search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Expand PMF_FN_* macros.
[netbsd-mini2440.git] / dist / openpam / include / security / openpam.h
blobfa5c0ef5d42c1f134e194603a24738cc98f0fae7
1 /*-
2 * Copyright (c) 2002-2003 Networks Associates Technology, Inc.
3 * Copyright (c) 2004-2007 Dag-Erling Smørgrav
4 * All rights reserved.
5 *
6 * This software was developed for the FreeBSD Project by ThinkSec AS and
7 * Network Associates Laboratories, the Security Research Division of
8 * Network Associates, Inc. under DARPA/SPAWAR contract N66001-01-C-8035
9 * ("CBOSS"), as part of the DARPA CHATS research program.
10 *
11 * Redistribution and use in source and binary forms, with or without
12 * modification, are permitted provided that the following conditions
13 * are met:
14 * 1. Redistributions of source code must retain the above copyright
15 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in the
18 * documentation and/or other materials provided with the distribution.
19 * 3. The name of the author may not be used to endorse or promote
20 * products derived from this software without specific prior written
21 * permission.
22 *
23 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
24 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
27 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33 * SUCH DAMAGE.
34 *
35 * $Id: openpam.h,v 1.11 2008/08/29 00:35:25 gmcgarry Exp $
36 */
37
38 #ifndef SECURITY_OPENPAM_H_INCLUDED
39 #define SECURITY_OPENPAM_H_INCLUDED
40
41 /*
42 * Annoying but necessary header pollution
43 */
44 #include <stdarg.h>
45
46 #include <security/openpam_attr.h>
47
48 #ifdef __cplusplus
49 extern "C" {
50 #endif
51
52 struct passwd;
53
54 /*
55 * API extensions
56 */
57 int
58 openpam_borrow_cred(pam_handle_t *_pamh,
59 const struct passwd *_pwd)
60 OPENPAM_NONNULL((1,2));
61
62 void
63 openpam_free_data(pam_handle_t *_pamh,
64 void *_data,
65 int _status);
66
67 void
68 openpam_free_envlist(char **_envlist);
69
70 const char *
71 openpam_get_option(pam_handle_t *_pamh,
72 const char *_option);
73
74 int
75 openpam_restore_cred(pam_handle_t *_pamh)
76 OPENPAM_NONNULL((1));
77
78 int
79 openpam_set_option(pam_handle_t *_pamh,
80 const char *_option,
81 const char *_value);
82
83 int
84 pam_error(const pam_handle_t *_pamh,
85 const char *_fmt,
86 ...)
87 OPENPAM_FORMAT ((__printf__, 2, 3))
88 OPENPAM_NONNULL((1,2));
89
90 int
91 pam_get_authtok(pam_handle_t *_pamh,
92 int _item,
93 const char **_authtok,
94 const char *_prompt)
95 OPENPAM_NONNULL((1,3));
96
97 int
98 pam_info(const pam_handle_t *_pamh,
99 const char *_fmt,
100 ...)
101 OPENPAM_FORMAT ((__printf__, 2, 3))
102 OPENPAM_NONNULL((1,2));
103
104 int
105 pam_prompt(const pam_handle_t *_pamh,
106 int _style,
107 char **_resp,
108 const char *_fmt,
109 ...)
110 OPENPAM_FORMAT ((__printf__, 4, 5))
111 OPENPAM_NONNULL((1,4));
112
113 int
114 pam_setenv(pam_handle_t *_pamh,
115 const char *_name,
116 const char *_value,
117 int _overwrite)
118 OPENPAM_NONNULL((1,2,3));
119
120 int
121 pam_vinfo(const pam_handle_t *_pamh,
122 const char *_fmt,
123 va_list _ap)
124 OPENPAM_FORMAT ((__printf__, 2, 0))
125 OPENPAM_NONNULL((1,2));
126
127 int
128 pam_verror(const pam_handle_t *_pamh,
129 const char *_fmt,
130 va_list _ap)
131 OPENPAM_FORMAT ((__printf__, 2, 0))
132 OPENPAM_NONNULL((1,2));
133
134 int
135 pam_vprompt(const pam_handle_t *_pamh,
136 int _style,
137 char **_resp,
138 const char *_fmt,
139 va_list _ap)
140 OPENPAM_FORMAT ((__printf__, 4, 0))
141 OPENPAM_NONNULL((1,4));
142
143 /*
144 * Read cooked lines.
145 * Checking for _IOFBF is a fairly reliable way to detect the presence
146 * of <stdio.h>, as SUSv3 requires it to be defined there.
147 */
148 #ifdef _IOFBF
149 char *
150 openpam_readline(FILE *_f,
151 int *_lineno,
152 size_t *_lenp)
153 OPENPAM_NONNULL((1));
154 #endif
155
156 /*
157 * Log levels
158 */
159 enum {
160 PAM_LOG_DEBUG,
161 PAM_LOG_VERBOSE,
162 PAM_LOG_NOTICE,
163 PAM_LOG_ERROR
164 };
165
166 /*
167 * Log to syslog
168 */
169 void
170 _openpam_log(int _level,
171 const char *_func,
172 const char *_fmt,
173 ...)
174 OPENPAM_FORMAT ((__printf__, 3, 4))
175 OPENPAM_NONNULL((3));
176
177 #if defined(__STDC_VERSION__) && (__STDC_VERSION__ >= 199901L)
178 #define openpam_log(lvl, ...) \
179 _openpam_log((lvl), __func__, __VA_ARGS__)
180 #elif defined(__GNUC__) && (__GNUC__ >= 3)
181 #define openpam_log(lvl, ...) \
182 _openpam_log((lvl), __func__, __VA_ARGS__)
183 #elif defined(__GNUC__) && (__GNUC__ >= 2) && (__GNUC_MINOR__ >= 95)
184 #define openpam_log(lvl, fmt...) \
185 _openpam_log((lvl), __func__, ##fmt)
186 #elif defined(__GNUC__) && defined(__func__)
187 #define openpam_log(lvl, fmt...) \
188 _openpam_log((lvl), __func__, ##fmt)
189 #else
190 void
191 openpam_log(int _level,
192 const char *_format,
193 ...)
194 OPENPAM_FORMAT ((__printf__, 2, 3))
195 OPENPAM_NONNULL((2));
196 #endif
197
198 /*
199 * Generic conversation function
200 */
201 struct pam_message;
202 struct pam_response;
203 int openpam_ttyconv(int _n,
204 const struct pam_message **_msg,
205 struct pam_response **_resp,
206 void *_data);
207
208 extern int openpam_ttyconv_timeout;
209
210 /*
211 * Null conversation function
212 */
213 int openpam_nullconv(int _n,
214 const struct pam_message **_msg,
215 struct pam_response **_resp,
216 void *_data);
217
218 /*
219 * PAM primitives
220 */
221 enum {
222 PAM_SM_AUTHENTICATE,
223 PAM_SM_SETCRED,
224 PAM_SM_ACCT_MGMT,
225 PAM_SM_OPEN_SESSION,
226 PAM_SM_CLOSE_SESSION,
227 PAM_SM_CHAUTHTOK,
228 /* keep this last */
229 PAM_NUM_PRIMITIVES
230 };
231
232 /*
233 * Dummy service module function
234 */
235 #define PAM_SM_DUMMY(type) \
236 PAM_EXTERN int \
237 pam_sm_##type(pam_handle_t *pamh, int flags, \
238 int argc, const char *argv[]) \
239 { \
240 \
241 (void)pamh; \
242 (void)flags; \
243 (void)argc; \
244 (void)argv; \
245 return (PAM_IGNORE); \
246 }
247
248 /*
249 * PAM service module functions match this typedef
250 */
251 struct pam_handle;
252 typedef int (*pam_func_t)(struct pam_handle *, int, int, const char **);
253
254 /*
255 * A struct that describes a module.
256 */
257 typedef struct pam_module pam_module_t;
258 struct pam_module {
259 char *path;
260 pam_func_t func[PAM_NUM_PRIMITIVES];
261 void *dlh;
262 };
263
264 /*
265 * Source-code compatibility with Linux-PAM modules
266 */
267 #if defined(PAM_SM_AUTH) || defined(PAM_SM_ACCOUNT) || \
268 defined(PAM_SM_SESSION) || defined(PAM_SM_PASSWORD)
269 # define LINUX_PAM_MODULE
270 #endif
271
272 #if defined(LINUX_PAM_MODULE) && !defined(PAM_SM_AUTH)
273 # define _PAM_SM_AUTHENTICATE 0
274 # define _PAM_SM_SETCRED 0
275 #else
276 # undef PAM_SM_AUTH
277 # define PAM_SM_AUTH
278 # define _PAM_SM_AUTHENTICATE pam_sm_authenticate
279 # define _PAM_SM_SETCRED pam_sm_setcred
280 #endif
281
282 #if defined(LINUX_PAM_MODULE) && !defined(PAM_SM_ACCOUNT)
283 # define _PAM_SM_ACCT_MGMT 0
284 #else
285 # undef PAM_SM_ACCOUNT
286 # define PAM_SM_ACCOUNT
287 # define _PAM_SM_ACCT_MGMT pam_sm_acct_mgmt
288 #endif
289
290 #if defined(LINUX_PAM_MODULE) && !defined(PAM_SM_SESSION)
291 # define _PAM_SM_OPEN_SESSION 0
292 # define _PAM_SM_CLOSE_SESSION 0
293 #else
294 # undef PAM_SM_SESSION
295 # define PAM_SM_SESSION
296 # define _PAM_SM_OPEN_SESSION pam_sm_open_session
297 # define _PAM_SM_CLOSE_SESSION pam_sm_close_session
298 #endif
299
300 #if defined(LINUX_PAM_MODULE) && !defined(PAM_SM_PASSWORD)
301 # define _PAM_SM_CHAUTHTOK 0
302 #else
303 # undef PAM_SM_PASSWORD
304 # define PAM_SM_PASSWORD
305 # define _PAM_SM_CHAUTHTOK pam_sm_chauthtok
306 #endif
307
308 /*
309 * Infrastructure for static modules using GCC linker sets.
310 * You are not expected to understand this.
311 */
312 #if defined(__FreeBSD__) || defined(__NetBSD__)
313 # define PAM_SOEXT ".so"
314 #else
315 # undef NO_STATIC_MODULES
316 # define NO_STATIC_MODULES
317 #endif
318
319 #ifdef __NetBSD__
320 #define DATA_SET(a, b) __link_set_add_data(a, b)
321 #endif
322
323 #if (defined(__GNUC__) || defined(__PCC__)) && !defined(NO_STATIC_MODULES)
324 /* gcc, static linking */
325 # include <sys/cdefs.h>
326 # ifdef __FreeBSD__
327 # include <linker_set.h>
328 # endif
329 # define OPENPAM_STATIC_MODULES
330 # define PAM_EXTERN static
331 # define PAM_MODULE_ENTRY(name) \
332 static char _pam_name[] = name PAM_SOEXT; \
333 static struct pam_module _pam_module = { \
334 .path = _pam_name, \
335 .func = { \
336 [PAM_SM_AUTHENTICATE] = _PAM_SM_AUTHENTICATE, \
337 [PAM_SM_SETCRED] = _PAM_SM_SETCRED, \
338 [PAM_SM_ACCT_MGMT] = _PAM_SM_ACCT_MGMT, \
339 [PAM_SM_OPEN_SESSION] = _PAM_SM_OPEN_SESSION, \
340 [PAM_SM_CLOSE_SESSION] = _PAM_SM_CLOSE_SESSION, \
341 [PAM_SM_CHAUTHTOK] = _PAM_SM_CHAUTHTOK \
342 }, \
343 }; \
344 DATA_SET(_openpam_static_modules, _pam_module)
345 #else
346 /* normal case */
347 # define PAM_EXTERN
348 # define PAM_MODULE_ENTRY(name)
349 #endif
350
351 #ifdef __cplusplus
352 }
353 #endif
354
355 #endif /* !SECURITY_OPENPAM_H_INCLUDED */
NetBSD on the FriendlyARM MINI2440