root/nsswitch/pam_winbind.h

/* [<][>][^][v][top][bottom][index][help] */

INCLUDED FROM


   1 /* pam_winbind header file
   2    (Solaris needs some macros from Linux for common PAM code)
   3 
   4    Shirish Kalele 2000
   5 */
   6 
   7 #include "../lib/replace/replace.h"
   8 #include "system/syslog.h"
   9 #include "system/time.h"
  10 #include <talloc.h>
  11 #include "libwbclient/wbclient.h"
  12 #include "localedir.h"
  13 
  14 #define MODULE_NAME "pam_winbind"
  15 #define PAM_SM_AUTH
  16 #define PAM_SM_ACCOUNT
  17 #define PAM_SM_PASSWORD
  18 #define PAM_SM_SESSION
  19 
  20 #ifndef PAM_WINBIND_CONFIG_FILE
  21 #define PAM_WINBIND_CONFIG_FILE "/etc/security/pam_winbind.conf"
  22 #endif
  23 
  24 #include <iniparser.h>
  25 
  26 #ifdef HAVE_LIBINTL_H
  27 #include <libintl.h>
  28 #endif
  29 
  30 #if defined(LINUX)
  31 
  32 /* newer versions of PAM have this in _pam_compat.h */
  33 #ifndef PAM_AUTHTOK_RECOVERY_ERR
  34 #define PAM_AUTHTOK_RECOVERY_ERR PAM_AUTHTOK_RECOVER_ERR
  35 #endif
  36 
  37 #else /* !LINUX */
  38 
  39 /* Solaris always uses dynamic pam modules */
  40 #define PAM_EXTERN extern
  41 #if defined(HAVE_SECURITY_PAM_APPL_H)
  42 #include <security/pam_appl.h>
  43 #elif defined(HAVE_PAM_PAM_APPL_H)
  44 #include <pam/pam_appl.h>
  45 #endif
  46 
  47 #ifndef PAM_AUTHTOK_RECOVER_ERR
  48 #define PAM_AUTHTOK_RECOVER_ERR PAM_AUTHTOK_RECOVERY_ERR
  49 #endif
  50 
  51 #endif /* defined(SUNOS5) || defined(SUNOS4) || defined(HPUX) || defined(FREEBSD) || defined(AIX) */
  52 
  53 #if defined(HAVE_SECURITY_PAM_MODULES_H)
  54 #include <security/pam_modules.h>
  55 #elif defined(HAVE_PAM_PAM_MODULES_H)
  56 #include <pam/pam_modules.h>
  57 #endif
  58 
  59 #if defined(HAVE_SECURITY__PAM_MACROS_H)
  60 #include <security/_pam_macros.h>
  61 #elif defined(HAVE_PAM__PAM_MACROS_H)
  62 #include <pam/_pam_macros.h>
  63 #else
  64 /* Define required macros from (Linux PAM 0.68) security/_pam_macros.h */
  65 #define _pam_drop_reply(/* struct pam_response * */ reply, /* int */ replies) \
  66 do {                                              \
  67     int reply_i;                                  \
  68                                                   \
  69     for (reply_i=0; reply_i<replies; ++reply_i) { \
  70         if (reply[reply_i].resp) {                \
  71             _pam_overwrite(reply[reply_i].resp);  \
  72             free(reply[reply_i].resp);            \
  73         }                                         \
  74     }                                             \
  75     if (reply)                                    \
  76         free(reply);                              \
  77 } while (0)
  78 
  79 #define _pam_overwrite(x)        \
  80 do {                             \
  81      register char *__xx__;      \
  82      if ((__xx__=(x)))           \
  83           while (*__xx__)        \
  84                *__xx__++ = '\0'; \
  85 } while (0)
  86 
  87 /*
  88  * Don't just free it, forget it too.
  89  */
  90 
  91 #define _pam_drop(X) SAFE_FREE(X)
  92 
  93 #define  x_strdup(s)  ( (s) ? strdup(s):NULL )
  94 #endif /* HAVE_SECURITY__PAM_MACROS_H */
  95 
  96 #ifdef HAVE_SECURITY_PAM_EXT_H
  97 #include <security/pam_ext.h>
  98 #endif
  99 
 100 #define WINBIND_DEBUG_ARG               0x00000001
 101 #define WINBIND_USE_AUTHTOK_ARG         0x00000002
 102 #define WINBIND_UNKNOWN_OK_ARG          0x00000004
 103 #define WINBIND_TRY_FIRST_PASS_ARG      0x00000008
 104 #define WINBIND_USE_FIRST_PASS_ARG      0x00000010
 105 #define WINBIND__OLD_PASSWORD           0x00000020
 106 #define WINBIND_REQUIRED_MEMBERSHIP     0x00000040
 107 #define WINBIND_KRB5_AUTH               0x00000080
 108 #define WINBIND_KRB5_CCACHE_TYPE        0x00000100
 109 #define WINBIND_CACHED_LOGIN            0x00000200
 110 #define WINBIND_CONFIG_FILE             0x00000400
 111 #define WINBIND_SILENT                  0x00000800
 112 #define WINBIND_DEBUG_STATE             0x00001000
 113 #define WINBIND_WARN_PWD_EXPIRE         0x00002000
 114 #define WINBIND_MKHOMEDIR               0x00004000
 115 
 116 #if defined(HAVE_GETTEXT) && !defined(__LCLINT__)
 117 #define _(string) dgettext(MODULE_NAME, string)
 118 #else
 119 #define _(string) string
 120 #endif
 121 
 122 #define N_(string) string
 123 
 124 /*
 125  * here is the string to inform the user that the new passwords they
 126  * typed were not the same.
 127  */
 128 
 129 #define MISTYPED_PASS _("Sorry, passwords do not match")
 130 
 131 #define on(x, y) (x & y)
 132 #define off(x, y) (!(x & y))
 133 
 134 #define PAM_WINBIND_NEW_AUTHTOK_REQD "PAM_WINBIND_NEW_AUTHTOK_REQD"
 135 #define PAM_WINBIND_NEW_AUTHTOK_REQD_DURING_AUTH "PAM_WINBIND_NEW_AUTHTOK_REQD_DURING_AUTH"
 136 #define PAM_WINBIND_HOMEDIR "PAM_WINBIND_HOMEDIR"
 137 #define PAM_WINBIND_LOGONSCRIPT "PAM_WINBIND_LOGONSCRIPT"
 138 #define PAM_WINBIND_LOGONSERVER "PAM_WINBIND_LOGONSERVER"
 139 #define PAM_WINBIND_PROFILEPATH "PAM_WINBIND_PROFILEPATH"
 140 #define PAM_WINBIND_PWD_LAST_SET "PAM_WINBIND_PWD_LAST_SET"
 141 
 142 #define SECONDS_PER_DAY 86400
 143 
 144 #define DEFAULT_DAYS_TO_WARN_BEFORE_PWD_EXPIRES 14
 145 
 146 #include "winbind_client.h"
 147 
 148 #define PAM_WB_REMARK_DIRECT(c,x)\
 149 {\
 150         const char *error_string = NULL; \
 151         error_string = _get_ntstatus_error_string(x);\
 152         if (error_string != NULL) {\
 153                 _make_remark(c, PAM_ERROR_MSG, error_string);\
 154         } else {\
 155                 _make_remark(c, PAM_ERROR_MSG, x);\
 156         };\
 157 };
 158 
 159 #define LOGON_KRB5_FAIL_CLOCK_SKEW      0x02000000
 160 
 161 #define PAM_WB_CACHED_LOGON(x) (x & WBC_AUTH_USER_INFO_CACHED_ACCOUNT)
 162 #define PAM_WB_KRB5_CLOCK_SKEW(x) (x & LOGON_KRB5_FAIL_CLOCK_SKEW)
 163 #define PAM_WB_GRACE_LOGON(x)  ((WBC_AUTH_USER_INFO_CACHED_ACCOUNT|WBC_AUTH_USER_INFO_GRACE_LOGON) == ( x & (WBC_AUTH_USER_INFO_CACHED_ACCOUNT|WBC_AUTH_USER_INFO_GRACE_LOGON)))
 164 
 165 struct pwb_context {
 166         pam_handle_t *pamh;
 167         int flags;
 168         int argc;
 169         const char **argv;
 170         dictionary *dict;
 171         uint32_t ctrl;
 172 };
 173 
 174 #ifndef TALLOC_FREE
 175 #define TALLOC_FREE(ctx) do { talloc_free(ctx); ctx=NULL; } while(0)
 176 #endif
 177 #define TALLOC_ZERO_P(ctx, type) (type *)_talloc_zero(ctx, sizeof(type), #type)
 178 #define TALLOC_P(ctx, type) (type *)talloc_named_const(ctx, sizeof(type), #type)

/* [<][>][^][v][top][bottom][index][help] */