search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
build: remove map.noexstk and map.noexdata (now default)
[unleashed.git] / usr / src / lib / passwdutil / passwdutil.h
blob77c8249074780c0d4ce8c9491c066c0fe89a8832
1 /*
2 * CDDL HEADER START
3 *
4 * The contents of this file are subject to the terms of the
5 * Common Development and Distribution License (the "License").
6 * You may not use this file except in compliance with the License.
7 *
8 * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
9 * or http://www.opensolaris.org/os/licensing.
10 * See the License for the specific language governing permissions
11 * and limitations under the License.
12 *
13 * When distributing Covered Code, include this CDDL HEADER in each
14 * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
15 * If applicable, add the following below this CDDL HEADER, with the
16 * fields enclosed by brackets "[]" replaced with your own identifying
17 * information: Portions Copyright [yyyy] [name of copyright owner]
18 *
19 * CDDL HEADER END
20 */
21 /*
22 * Copyright 2009 Sun Microsystems, Inc. All rights reserved.
23 * Use is subject to license terms.
24 */
25
26 #ifndef _PASSWDUTIL_H
27 #define _PASSWDUTIL_H
28
29 #ifdef __cplusplus
30 extern "C" {
31 #endif
32
33 #include <sys/types.h>
34 #include <shadow.h>
35 #include <crypt.h> /* CRYPT_MAXCIPHERTEXTLEN max crypt length */
36
37 /* DAY_NOW_32 is a 32-bit value, independent of the architecture */
38 #ifdef _LP64
39 #include <sys/types32.h>
40 #define DAY_NOW_32 ((time32_t)DAY_NOW)
41 #else
42 #define DAY_NOW_32 ((time_t)DAY_NOW)
43 #endif
44
45 typedef enum {
46 /* from plain passwd */
47 ATTR_NAME = 0x1,
48 ATTR_PASSWD = 0x2,
49 ATTR_UID = 0x4,
50 ATTR_GID = 0x8,
51 ATTR_AGE = 0x10,
52 ATTR_COMMENT = 0x20,
53 ATTR_GECOS = 0x40,
54 ATTR_HOMEDIR = 0x80,
55 ATTR_SHELL = 0x100,
56 /* from shadow */
57 ATTR_LSTCHG = 0x200,
58 ATTR_MIN = 0x400,
59 ATTR_MAX = 0x800,
60 ATTR_WARN = 0x1000,
61 ATTR_INACT = 0x2000,
62 ATTR_EXPIRE = 0x4000,
63 ATTR_FLAG = 0x8000,
64 /* special operations */
65 ATTR_LOCK_ACCOUNT = 0x10000,
66 ATTR_EXPIRE_PASSWORD = 0x20000,
67 ATTR_NOLOGIN_ACCOUNT = 0x40000,
68 ATTR_UNLOCK_ACCOUNT = 0x80000,
69 /* Query operations */
70 /* to obtain repository name that contained the info */
71 ATTR_REP_NAME = 0x100000,
72 /* special attribute */
73 /* to set password following server policy */
74 ATTR_PASSWD_SERVER_POLICY = 0x200000,
75 /* get history entry from supporting repositories */
76 ATTR_HISTORY = 0x400000,
77 /* Failed login bookkeeping */
78 ATTR_FAILED_LOGINS = 0x800000, /* get # of failed logins */
79 ATTR_INCR_FAILED_LOGINS = 0x1000000, /* increment + lock if needed */
80 ATTR_RST_FAILED_LOGINS = 0x2000000 /* reset failed logins */
81 } attrtype;
82
83 typedef struct attrlist_s {
84 attrtype type;
85 union {
86 char *val_s;
87 int val_i;
88 } data;
89 struct attrlist_s *next;
90 } attrlist;
91
92 typedef struct {
93 char *type;
94 void *scope;
95 size_t scope_len;
96 } pwu_repository_t;
97
98 #define PWU_DEFAULT_REP (pwu_repository_t *)NULL
99
100 #define REP_NOREP 0 /* Can't find suitable repository */
101 #define REP_FILES 0x0001 /* /etc/passwd, /etc/shadow */
102 #define REP_NIS 0x0002
103 #define REP_LDAP 0x0004
104 #define REP_NSS 0x0008
105 #define REP_LAST REP_NSS
106 #define REP_ERANGE 0x8000 /* Unknown repository specified */
107
108 #define REP_COMPAT_NIS 0x1000
109 #define REP_COMPAT_LDAP 0x2000
110
111 /* For the time being, these are also defined in pam_*.h */
112 #undef IS_FILES
113 #undef IS_NIS
114 #undef IS_LDAP
115
116 #define IS_FILES(r) (r.type != NULL && strcmp(r.type, "files") == 0)
117 #define IS_NIS(r) (r.type != NULL && strcmp(r.type, "nis") == 0)
118 #define IS_LDAP(r) (r.type != NULL && strcmp(r.type, "ldap") == 0)
119
120 #define MINWEEKS -1
121 #define MAXWEEKS -1
122 #define WARNWEEKS -1
123
124 typedef struct repops {
125 int (*checkhistory)(char *, char *, pwu_repository_t *);
126 int (*getattr)(char *, attrlist *, pwu_repository_t *);
127 int (*getpwnam)(char *, attrlist *, pwu_repository_t *, void **);
128 int (*update)(attrlist *, pwu_repository_t *, void *);
129 int (*putpwnam)(char *, char *, pwu_repository_t *, void *);
130 int (*user_to_authenticate)(char *, pwu_repository_t *, char **, int *);
131 int (*lock)(void);
132 int (*unlock)(void);
133 } repops_t;
134
135 extern repops_t files_repops, nis_repops, ldap_repops, nss_repops;
136
137 extern repops_t *rops[];
138
139 /*
140 * utils.c
141 */
142 void turn_on_default_aging(struct spwd *);
143 int def_getint(char *name, int defvalue);
144
145 /*
146 * debug.c
147 */
148 void debug_init(void);
149 void debug(char *, ...);
150
151 /*
152 * switch_utils.c
153 */
154 #define PWU_READ 0 /* Read access to the repository */
155 #define PWU_WRITE 1 /* Write (update) access to the repository */
156
157 int get_ns(pwu_repository_t *, int);
158 struct passwd *getpwnam_from(const char *, pwu_repository_t *, int);
159 struct passwd *getpwuid_from(uid_t, pwu_repository_t *, int);
160 struct spwd *getspnam_from(const char *, pwu_repository_t *, int);
161 int name_to_int(char *);
162
163 /*
164 * __set_authtok_attr.c
165 */
166 int __set_authtoken_attr(char *, char *, pwu_repository_t *, attrlist *, int *);
167 /*
168 * __get_authtokenn_attr.c
169 */
170 int __get_authtoken_attr(char *, pwu_repository_t *, attrlist *);
171
172 /*
173 * __user_to_authenticate.c
174 */
175 int __user_to_authenticate(char *, pwu_repository_t *, char **, int *);
176
177 /*
178 * Password history definitions
179 */
180 #define DEFHISTORY 0 /* default history depth */
181 #define MAXHISTORY 26 /* max depth of history 1 yr every 2 weeks */
182
183 /*
184 * __check_history.c
185 */
186 int __check_history(char *, char *, pwu_repository_t *);
187
188 int __incr_failed_count(char *, char *, int);
189 int __rst_failed_count(char *, char *);
190
191 /*
192 * Error / return codes
193 */
194 #define PWU_SUCCESS 0 /* update succeeded */
195 #define PWU_BUSY -1 /* Password database busy */
196 #define PWU_STAT_FAILED -2 /* stat of password file failed */
197 #define PWU_OPEN_FAILED -3 /* password file open failed */
198 #define PWU_WRITE_FAILED -4 /* can't write to password file */
199 #define PWU_CLOSE_FAILED -5 /* close returned error */
200 #define PWU_NOT_FOUND -6 /* user not found in database */
201 #define PWU_UPDATE_FAILED -7 /* couldn't update password file */
202 #define PWU_NOMEM -8 /* Not enough memory */
203 #define PWU_SERVER_ERROR -9 /* NIS server errors */
204 #define PWU_SYSTEM_ERROR -10 /* NIS local configuration problem */
205 #define PWU_DENIED -11 /* NIS update denied */
206 #define PWU_NO_CHANGE -12 /* Data hasn't changed */
207 #define PWU_REPOSITORY_ERROR -13 /* Unknown repository specified */
208 #define PWU_AGING_DISABLED -14 /* Modifying min/warn while max==-1 */
209
210 /* More errors */
211
212 #define PWU_PWD_TOO_SHORT -15 /* new passwd too short */
213 #define PWU_PWD_INVALID -16 /* new passwd has invalid syntax */
214 #define PWU_PWD_IN_HISTORY -17 /* new passwd in history list */
215 #define PWU_CHANGE_NOT_ALLOWED -18 /* change not allowed */
216 #define PWU_WITHIN_MIN_AGE -19 /* change not allowed, within min age */
217 #define PWU_ACCOUNT_LOCKED -20 /* account successfully locked */
218
219 #ifdef __cplusplus
220 }
221 #endif
222
223 #endif /* _PASSWDUTIL_H */
Unleashed OS