passdb.h revision c25356d5978632df6203437e1953bcb29e0c736f
c25356d5978632df6203437e1953bcb29e0c736fTimo Sirainen#ifndef PASSDB_H
c25356d5978632df6203437e1953bcb29e0c736fTimo Sirainen#define PASSDB_H
25757faf029c369a8318349dafe952e2358df1d8Timo Sirainen
25757faf029c369a8318349dafe952e2358df1d8Timo Sirainen#define IS_VALID_PASSWD(pass) \
25757faf029c369a8318349dafe952e2358df1d8Timo Sirainen ((pass)[0] != '\0' && (pass)[0] != '*' && (pass)[0] != '!')
25757faf029c369a8318349dafe952e2358df1d8Timo Sirainen
1e21e6be70994b1aa9e52ca0e2f51afefca6d0dfTimo Sirainenstruct auth_request;
1e21e6be70994b1aa9e52ca0e2f51afefca6d0dfTimo Sirainen
25757faf029c369a8318349dafe952e2358df1d8Timo Sirainenenum passdb_result {
86bea1f8bffc2d98196f8655eecea9174c4f458aTimo Sirainen PASSDB_RESULT_INTERNAL_FAILURE = -1,
86bea1f8bffc2d98196f8655eecea9174c4f458aTimo Sirainen PASSDB_RESULT_SCHEME_NOT_AVAILABLE = -2,
86bea1f8bffc2d98196f8655eecea9174c4f458aTimo Sirainen
86bea1f8bffc2d98196f8655eecea9174c4f458aTimo Sirainen PASSDB_RESULT_USER_UNKNOWN = -3,
86bea1f8bffc2d98196f8655eecea9174c4f458aTimo Sirainen PASSDB_RESULT_USER_DISABLED = -4,
86bea1f8bffc2d98196f8655eecea9174c4f458aTimo Sirainen PASSDB_RESULT_PASS_EXPIRED = -5,
25757faf029c369a8318349dafe952e2358df1d8Timo Sirainen
25757faf029c369a8318349dafe952e2358df1d8Timo Sirainen PASSDB_RESULT_PASSWORD_MISMATCH = 0,
b82474d60c15409eda71c55971710fd3b12b8a0fTimo Sirainen PASSDB_RESULT_OK = 1
25757faf029c369a8318349dafe952e2358df1d8Timo Sirainen};
25757faf029c369a8318349dafe952e2358df1d8Timo Sirainen
7d6389e4053c2dac1fb37180b5756b00785983dcTimo Sirainentypedef void verify_plain_callback_t(enum passdb_result result,
7d6389e4053c2dac1fb37180b5756b00785983dcTimo Sirainen struct auth_request *request);
f968e62caa52a8924bd05ebf76ff515b5c18e17bTimo Sirainentypedef void lookup_credentials_callback_t(enum passdb_result result,
b44650b0f48a4b5f0dc240ed836833a00b643b9fTimo Sirainen const unsigned char *credentials,
b44650b0f48a4b5f0dc240ed836833a00b643b9fTimo Sirainen size_t size,
7d6389e4053c2dac1fb37180b5756b00785983dcTimo Sirainen struct auth_request *request);
484e12acec34f16e5a8adc001e23ae48f1dda8c7Timo Sirainentypedef void set_credentials_callback_t(bool success,
35136dd2baf8dc30e4e754294ed81ff48e8c1e64Timo Sirainen struct auth_request *request);
22535a9e685e29214082878e37a267157044618eTimo Sirainen
b321df9603081896b70ec44635af96d674a9839aTimo Sirainenstruct passdb_module_interface {
b321df9603081896b70ec44635af96d674a9839aTimo Sirainen const char *name;
b321df9603081896b70ec44635af96d674a9839aTimo Sirainen
b321df9603081896b70ec44635af96d674a9839aTimo Sirainen struct passdb_module *
b321df9603081896b70ec44635af96d674a9839aTimo Sirainen (*preinit)(struct auth_passdb *auth_passdb, const char *args);
b321df9603081896b70ec44635af96d674a9839aTimo Sirainen void (*init)(struct passdb_module *module, const char *args);
b321df9603081896b70ec44635af96d674a9839aTimo Sirainen void (*deinit)(struct passdb_module *module);
25757faf029c369a8318349dafe952e2358df1d8Timo Sirainen
25757faf029c369a8318349dafe952e2358df1d8Timo Sirainen /* Check if plaintext password matches */
7d6389e4053c2dac1fb37180b5756b00785983dcTimo Sirainen void (*verify_plain)(struct auth_request *request, const char *password,
7d6389e4053c2dac1fb37180b5756b00785983dcTimo Sirainen verify_plain_callback_t *callback);
25757faf029c369a8318349dafe952e2358df1d8Timo Sirainen
a3dd97fb6d92a89c3de0597fed2d4b044c7aeb84Timo Sirainen /* Return authentication credentials, set in
a3dd97fb6d92a89c3de0597fed2d4b044c7aeb84Timo Sirainen auth_request->credentials. */
7d6389e4053c2dac1fb37180b5756b00785983dcTimo Sirainen void (*lookup_credentials)(struct auth_request *request,
7d6389e4053c2dac1fb37180b5756b00785983dcTimo Sirainen lookup_credentials_callback_t *callback);
35136dd2baf8dc30e4e754294ed81ff48e8c1e64Timo Sirainen
35136dd2baf8dc30e4e754294ed81ff48e8c1e64Timo Sirainen /* Update credentials */
35136dd2baf8dc30e4e754294ed81ff48e8c1e64Timo Sirainen int (*set_credentials)(struct auth_request *request,
35136dd2baf8dc30e4e754294ed81ff48e8c1e64Timo Sirainen const char *new_credentials,
35136dd2baf8dc30e4e754294ed81ff48e8c1e64Timo Sirainen set_credentials_callback_t *callback);
25757faf029c369a8318349dafe952e2358df1d8Timo Sirainen};
25757faf029c369a8318349dafe952e2358df1d8Timo Sirainen
25ee72451d16374ed27fdbf829f4ec756c778352Timo Sirainenstruct passdb_module {
25ee72451d16374ed27fdbf829f4ec756c778352Timo Sirainen /* The caching key for this module, or NULL if caching isn't wanted. */
25ee72451d16374ed27fdbf829f4ec756c778352Timo Sirainen const char *cache_key;
25ee72451d16374ed27fdbf829f4ec756c778352Timo Sirainen /* Default password scheme for this module.
25ee72451d16374ed27fdbf829f4ec756c778352Timo Sirainen If cache_key is set, must not be NULL. */
25ee72451d16374ed27fdbf829f4ec756c778352Timo Sirainen const char *default_pass_scheme;
25ee72451d16374ed27fdbf829f4ec756c778352Timo Sirainen /* If blocking is set to TRUE, use child processes to access
25ee72451d16374ed27fdbf829f4ec756c778352Timo Sirainen this passdb. */
6ef7e31619edfaa17ed044b45861d106a86191efTimo Sirainen bool blocking;
25ee72451d16374ed27fdbf829f4ec756c778352Timo Sirainen
25ee72451d16374ed27fdbf829f4ec756c778352Timo Sirainen struct passdb_module_interface iface;
25ee72451d16374ed27fdbf829f4ec756c778352Timo Sirainen};
25ee72451d16374ed27fdbf829f4ec756c778352Timo Sirainen
b44650b0f48a4b5f0dc240ed836833a00b643b9fTimo Sirainen/* Try to get credentials in wanted scheme (request->credentials_scheme) from
b44650b0f48a4b5f0dc240ed836833a00b643b9fTimo Sirainen given input. Returns FALSE if this wasn't possible (unknown scheme,
b44650b0f48a4b5f0dc240ed836833a00b643b9fTimo Sirainen conversion not possible or invalid credentials).
b44650b0f48a4b5f0dc240ed836833a00b643b9fTimo Sirainen
b44650b0f48a4b5f0dc240ed836833a00b643b9fTimo Sirainen If wanted scheme is "", the credentials are returned as-is without any
b44650b0f48a4b5f0dc240ed836833a00b643b9fTimo Sirainen checks. This is useful mostly just to see if there exist any credentials
b44650b0f48a4b5f0dc240ed836833a00b643b9fTimo Sirainen at all. */
b44650b0f48a4b5f0dc240ed836833a00b643b9fTimo Sirainenbool passdb_get_credentials(struct auth_request *auth_request,
b44650b0f48a4b5f0dc240ed836833a00b643b9fTimo Sirainen const char *input, const char *input_scheme,
b44650b0f48a4b5f0dc240ed836833a00b643b9fTimo Sirainen const unsigned char **credentials_r,
b44650b0f48a4b5f0dc240ed836833a00b643b9fTimo Sirainen size_t *size_r);
a3dd97fb6d92a89c3de0597fed2d4b044c7aeb84Timo Sirainen
f968e62caa52a8924bd05ebf76ff515b5c18e17bTimo Sirainenvoid passdb_handle_credentials(enum passdb_result result,
dc9bfb7dc057964238e181d3d8b08751527bb08aTimo Sirainen const char *password, const char *scheme,
473080c7c0d25ddfdf77e7dfa0ba8f73c6c669d5Timo Sirainen lookup_credentials_callback_t *callback,
f968e62caa52a8924bd05ebf76ff515b5c18e17bTimo Sirainen struct auth_request *auth_request);
25757faf029c369a8318349dafe952e2358df1d8Timo Sirainen
157bce86d0a01477bb8ebd0d380e6b2297f326f7Timo Sirainenstruct auth_passdb *passdb_preinit(struct auth *auth, const char *driver,
8eb94c5190ba09bb6f6f068eec7bf96750f08d1dTimo Sirainen const char *args, unsigned int id);
e9503210d3521a6833ed62dc332fc42ffb0e7a13Timo Sirainenvoid passdb_init(struct auth_passdb *passdb);
e9503210d3521a6833ed62dc332fc42ffb0e7a13Timo Sirainenvoid passdb_deinit(struct auth_passdb *passdb);
25757faf029c369a8318349dafe952e2358df1d8Timo Sirainen
43a66a0b16299bd4f7615acd85e98bd3832c54d5Timo Sirainenvoid passdb_register_module(struct passdb_module_interface *iface);
43a66a0b16299bd4f7615acd85e98bd3832c54d5Timo Sirainenvoid passdb_unregister_module(struct passdb_module_interface *iface);
43a66a0b16299bd4f7615acd85e98bd3832c54d5Timo Sirainen
43a66a0b16299bd4f7615acd85e98bd3832c54d5Timo Sirainenvoid passdbs_init(void);
43a66a0b16299bd4f7615acd85e98bd3832c54d5Timo Sirainenvoid passdbs_deinit(void);
43a66a0b16299bd4f7615acd85e98bd3832c54d5Timo Sirainen
1e21e6be70994b1aa9e52ca0e2f51afefca6d0dfTimo Sirainen#include "auth-request.h"
1e21e6be70994b1aa9e52ca0e2f51afefca6d0dfTimo Sirainen
25757faf029c369a8318349dafe952e2358df1d8Timo Sirainen#endif