diff options
| author | Steve Langasek <steve.langasek@ubuntu.com> | 2019-01-03 12:48:14 -0800 |
|---|---|---|
| committer | Steve Langasek <steve.langasek@ubuntu.com> | 2019-01-03 12:48:14 -0800 |
| commit | d5b06b67bbeeed7c05c0eb2e05d6a972ad050d1c (patch) | |
| tree | ba5654cffacfd2002eefc5bc3764a7971afff1dc /Linux-PAM/libpam/include/security | |
| parent | 4c51da22e068907adb7857d50f5109a467c94d7c (diff) | |
| parent | 7cbfa335c57d068d59508c844f3957165cccfb9b (diff) | |
New upstream version 0.99.7.1
Diffstat (limited to 'Linux-PAM/libpam/include/security')
| -rw-r--r-- | Linux-PAM/libpam/include/security/_pam_compat.h | 72 | ||||
| -rw-r--r-- | Linux-PAM/libpam/include/security/_pam_macros.h | 6 | ||||
| -rw-r--r-- | Linux-PAM/libpam/include/security/_pam_types.h | 112 | ||||
| -rw-r--r-- | Linux-PAM/libpam/include/security/pam_appl.h | 51 | ||||
| -rw-r--r-- | Linux-PAM/libpam/include/security/pam_ext.h | 81 | ||||
| -rw-r--r-- | Linux-PAM/libpam/include/security/pam_malloc.h | 71 | ||||
| -rw-r--r-- | Linux-PAM/libpam/include/security/pam_modules.h | 46 | ||||
| -rw-r--r-- | Linux-PAM/libpam/include/security/pam_modutil.h | 104 |
8 files changed, 334 insertions, 209 deletions
diff --git a/Linux-PAM/libpam/include/security/_pam_compat.h b/Linux-PAM/libpam/include/security/_pam_compat.h index 33520a6c..a5f58e42 100644 --- a/Linux-PAM/libpam/include/security/_pam_compat.h +++ b/Linux-PAM/libpam/include/security/_pam_compat.h @@ -2,8 +2,6 @@ #define _PAM_COMPAT_H /* - * $Id: _pam_compat.h,v 1.1.1.1 2000/06/20 22:11:21 agmorgan Exp $ - * * This file was contributed by Derrick J Brashear <shadow@dementia.org> * slight modification by Brad M. Garcia <bgarcia@fore.com> * @@ -15,108 +13,114 @@ /* Solaris uses different constants. We redefine to those here */ #if defined(solaris) || (defined(__SVR4) && defined(sun)) -#ifndef _SECURITY__PAM_TYPES_H - # ifdef _SECURITY_PAM_MODULES_H /* flags for pam_chauthtok() */ # undef PAM_PRELIM_CHECK -# define PAM_PRELIM_CHECK 0x1 +# define PAM_PRELIM_CHECK 0x1 # undef PAM_UPDATE_AUTHTOK -# define PAM_UPDATE_AUTHTOK 0x2 +# define PAM_UPDATE_AUTHTOK 0x2 # endif /* _SECURITY_PAM_MODULES_H */ -#else /* _SECURITY__PAM_TYPES_H */ +# ifdef _SECURITY__PAM_TYPES_H /* generic for pam_* functions */ # undef PAM_SILENT -# define PAM_SILENT 0x80000000 +# define PAM_SILENT 0x80000000 + +# undef PAM_CHANGE_EXPIRED_AUTHTOK +# define PAM_CHANGE_EXPIRED_AUTHTOK 0x4 /* flags for pam_setcred() */ # undef PAM_ESTABLISH_CRED -# define PAM_ESTABLISH_CRED 0x1 +# define PAM_ESTABLISH_CRED 0x1 # undef PAM_DELETE_CRED -# define PAM_DELETE_CRED 0x2 +# define PAM_DELETE_CRED 0x2 # undef PAM_REINITIALIZE_CRED -# define PAM_REINITIALIZE_CRED 0x4 +# define PAM_REINITIALIZE_CRED 0x4 # undef PAM_REFRESH_CRED -# define PAM_REFRESH_CRED 0x8 +# define PAM_REFRESH_CRED 0x8 /* another binary incompatibility comes from the return codes! */ # undef PAM_CONV_ERR -# define PAM_CONV_ERR 6 +# define PAM_CONV_ERR 6 # undef PAM_PERM_DENIED -# define PAM_PERM_DENIED 7 +# define PAM_PERM_DENIED 7 # undef PAM_MAXTRIES -# define PAM_MAXTRIES 8 +# define PAM_MAXTRIES 8 # undef PAM_AUTH_ERR -# define PAM_AUTH_ERR 9 +# define PAM_AUTH_ERR 9 # undef PAM_NEW_AUTHTOK_REQD -# define PAM_NEW_AUTHTOK_REQD 10 +# define PAM_NEW_AUTHTOK_REQD 10 # undef PAM_CRED_INSUFFICIENT -# define PAM_CRED_INSUFFICIENT 11 +# define PAM_CRED_INSUFFICIENT 11 # undef PAM_AUTHINFO_UNAVAIL -# define PAM_AUTHINFO_UNAVAIL 12 +# define PAM_AUTHINFO_UNAVAIL 12 # undef PAM_USER_UNKNOWN -# define PAM_USER_UNKNOWN 13 +# define PAM_USER_UNKNOWN 13 # undef PAM_CRED_UNAVAIL -# define PAM_CRED_UNAVAIL 14 +# define PAM_CRED_UNAVAIL 14 # undef PAM_CRED_EXPIRED -# define PAM_CRED_EXPIRED 15 +# define PAM_CRED_EXPIRED 15 # undef PAM_CRED_ERR -# define PAM_CRED_ERR 16 +# define PAM_CRED_ERR 16 # undef PAM_ACCT_EXPIRED -# define PAM_ACCT_EXPIRED 17 +# define PAM_ACCT_EXPIRED 17 # undef PAM_AUTHTOK_EXPIRED -# define PAM_AUTHTOK_EXPIRED 18 +# define PAM_AUTHTOK_EXPIRED 18 # undef PAM_SESSION_ERR -# define PAM_SESSION_ERR 19 +# define PAM_SESSION_ERR 19 # undef PAM_AUTHTOK_ERR -# define PAM_AUTHTOK_ERR 20 +# define PAM_AUTHTOK_ERR 20 # undef PAM_AUTHTOK_RECOVERY_ERR -# define PAM_AUTHTOK_RECOVERY_ERR 21 +# define PAM_AUTHTOK_RECOVERY_ERR 21 # undef PAM_AUTHTOK_LOCK_BUSY -# define PAM_AUTHTOK_LOCK_BUSY 22 +# define PAM_AUTHTOK_LOCK_BUSY 22 # undef PAM_AUTHTOK_DISABLE_AGING -# define PAM_AUTHTOK_DISABLE_AGING 23 +# define PAM_AUTHTOK_DISABLE_AGING 23 # undef PAM_NO_MODULE_DATA -# define PAM_NO_MODULE_DATA 24 +# define PAM_NO_MODULE_DATA 24 # undef PAM_IGNORE -# define PAM_IGNORE 25 +# define PAM_IGNORE 25 # undef PAM_ABORT -# define PAM_ABORT 26 +# define PAM_ABORT 26 # undef PAM_TRY_AGAIN -# define PAM_TRY_AGAIN 27 +# define PAM_TRY_AGAIN 27 #endif /* _SECURITY__PAM_TYPES_H */ +#else + +/* For compatibility with old Linux-PAM implementations. */ +#define PAM_AUTHTOK_RECOVER_ERR PAM_AUTHTOK_RECOVERY_ERR + #endif /* defined(solaris) || (defined(__SVR4) && defined(sun)) */ #endif /* _PAM_COMPAT_H */ diff --git a/Linux-PAM/libpam/include/security/_pam_macros.h b/Linux-PAM/libpam/include/security/_pam_macros.h index 2827fabf..f7da10a7 100644 --- a/Linux-PAM/libpam/include/security/_pam_macros.h +++ b/Linux-PAM/libpam/include/security/_pam_macros.h @@ -9,8 +9,8 @@ /* a 'safe' version of strdup */ -#include <string.h> #include <stdlib.h> +#include <string.h> #define x_strdup(s) ( (s) ? strdup(s):NULL ) @@ -73,11 +73,11 @@ do { \ * You have been warned :-) - CG * * to get automated debugging to the log file, it must be created manually. - * _PAM_LOGFILE must exist, mode 666 + * _PAM_LOGFILE must exist and be writable to the programs you debug. */ #ifndef _PAM_LOGFILE -#define _PAM_LOGFILE "/tmp/pam-debug.log" +#define _PAM_LOGFILE "/var/run/pam-debug.log" #endif static void _pam_output_debug_info(const char *file, const char *fn diff --git a/Linux-PAM/libpam/include/security/_pam_types.h b/Linux-PAM/libpam/include/security/_pam_types.h index b4413ee3..45bae97b 100644 --- a/Linux-PAM/libpam/include/security/_pam_types.h +++ b/Linux-PAM/libpam/include/security/_pam_types.h @@ -1,30 +1,15 @@ /* * <security/_pam_types.h> * - * $Id: _pam_types.h,v 1.6 2005/03/16 00:06:01 toady Exp $ - * * This file defines all of the types common to the Linux-PAM library * applications and modules. * * Note, the copyright+license information is at end of file. - * - * Created: 1996/3/5 by AGM */ #ifndef _SECURITY__PAM_TYPES_H #define _SECURITY__PAM_TYPES_H -#ifndef __LIBPAM_VERSION -# define __LIBPAM_VERSION __libpam_version -#endif -extern unsigned int __libpam_version; - -/* - * include local definition for POSIX - NULL - */ - -#include <locale.h> - /* This is a blind structure; users aren't allowed to see inside a * pam_handle_t, so we don't define struct pam_handle here. This is * defined in a file private to the PAM library. (i.e., it's private @@ -32,6 +17,13 @@ extern unsigned int __libpam_version; typedef struct pam_handle pam_handle_t; +/* ---------------- The Linux-PAM Version defines ----------------- */ + +/* Major and minor version number of the Linux-PAM package. Use + these macros to test for features in specific releases. */ +#define __LINUX_PAM__ 1 +#define __LINUX_PAM_MINOR__ 0 + /* ----------------- The Linux-PAM return values ------------------ */ #define PAM_SUCCESS 0 /* Successful function return */ @@ -71,8 +63,8 @@ typedef struct pam_handle pam_handle_t; #define PAM_NO_MODULE_DATA 18 /* No module specific data is present */ #define PAM_CONV_ERR 19 /* Conversation error */ #define PAM_AUTHTOK_ERR 20 /* Authentication token manipulation error */ -#define PAM_AUTHTOK_RECOVER_ERR 21 /* Authentication information */ - /* cannot be recovered */ +#define PAM_AUTHTOK_RECOVERY_ERR 21 /* Authentication information */ + /* cannot be recovered */ #define PAM_AUTHTOK_LOCK_BUSY 22 /* Authentication token lock busy */ #define PAM_AUTHTOK_DISABLE_AGING 23 /* Authentication token aging disabled */ #define PAM_TRY_AGAIN 24 /* Preliminary check by password service */ @@ -133,31 +125,62 @@ typedef struct pam_handle pam_handle_t; /* ------------------ The Linux-PAM item types ------------------- */ -/* these defines are used by pam_set_item() and pam_get_item() */ +/* These defines are used by pam_set_item() and pam_get_item(). + Please check the spec which are allowed for use by applications + and which are only allowed for use by modules. */ #define PAM_SERVICE 1 /* The service name */ #define PAM_USER 2 /* The user name */ #define PAM_TTY 3 /* The tty name */ #define PAM_RHOST 4 /* The remote host name */ #define PAM_CONV 5 /* The pam_conv structure */ - -/* missing entries found in <security/pam_modules.h> for modules only! */ - +#define PAM_AUTHTOK 6 /* The authentication token (password) */ +#define PAM_OLDAUTHTOK 7 /* The old authentication token */ #define PAM_RUSER 8 /* The remote user name */ #define PAM_USER_PROMPT 9 /* the prompt for getting a username */ #define PAM_FAIL_DELAY 10 /* app supplied function to override failure delays */ +/* -------------- Special defines used by Linux-PAM -------------- */ + +#if defined(__GNUC__) && defined(__GNUC_MINOR__) +# define PAM_GNUC_PREREQ(maj, min) \ + ((__GNUC__ << 16) + __GNUC_MINOR__ >= ((maj) << 16) + (min)) +#else +# define PAM_GNUC_PREREQ(maj, min) 0 +#endif + +#if PAM_GNUC_PREREQ(2,5) +# define PAM_FORMAT(params) __attribute__((__format__ params)) +#else +# define PAM_FORMAT(params) +#endif + +#if PAM_GNUC_PREREQ(3,3) && !defined(LIBPAM_COMPILE) +# define PAM_NONNULL(params) __attribute__((__nonnull__ params)) +#else +# define PAM_NONNULL(params) +#endif + /* ---------- Common Linux-PAM application/module PI ----------- */ -extern int pam_set_item(pam_handle_t *pamh, int item_type, const void *item); -extern int pam_get_item(const pam_handle_t *pamh, int item_type, - const void **item); -extern const char *pam_strerror(pam_handle_t *pamh, int errnum); +extern int PAM_NONNULL((1)) +pam_set_item(pam_handle_t *pamh, int item_type, const void *item); + +extern int PAM_NONNULL((1)) +pam_get_item(const pam_handle_t *pamh, int item_type, const void **item); + +extern const char * +pam_strerror(pam_handle_t *pamh, int errnum); + +extern int PAM_NONNULL((1,2)) +pam_putenv(pam_handle_t *pamh, const char *name_value); + +extern const char * PAM_NONNULL((1,2)) +pam_getenv(pam_handle_t *pamh, const char *name); -extern int pam_putenv(pam_handle_t *pamh, const char *name_value); -extern const char *pam_getenv(pam_handle_t *pamh, const char *name); -extern char **pam_getenvlist(pam_handle_t *pamh); +extern char ** PAM_NONNULL((1)) +pam_getenvlist(pam_handle_t *pamh); /* ---------- Common Linux-PAM application/module PI ----------- */ @@ -189,22 +212,6 @@ extern char **pam_getenvlist(pam_handle_t *pamh); #define HAVE_PAM_FAIL_DELAY extern int pam_fail_delay(pam_handle_t *pamh, unsigned int musec_delay); -#include <syslog.h> -#ifndef LOG_AUTHPRIV -# ifdef LOG_PRIV -# define LOG_AUTHPRIV LOG_PRIV -# endif /* LOG_PRIV */ -#endif /* !LOG_AUTHPRIV */ - -#ifdef MEMORY_DEBUG -/* - * this defines some macros that keep track of what memory has been - * allocated and indicates leakage etc... It should not be included in - * production application/modules. - */ -#include <security/pam_malloc.h> -#endif - /* ------------ The Linux-PAM conversation structures ------------ */ /* Message styles */ @@ -272,18 +279,6 @@ struct pam_conv { void *appdata_ptr; }; -#ifndef LINUX_PAM -/* - * the following few lines represent a hack. They are there to make - * the Linux-PAM headers more compatible with the Sun ones, which have a - * less strictly separated notion of module specific and application - * specific definitions. - */ -#include <security/pam_appl.h> -#include <security/pam_modules.h> -#endif - - /* ... adapted from the pam_appl.h file created by Theodore Ts'o and * * Copyright Theodore Ts'o, 1996. All rights reserved. @@ -301,13 +296,13 @@ struct pam_conv { * 3. The name of the author may not be used to endorse or promote * products derived from this software without specific prior * written permission. - * + * * ALTERNATIVELY, this product may be distributed under the terms of * the GNU Public License, in which case the provisions of the GPL are * required INSTEAD OF the above restrictions. (This clause is * necessary due to a potential bad interaction between the GPL and * the restrictions contained in a BSD-style copyright.) - * + * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE @@ -321,4 +316,3 @@ struct pam_conv { * OF THE POSSIBILITY OF SUCH DAMAGE. */ #endif /* _SECURITY__PAM_TYPES_H */ - diff --git a/Linux-PAM/libpam/include/security/pam_appl.h b/Linux-PAM/libpam/include/security/pam_appl.h index 69ee544d..d4172c69 100644 --- a/Linux-PAM/libpam/include/security/pam_appl.h +++ b/Linux-PAM/libpam/include/security/pam_appl.h @@ -1,16 +1,11 @@ /* * <security/pam_appl.h> - * + * * This header file collects definitions for the PAM API --- that is, * public interface between the PAM library and an application program * that wishes to use it. * * Note, the copyright information is at end of file. - * - * Created: 15-Jan-96 by TYT - * Last modified: 1996/3/5 by AGM - * - * $Id: pam_appl.h,v 1.3 2000/11/19 23:54:02 agmorgan Exp $ */ #ifndef _SECURITY_PAM_APPL_H @@ -19,41 +14,53 @@ #ifdef __cplusplus extern "C" { #endif - + #include <security/_pam_types.h> /* Linux-PAM common defined types */ /* -------------- The Linux-PAM Framework layer API ------------- */ -extern int pam_start(const char *service_name, const char *user, - const struct pam_conv *pam_conversation, - pam_handle_t **pamh); -extern int pam_end(pam_handle_t *pamh, int pam_status); +extern int PAM_NONNULL((1,3,4)) +pam_start(const char *service_name, const char *user, + const struct pam_conv *pam_conversation, + pam_handle_t **pamh); + +extern int PAM_NONNULL((1)) +pam_end(pam_handle_t *pamh, int pam_status); /* Authentication API's */ -extern int pam_authenticate(pam_handle_t *pamh, int flags); -extern int pam_setcred(pam_handle_t *pamh, int flags); +extern int PAM_NONNULL((1)) +pam_authenticate(pam_handle_t *pamh, int flags); + +extern int PAM_NONNULL((1)) +pam_setcred(pam_handle_t *pamh, int flags); /* Account Management API's */ -extern int pam_acct_mgmt(pam_handle_t *pamh, int flags); +extern int PAM_NONNULL((1)) +pam_acct_mgmt(pam_handle_t *pamh, int flags); /* Session Management API's */ -extern int pam_open_session(pam_handle_t *pamh, int flags); -extern int pam_close_session(pam_handle_t *pamh, int flags); +extern int PAM_NONNULL((1)) +pam_open_session(pam_handle_t *pamh, int flags); + +extern int PAM_NONNULL((1)) +pam_close_session(pam_handle_t *pamh, int flags); /* Password Management API's */ -extern int pam_chauthtok(pam_handle_t *pamh, int flags); +extern int PAM_NONNULL((1)) +pam_chauthtok(pam_handle_t *pamh, int flags); -#ifdef __cplusplus -} -#endif /* take care of any compatibility issues */ #include <security/_pam_compat.h> +#ifdef __cplusplus +} +#endif + /* * Copyright Theodore Ts'o, 1996. All rights reserved. * @@ -69,13 +76,13 @@ extern int pam_chauthtok(pam_handle_t *pamh, int flags); * 3. The name of the author may not be used to endorse or promote * products derived from this software without specific prior * written permission. - * + * * ALTERNATIVELY, this product may be distributed under the terms of * the GNU Public License, in which case the provisions of the GPL are * required INSTEAD OF the above restrictions. (This clause is * necessary due to a potential bad interaction between the GPL and * the restrictions contained in a BSD-style copyright.) - * + * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE diff --git a/Linux-PAM/libpam/include/security/pam_ext.h b/Linux-PAM/libpam/include/security/pam_ext.h new file mode 100644 index 00000000..111dd633 --- /dev/null +++ b/Linux-PAM/libpam/include/security/pam_ext.h @@ -0,0 +1,81 @@ +/* + * Copyright (C) 2005, 2006 Thorsten Kukuk. + * + * <security/pam_ext.h> + * + * This header file collects definitions for the extended PAM API. + * This is a public interface of the PAM library for PAM modules, + * which makes the life of PAM developers easier, but are not documented + * in any standard and are not portable between different PAM + * implementations. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, and the entire permission notice in its entirety, + * including the disclaimer of warranties. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior + * written permission. + * + * ALTERNATIVELY, this product may be distributed under the terms of + * the GNU Public License, in which case the provisions of the GPL are + * required INSTEAD OF the above restrictions. (This clause is + * necessary due to a potential bad interaction between the GPL and + * the restrictions contained in a BSD-style copyright.) + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED + * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#ifndef _SECURITY__PAM_EXT_H_ +#define _SECURITY__PAM_EXT_H_ + +#ifdef __cplusplus +extern "C" { +#endif + +#include <security/_pam_types.h> +#include <stdarg.h> + +extern void PAM_FORMAT((printf, 3, 0)) PAM_NONNULL((3)) +pam_vsyslog (const pam_handle_t *pamh, int priority, + const char *fmt, va_list args); + +extern void PAM_FORMAT((printf, 3, 4)) PAM_NONNULL((3)) +pam_syslog (const pam_handle_t *pamh, int priority, const char *fmt, ...); + +extern int PAM_FORMAT((printf, 4, 0)) PAM_NONNULL((1,4)) +pam_vprompt (pam_handle_t *pamh, int style, char **response, + const char *fmt, va_list args); + +extern int PAM_FORMAT((printf, 4, 5)) PAM_NONNULL((1,4)) +pam_prompt (pam_handle_t *pamh, int style, char **response, + const char *fmt, ...); + +#define pam_error(pamh, fmt...) \ + pam_prompt(pamh, PAM_ERROR_MSG, NULL, fmt) +#define pam_verror(pamh, fmt, args) \ + pam_vprompt(pamh, PAM_ERROR_MSG, NULL, fmt, args) + +#define pam_info(pamh, fmt...) pam_prompt(pamh, PAM_TEXT_INFO, NULL, fmt) +#define pam_vinfo(pamh, fmt, args) pam_vprompt(pamh, PAM_TEXT_INFO, NULL, fmt, args) + +#ifdef __cplusplus +} +#endif + +#endif diff --git a/Linux-PAM/libpam/include/security/pam_malloc.h b/Linux-PAM/libpam/include/security/pam_malloc.h deleted file mode 100644 index bbf31338..00000000 --- a/Linux-PAM/libpam/include/security/pam_malloc.h +++ /dev/null @@ -1,71 +0,0 @@ -/* - * $Id: pam_malloc.h,v 1.3 2001/11/26 03:04:47 agmorgan Exp $ - */ - -/* - * This file (via the use of macros) defines a wrapper for the malloc - * family of calls. It logs where the memory was requested and also - * where it was free()'d and keeps a list of currently requested memory. - * - * It is hoped that it will provide some help in locating memory leaks. - */ - -#ifndef PAM_MALLOC_H -#define PAM_MALLOC_H - -/* these are the macro definitions for the stdlib.h memory functions */ - -#define malloc(s) pam_malloc(s,__FILE__,__FUNCTION__,__LINE__) -#define calloc(n,s) pam_calloc(n,s,__FILE__,__FUNCTION__,__LINE__) -#define free(x) pam_free(x,__FILE__,__FUNCTION__,__LINE__) -/* #define memalign(a,s) pam_memalign(a,s,__FILE__,__FUNCTION__,__LINE__) */ -#define realloc(x,s) pam_realloc(x,s,__FILE__,__FUNCTION__,__LINE__) -/* #define valloc(s) pam_valloc(s,__FILE__,__FUNCTION__,__LINE__) */ -/* #define alloca(s) pam_alloca(s,__FILE__,__FUNCTION__,__LINE__) */ -#define exit(i) pam_exit(i,__FILE__,__FUNCTION__,__LINE__) -#define strdup(s) pam_strdup(s,__FILE__,__FUNCTION__,__LINE__) - -/* these are the prototypes for the wrapper functions */ - -#include <sys/types.h> - -extern void *pam_malloc(size_t s,const char *,const char *, int); -extern void *pam_calloc(size_t n,size_t s,const char *,const char *, int); -extern void pam_free(void *x,const char *,const char *, int); -extern void *pam_memalign(size_t a,size_t s - ,const char *,const char *, int); -extern void *pam_realloc(void *x,size_t s,const char *,const char *, int); -extern void *pam_valloc(size_t s,const char *,const char *, int); -extern void *pam_alloca(size_t s,const char *,const char *, int); -extern void pam_exit(int i,const char *,const char *, int); -extern char *pam_strdup(const char *,const char *,const char *, int); - -/* these are the flags used to turn on and off diagnostics */ - -#define PAM_MALLOC_LEAKED 01 -#define PAM_MALLOC_REQUEST 02 -#define PAM_MALLOC_FREE 04 -#define PAM_MALLOC_EXCH (PAM_MALLOC_FREED|PAM_MALLOC_EXCH) -#define PAM_MALLOC_RESIZE 010 -#define PAM_MALLOC_FAIL 020 -#define PAM_MALLOC_NULL 040 -#define PAM_MALLOC_VERIFY 0100 -#define PAM_MALLOC_FUNC 0200 -#define PAM_MALLOC_PAUSE 0400 -#define PAM_MALLOC_STOP 01000 - -#define PAM_MALLOC_ALL 0777 - -#define PAM_MALLOC_DEFAULT \ - (PAM_MALLOC_LEAKED|PAM_MALLOC_PAUSE|PAM_MALLOC_FAIL) - -#include <stdio.h> - -extern FILE *pam_malloc_outfile; /* defaults to stdout */ - -/* how much output do you want? */ - -extern int pam_malloc_flags; -extern int pam_malloc_delay_length; /* how long to pause on errors */ - -#endif /* PAM_MALLOC_H */ diff --git a/Linux-PAM/libpam/include/security/pam_modules.h b/Linux-PAM/libpam/include/security/pam_modules.h index 1f20993f..5c516c4e 100644 --- a/Linux-PAM/libpam/include/security/pam_modules.h +++ b/Linux-PAM/libpam/include/security/pam_modules.h @@ -1,32 +1,34 @@ /* * <security/pam_modules.h> - * - * $Id: pam_modules.h,v 1.3 2001/02/05 06:50:41 agmorgan Exp $ * + * This header file collects definitions for the PAM API --- that is, + * public interface between the PAM library and PAM modules. + * + * Note, the copyright information is at end of file. */ #ifndef _SECURITY_PAM_MODULES_H #define _SECURITY_PAM_MODULES_H -#include <security/_pam_types.h> /* Linux-PAM common defined types */ - -/* these defines are used by pam_set_item() and pam_get_item() and are - * in addition to those found in <security/_pam_types.h> */ +#ifdef __cplusplus +extern "C" { +#endif -#define PAM_AUTHTOK 6 /* The authentication token (password) */ -#define PAM_OLDAUTHTOK 7 /* The old authentication token */ +#include <security/_pam_types.h> /* Linux-PAM common defined types */ /* -------------- The Linux-PAM Module PI ------------- */ -extern int pam_set_data(pam_handle_t *pamh, const char *module_data_name, - void *data, - void (*cleanup)(pam_handle_t *pamh, void *data, - int error_status)); -extern int pam_get_data(const pam_handle_t *pamh, - const char *module_data_name, const void **data); +extern int PAM_NONNULL((1,2)) +pam_set_data(pam_handle_t *pamh, const char *module_data_name, void *data, + void (*cleanup)(pam_handle_t *pamh, void *data, + int error_status)); + +extern int PAM_NONNULL((1,2,3)) +pam_get_data(const pam_handle_t *pamh, const char *module_data_name, + const void **data); -extern int pam_get_user(pam_handle_t *pamh, const char **user - , const char *prompt); +extern int PAM_NONNULL((1,2)) +pam_get_user(pam_handle_t *pamh, const char **user, const char *prompt); #ifdef PAM_STATIC @@ -56,7 +58,7 @@ struct pam_module { #define PAM_EXTERN extern #endif /* PAM_STATIC */ - + /* Lots of files include pam_modules.h that don't need these * declared. However, when they are declared static, they * need to be defined later. So we have to protect C files @@ -127,9 +129,14 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags, #define PAM_DATA_REPLACE 0x20000000 /* used when replacing a data item */ + /* take care of any compatibility issues */ #include <security/_pam_compat.h> +#ifdef __cplusplus +} +#endif + /* Copyright (C) Theodore Ts'o, 1996. * Copyright (C) Andrew Morgan, 1996-8. * All rights reserved. @@ -146,13 +153,13 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags, * 3. The name of the author may not be used to endorse or promote * products derived from this software without specific prior * written permission. - * + * * ALTERNATIVELY, this product may be distributed under the terms of * the GNU General Public License, in which case the provisions of the * GNU GPL are required INSTEAD OF the above restrictions. (This * clause is necessary due to a potential bad interaction between the * GNU GPL and the restrictions contained in a BSD-style copyright.) - * + * * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE @@ -166,4 +173,3 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t *pamh, int flags, * OF THE POSSIBILITY OF SUCH DAMAGE. */ #endif /* _SECURITY_PAM_MODULES_H */ - diff --git a/Linux-PAM/libpam/include/security/pam_modutil.h b/Linux-PAM/libpam/include/security/pam_modutil.h new file mode 100644 index 00000000..efb72436 --- /dev/null +++ b/Linux-PAM/libpam/include/security/pam_modutil.h @@ -0,0 +1,104 @@ +/* + * Copyright (c) 2001-2002 Andrew Morgan <morgan@kernel.org> + * + * <security/pam_modutil.h> + * + * This file is a list of handy libc wrappers that attempt to provide some + * thread-safe and other convenient functionality to modules in a common form. + * + * A number of these functions reserve space in a pam_[sg]et_data item. + * In all cases, the name of the item is prefixed with "pam_modutil_*". + * + * On systems that simply can't support thread safe programming, these + * functions don't support it either - sorry. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, and the entire permission notice in its entirety, + * including the disclaimer of warranties. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * 3. The name of the author may not be used to endorse or promote + * products derived from this software without specific prior + * written permission. + * + * ALTERNATIVELY, this product may be distributed under the terms of + * the GNU Public License, in which case the provisions of the GPL are + * required INSTEAD OF the above restrictions. (This clause is + * necessary due to a potential bad interaction between the GPL and + * the restrictions contained in a BSD-style copyright.) + * + * THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED + * WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE + * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, + * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES + * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR + * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) + * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, + * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) + * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED + * OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +#ifndef _SECURITY__PAM_MODUTIL_H +#define _SECURITY__PAM_MODUTIL_H + +#ifdef __cplusplus +extern "C" { +#endif + +#include <security/_pam_types.h> + +extern struct passwd * PAM_NONNULL((1,2)) +pam_modutil_getpwnam(pam_handle_t *pamh, const char *user); + +extern struct passwd * PAM_NONNULL((1)) +pam_modutil_getpwuid(pam_handle_t *pamh, uid_t uid); + +extern struct group * PAM_NONNULL((1,2)) +pam_modutil_getgrnam(pam_handle_t *pamh, const char *group); + +extern struct group * PAM_NONNULL((1)) +pam_modutil_getgrgid(pam_handle_t *pamh, gid_t gid); + +extern struct spwd * PAM_NONNULL((1,2)) +pam_modutil_getspnam(pam_handle_t *pamh, const char *user); + +extern int PAM_NONNULL((1,2,3)) +pam_modutil_user_in_group_nam_nam(pam_handle_t *pamh, + const char *user, + const char *group); + +extern int PAM_NONNULL((1,2)) +pam_modutil_user_in_group_nam_gid(pam_handle_t *pamh, + const char *user, + gid_t group); + +extern int PAM_NONNULL((1,3)) +pam_modutil_user_in_group_uid_nam(pam_handle_t *pamh, + uid_t user, + const char *group); + +extern int PAM_NONNULL((1)) +pam_modutil_user_in_group_uid_gid(pam_handle_t *pamh, + uid_t user, + gid_t group); + +extern const char * PAM_NONNULL((1)) +pam_modutil_getlogin(pam_handle_t *pamh); + +extern int +pam_modutil_read(int fd, char *buffer, int count); + +extern int +pam_modutil_write(int fd, const char *buffer, int count); + +#ifdef __cplusplus +} +#endif + +#endif /* _SECURITY__PAM_MODUTIL_H */ |