| blob | 99cd17e5e76b9f39d88c5a7289badf5100ec9ac4 |
1 /* pam_winbind header file
2 (Solaris needs some macros from Linux for common PAM code)
4 Shirish Kalele 2000
5 */
10 #include <talloc.h>
15 #define PAM_SM_AUTH
16 #define PAM_SM_ACCOUNT
17 #define PAM_SM_PASSWORD
18 #define PAM_SM_SESSION
20 #ifndef PAM_WINBIND_CONFIG_FILE
22 #endif
24 #include <iniparser.h>
26 #ifdef HAVE_LIBINTL_H
27 #include <libintl.h>
28 #endif
30 #ifndef LINUX
32 /* Solaris always uses dynamic pam modules */
33 #define PAM_EXTERN extern
34 #if defined(HAVE_SECURITY_PAM_APPL_H)
35 #include <security/pam_appl.h>
36 #elif defined(HAVE_PAM_PAM_APPL_H)
37 #include <pam/pam_appl.h>
38 #endif
40 #ifndef PAM_AUTHTOK_RECOVER_ERR
41 #define PAM_AUTHTOK_RECOVER_ERR PAM_AUTHTOK_RECOVERY_ERR
42 #endif
44 #endif /* defined(SUNOS5) || defined(SUNOS4) || defined(HPUX) || defined(FREEBSD) || defined(AIX) */
46 #if defined(HAVE_SECURITY_PAM_MODULES_H)
47 #include <security/pam_modules.h>
48 #elif defined(HAVE_PAM_PAM_MODULES_H)
49 #include <pam/pam_modules.h>
50 #endif
52 #if defined(HAVE_SECURITY__PAM_MACROS_H)
53 #include <security/_pam_macros.h>
54 #elif defined(HAVE_PAM__PAM_MACROS_H)
55 #include <pam/_pam_macros.h>
56 #else
57 /* Define required macros from (Linux PAM 0.68) security/_pam_macros.h */
59 do { \
60 int reply_i; \
61 \
62 for (reply_i=0; reply_i<replies; ++reply_i) { \
63 if (reply[reply_i].resp) { \
64 _pam_overwrite(reply[reply_i].resp); \
65 free(reply[reply_i].resp); \
66 } \
67 } \
68 if (reply) \
69 free(reply); \
70 } while (0)
72 #define _pam_overwrite(x) \
73 do { \
74 register char *__xx__; \
75 if ((__xx__=(x))) \
76 while (*__xx__) \
78 } while (0)
80 /*
81 * Don't just free it, forget it too.
82 */
84 #define _pam_drop(X) SAFE_FREE(X)
86 #define x_strdup(s) ( (s) ? strdup(s):NULL )
89 #ifdef HAVE_SECURITY_PAM_EXT_H
90 #include <security/pam_ext.h>
91 #endif
93 #define WINBIND_DEBUG_ARG 0x00000001
94 #define WINBIND_USE_AUTHTOK_ARG 0x00000002
95 #define WINBIND_UNKNOWN_OK_ARG 0x00000004
96 #define WINBIND_TRY_FIRST_PASS_ARG 0x00000008
97 #define WINBIND_USE_FIRST_PASS_ARG 0x00000010
98 #define WINBIND__OLD_PASSWORD 0x00000020
99 #define WINBIND_REQUIRED_MEMBERSHIP 0x00000040
100 #define WINBIND_KRB5_AUTH 0x00000080
101 #define WINBIND_KRB5_CCACHE_TYPE 0x00000100
102 #define WINBIND_CACHED_LOGIN 0x00000200
103 #define WINBIND_CONFIG_FILE 0x00000400
104 #define WINBIND_SILENT 0x00000800
105 #define WINBIND_DEBUG_STATE 0x00001000
106 #define WINBIND_WARN_PWD_EXPIRE 0x00002000
107 #define WINBIND_MKHOMEDIR 0x00004000
109 #if defined(HAVE_GETTEXT) && !defined(__LCLINT__)
110 #define _(string) dgettext(MODULE_NAME, string)
111 #else
112 #define _(string) string
113 #endif
115 #define N_(string) string
117 /*
118 * here is the string to inform the user that the new passwords they
119 * typed were not the same.
120 */
124 #define on(x, y) (x & y)
125 #define off(x, y) (!(x & y))
135 #define SECONDS_PER_DAY 86400
137 #define DEFAULT_DAYS_TO_WARN_BEFORE_PWD_EXPIRES 14
141 #define PAM_WB_REMARK_DIRECT(c,x)\
142 {\
143 const char *error_string = NULL; \
144 error_string = _get_ntstatus_error_string(x);\
145 if (error_string != NULL) {\
146 _make_remark(c, PAM_ERROR_MSG, error_string);\
147 } else {\
148 _make_remark(c, PAM_ERROR_MSG, x);\
149 };\
150 };
152 #define LOGON_KRB5_FAIL_CLOCK_SKEW 0x02000000
154 #define PAM_WB_CACHED_LOGON(x) (x & WBC_AUTH_USER_INFO_CACHED_ACCOUNT)
155 #define PAM_WB_KRB5_CLOCK_SKEW(x) (x & LOGON_KRB5_FAIL_CLOCK_SKEW)
156 #define PAM_WB_GRACE_LOGON(x) ((WBC_AUTH_USER_INFO_CACHED_ACCOUNT|WBC_AUTH_USER_INFO_GRACE_LOGON) == ( x & (WBC_AUTH_USER_INFO_CACHED_ACCOUNT|WBC_AUTH_USER_INFO_GRACE_LOGON)))
165 };
167 #define TALLOC_FREE(ctx) do { if ((ctx) != NULL) {talloc_free(ctx); ctx=NULL;} } while(0)
168 #define TALLOC_ZERO_P(ctx, type) (type *)_talloc_zero(ctx, sizeof(type), #type)
169 #define TALLOC_P(ctx, type) (type *)talloc_named_const(ctx, sizeof(type), #type)