xref: /netbsd-src/external/bsd/openpam/dist/lib/libpam/openpam_impl.h (revision 181254a7b1bdde6873432bffef2d2decc4b5c22f) 
1 /*	$NetBSD: openpam_impl.h,v 1.3 2017/05/06 19:50:09 christos Exp $	*/
2 
3 /*-
4  * Copyright (c) 2001-2003 Networks Associates Technology, Inc.
5  * Copyright (c) 2004-2017 Dag-Erling Smørgrav
6  * All rights reserved.
7  *
8  * This software was developed for the FreeBSD Project by ThinkSec AS and
9  * Network Associates Laboratories, the Security Research Division of
10  * Network Associates, Inc.  under DARPA/SPAWAR contract N66001-01-C-8035
11  * ("CBOSS"), as part of the DARPA CHATS research program.
12  *
13  * Redistribution and use in source and binary forms, with or without
14  * modification, are permitted provided that the following conditions
15  * are met:
16  * 1. Redistributions of source code must retain the above copyright
17  *    notice, this list of conditions and the following disclaimer.
18  * 2. Redistributions in binary form must reproduce the above copyright
19  *    notice, this list of conditions and the following disclaimer in the
20  *    documentation and/or other materials provided with the distribution.
21  * 3. The name of the author may not be used to endorse or promote
22  *    products derived from this software without specific prior written
23  *    permission.
24  *
25  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
26  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
27  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
28  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
29  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
30  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
31  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
32  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
33  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
34  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
35  * SUCH DAMAGE.
36  *
37  * $OpenPAM: openpam_impl.h 938 2017-04-30 21:34:42Z des $
38  */
39 
40 #ifndef OPENPAM_IMPL_H_INCLUDED
41 #define OPENPAM_IMPL_H_INCLUDED
42 
43 #include <security/openpam.h>
44 
45 extern int openpam_debug;
46 
47 /*
48  * Control flags
49  */
50 typedef enum {
51 	PAM_BINDING,
52 	PAM_REQUIRED,
53 	PAM_REQUISITE,
54 	PAM_SUFFICIENT,
55 	PAM_OPTIONAL,
56 	PAM_NUM_CONTROL_FLAGS
57 } pam_control_t;
58 
59 /*
60  * Facilities
61  */
62 typedef enum {
63 	PAM_FACILITY_ANY = -1,
64 	PAM_AUTH = 0,
65 	PAM_ACCOUNT,
66 	PAM_SESSION,
67 	PAM_PASSWORD,
68 	PAM_NUM_FACILITIES
69 } pam_facility_t;
70 
71 /*
72  * Module chains
73  */
74 typedef struct pam_chain pam_chain_t;
75 struct pam_chain {
76 	pam_module_t	*module;
77 	int		 flag;
78 	int		 optc;
79 	char	       **optv;
80 	pam_chain_t	*next;
81 };
82 
83 /*
84  * Service policies
85  */
86 #if defined(OPENPAM_EMBEDDED)
87 typedef struct pam_policy pam_policy_t;
88 struct pam_policy {
89 	const char	*service;
90 	pam_chain_t	*chains[PAM_NUM_FACILITIES];
91 };
92 extern pam_policy_t *pam_embedded_policies[];
93 #endif
94 
95 /*
96  * Module-specific data
97  */
98 typedef struct pam_data pam_data_t;
99 struct pam_data {
100 	char		*name;
101 	void		*data;
102 	void		(*cleanup)(pam_handle_t *, void *, int);
103 	pam_data_t	*next;
104 };
105 
106 /*
107  * PAM context
108  */
109 struct pam_handle {
110 	char		*service;
111 
112 	/* chains */
113 	pam_chain_t	*chains[PAM_NUM_FACILITIES];
114 	pam_chain_t	*current;
115 	int		 primitive;
116 
117 	/* items and data */
118 	void		*item[PAM_NUM_ITEMS];
119 	pam_data_t	*module_data;
120 
121 	/* environment list */
122 	char	       **env;
123 	size_t		 env_count;
124 	size_t		 env_size;
125 };
126 
127 /*
128  * Default policy
129  */
130 #define PAM_OTHER	"other"
131 
132 /*
133  * Internal functions
134  */
135 int		 openpam_configure(pam_handle_t *, const char *)
136 	OPENPAM_NONNULL((1));
137 int		 openpam_dispatch(pam_handle_t *, int, int)
138 	OPENPAM_NONNULL((1));
139 int		 openpam_findenv(pam_handle_t *, const char *, size_t)
140 	OPENPAM_NONNULL((1,2));
141 pam_module_t	*openpam_load_module(const char *)
142 	OPENPAM_NONNULL((1));
143 void		 openpam_clear_chains(pam_chain_t **)
144 	OPENPAM_NONNULL((1));
145 
146 int		 openpam_check_desc_owner_perms(const char *, int)
147 	OPENPAM_NONNULL((1));
148 int		 openpam_check_path_owner_perms(const char *)
149 	OPENPAM_NONNULL((1));
150 
151 #ifdef OPENPAM_STATIC_MODULES
152 pam_module_t	*openpam_static(const char *)
153 	OPENPAM_NONNULL((1));
154 #endif
155 pam_module_t	*openpam_dynamic(const char *)
156 	OPENPAM_NONNULL((1));
157 
158 #define	FREE(p)					\
159 	do {					\
160 		free(p);			\
161 		(p) = NULL;			\
162 	} while (/*CONSTCOND*/0)
163 
164 #define FREEV(c, v)				\
165 	do {					\
166 		if ((v) != NULL) {		\
167 			while ((c)-- > 0)	\
168 				FREE((v)[(c)]);	\
169 			FREE(v);		\
170 		}				\
171 	} while (/*CONSTCOND*/0)
172 
173 #include "openpam_constants.h"
174 #include "openpam_debug.h"
175 #include "openpam_features.h"
176 
177 #endif
178