pam_kmux_options.h

Go to the documentation of this file.

/*
 *   $Id$
 *
 *   pam_kmux - Linux PAM Module to change passwords simultaneously on multiple databases.
 *
 *   Copyright (C) 2010 Julian Thome
 *
 *   This program is free software; you can redistribute it and/or modify it under the terms of
 *   the GNU General Public License as published by the Free Software Foundation;
 *   either version 3 of the License, or (at your option) any later version.
 *
 *   This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
 *   without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 *   See the GNU General Public License for more details.
 *
 *   You should have received a copy of the GNU General Public License along with this program;
 *   if not, see <http://www.gnu.org/licenses/>.
 */
/*
 *   $Id$
 *
 *   pam_kmux - Linux PAM Module to change passwords simultaneously on multiple databases.
 *
 *   Copyright (C) 2010 Julian Thome
 *
 *   This program is free software; you can redistribute it and/or modify it under the terms of
 *   the GNU General Public License as published by the Free Software Foundation;
 *   either version 3 of the License, or (at your option) any later version.
 *
 *   This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
 *   without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 *   See the GNU General Public License for more details.
 *
 *   You should have received a copy of the GNU General Public License along with this program;
 *   if not, see <http://www.gnu.org/licenses/>.
 */

#ifndef __PAM_KMUX_OPTIONS_H
#define __PAM_KMUX_OPTIONS_H

#include <security/pam_appl.h>

/* these options are needed in pam_get_pass */
#define PAM_OPT_DEBUG                   0x01
#define PAM_OPT_NO_WARN                 0x02
#define PAM_OPT_USE_FIRST_PASS          0x04
#define PAM_OPT_TRY_FIRST_PASS          0x08
#define PAM_OPT_USE_MAPPED_PASS         0x10
#define PAM_OPT_ECHO_PASS               0x20
#define PAM_OPT_TRY_OLDAUTH             0x40
#define PAM_OPT_USE_OLDAUTH             0x80

#define PAM_KMUX_CONFFILE_OPT           "conffile"

#define PAM_KMUX_DEBUG_OPT              "debug"

#define PAM_KMUX_DEFAULT_CONFFILE       "/etc/pam_kmux.conf"

#define PAM_KMUX_DEFAULT_DEBUG          LG_INFO


typedef enum {
        DB_FIREBIRD = 0,        
        DB_MYSQL,               
        DB_POSTGRES,            
        DB_TYPES,               
        DB_UNDEFINED            
} db_type;

typedef enum {
        LG_INIT = 0,            
        LG_DEBUG,               
        LG_INFO,                
        LG_ERR                  
} log_type;

typedef enum {
        PW_CLEAR = 0,           
        PW_MD5,                 
        PW_CRYPT,               
        PW_CRYPT_MD5,           
        PW_SHA1,                
        PW_T9,                  
        PW_T9_MD5,              
        PW_SCHEMES              
} pw_scheme;

typedef struct modopt_s {
        char *connstr;          
        char *host;             
        char *db;               
        char *table;            
        char *timeout;          
        db_type type;           
        char *port;             
        char *user;             
        char *passwd;           
        char *sslmode;          
        char *column_user;      
        char *column_pwd;       
        char *query_pwd;        
        char *query_auth;       
        pw_scheme pw_type;      
} modopt_t;

typedef struct modopts_s {
        int len;                        
        int std_flags;                  
        modopt_t **modopt_list;         
} modopts_t;

typedef void* (*f_db_connect)(const modopt_t *options);

typedef void (*f_db_disconnect)(void* vconn);

typedef int (*f_expand_query)(char **command, const char** values, const char *query, const char *service, const char *user, const char *passwd, const char *rhost, const char *raddr, const modopt_t *options);

typedef int (*f_exec_param)(void *vconn, void **vres, const char *query, const char *service, const char *user, const char *passwd, const char *rhost, const modopt_t *options);

typedef int (*f_backend_authenticate)(const char *service, const char *user, const char *passwd, const char *rhost, const modopt_t *options);

typedef struct backfunc_s {
        f_db_connect db_connect;                        
        f_db_disconnect db_disconnect;                  
        f_expand_query expand_query;                    
        f_exec_param exec_param;                        
        f_backend_authenticate backend_authenticate;    
} backfunc_t;

typedef const char* (*f_hashfunc)(const char *pass,...);

typedef struct pam_modopt_s {
        log_type debug;                                 
        char *conffile;                                 
        backfunc_t backfuncs[(int)DB_TYPES];            
        f_hashfunc pwhashfuncs[(int)PW_SCHEMES];        
        const char *e2str_db_type[(int)DB_TYPES];       
        const char *e2str_pw_scheme[(int)PW_SCHEMES];   
        pam_handle_t *pamh;                             
} pam_modopt_t;

void log_options_container(const modopts_t *options_container);

void log_options(const modopt_t *options);

modopt_t * get_modopt(void);

modopts_t * get_modopts(void);

void free_modopt(modopt_t *options);

void free_modopts(modopts_t *options_container);

void init_pamod_options(void);

void free_pamod_options(void);

void set_pamod_defaults(void);

char* getstr_option(const modopt_t *options);
#endif

---