contrib/openpam/lib/openpam_impl.h

   1 /*-
   2  * Copyright (c) 2001-2003 Networks Associates Technology, Inc.
   3  * All rights reserved.
   4  *
   5  * This software was developed for the FreeBSD Project by ThinkSec AS and
   6  * Network Associates Laboratories, the Security Research Division of
   7  * Network Associates, Inc.  under DARPA/SPAWAR contract N66001-01-C-8035
   8  * ("CBOSS"), as part of the DARPA CHATS research program.
   9  *
  10  * Redistribution and use in source and binary forms, with or without
  11  * modification, are permitted provided that the following conditions
  12  * are met:
  13  * 1. Redistributions of source code must retain the above copyright
  14  *    notice, this list of conditions and the following disclaimer.
  15  * 2. Redistributions in binary form must reproduce the above copyright
  16  *    notice, this list of conditions and the following disclaimer in the
  17  *    documentation and/or other materials provided with the distribution.
  18  * 3. The name of the author may not be used to endorse or promote
  19  *    products derived from this software without specific prior written
  20  *    permission.
  21  *
  22  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
  23  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
  24  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
  25  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
  26  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
  27  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
  28  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  29  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
  30  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
  31  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  32  * SUCH DAMAGE.
  33  *
  34  * $P4: //depot/projects/openpam/lib/openpam_impl.h#29 $
  35  */
  36
  37 #ifndef _OPENPAM_IMPL_H_INCLUDED
  38 #define _OPENPAM_IMPL_H_INCLUDED
  39
  40 #ifdef HAVE_CONFIG_H
  41 # include <config.h>
  42 #endif
  43
  44 #include <security/openpam.h>
  45
  46 extern const char *_pam_func_name[PAM_NUM_PRIMITIVES];
  47 extern const char *_pam_sm_func_name[PAM_NUM_PRIMITIVES];
  48 extern const char *_pam_err_name[PAM_NUM_ERRORS];
  49 extern const char *_pam_item_name[PAM_NUM_ITEMS];
  50
  51 extern int _openpam_debug;
  52
  53 /*
  54  * Control flags
  55  */
  56 typedef enum {
  57         PAM_BINDING,
  58         PAM_REQUIRED,
  59         PAM_REQUISITE,
  60         PAM_SUFFICIENT,
  61         PAM_OPTIONAL,
  62         PAM_NUM_CONTROL_FLAGS
  63 } pam_control_t;
  64
  65 /*
  66  * Facilities
  67  */
  68 typedef enum {
  69         PAM_FACILITY_ANY = -1,
  70         PAM_AUTH = 0,
  71         PAM_ACCOUNT,
  72         PAM_SESSION,
  73         PAM_PASSWORD,
  74         PAM_NUM_FACILITIES
  75 } pam_facility_t;
  76
  77 typedef struct pam_chain pam_chain_t;
  78 struct pam_chain {
  79         pam_module_t    *module;
  80         int              flag;
  81         int              optc;
  82         char           **optv;
  83         pam_chain_t     *next;
  84 };
  85
  86 typedef struct pam_data pam_data_t;
  87 struct pam_data {
  88         char            *name;
  89         void            *data;
  90         void            (*cleanup)(pam_handle_t *, void *, int);
  91         pam_data_t      *next;
  92 };
  93
  94 struct pam_handle {
  95         char            *service;
  96
  97         /* chains */
  98         pam_chain_t     *chains[PAM_NUM_FACILITIES];
  99         pam_chain_t     *current;
 100         int              primitive;
 101
 102         /* items and data */
 103         void            *item[PAM_NUM_ITEMS];
 104         pam_data_t      *module_data;
 105
 106         /* environment list */
 107         char           **env;
 108         int              env_count;
 109         int              env_size;
 110 };
 111
 112 #ifdef NGROUPS_MAX
 113 #define PAM_SAVED_CRED "pam_saved_cred"
 114 struct pam_saved_cred {
 115         uid_t    euid;
 116         gid_t    egid;
 117         gid_t    groups[NGROUPS_MAX];
 118         int      ngroups;
 119 };
 120 #endif
 121
 122 #define PAM_OTHER       "other"
 123
 124 int              openpam_configure(pam_handle_t *, const char *);
 125 int              openpam_dispatch(pam_handle_t *, int, int);
 126 int              openpam_findenv(pam_handle_t *, const char *, size_t);
 127 pam_module_t    *openpam_load_module(const char *);
 128 void             openpam_clear_chains(pam_chain_t **);
 129
 130 #ifdef OPENPAM_STATIC_MODULES
 131 pam_module_t    *openpam_static(const char *);
 132 #endif
 133 pam_module_t    *openpam_dynamic(const char *);
 134
 135 #define FREE(p) do { free((p)); (p) = NULL; } while (0)
 136
 137 #ifdef DEBUG
 138 #define ENTER() openpam_log(PAM_LOG_DEBUG, "entering")
 139 #define ENTERI(i) do { \
 140         int _i = (i); \
 141         if (_i > 0 && _i < PAM_NUM_ITEMS) \
 142                 openpam_log(PAM_LOG_DEBUG, "entering: %s", _pam_item_name[_i]); \
 143         else \
 144                 openpam_log(PAM_LOG_DEBUG, "entering: %d", _i); \
 145 } while (0)
 146 #define ENTERN(n) do { \
 147         int _n = (n); \
 148         openpam_log(PAM_LOG_DEBUG, "entering: %d", _n); \
 149 } while (0)
 150 #define ENTERS(s) do { \
 151         const char *_s = (s); \
 152         if (_s == NULL) \
 153                 openpam_log(PAM_LOG_DEBUG, "entering: NULL"); \
 154         else \
 155                 openpam_log(PAM_LOG_DEBUG, "entering: '%s'", _s); \
 156 } while (0)
 157 #define RETURNV() openpam_log(PAM_LOG_DEBUG, "returning")
 158 #define RETURNC(c) do { \
 159         int _c = (c); \
 160         if (_c >= 0 && _c < PAM_NUM_ERRORS) \
 161                 openpam_log(PAM_LOG_DEBUG, "returning %s", _pam_err_name[_c]); \
 162         else \
 163                 openpam_log(PAM_LOG_DEBUG, "returning %d!", _c); \
 164         return (_c); \
 165 } while (0)
 166 #define RETURNN(n) do { \
 167         int _n = (n); \
 168         openpam_log(PAM_LOG_DEBUG, "returning %d", _n); \
 169         return (_n); \
 170 } while (0)
 171 #define RETURNP(p) do { \
 172         const void *_p = (p); \
 173         if (_p == NULL) \
 174                 openpam_log(PAM_LOG_DEBUG, "returning NULL"); \
 175         else \
 176                 openpam_log(PAM_LOG_DEBUG, "returning %p", _p); \
 177         return (p); \
 178 } while (0)
 179 #define RETURNS(s) do { \
 180         const char *_s = (s); \
 181         if (_s == NULL) \
 182                 openpam_log(PAM_LOG_DEBUG, "returning NULL"); \
 183         else \
 184                 openpam_log(PAM_LOG_DEBUG, "returning '%s'", _s); \
 185         return (_s); \
 186 } while (0)
 187 #else
 188 #define ENTER()
 189 #define ENTERI(i)
 190 #define ENTERN(n)
 191 #define ENTERS(s)
 192 #define RETURNV() return
 193 #define RETURNC(c) return (c)
 194 #define RETURNN(n) return (n)
 195 #define RETURNP(p) return (p)
 196 #define RETURNS(s) return (s)
 197 #endif
 198
 199 #endif