diff options
author | Steve Langasek <steve.langasek@ubuntu.com> | 2019-01-03 16:26:05 -0800 |
---|---|---|
committer | Steve Langasek <steve.langasek@ubuntu.com> | 2019-01-03 17:26:38 -0800 |
commit | 9c52e721044e7501c3d4567b36d222dc7326224a (patch) | |
tree | 9011790770130c60a712a6f125ad50d60e07cc74 /Linux-PAM/libpam/include/security | |
parent | 9727ff2a3fa0e94a42b34a579027bacf4146d571 (diff) | |
parent | 186ff16e8d12ff15d518000c17f115ccab5275a4 (diff) |
New upstream version 1.0.1
Diffstat (limited to 'Linux-PAM/libpam/include/security')
-rw-r--r-- | Linux-PAM/libpam/include/security/_pam_compat.h | 126 | ||||
-rw-r--r-- | Linux-PAM/libpam/include/security/_pam_macros.h | 196 | ||||
-rw-r--r-- | Linux-PAM/libpam/include/security/_pam_types.h | 332 | ||||
-rw-r--r-- | Linux-PAM/libpam/include/security/pam_appl.h | 99 | ||||
-rw-r--r-- | Linux-PAM/libpam/include/security/pam_ext.h | 81 | ||||
-rw-r--r-- | Linux-PAM/libpam/include/security/pam_modules.h | 175 | ||||
-rw-r--r-- | Linux-PAM/libpam/include/security/pam_modutil.h | 107 |
7 files changed, 0 insertions, 1116 deletions
diff --git a/Linux-PAM/libpam/include/security/_pam_compat.h b/Linux-PAM/libpam/include/security/_pam_compat.h deleted file mode 100644 index a5f58e42..00000000 --- a/Linux-PAM/libpam/include/security/_pam_compat.h +++ /dev/null @@ -1,126 +0,0 @@ -#ifndef _PAM_COMPAT_H -#define _PAM_COMPAT_H - -/* - * This file was contributed by Derrick J Brashear <shadow@dementia.org> - * slight modification by Brad M. Garcia <bgarcia@fore.com> - * - * A number of operating systems have started to implement PAM. - * unfortunately, they have a different set of numeric values for - * certain constants. This file is included for compatibility's sake. - */ - -/* Solaris uses different constants. We redefine to those here */ -#if defined(solaris) || (defined(__SVR4) && defined(sun)) - -# ifdef _SECURITY_PAM_MODULES_H - -/* flags for pam_chauthtok() */ -# undef PAM_PRELIM_CHECK -# define PAM_PRELIM_CHECK 0x1 - -# undef PAM_UPDATE_AUTHTOK -# define PAM_UPDATE_AUTHTOK 0x2 - -# endif /* _SECURITY_PAM_MODULES_H */ - -# ifdef _SECURITY__PAM_TYPES_H - -/* generic for pam_* functions */ -# undef PAM_SILENT -# define PAM_SILENT 0x80000000 - -# undef PAM_CHANGE_EXPIRED_AUTHTOK -# define PAM_CHANGE_EXPIRED_AUTHTOK 0x4 - -/* flags for pam_setcred() */ -# undef PAM_ESTABLISH_CRED -# define PAM_ESTABLISH_CRED 0x1 - -# undef PAM_DELETE_CRED -# define PAM_DELETE_CRED 0x2 - -# undef PAM_REINITIALIZE_CRED -# define PAM_REINITIALIZE_CRED 0x4 - -# undef PAM_REFRESH_CRED -# define PAM_REFRESH_CRED 0x8 - -/* another binary incompatibility comes from the return codes! */ - -# undef PAM_CONV_ERR -# define PAM_CONV_ERR 6 - -# undef PAM_PERM_DENIED -# define PAM_PERM_DENIED 7 - -# undef PAM_MAXTRIES -# define PAM_MAXTRIES 8 - -# undef PAM_AUTH_ERR -# define PAM_AUTH_ERR 9 - -# undef PAM_NEW_AUTHTOK_REQD -# define PAM_NEW_AUTHTOK_REQD 10 - -# undef PAM_CRED_INSUFFICIENT -# define PAM_CRED_INSUFFICIENT 11 - -# undef PAM_AUTHINFO_UNAVAIL -# define PAM_AUTHINFO_UNAVAIL 12 - -# undef PAM_USER_UNKNOWN -# define PAM_USER_UNKNOWN 13 - -# undef PAM_CRED_UNAVAIL -# define PAM_CRED_UNAVAIL 14 - -# undef PAM_CRED_EXPIRED -# define PAM_CRED_EXPIRED 15 - -# undef PAM_CRED_ERR -# define PAM_CRED_ERR 16 - -# undef PAM_ACCT_EXPIRED -# define PAM_ACCT_EXPIRED 17 - -# undef PAM_AUTHTOK_EXPIRED -# define PAM_AUTHTOK_EXPIRED 18 - -# undef PAM_SESSION_ERR -# define PAM_SESSION_ERR 19 - -# undef PAM_AUTHTOK_ERR -# define PAM_AUTHTOK_ERR 20 - -# undef PAM_AUTHTOK_RECOVERY_ERR -# define PAM_AUTHTOK_RECOVERY_ERR 21 - -# undef PAM_AUTHTOK_LOCK_BUSY -# define PAM_AUTHTOK_LOCK_BUSY 22 - -# undef PAM_AUTHTOK_DISABLE_AGING -# define PAM_AUTHTOK_DISABLE_AGING 23 - -# undef PAM_NO_MODULE_DATA -# define PAM_NO_MODULE_DATA 24 - -# undef PAM_IGNORE -# define PAM_IGNORE 25 - -# undef PAM_ABORT -# define PAM_ABORT 26 - -# undef PAM_TRY_AGAIN -# define PAM_TRY_AGAIN 27 - -#endif /* _SECURITY__PAM_TYPES_H */ - -#else - -/* For compatibility with old Linux-PAM implementations. */ -#define PAM_AUTHTOK_RECOVER_ERR PAM_AUTHTOK_RECOVERY_ERR - -#endif /* defined(solaris) || (defined(__SVR4) && defined(sun)) */ - -#endif /* _PAM_COMPAT_H */ diff --git a/Linux-PAM/libpam/include/security/_pam_macros.h b/Linux-PAM/libpam/include/security/_pam_macros.h deleted file mode 100644 index bd107cfb..00000000 --- a/Linux-PAM/libpam/include/security/_pam_macros.h +++ /dev/null @@ -1,196 +0,0 @@ -#ifndef PAM_MACROS_H -#define PAM_MACROS_H - -/* - * All kind of macros used by PAM, but usable in some other - * programs too. - * Organized by Cristian Gafton <gafton@redhat.com> - */ - -/* a 'safe' version of strdup */ - -#include <stdlib.h> -#include <string.h> - -#define x_strdup(s) ( (s) ? strdup(s):NULL ) - -/* Good policy to strike out passwords with some characters not just - free the memory */ - -#define _pam_overwrite(x) \ -do { \ - register char *__xx__; \ - if ((__xx__=(x))) \ - while (*__xx__) \ - *__xx__++ = '\0'; \ -} while (0) - -#define _pam_overwrite_n(x,n) \ -do { \ - register char *__xx__; \ - register unsigned int __i__ = 0; \ - if ((__xx__=(x))) \ - for (;__i__<n; __i__++) \ - __xx__[__i__] = 0; \ -} while (0) - -/* - * Don't just free it, forget it too. - */ - -#define _pam_drop(X) \ -do { \ - if (X) { \ - free(X); \ - X=NULL; \ - } \ -} while (0) - -#define _pam_drop_reply(/* struct pam_response * */ reply, /* int */ replies) \ -do { \ - int reply_i; \ - \ - for (reply_i=0; reply_i<replies; ++reply_i) { \ - if (reply[reply_i].resp) { \ - _pam_overwrite(reply[reply_i].resp); \ - free(reply[reply_i].resp); \ - } \ - } \ - if (reply) \ - free(reply); \ -} while (0) - -/* some debugging code */ - -#ifdef DEBUG - -/* - * This provides the necessary function to do debugging in PAM. - * Cristian Gafton <gafton@redhat.com> - */ - -#include <stdio.h> -#include <sys/types.h> -#include <stdarg.h> -#include <errno.h> -#include <sys/stat.h> -#include <fcntl.h> -#include <unistd.h> - -/* - * This is for debugging purposes ONLY. DO NOT use on live systems !!! - * You have been warned :-) - CG - * - * to get automated debugging to the log file, it must be created manually. - * _PAM_LOGFILE must exist and be writable to the programs you debug. - */ - -#ifndef _PAM_LOGFILE -#define _PAM_LOGFILE "/var/run/pam-debug.log" -#endif - -static void _pam_output_debug_info(const char *file, const char *fn - , const int line) -{ - FILE *logfile; - int must_close = 1, fd; - -#ifdef O_NOFOLLOW - if ((fd = open(_PAM_LOGFILE, O_WRONLY|O_NOFOLLOW|O_APPEND)) != -1) { -#else - if ((fd = open(_PAM_LOGFILE, O_WRONLY|O_APPEND)) != -1) { -#endif - if (!(logfile = fdopen(fd,"a"))) { - logfile = stderr; - must_close = 0; - close(fd); - } - } else { - logfile = stderr; - must_close = 0; - } - fprintf(logfile,"[%s:%s(%d)] ",file, fn, line); - fflush(logfile); - if (must_close) - fclose(logfile); -} - -static void _pam_output_debug(const char *format, ...) -{ - va_list args; - FILE *logfile; - int must_close = 1, fd; - - va_start(args, format); - -#ifdef O_NOFOLLOW - if ((fd = open(_PAM_LOGFILE, O_WRONLY|O_NOFOLLOW|O_APPEND)) != -1) { -#else - if ((fd = open(_PAM_LOGFILE, O_WRONLY|O_APPEND)) != -1) { -#endif - if (!(logfile = fdopen(fd,"a"))) { - logfile = stderr; - must_close = 0; - close(fd); - } - } else { - logfile = stderr; - must_close = 0; - } - vfprintf(logfile, format, args); - fprintf(logfile, "\n"); - fflush(logfile); - if (must_close) - fclose(logfile); - - va_end(args); -} - -#define D(x) do { \ - _pam_output_debug_info(__FILE__, __FUNCTION__, __LINE__); \ - _pam_output_debug x ; \ -} while (0) - -#define _pam_show_mem(X,XS) do { \ - int i; \ - register unsigned char *x; \ - x = (unsigned char *)X; \ - fprintf(stderr, " <start at %p>\n", X); \ - for (i = 0; i < XS ; ++x, ++i) { \ - fprintf(stderr, " %02X. <%p:%02X>\n", i, x, *x); \ - } \ - fprintf(stderr, " <end for %p after %d bytes>\n", X, XS); \ -} while (0) - -#define _pam_show_reply(/* struct pam_response * */reply, /* int */replies) \ -do { \ - int reply_i; \ - setbuf(stderr, NULL); \ - fprintf(stderr, "array at %p of size %d\n",reply,replies); \ - fflush(stderr); \ - if (reply) { \ - for (reply_i = 0; reply_i < replies; reply_i++) { \ - fprintf(stderr, " elem# %d at %p: resp = %p, retcode = %d\n", \ - reply_i, reply+reply_i, reply[reply_i].resp, \ - reply[reply_i].resp, _retcode); \ - fflush(stderr); \ - if (reply[reply_i].resp) { \ - fprintf(stderr, " resp[%d] = '%s'\n", \ - strlen(reply[reply_i].resp), reply[reply_i].resp); \ - fflush(stderr); \ - } \ - } \ - } \ - fprintf(stderr, "done here\n"); \ - fflush(stderr); \ -} while (0) - -#else - -#define D(x) do { } while (0) -#define _pam_show_mem(X,XS) do { } while (0) -#define _pam_show_reply(reply, replies) do { } while (0) - -#endif /* DEBUG */ - -#endif /* PAM_MACROS_H */ diff --git a/Linux-PAM/libpam/include/security/_pam_types.h b/Linux-PAM/libpam/include/security/_pam_types.h deleted file mode 100644 index 2f7e807f..00000000 --- a/Linux-PAM/libpam/include/security/_pam_types.h +++ /dev/null @@ -1,332 +0,0 @@ -/* - * <security/_pam_types.h> - * - * This file defines all of the types common to the Linux-PAM library - * applications and modules. - * - * Note, the copyright+license information is at end of file. - */ - -#ifndef _SECURITY__PAM_TYPES_H -#define _SECURITY__PAM_TYPES_H - -/* This is a blind structure; users aren't allowed to see inside a - * pam_handle_t, so we don't define struct pam_handle here. This is - * defined in a file private to the PAM library. (i.e., it's private - * to PAM service modules, too!) */ - -typedef struct pam_handle pam_handle_t; - -/* ---------------- The Linux-PAM Version defines ----------------- */ - -/* Major and minor version number of the Linux-PAM package. Use - these macros to test for features in specific releases. */ -#define __LINUX_PAM__ 1 -#define __LINUX_PAM_MINOR__ 0 - -/* ----------------- The Linux-PAM return values ------------------ */ - -#define PAM_SUCCESS 0 /* Successful function return */ -#define PAM_OPEN_ERR 1 /* dlopen() failure when dynamically */ - /* loading a service module */ -#define PAM_SYMBOL_ERR 2 /* Symbol not found */ -#define PAM_SERVICE_ERR 3 /* Error in service module */ -#define PAM_SYSTEM_ERR 4 /* System error */ -#define PAM_BUF_ERR 5 /* Memory buffer error */ -#define PAM_PERM_DENIED 6 /* Permission denied */ -#define PAM_AUTH_ERR 7 /* Authentication failure */ -#define PAM_CRED_INSUFFICIENT 8 /* Can not access authentication data */ - /* due to insufficient credentials */ -#define PAM_AUTHINFO_UNAVAIL 9 /* Underlying authentication service */ - /* can not retrieve authentication */ - /* information */ -#define PAM_USER_UNKNOWN 10 /* User not known to the underlying */ - /* authenticaiton module */ -#define PAM_MAXTRIES 11 /* An authentication service has */ - /* maintained a retry count which has */ - /* been reached. No further retries */ - /* should be attempted */ -#define PAM_NEW_AUTHTOK_REQD 12 /* New authentication token required. */ - /* This is normally returned if the */ - /* machine security policies require */ - /* that the password should be changed */ - /* beccause the password is NULL or it */ - /* has aged */ -#define PAM_ACCT_EXPIRED 13 /* User account has expired */ -#define PAM_SESSION_ERR 14 /* Can not make/remove an entry for */ - /* the specified session */ -#define PAM_CRED_UNAVAIL 15 /* Underlying authentication service */ - /* can not retrieve user credentials */ - /* unavailable */ -#define PAM_CRED_EXPIRED 16 /* User credentials expired */ -#define PAM_CRED_ERR 17 /* Failure setting user credentials */ -#define PAM_NO_MODULE_DATA 18 /* No module specific data is present */ -#define PAM_CONV_ERR 19 /* Conversation error */ -#define PAM_AUTHTOK_ERR 20 /* Authentication token manipulation error */ -#define PAM_AUTHTOK_RECOVERY_ERR 21 /* Authentication information */ - /* cannot be recovered */ -#define PAM_AUTHTOK_LOCK_BUSY 22 /* Authentication token lock busy */ -#define PAM_AUTHTOK_DISABLE_AGING 23 /* Authentication token aging disabled */ -#define PAM_TRY_AGAIN 24 /* Preliminary check by password service */ -#define PAM_IGNORE 25 /* Ignore underlying account module */ - /* regardless of whether the control */ - /* flag is required, optional, or sufficient */ -#define PAM_ABORT 26 /* Critical error (?module fail now request) */ -#define PAM_AUTHTOK_EXPIRED 27 /* user's authentication token has expired */ -#define PAM_MODULE_UNKNOWN 28 /* module is not known */ - -#define PAM_BAD_ITEM 29 /* Bad item passed to pam_*_item() */ -#define PAM_CONV_AGAIN 30 /* conversation function is event driven - and data is not available yet */ -#define PAM_INCOMPLETE 31 /* please call this function again to - complete authentication stack. Before - calling again, verify that conversation - is completed */ - -/* - * Add new #define's here - take care to also extend the libpam code: - * pam_strerror() and "libpam/pam_tokens.h" . - */ - -#define _PAM_RETURN_VALUES 32 /* this is the number of return values */ - - -/* ---------------------- The Linux-PAM flags -------------------- */ - -/* Authentication service should not generate any messages */ -#define PAM_SILENT 0x8000U - -/* Note: these flags are used by pam_authenticate{,_secondary}() */ - -/* The authentication service should return PAM_AUTH_ERROR if the - * user has a null authentication token */ -#define PAM_DISALLOW_NULL_AUTHTOK 0x0001U - -/* Note: these flags are used for pam_setcred() */ - -/* Set user credentials for an authentication service */ -#define PAM_ESTABLISH_CRED 0x0002U - -/* Delete user credentials associated with an authentication service */ -#define PAM_DELETE_CRED 0x0004U - -/* Reinitialize user credentials */ -#define PAM_REINITIALIZE_CRED 0x0008U - -/* Extend lifetime of user credentials */ -#define PAM_REFRESH_CRED 0x0010U - -/* Note: these flags are used by pam_chauthtok */ - -/* The password service should only update those passwords that have - * aged. If this flag is not passed, the password service should - * update all passwords. */ -#define PAM_CHANGE_EXPIRED_AUTHTOK 0x0020U - -/* ------------------ The Linux-PAM item types ------------------- */ - -/* These defines are used by pam_set_item() and pam_get_item(). - Please check the spec which are allowed for use by applications - and which are only allowed for use by modules. */ - -#define PAM_SERVICE 1 /* The service name */ -#define PAM_USER 2 /* The user name */ -#define PAM_TTY 3 /* The tty name */ -#define PAM_RHOST 4 /* The remote host name */ -#define PAM_CONV 5 /* The pam_conv structure */ -#define PAM_AUTHTOK 6 /* The authentication token (password) */ -#define PAM_OLDAUTHTOK 7 /* The old authentication token */ -#define PAM_RUSER 8 /* The remote user name */ -#define PAM_USER_PROMPT 9 /* the prompt for getting a username */ -/* Linux-PAM extensions */ -#define PAM_FAIL_DELAY 10 /* app supplied function to override failure - delays */ -#define PAM_XDISPLAY 11 /* X display name */ -#define PAM_XAUTHDATA 12 /* X server authentication data */ - -/* -------------- Special defines used by Linux-PAM -------------- */ - -#if defined(__GNUC__) && defined(__GNUC_MINOR__) -# define PAM_GNUC_PREREQ(maj, min) \ - ((__GNUC__ << 16) + __GNUC_MINOR__ >= ((maj) << 16) + (min)) -#else -# define PAM_GNUC_PREREQ(maj, min) 0 -#endif - -#if PAM_GNUC_PREREQ(2,5) -# define PAM_FORMAT(params) __attribute__((__format__ params)) -#else -# define PAM_FORMAT(params) -#endif - -#if PAM_GNUC_PREREQ(3,3) && !defined(LIBPAM_COMPILE) -# define PAM_NONNULL(params) __attribute__((__nonnull__ params)) -#else -# define PAM_NONNULL(params) -#endif - -/* ---------- Common Linux-PAM application/module PI ----------- */ - -extern int PAM_NONNULL((1)) -pam_set_item(pam_handle_t *pamh, int item_type, const void *item); - -extern int PAM_NONNULL((1)) -pam_get_item(const pam_handle_t *pamh, int item_type, const void **item); - -extern const char * -pam_strerror(pam_handle_t *pamh, int errnum); - -extern int PAM_NONNULL((1,2)) -pam_putenv(pam_handle_t *pamh, const char *name_value); - -extern const char * PAM_NONNULL((1,2)) -pam_getenv(pam_handle_t *pamh, const char *name); - -extern char ** PAM_NONNULL((1)) -pam_getenvlist(pam_handle_t *pamh); - -/* ---------- Common Linux-PAM application/module PI ----------- */ - -/* - * here are some proposed error status definitions for the - * 'error_status' argument used by the cleanup function associated - * with data items they should be logically OR'd with the error_status - * of the latest return from libpam -- new with .52 and positive - * impression from Sun although not official as of 1996/9/4 - * [generally the other flags are to be found in pam_modules.h] - */ - -#define PAM_DATA_SILENT 0x40000000 /* used to suppress messages... */ - -/* - * here we define an externally (by apps or modules) callable function - * that primes the libpam library to delay when a stacked set of - * modules results in a failure. In the case of PAM_SUCCESS this delay - * is ignored. - * - * Note, the pam_[gs]et_item(... PAM_FAIL_DELAY ...) can be used to set - * a function pointer which can override the default fail-delay behavior. - * This item was added to accommodate event driven programs that need to - * manage delays more carefully. The function prototype for this data - * item is - * void (*fail_delay)(int status, unsigned int delay, void *appdata_ptr); - */ - -#define HAVE_PAM_FAIL_DELAY -extern int pam_fail_delay(pam_handle_t *pamh, unsigned int musec_delay); - -/* ------------ The Linux-PAM conversation structures ------------ */ - -/* Message styles */ - -#define PAM_PROMPT_ECHO_OFF 1 -#define PAM_PROMPT_ECHO_ON 2 -#define PAM_ERROR_MSG 3 -#define PAM_TEXT_INFO 4 - -/* Linux-PAM specific types */ - -#define PAM_RADIO_TYPE 5 /* yes/no/maybe conditionals */ - -/* This is for server client non-human interaction.. these are NOT - part of the X/Open PAM specification. */ - -#define PAM_BINARY_PROMPT 7 - -/* maximum size of messages/responses etc.. (these are mostly - arbitrary so Linux-PAM should handle longer values). */ - -#define PAM_MAX_NUM_MSG 32 -#define PAM_MAX_MSG_SIZE 512 -#define PAM_MAX_RESP_SIZE 512 - -/* Used to pass prompting text, error messages, or other informatory - * text to the user. This structure is allocated and freed by the PAM - * library (or loaded module). */ - -struct pam_message { - int msg_style; - const char *msg; -}; - -/* if the pam_message.msg_style = PAM_BINARY_PROMPT - the 'pam_message.msg' is a pointer to a 'const *' for the following - pseudo-structure. When used with a PAM_BINARY_PROMPT, the returned - pam_response.resp pointer points to an object with the following - structure: - - struct { - u32 length; # network byte order - unsigned char type; - unsigned char data[length-5]; - }; - - The 'libpamc' library is designed around this flavor of - message and should be used to handle this flavor of msg_style. - */ - -/* Used to return the user's response to the PAM library. This - structure is allocated by the application program, and free()'d by - the Linux-PAM library (or calling module). */ - -struct pam_response { - char *resp; - int resp_retcode; /* currently un-used, zero expected */ -}; - -/* The actual conversation structure itself */ - -struct pam_conv { - int (*conv)(int num_msg, const struct pam_message **msg, - struct pam_response **resp, void *appdata_ptr); - void *appdata_ptr; -}; - -/* Used by the PAM_XAUTHDATA pam item. Contains X authentication - data used by modules to connect to the user's X display. Note: - this structure is intentionally compatible with xcb_auth_info_t. */ - -struct pam_xauth_data { - int namelen; - char *name; - int datalen; - char *data; -}; - -/* ... adapted from the pam_appl.h file created by Theodore Ts'o and - * - * Copyright Theodore Ts'o, 1996. All rights reserved. - * Copyright (c) Andrew G. Morgan <morgan@linux.kernel.org>, 1996-8 - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, and the entire permission notice in its entirety, - * including the disclaimer of warranties. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. The name of the author may not be used to endorse or promote - * products derived from this software without specific prior - * written permission. - * - * ALTERNATIVELY, this product may be distributed under the terms of - * the GNU Public License, in which case the provisions of the GPL are - * required INSTEAD OF the above restrictions. (This clause is - * necessary due to a potential bad interaction between the GPL and - * the restrictions contained in a BSD-style copyright.) - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED - * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#endif /* _SECURITY__PAM_TYPES_H */ diff --git a/Linux-PAM/libpam/include/security/pam_appl.h b/Linux-PAM/libpam/include/security/pam_appl.h deleted file mode 100644 index d4172c69..00000000 --- a/Linux-PAM/libpam/include/security/pam_appl.h +++ /dev/null @@ -1,99 +0,0 @@ -/* - * <security/pam_appl.h> - * - * This header file collects definitions for the PAM API --- that is, - * public interface between the PAM library and an application program - * that wishes to use it. - * - * Note, the copyright information is at end of file. - */ - -#ifndef _SECURITY_PAM_APPL_H -#define _SECURITY_PAM_APPL_H - -#ifdef __cplusplus -extern "C" { -#endif - -#include <security/_pam_types.h> /* Linux-PAM common defined types */ - -/* -------------- The Linux-PAM Framework layer API ------------- */ - -extern int PAM_NONNULL((1,3,4)) -pam_start(const char *service_name, const char *user, - const struct pam_conv *pam_conversation, - pam_handle_t **pamh); - -extern int PAM_NONNULL((1)) -pam_end(pam_handle_t *pamh, int pam_status); - -/* Authentication API's */ - -extern int PAM_NONNULL((1)) -pam_authenticate(pam_handle_t *pamh, int flags); - -extern int PAM_NONNULL((1)) -pam_setcred(pam_handle_t *pamh, int flags); - -/* Account Management API's */ - -extern int PAM_NONNULL((1)) -pam_acct_mgmt(pam_handle_t *pamh, int flags); - -/* Session Management API's */ - -extern int PAM_NONNULL((1)) -pam_open_session(pam_handle_t *pamh, int flags); - -extern int PAM_NONNULL((1)) -pam_close_session(pam_handle_t *pamh, int flags); - -/* Password Management API's */ - -extern int PAM_NONNULL((1)) -pam_chauthtok(pam_handle_t *pamh, int flags); - - -/* take care of any compatibility issues */ -#include <security/_pam_compat.h> - -#ifdef __cplusplus -} -#endif - -/* - * Copyright Theodore Ts'o, 1996. All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, and the entire permission notice in its entirety, - * including the disclaimer of warranties. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. The name of the author may not be used to endorse or promote - * products derived from this software without specific prior - * written permission. - * - * ALTERNATIVELY, this product may be distributed under the terms of - * the GNU Public License, in which case the provisions of the GPL are - * required INSTEAD OF the above restrictions. (This clause is - * necessary due to a potential bad interaction between the GPL and - * the restrictions contained in a BSD-style copyright.) - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED - * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#endif /* _SECURITY_PAM_APPL_H */ diff --git a/Linux-PAM/libpam/include/security/pam_ext.h b/Linux-PAM/libpam/include/security/pam_ext.h deleted file mode 100644 index 111dd633..00000000 --- a/Linux-PAM/libpam/include/security/pam_ext.h +++ /dev/null @@ -1,81 +0,0 @@ -/* - * Copyright (C) 2005, 2006 Thorsten Kukuk. - * - * <security/pam_ext.h> - * - * This header file collects definitions for the extended PAM API. - * This is a public interface of the PAM library for PAM modules, - * which makes the life of PAM developers easier, but are not documented - * in any standard and are not portable between different PAM - * implementations. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, and the entire permission notice in its entirety, - * including the disclaimer of warranties. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. The name of the author may not be used to endorse or promote - * products derived from this software without specific prior - * written permission. - * - * ALTERNATIVELY, this product may be distributed under the terms of - * the GNU Public License, in which case the provisions of the GPL are - * required INSTEAD OF the above restrictions. (This clause is - * necessary due to a potential bad interaction between the GPL and - * the restrictions contained in a BSD-style copyright.) - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED - * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#ifndef _SECURITY__PAM_EXT_H_ -#define _SECURITY__PAM_EXT_H_ - -#ifdef __cplusplus -extern "C" { -#endif - -#include <security/_pam_types.h> -#include <stdarg.h> - -extern void PAM_FORMAT((printf, 3, 0)) PAM_NONNULL((3)) -pam_vsyslog (const pam_handle_t *pamh, int priority, - const char *fmt, va_list args); - -extern void PAM_FORMAT((printf, 3, 4)) PAM_NONNULL((3)) -pam_syslog (const pam_handle_t *pamh, int priority, const char *fmt, ...); - -extern int PAM_FORMAT((printf, 4, 0)) PAM_NONNULL((1,4)) -pam_vprompt (pam_handle_t *pamh, int style, char **response, - const char *fmt, va_list args); - -extern int PAM_FORMAT((printf, 4, 5)) PAM_NONNULL((1,4)) -pam_prompt (pam_handle_t *pamh, int style, char **response, - const char *fmt, ...); - -#define pam_error(pamh, fmt...) \ - pam_prompt(pamh, PAM_ERROR_MSG, NULL, fmt) -#define pam_verror(pamh, fmt, args) \ - pam_vprompt(pamh, PAM_ERROR_MSG, NULL, fmt, args) - -#define pam_info(pamh, fmt...) pam_prompt(pamh, PAM_TEXT_INFO, NULL, fmt) -#define pam_vinfo(pamh, fmt, args) pam_vprompt(pamh, PAM_TEXT_INFO, NULL, fmt, args) - -#ifdef __cplusplus -} -#endif - -#endif diff --git a/Linux-PAM/libpam/include/security/pam_modules.h b/Linux-PAM/libpam/include/security/pam_modules.h deleted file mode 100644 index 5c516c4e..00000000 --- a/Linux-PAM/libpam/include/security/pam_modules.h +++ /dev/null @@ -1,175 +0,0 @@ -/* - * <security/pam_modules.h> - * - * This header file collects definitions for the PAM API --- that is, - * public interface between the PAM library and PAM modules. - * - * Note, the copyright information is at end of file. - */ - -#ifndef _SECURITY_PAM_MODULES_H -#define _SECURITY_PAM_MODULES_H - -#ifdef __cplusplus -extern "C" { -#endif - -#include <security/_pam_types.h> /* Linux-PAM common defined types */ - -/* -------------- The Linux-PAM Module PI ------------- */ - -extern int PAM_NONNULL((1,2)) -pam_set_data(pam_handle_t *pamh, const char *module_data_name, void *data, - void (*cleanup)(pam_handle_t *pamh, void *data, - int error_status)); - -extern int PAM_NONNULL((1,2,3)) -pam_get_data(const pam_handle_t *pamh, const char *module_data_name, - const void **data); - -extern int PAM_NONNULL((1,2)) -pam_get_user(pam_handle_t *pamh, const char **user, const char *prompt); - -#ifdef PAM_STATIC - -#define PAM_EXTERN static - -struct pam_module { - const char *name; /* Name of the module */ - - /* These are function pointers to the module's key functions. */ - - int (*pam_sm_authenticate)(pam_handle_t *pamh, int flags, - int argc, const char **argv); - int (*pam_sm_setcred)(pam_handle_t *pamh, int flags, - int argc, const char **argv); - int (*pam_sm_acct_mgmt)(pam_handle_t *pamh, int flags, - int argc, const char **argv); - int (*pam_sm_open_session)(pam_handle_t *pamh, int flags, - int argc, const char **argv); - int (*pam_sm_close_session)(pam_handle_t *pamh, int flags, - int argc, const char **argv); - int (*pam_sm_chauthtok)(pam_handle_t *pamh, int flags, - int argc, const char **argv); -}; - -#else /* !PAM_STATIC */ - -#define PAM_EXTERN extern - -#endif /* PAM_STATIC */ - -/* Lots of files include pam_modules.h that don't need these - * declared. However, when they are declared static, they - * need to be defined later. So we have to protect C files - * that include these without wanting these functions defined.. */ - -#if (defined(PAM_STATIC) && defined(PAM_SM_AUTH)) || !defined(PAM_STATIC) - -/* Authentication API's */ -PAM_EXTERN int pam_sm_authenticate(pam_handle_t *pamh, int flags, - int argc, const char **argv); -PAM_EXTERN int pam_sm_setcred(pam_handle_t *pamh, int flags, - int argc, const char **argv); - -#endif /*(defined(PAM_STATIC) && defined(PAM_SM_AUTH)) - || !defined(PAM_STATIC)*/ - -#if (defined(PAM_STATIC) && defined(PAM_SM_ACCOUNT)) || !defined(PAM_STATIC) - -/* Account Management API's */ -PAM_EXTERN int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags, - int argc, const char **argv); - -#endif /*(defined(PAM_STATIC) && defined(PAM_SM_ACCOUNT)) - || !defined(PAM_STATIC)*/ - -#if (defined(PAM_STATIC) && defined(PAM_SM_SESSION)) || !defined(PAM_STATIC) - -/* Session Management API's */ -PAM_EXTERN int pam_sm_open_session(pam_handle_t *pamh, int flags, - int argc, const char **argv); - -PAM_EXTERN int pam_sm_close_session(pam_handle_t *pamh, int flags, - int argc, const char **argv); - -#endif /*(defined(PAM_STATIC) && defined(PAM_SM_SESSION)) - || !defined(PAM_STATIC)*/ - -#if (defined(PAM_STATIC) && defined(PAM_SM_PASSWORD)) || !defined(PAM_STATIC) - -/* Password Management API's */ -PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags, - int argc, const char **argv); - -#endif /*(defined(PAM_STATIC) && defined(PAM_SM_PASSWORD)) - || !defined(PAM_STATIC)*/ - -/* The following two flags are for use across the Linux-PAM/module - * interface only. The Application is not permitted to use these - * tokens. - * - * The password service should only perform preliminary checks. No - * passwords should be updated. */ -#define PAM_PRELIM_CHECK 0x4000 - -/* The password service should update passwords Note: PAM_PRELIM_CHECK - * and PAM_UPDATE_AUTHTOK cannot both be set simultaneously! */ -#define PAM_UPDATE_AUTHTOK 0x2000 - - -/* - * here are some proposed error status definitions for the - * 'error_status' argument used by the cleanup function associated - * with data items they should be logically OR'd with the error_status - * of the latest return from libpam -- new with .52 and positive - * impression from Sun although not official as of 1996/9/4 there are - * others in _pam_types.h -- they are for common module/app use. - */ - -#define PAM_DATA_REPLACE 0x20000000 /* used when replacing a data item */ - - -/* take care of any compatibility issues */ -#include <security/_pam_compat.h> - -#ifdef __cplusplus -} -#endif - -/* Copyright (C) Theodore Ts'o, 1996. - * Copyright (C) Andrew Morgan, 1996-8. - * All rights reserved. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, and the entire permission notice in its entirety, - * including the disclaimer of warranties. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. The name of the author may not be used to endorse or promote - * products derived from this software without specific prior - * written permission. - * - * ALTERNATIVELY, this product may be distributed under the terms of - * the GNU General Public License, in which case the provisions of the - * GNU GPL are required INSTEAD OF the above restrictions. (This - * clause is necessary due to a potential bad interaction between the - * GNU GPL and the restrictions contained in a BSD-style copyright.) - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED - * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. */ - -#endif /* _SECURITY_PAM_MODULES_H */ diff --git a/Linux-PAM/libpam/include/security/pam_modutil.h b/Linux-PAM/libpam/include/security/pam_modutil.h deleted file mode 100644 index ffdf5ad0..00000000 --- a/Linux-PAM/libpam/include/security/pam_modutil.h +++ /dev/null @@ -1,107 +0,0 @@ -/* - * Copyright (c) 2001-2002 Andrew Morgan <morgan@kernel.org> - * - * <security/pam_modutil.h> - * - * This file is a list of handy libc wrappers that attempt to provide some - * thread-safe and other convenient functionality to modules in a common form. - * - * A number of these functions reserve space in a pam_[sg]et_data item. - * In all cases, the name of the item is prefixed with "pam_modutil_*". - * - * On systems that simply can't support thread safe programming, these - * functions don't support it either - sorry. - * - * Redistribution and use in source and binary forms, with or without - * modification, are permitted provided that the following conditions - * are met: - * 1. Redistributions of source code must retain the above copyright - * notice, and the entire permission notice in its entirety, - * including the disclaimer of warranties. - * 2. Redistributions in binary form must reproduce the above copyright - * notice, this list of conditions and the following disclaimer in the - * documentation and/or other materials provided with the distribution. - * 3. The name of the author may not be used to endorse or promote - * products derived from this software without specific prior - * written permission. - * - * ALTERNATIVELY, this product may be distributed under the terms of - * the GNU Public License, in which case the provisions of the GPL are - * required INSTEAD OF the above restrictions. (This clause is - * necessary due to a potential bad interaction between the GPL and - * the restrictions contained in a BSD-style copyright.) - * - * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED - * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES - * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE - * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, - * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES - * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR - * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) - * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, - * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) - * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED - * OF THE POSSIBILITY OF SUCH DAMAGE. - */ - -#ifndef _SECURITY__PAM_MODUTIL_H -#define _SECURITY__PAM_MODUTIL_H - -#ifdef __cplusplus -extern "C" { -#endif - -#include <security/_pam_types.h> - -extern struct passwd * PAM_NONNULL((1,2)) -pam_modutil_getpwnam(pam_handle_t *pamh, const char *user); - -extern struct passwd * PAM_NONNULL((1)) -pam_modutil_getpwuid(pam_handle_t *pamh, uid_t uid); - -extern struct group * PAM_NONNULL((1,2)) -pam_modutil_getgrnam(pam_handle_t *pamh, const char *group); - -extern struct group * PAM_NONNULL((1)) -pam_modutil_getgrgid(pam_handle_t *pamh, gid_t gid); - -extern struct spwd * PAM_NONNULL((1,2)) -pam_modutil_getspnam(pam_handle_t *pamh, const char *user); - -extern int PAM_NONNULL((1,2,3)) -pam_modutil_user_in_group_nam_nam(pam_handle_t *pamh, - const char *user, - const char *group); - -extern int PAM_NONNULL((1,2)) -pam_modutil_user_in_group_nam_gid(pam_handle_t *pamh, - const char *user, - gid_t group); - -extern int PAM_NONNULL((1,3)) -pam_modutil_user_in_group_uid_nam(pam_handle_t *pamh, - uid_t user, - const char *group); - -extern int PAM_NONNULL((1)) -pam_modutil_user_in_group_uid_gid(pam_handle_t *pamh, - uid_t user, - gid_t group); - -extern const char * PAM_NONNULL((1)) -pam_modutil_getlogin(pam_handle_t *pamh); - -extern int -pam_modutil_read(int fd, char *buffer, int count); - -extern int -pam_modutil_write(int fd, const char *buffer, int count); - -extern int PAM_NONNULL((1,3)) -pam_modutil_audit_write(pam_handle_t *pamh, int type, - const char *message, int retval); -#ifdef __cplusplus -} -#endif - -#endif /* _SECURITY__PAM_MODUTIL_H */ |