1 /*-
2  * Copyright (c) 2002-2003 Networks Associates Technology, Inc.
3  * Copyright (c) 2004-2011 Dag-Erling Smørgrav
4  * All rights reserved.
5  *
6  * This software was developed for the FreeBSD Project by ThinkSec AS and
7  * Network Associates Laboratories, the Security Research Division of
8  * Network Associates, Inc.  under DARPA/SPAWAR contract N66001-01-C-8035
9  * ("CBOSS"), as part of the DARPA CHATS research program.
10  *
11  * Redistribution and use in source and binary forms, with or without
12  * modification, are permitted provided that the following conditions
13  * are met:
14  * 1. Redistributions of source code must retain the above copyright
15  *    notice, this list of conditions and the following disclaimer.
16  * 2. Redistributions in binary form must reproduce the above copyright
17  *    notice, this list of conditions and the following disclaimer in the
18  *    documentation and/or other materials provided with the distribution.
19  * 3. The name of the author may not be used to endorse or promote
20  *    products derived from this software without specific prior written
21  *    permission.
22  *
23  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
24  * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
25  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
26  * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
27  * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
28  * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
29  * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
30  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
31  * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
32  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
33  * SUCH DAMAGE.
34  *
35  * $Id: pam_appl.h 437 2011-09-13 12:00:13Z des $
36  */
37 
38 #ifndef SECURITY_PAM_APPL_H_INCLUDED
39 #define SECURITY_PAM_APPL_H_INCLUDED
40 
41 #include <security/pam_types.h>
42 #include <security/pam_constants.h>
43 #include <security/openpam_attr.h>
44 
45 #ifdef __cplusplus
46 extern "C" {
47 #endif
48 
49 /*
50  * XSSO 4.2.1, 6
51  */
52 
53 int
54 pam_acct_mgmt(pam_handle_t *_pamh,
55 	int _flags)
56 	OPENPAM_NONNULL((1));
57 
58 int
59 pam_authenticate(pam_handle_t *_pamh,
60 	int _flags)
61 	OPENPAM_NONNULL((1));
62 
63 int
64 pam_chauthtok(pam_handle_t *_pamh,
65 	int _flags)
66 	OPENPAM_NONNULL((1));
67 
68 int
69 pam_close_session(pam_handle_t *_pamh,
70 	int _flags)
71 	OPENPAM_NONNULL((1));
72 
73 int
74 pam_end(pam_handle_t *_pamh,
75 	int _status);
76 
77 int
78 pam_get_data(const pam_handle_t *_pamh,
79 	const char *_module_data_name,
80 	const void **_data)
81 	OPENPAM_NONNULL((2,3));
82 
83 int
84 pam_get_item(const pam_handle_t *_pamh,
85 	int _item_type,
86 	const void **_item)
87 	OPENPAM_NONNULL((3));
88 
89 int
90 pam_get_user(pam_handle_t *_pamh,
91 	const char **_user,
92 	const char *_prompt);
93 
94 const char *
95 pam_getenv(pam_handle_t *_pamh,
96 	const char *_name);
97 
98 char **
99 pam_getenvlist(pam_handle_t *_pamh);
100 
101 int
102 pam_open_session(pam_handle_t *_pamh,
103 	int _flags)
104 	OPENPAM_NONNULL((1));
105 
106 int
107 pam_putenv(pam_handle_t *_pamh,
108 	const char *_namevalue);
109 
110 int
111 pam_set_data(pam_handle_t *_pamh,
112 	const char *_module_data_name,
113 	void *_data,
114 	void (*_cleanup)(pam_handle_t *_pamh,
115 		void *_data,
116 		int _pam_end_status))
117 	OPENPAM_NONNULL((2));
118 
119 int
120 pam_set_item(pam_handle_t *_pamh,
121 	int _item_type,
122 	const void *_item);
123 
124 int
125 pam_setcred(pam_handle_t *_pamh,
126 	int _flags)
127 	OPENPAM_NONNULL((1));
128 
129 int
130 pam_start(const char *_service,
131 	const char *_user,
132 	const struct pam_conv *_pam_conv,
133 	pam_handle_t **_pamh)
134 	OPENPAM_NONNULL((4));
135 
136 const char *
137 pam_strerror(const pam_handle_t *_pamh,
138 	int _error_number);
139 
140 /*
141  * Single Sign-On extensions
142  */
143 #if 0
144 int
145 pam_authenticate_secondary(pam_handle_t *_pamh,
146 	char *_target_username,
147 	char *_target_module_type,
148 	char *_target_authn_domain,
149 	char *_target_supp_data,
150 	char *_target_module_authtok,
151 	int _flags);
152 
153 int
154 pam_get_mapped_authtok(pam_handle_t *_pamh,
155 	const char *_target_module_username,
156 	const char *_target_module_type,
157 	const char *_target_authn_domain,
158 	size_t *_target_authtok_len,
159 	unsigned char **_target_module_authtok);
160 
161 int
162 pam_get_mapped_username(pam_handle_t *_pamh,
163 	const char *_src_username,
164 	const char *_src_module_type,
165 	const char *_src_authn_domain,
166 	const char *_target_module_type,
167 	const char *_target_authn_domain,
168 	char **_target_module_username);
169 
170 int
171 pam_set_mapped_authtok(pam_handle_t *_pamh,
172 	const char *_target_module_username,
173 	size_t _target_authtok_len,
174 	unsigned char *_target_module_authtok,
175 	const char *_target_module_type,
176 	const char *_target_authn_domain);
177 
178 int
179 pam_set_mapped_username(pam_handle_t *_pamh,
180 	char *_src_username,
181 	char *_src_module_type,
182 	char *_src_authn_domain,
183 	char *_target_module_username,
184 	char *_target_module_type,
185 	char *_target_authn_domain);
186 #endif /* 0 */
187 
188 #ifdef __cplusplus
189 }
190 #endif
191 
192 #endif /* !SECURITY_PAM_APPL_H_INCLUDED */
193