2 * <security/pam_modules.h>
4 * $Id: pam_modules.h,v 1.8 1997/01/04 20:14:42 morgan Exp morgan $
6 * This header file documents the PAM SPI --- that is, interface
7 * between the PAM library and a PAM service library which is called
10 * Note, the copyright information is at end of file.
12 * $Log: pam_modules.h,v $
13 * Revision 1.8 1997/01/04 20:14:42 morgan
14 * moved PAM_DATA_SILENT to _pam_types.h so applications can use it too
16 * Revision 1.7 1996/11/10 19:57:08 morgan
17 * pam_get_user prototype.
19 * Revision 1.6 1996/09/05 06:18:45 morgan
20 * added some data error_status masks, changed prototype for cleanup()
22 * Revision 1.5 1996/06/02 07:58:37 morgan
23 * altered the way in which modules obtain static prototypes for
28 #ifndef _SECURITY_PAM_MODULES_H
29 #define _SECURITY_PAM_MODULES_H
32 * Define either PAM_STATIC or PAM_DYNAMIC, based on whether PIC
33 * compilation is being used.
35 #if !defined(PIC) && !defined(PAM_STATIC)
43 #include <linker_set.h>
46 #include <security/_pam_types.h> /* Linux-PAM common defined types */
48 /* these defines are used by pam_set_item() and pam_get_item() and are
49 * in addition to those found in <security/_pam_types.h> */
51 #define PAM_AUTHTOK 6 /* The authentication token (password) */
52 #define PAM_OLDAUTHTOK 7 /* The old authentication token */
54 /* -------------- The Linux-PAM Module PI ------------- */
56 extern int pam_set_data(pam_handle_t *pamh, const char *module_data_name,
58 void (*cleanup)(pam_handle_t *pamh, void *data,
60 extern int pam_get_data(const pam_handle_t *pamh,
61 const char *module_data_name, const void **data);
63 extern int pam_get_user(pam_handle_t *pamh, const char **user
64 , const char *prompt);
68 #define PAM_EXTERN static
71 const char *name; /* Name of the module */
73 /* These are function pointers to the module's key functions. */
75 int (*pam_sm_authenticate)(pam_handle_t *pamh, int flags,
76 int argc, const char **argv);
77 int (*pam_sm_setcred)(pam_handle_t *pamh, int flags,
78 int argc, const char **argv);
79 int (*pam_sm_acct_mgmt)(pam_handle_t *pamh, int flags,
80 int argc, const char **argv);
81 int (*pam_sm_open_session)(pam_handle_t *pamh, int flags,
82 int argc, const char **argv);
83 int (*pam_sm_close_session)(pam_handle_t *pamh, int flags,
84 int argc, const char **argv);
85 int (*pam_sm_chauthtok)(pam_handle_t *pamh, int flags,
86 int argc, const char **argv);
90 #define PAM_SM_AUTH_ENTRY pam_sm_authenticate
91 #define PAM_SM_SETCRED_ENTRY pam_sm_setcred
93 #define PAM_SM_AUTH_ENTRY NULL
94 #define PAM_SM_SETCRED_ENTRY NULL
98 #define PAM_SM_ACCOUNT_ENTRY pam_sm_acct_mgmt
100 #define PAM_SM_ACCOUNT_ENTRY NULL
103 #ifdef PAM_SM_SESSION
104 #define PAM_SM_OPEN_SESSION_ENTRY pam_sm_open_session
105 #define PAM_SM_CLOSE_SESSION_ENTRY pam_sm_close_session
107 #define PAM_SM_OPEN_SESSION_ENTRY NULL
108 #define PAM_SM_CLOSE_SESSION_ENTRY NULL
111 #ifdef PAM_SM_PASSWORD
112 #define PAM_SM_PASSWORD_ENTRY pam_sm_chauthtok
114 #define PAM_SM_PASSWORD_ENTRY NULL
117 #define PAM_MODULE_ENTRY(name) \
118 static struct pam_module _pam_modstruct = { \
121 PAM_SM_SETCRED_ENTRY, \
122 PAM_SM_ACCOUNT_ENTRY, \
123 PAM_SM_OPEN_SESSION_ENTRY, \
124 PAM_SM_CLOSE_SESSION_ENTRY, \
125 PAM_SM_PASSWORD_ENTRY \
127 DATA_SET(_pam_static_modules, _pam_modstruct)
129 #else /* !PAM_STATIC */
131 #define PAM_EXTERN extern
132 #define PAM_MODULE_ENTRY(name)
134 #endif /* PAM_STATIC */
136 /* Lots of files include pam_modules.h that don't need these
137 * declared. However, when they are declared static, they
138 * need to be defined later. So we have to protect C files
139 * that include these without wanting these functions defined.. */
141 #if (defined(PAM_STATIC) && defined(PAM_SM_AUTH)) || !defined(PAM_STATIC)
143 /* Authentication API's */
144 PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags,
145 int argc, const char **argv);
146 PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh, int flags,
147 int argc, const char **argv);
149 #endif /*(defined(PAM_STATIC) && defined(PAM_SM_AUTH))
150 || !defined(PAM_STATIC)*/
152 #if (defined(PAM_STATIC) && defined(PAM_SM_ACCOUNT)) || !defined(PAM_STATIC)
154 /* Account Management API's */
155 PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags,
156 int argc, const char **argv);
158 #endif /*(defined(PAM_STATIC) && defined(PAM_SM_ACCOUNT))
159 || !defined(PAM_STATIC)*/
161 #if (defined(PAM_STATIC) && defined(PAM_SM_SESSION)) || !defined(PAM_STATIC)
163 /* Session Management API's */
164 PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags,
165 int argc, const char **argv);
167 PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh, int flags,
168 int argc, const char **argv);
170 #endif /*(defined(PAM_STATIC) && defined(PAM_SM_SESSION))
171 || !defined(PAM_STATIC)*/
173 #if (defined(PAM_STATIC) && defined(PAM_SM_PASSWORD)) || !defined(PAM_STATIC)
175 /* Password Management API's */
176 PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
177 int argc, const char **argv);
179 #endif /*(defined(PAM_STATIC) && defined(PAM_SM_PASSWORD))
180 || !defined(PAM_STATIC)*/
182 /* The following two flags are for use across the Linux-PAM/module
183 * interface only. The Application is not permitted to use these
186 * The password service should only perform preliminary checks. No
187 * passwords should be updated. */
188 #define PAM_PRELIM_CHECK 0x4000
190 /* The password service should update passwords Note: PAM_PRELIM_CHECK
191 * and PAM_UPDATE_AUTHTOK can not both be set simultaneously! */
192 #define PAM_UPDATE_AUTHTOK 0x2000
196 * here are some proposed error status definitions for the
197 * 'error_status' argument used by the cleanup function associated
198 * with data items they should be logically OR'd with the error_status
199 * of the latest return from libpam -- new with .52 and positive
200 * impression from Sun although not official as of 1996/9/4 there are
201 * others in _pam_types.h -- they are for common module/app use.
204 #define PAM_DATA_REPLACE 0x20000000 /* used when replacing a data item */
206 /* take care of any compatibility issues */
207 #include <security/_pam_compat.h>
209 /* Copyright (C) Theodore Ts'o, 1996.
210 * Copyright (C) Andrew Morgan, 1996-8.
211 * All rights reserved.
213 * Redistribution and use in source and binary forms, with or without
214 * modification, are permitted provided that the following conditions
216 * 1. Redistributions of source code must retain the above copyright
217 * notice, and the entire permission notice in its entirety,
218 * including the disclaimer of warranties.
219 * 2. Redistributions in binary form must reproduce the above copyright
220 * notice, this list of conditions and the following disclaimer in the
221 * documentation and/or other materials provided with the distribution.
222 * 3. The name of the author may not be used to endorse or promote
223 * products derived from this software without specific prior
224 * written permission.
226 * ALTERNATIVELY, this product may be distributed under the terms of
227 * the GNU General Public License, in which case the provisions of the
228 * GNU GPL are required INSTEAD OF the above restrictions. (This
229 * clause is necessary due to a potential bad interaction between the
230 * GNU GPL and the restrictions contained in a BSD-style copyright.)
232 * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
233 * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
234 * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
235 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
236 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
237 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
238 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
239 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
240 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
241 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
242 * OF THE POSSIBILITY OF SUCH DAMAGE. */
244 #endif /* _SECURITY_PAM_MODULES_H */
projects / FreeBSD / FreeBSD.git / blob