pam_kmux_options.h File Reference
#include <security/pam_appl.h>
Go to the source code of this file.
Data Structures | |
| struct | modopt_s |
| A C-strucutre which represents a database connection. More... | |
| struct | modopts_s |
| A C-strucutre which represents a collection of database connections. More... | |
| struct | backfunc_s |
| Backend function pointer encapsulating structure. More... | |
| struct | pam_modopt_s |
| A C-strucutre which represents the global pam-module configuration. More... | |
Defines | |
| #define | PAM_OPT_DEBUG 0x01 |
| #define | PAM_OPT_NO_WARN 0x02 |
| #define | PAM_OPT_USE_FIRST_PASS 0x04 |
| #define | PAM_OPT_TRY_FIRST_PASS 0x08 |
| #define | PAM_OPT_USE_MAPPED_PASS 0x10 |
| #define | PAM_OPT_ECHO_PASS 0x20 |
| #define | PAM_OPT_TRY_OLDAUTH 0x40 |
| #define | PAM_OPT_USE_OLDAUTH 0x80 |
| #define | PAM_KMUX_CONFFILE_OPT "conffile" |
| #define | PAM_KMUX_DEBUG_OPT "debug" |
| #define | PAM_KMUX_DEFAULT_CONFFILE "/etc/pam_kmux.conf" |
| #define | PAM_KMUX_DEFAULT_DEBUG LG_INFO |
Typedefs | |
| typedef struct modopt_s | modopt_t |
| A C-strucutre which represents a database connection. | |
| typedef struct modopts_s | modopts_t |
| A C-strucutre which represents a collection of database connections. | |
| typedef void *(* | f_db_connect )(const modopt_t *options) |
| Function pointer for database connection. | |
| typedef void(* | f_db_disconnect )(void *vconn) |
| Function pointer for terimating the database connection. | |
| typedef int(* | f_expand_query )(char **command, const char **values, const char *query, const char *service, const char *user, const char *passwd, const char *rhost, const char *raddr, const modopt_t *options) |
| Build a SQL-query. | |
| typedef int(* | f_exec_param )(void *vconn, void **vres, const char *query, const char *service, const char *user, const char *passwd, const char *rhost, const modopt_t *options) |
| Execute a query. | |
| typedef int(* | f_backend_authenticate )(const char *service, const char *user, const char *passwd, const char *rhost, const modopt_t *options) |
| Authenticate against backend. | |
| typedef struct backfunc_s | backfunc_t |
| Backend function pointer encapsulating structure. | |
| typedef const char *(* | f_hashfunc )(const char *pass,...) |
| Hashify password. | |
| typedef struct pam_modopt_s | pam_modopt_t |
| A C-strucutre which represents the global pam-module configuration. | |
Enumerations | |
| enum | db_type { DB_FIREBIRD = 0, DB_MYSQL, DB_POSTGRES, DB_TYPES, DB_UNDEFINED } |
An enum to specify the database type. More... | |
| enum | log_type { LG_INIT = 0, LG_DEBUG, LG_INFO, LG_ERR } |
An enum to specify the loggin type. More... | |
| enum | pw_scheme { PW_CLEAR = 0, PW_MD5, PW_CRYPT, PW_CRYPT_MD5, PW_SHA1, PW_T9, PW_T9_MD5, PW_SCHEMES } |
An enum to specify the password type. More... | |
Functions | |
| void | log_options_container (const modopts_t *options_container) |
| Logging options_container. | |
| void | log_options (const modopt_t *options) |
| Logging options. | |
| modopt_t * | get_modopt (void) |
| Get a modopt_t object. | |
| modopts_t * | get_modopts (void) |
| Get a modopt_t object container. | |
| void | free_modopt (modopt_t *options) |
| Free allocated modopt_t space. | |
| void | free_modopts (modopts_t *options_container) |
| Free allocated modopts_t space. | |
| void | init_pamod_options (void) |
| Initilize global module options struct. | |
| void | free_pamod_options (void) |
| Free dynamically allocated space from the global module options struct. | |
| void | set_pamod_defaults (void) |
| Set default for global module option struct. | |
| char * | getstr_option (const modopt_t *options) |
| Return module-options-buffer. | |
Detailed Description
Message Makros. This File contains all structs, typedefs, enums and function signatures in relation to module-option-handling.
- Date:
- 2009-11-10
Define Documentation
| #define PAM_KMUX_CONFFILE_OPT "conffile" |
Pam-module options to specifie location of the configuration file to use in the password-stack
| #define PAM_KMUX_DEBUG_OPT "debug" |
Pam-module option to enable debug mode to use in the password stack
| #define PAM_KMUX_DEFAULT_CONFFILE "/etc/pam_kmux.conf" |
Default location of the pam_kmux-configuration file
| #define PAM_KMUX_DEFAULT_DEBUG LG_INFO |
Default logging mode
| #define PAM_OPT_DEBUG 0x01 |
| #define PAM_OPT_ECHO_PASS 0x20 |
| #define PAM_OPT_NO_WARN 0x02 |
| #define PAM_OPT_TRY_FIRST_PASS 0x08 |
| #define PAM_OPT_TRY_OLDAUTH 0x40 |
| #define PAM_OPT_USE_FIRST_PASS 0x04 |
| #define PAM_OPT_USE_MAPPED_PASS 0x10 |
| #define PAM_OPT_USE_OLDAUTH 0x80 |
Typedef Documentation
| typedef struct backfunc_s backfunc_t |
Backend function pointer encapsulating structure.
This struct represents all functions of all backends. Each function pointer of this struct needs a backend function.
| typedef int(* f_backend_authenticate)(const char *service, const char *user, const char *passwd, const char *rhost, const modopt_t *options) |
Authenticate against backend.
This function tries to finds out the database type given by the modopt_t *options object and run a authentification query on it.
- Parameters:
-
service Character array. user Character array contains username/uid of the user that tries to change password. passwd Character array contains the password of the user. rhost Character array contains the value of PAM_RHOST. This is only needed if you need something like this in your defined queries. options Struct which represents exactly one database connection.
- Return values:
-
PAM_SUCCESS Successfully authenticate against backend. PAM_AUTH_ERR Something went wrong. PAM_AUTHINFO_UNAVAIL Can not fetch authentication information.
| typedef void*(* f_db_connect)(const modopt_t *options) |
Function pointer for database connection.
A function referenced by this pointer should be implemented by every backend. This function is used to establish a database connection.
- Parameters:
-
options A modopt_t struct, which contains the database information will be used establish a database connection.
- Return values:
-
void* A database handle if everything is ok. NULL if something went wrong trying to establish a connection.
| typedef void(* f_db_disconnect)(void *vconn) |
Function pointer for terimating the database connection.
A function referenced by this pointer should be implemented by every backend. This function is used to close a database connection.
- Parameters:
-
vconn Database handle.
- Returns:
- Nothing to return.
| typedef int(* f_exec_param)(void *vconn, void **vres, const char *query, const char *service, const char *user, const char *passwd, const char *rhost, const modopt_t *options) |
Execute a query.
This function tries to find out the database type given by the modopt_t *options object and run a query on it. This query automatically finds out if query is a SELECT statement or not.
- Parameters:
-
vconn A database handle. vres The query-result. query The original query which is not expanded yet thus the given variables arent substituted by their meaning. service Service name character array. user Character array which contains username/uid of the user that tries to change password. passwd Contains entered password of user to encode it and put it into database. rhost Character array contains the value of PAM_RHOST. This is only needed if you need something like this in your defined queries. options Struct which represents exactly one database connection.
- Return values:
-
PAM_SUCCESS Successfully executed query. PAM_AUTH_ERR Something went wrong.
| typedef int(* f_expand_query)(char **command, const char **values, const char *query, const char *service, const char *user, const char *passwd, const char *rhost, const char *raddr, const modopt_t *options) |
Build a SQL-query.
This function build a valid SQL-query. Some variables like u for user or c for column_password are substitutet by their meaning.
- Parameters:
-
command In this char array the resulting query will be stored. values This parameter is needed if the database supports it to handle query-variables and their values separately (like Postgres do). In this case you can fill this array with the values where value[0] corresponds to the first variable in the query, value[1] corresponds to the second variable in the query ... and so on. query The original query which is not expanded yet thus the given variables aren't substituted by their meaning. service Service name character array. user Character array which contains username/uid of the user that tries to change password - only for using password in a SQL-query. passwd Password parameter - only for using passw in a SQL-query. rhost Value of PAM_RHOST - only for using rhost in a SQL-query. raddr Remote Address - the ip of rhost - only for using raddr in a SQL-query. options Struct which represents exactly one database connection - only for using options in a SQL-query.
- Returns:
- Nothing to return.
| typedef const char*(* f_hashfunc)(const char *pass,...) |
Hashify password.
This function takes password informations to build a hash.
- Parameters:
-
param Information to build hash. In the most cases this will be the cleartext password of a hashes password which should be hashed again.
- Return values:
-
cons char* The builded hash.
A C-strucutre which represents a database connection.
This struct represents a database entry configured in the configuration file.
A C-strucutre which represents a collection of database connections.
This struct represents a list of database connection.
| typedef struct pam_modopt_s pam_modopt_t |
A C-strucutre which represents the global pam-module configuration.
this struct represents options (debug or conffile), which are defined in the pam_stack.
Enumeration Type Documentation
| enum db_type |
An enum to specify the database type.
This enumeration type is used to map a configured database to a number. DB_UNDEFINED is only needed to initialize database-type.
| enum log_type |
An enum to specify the loggin type.
This enumeration type is used to map a configured loggin type to a number. The levels increase in order of their importance.
| enum pw_scheme |
An enum to specify the password type.
This enumeration type is used to map a configured hash to a number.
- Enumerator:
Function Documentation
| void free_modopt | ( | modopt_t * | options | ) |
Free allocated modopt_t space.
This function frees the previously allocated space.
- Parameters:
-
options Allocated space to this pointer will be freed.
- Returns:
- Nothing to return.
| void free_modopts | ( | modopts_t * | options_container | ) |
Free allocated modopts_t space.
This function frees the previously allocated space.
- Parameters:
-
options_container Allocated space to this pointer will be freed.
- Returns:
- Nothing to return.
| void free_pamod_options | ( | void | ) |
Free dynamically allocated space from the global module options struct.
This function frees all dynamically allocated space from the global pam_modopt_t structure.
- Returns:
- Nothing to return.
| modopt_t* get_modopt | ( | void | ) |
Get a modopt_t object.
This function creates and initialize an modopt_t object and returns the memory adress.
- Returns:
- modopt_t Memory Adress to allocated and initialized struct.
| modopts_t* get_modopts | ( | void | ) |
Get a modopt_t object container.
This function creates and initialize an modopts_t object returns the memory adress.
- Returns:
- modopts_t Memory Adress to allocated and initialized struct.
| char* getstr_option | ( | const modopt_t * | options | ) |
Return module-options-buffer.
This function set default values for global pam_modopt_t structure to initialize it properly.
- Return values:
-
char* Generated buffer which contains the whole module parameters. This buffer can be used for output. NULL if something went wrong during buffer generation.
| void init_pamod_options | ( | void | ) |
Initilize global module options struct.
This function initialize the global struct which contains global module information.
- Returns:
- Nothing to return
| void log_options | ( | const modopt_t * | options | ) |
Logging options.
Log the complete options of the struct options, which represents a database-connection to syslog.
- Parameters:
-
options All informations of this parameter will be logged.
- Returns:
- Nothin to return.
| void log_options_container | ( | const modopts_t * | options_container | ) |
Logging options_container.
Log the complete content of the struct options_container to syslog.
- Parameters:
-
options_container All informations of this paramater will be logged.
- Returns:
- Nothing to return.
| void set_pamod_defaults | ( | void | ) |
Set default for global module option struct.
This function set default values for global pam_modopt_t structure to initialize it properly.
- Returns:
- Nothing to return.
