xref: /freebsd/contrib/openpam/lib/libpam/openpam_impl.h (revision 3416500aef140042c64bc149cb1ec6620483bc44) 
1 /*-
2  * Copyright (c) 2001-2003 Networks Associates Technology, Inc.
3  * Copyright (c) 2004-2017 Dag-Erling Smørgrav
4  * All rights reserved.
5  *
6  * This software was developed for the FreeBSD Project by ThinkSec AS and
7  * Network Associates Laboratories, the Security Research Division of
8  * Network Associates, Inc.  under DARPA/SPAWAR contract N66001-01-C-8035
9  * ("CBOSS"), as part of the DARPA CHATS research program.
10  *
11  * Redistribution and use in source and binary forms, with or without
12  * modification, are permitted provided that the following conditions
13  * are met:
14  * 1. Redistributions of source code must retain the above copyright
15  *    notice, this list of conditions and the following disclaimer.
16  * 2. Redistributions in binary form must reproduce the above copyright
17  *    notice, this list of conditions and the following disclaimer in the
18  *    documentation and/or other materials provided with the distribution.
19  * 3. The name of the author may not be used to endorse or promote
20  *    products derived from this software without specific prior written
21  *    permission.
22  *
23  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
24  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
27  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33  * SUCH DAMAGE.
34  *
35  * $OpenPAM: openpam_impl.h 938 2017-04-30 21:34:42Z des $
36  */
37 
38 #ifndef OPENPAM_IMPL_H_INCLUDED
39 #define OPENPAM_IMPL_H_INCLUDED
40 
41 #include <security/openpam.h>
42 
43 extern int openpam_debug;
44 
45 /*
46  * Control flags
47  */
48 typedef enum {
49 	PAM_BINDING,
50 	PAM_REQUIRED,
51 	PAM_REQUISITE,
52 	PAM_SUFFICIENT,
53 	PAM_OPTIONAL,
54 	PAM_NUM_CONTROL_FLAGS
55 } pam_control_t;
56 
57 /*
58  * Facilities
59  */
60 typedef enum {
61 	PAM_FACILITY_ANY = -1,
62 	PAM_AUTH = 0,
63 	PAM_ACCOUNT,
64 	PAM_SESSION,
65 	PAM_PASSWORD,
66 	PAM_NUM_FACILITIES
67 } pam_facility_t;
68 
69 /*
70  * Module chains
71  */
72 typedef struct pam_chain pam_chain_t;
73 struct pam_chain {
74 	pam_module_t	*module;
75 	int		 flag;
76 	int		 optc;
77 	char	       **optv;
78 	pam_chain_t	*next;
79 };
80 
81 /*
82  * Service policies
83  */
84 #if defined(OPENPAM_EMBEDDED)
85 typedef struct pam_policy pam_policy_t;
86 struct pam_policy {
87 	const char	*service;
88 	pam_chain_t	*chains[PAM_NUM_FACILITIES];
89 };
90 extern pam_policy_t *pam_embedded_policies[];
91 #endif
92 
93 /*
94  * Module-specific data
95  */
96 typedef struct pam_data pam_data_t;
97 struct pam_data {
98 	char		*name;
99 	void		*data;
100 	void		(*cleanup)(pam_handle_t *, void *, int);
101 	pam_data_t	*next;
102 };
103 
104 /*
105  * PAM context
106  */
107 struct pam_handle {
108 	char		*service;
109 
110 	/* chains */
111 	pam_chain_t	*chains[PAM_NUM_FACILITIES];
112 	pam_chain_t	*current;
113 	int		 primitive;
114 
115 	/* items and data */
116 	void		*item[PAM_NUM_ITEMS];
117 	pam_data_t	*module_data;
118 
119 	/* environment list */
120 	char	       **env;
121 	int		 env_count;
122 	int		 env_size;
123 };
124 
125 /*
126  * Default policy
127  */
128 #define PAM_OTHER	"other"
129 
130 /*
131  * Internal functions
132  */
133 int		 openpam_configure(pam_handle_t *, const char *)
134 	OPENPAM_NONNULL((1));
135 int		 openpam_dispatch(pam_handle_t *, int, int)
136 	OPENPAM_NONNULL((1));
137 int		 openpam_findenv(pam_handle_t *, const char *, size_t)
138 	OPENPAM_NONNULL((1,2));
139 pam_module_t	*openpam_load_module(const char *)
140 	OPENPAM_NONNULL((1));
141 void		 openpam_clear_chains(pam_chain_t **)
142 	OPENPAM_NONNULL((1));
143 
144 int		 openpam_check_desc_owner_perms(const char *, int)
145 	OPENPAM_NONNULL((1));
146 int		 openpam_check_path_owner_perms(const char *)
147 	OPENPAM_NONNULL((1));
148 
149 #ifdef OPENPAM_STATIC_MODULES
150 pam_module_t	*openpam_static(const char *)
151 	OPENPAM_NONNULL((1));
152 #endif
153 pam_module_t	*openpam_dynamic(const char *)
154 	OPENPAM_NONNULL((1));
155 
156 #define	FREE(p)					\
157 	do {					\
158 		free(p);			\
159 		(p) = NULL;			\
160 	} while (0)
161 
162 #define FREEV(c, v)				\
163 	do {					\
164 		if ((v) != NULL) {		\
165 			while ((c)-- > 0)	\
166 				FREE((v)[(c)]);	\
167 			FREE(v);		\
168 		}				\
169 	} while (0)
170 
171 #include "openpam_constants.h"
172 #include "openpam_debug.h"
173 #include "openpam_features.h"
174 
175 #endif
176