG, "returning %s", _pam_err_name[_c]); \
 163         else \
 164                 openpam_log(PAM_LOG_DEBUG, "returning %d!", _c); \
 165         return (_c); \
 166         /*NOTREACHED*/ \
 167 } while (/*CONSTCOND*/0)
 168 #define RETURNN(n) do { \
 169         int _n = (n); \
 170         openpam_log(PAM_LOG_DEBUG, "returning %d", _n); \
 171         return (_n); \
 172         /*NOTREACHED*/ \
 173 } while (/*CONSTCOND*/0)
 174 #define RETURNP(p) do { \
 175         const void *_p = (p); \
 176         if (_p == NULL) \
 177                 openpam_log(PAM_LOG_DEBUG, "returning NULL"); \
 178         else \
 179                 openpam_log(PAM_LOG_DEBUG, "returning %p", _p); \
 180         return (p); \
 181         /*NOTREACHED*/ \
 182 } while (/*CONSTCOND*/0)
 183 #define RETURNS(s) do { \
 184         const char *_s = (s); \
 185         if (_s == NULL) \
 186                 openpam_log(PAM_LOG_DEBUG, "returning NULL"); \
 187         else \
 188                 openpam_log(PAM_LOG_DEBUG, "returning '%s'", _s); \
 189         return (_s); \
 190         /*NOTREACHED*/ \
 191 } while (/*CONSTCOND*/0)
 192 #else
 193 #define ENTER()
 194 #define ENTERI(i)
 195 #define ENTERN(n)
 196 #define ENTERS(s)
 197 #define RETURNV() return
 198 #define RETURNC(c) return (c)
 199 #define RETURNN(n) return (n)
 200 #define RETURNP(p) return (p)
 201 #define RETURNS(s) return (s)
 202 #endif
 203
 204 #endif