Line data Source code
1 : /*
2 : * <security/pam_modules.h>
3 : *
4 : * This header file collects definitions for the PAM API --- that is,
5 : * public interface between the PAM library and PAM modules.
6 : *
7 : * Note, the copyright information is at end of file.
8 : */
9 :
10 : #ifndef _SECURITY_PAM_MODULES_H
11 : #define _SECURITY_PAM_MODULES_H
12 :
13 : #ifdef __cplusplus
14 : extern "C" {
15 : #endif
16 :
17 : #include <security/_pam_types.h> /* Linux-PAM common defined types */
18 :
19 : /* -------------- The Linux-PAM Module PI ------------- */
20 :
21 : extern int PAM_NONNULL((1,2))
22 : pam_set_data(pam_handle_t *pamh, const char *module_data_name, void *data,
23 : void (*cleanup)(pam_handle_t *pamh, void *data,
24 : int error_status));
25 :
26 : extern int PAM_NONNULL((1,2,3))
27 : pam_get_data(const pam_handle_t *pamh, const char *module_data_name,
28 : const void **data);
29 :
30 : extern int PAM_NONNULL((1,2))
31 : pam_get_user(pam_handle_t *pamh, const char **user, const char *prompt);
32 :
33 : #ifdef PAM_STATIC
34 :
35 : #define PAM_EXTERN static
36 :
37 : struct pam_module {
38 : const char *name; /* Name of the module */
39 :
40 : /* These are function pointers to the module's key functions. */
41 :
42 : int (*pam_sm_authenticate)(pam_handle_t *pamh, int flags,
43 : int argc, const char **argv);
44 : int (*pam_sm_setcred)(pam_handle_t *pamh, int flags,
45 : int argc, const char **argv);
46 : int (*pam_sm_acct_mgmt)(pam_handle_t *pamh, int flags,
47 : int argc, const char **argv);
48 : int (*pam_sm_open_session)(pam_handle_t *pamh, int flags,
49 : int argc, const char **argv);
50 : int (*pam_sm_close_session)(pam_handle_t *pamh, int flags,
51 : int argc, const char **argv);
52 : int (*pam_sm_chauthtok)(pam_handle_t *pamh, int flags,
53 : int argc, const char **argv);
54 : };
55 :
56 : #else /* !PAM_STATIC */
57 :
58 : #define PAM_EXTERN extern
59 :
60 : #endif /* PAM_STATIC */
61 :
62 : /* Lots of files include pam_modules.h that don't need these
63 : * declared. However, when they are declared static, they
64 : * need to be defined later. So we have to protect C files
65 : * that include these without wanting these functions defined.. */
66 :
67 : #if (defined(PAM_STATIC) && defined(PAM_SM_AUTH)) || !defined(PAM_STATIC)
68 :
69 : /* Authentication API's */
70 9 : PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags,
71 : int argc, const char **argv);
72 1 : PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh, int flags,
73 : int argc, const char **argv);
74 :
75 : #endif /*(defined(PAM_STATIC) && defined(PAM_SM_AUTH))
76 : || !defined(PAM_STATIC)*/
77 :
78 : #if (defined(PAM_STATIC) && defined(PAM_SM_ACCOUNT)) || !defined(PAM_STATIC)
79 :
80 : /* Account Management API's */
81 2 : PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags,
82 : int argc, const char **argv);
83 :
84 : #endif /*(defined(PAM_STATIC) && defined(PAM_SM_ACCOUNT))
85 : || !defined(PAM_STATIC)*/
86 :
87 : #if (defined(PAM_STATIC) && defined(PAM_SM_SESSION)) || !defined(PAM_STATIC)
88 :
89 : /* Session Management API's */
90 1 : PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags,
91 : int argc, const char **argv);
92 :
93 1 : PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh, int flags,
94 : int argc, const char **argv);
95 :
96 : #endif /*(defined(PAM_STATIC) && defined(PAM_SM_SESSION))
97 : || !defined(PAM_STATIC)*/
98 :
99 : #if (defined(PAM_STATIC) && defined(PAM_SM_PASSWORD)) || !defined(PAM_STATIC)
100 :
101 : /* Password Management API's */
102 5 : PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
103 : int argc, const char **argv);
104 :
105 : #endif /*(defined(PAM_STATIC) && defined(PAM_SM_PASSWORD))
106 : || !defined(PAM_STATIC)*/
107 :
108 : /* The following two flags are for use across the Linux-PAM/module
109 : * interface only. The Application is not permitted to use these
110 : * tokens.
111 : *
112 : * The password service should only perform preliminary checks. No
113 : * passwords should be updated. */
114 : #define PAM_PRELIM_CHECK 0x4000
115 :
116 : /* The password service should update passwords Note: PAM_PRELIM_CHECK
117 : * and PAM_UPDATE_AUTHTOK cannot both be set simultaneously! */
118 : #define PAM_UPDATE_AUTHTOK 0x2000
119 :
120 :
121 : /*
122 : * here are some proposed error status definitions for the
123 : * 'error_status' argument used by the cleanup function associated
124 : * with data items they should be logically OR'd with the error_status
125 : * of the latest return from libpam -- new with .52 and positive
126 : * impression from Sun although not official as of 1996/9/4 there are
127 : * others in _pam_types.h -- they are for common module/app use.
128 : */
129 :
130 : #define PAM_DATA_REPLACE 0x20000000 /* used when replacing a data item */
131 :
132 :
133 : /* take care of any compatibility issues */
134 : #include <security/_pam_compat.h>
135 :
136 : #ifdef __cplusplus
137 : }
138 : #endif
139 :
140 : /* Copyright (C) Theodore Ts'o, 1996.
141 : * Copyright (C) Andrew Morgan, 1996-8.
142 : * All rights reserved.
143 : *
144 : * Redistribution and use in source and binary forms, with or without
145 : * modification, are permitted provided that the following conditions
146 : * are met:
147 : * 1. Redistributions of source code must retain the above copyright
148 : * notice, and the entire permission notice in its entirety,
149 : * including the disclaimer of warranties.
150 : * 2. Redistributions in binary form must reproduce the above copyright
151 : * notice, this list of conditions and the following disclaimer in the
152 : * documentation and/or other materials provided with the distribution.
153 : * 3. The name of the author may not be used to endorse or promote
154 : * products derived from this software without specific prior
155 : * written permission.
156 : *
157 : * ALTERNATIVELY, this product may be distributed under the terms of
158 : * the GNU General Public License, in which case the provisions of the
159 : * GNU GPL are required INSTEAD OF the above restrictions. (This
160 : * clause is necessary due to a potential bad interaction between the
161 : * GNU GPL and the restrictions contained in a BSD-style copyright.)
162 : *
163 : * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
164 : * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
165 : * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
166 : * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
167 : * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
168 : * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
169 : * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
170 : * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
171 : * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
172 : * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
173 : * OF THE POSSIBILITY OF SUCH DAMAGE. */
174 :
175 : #endif /* _SECURITY_PAM_MODULES_H */
|
