src/lib-auth/auth-master.h

	auth-master.h revision a43145989f87ec68754e21234e7b6d892c4a4421
8900b9eb2514c07047541833286428572493a9fdStéphane Graber#ifndef AUTH_MASTER_H
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi#define AUTH_MASTER_H
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi#include "network.h"
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumienum auth_master_flags {
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    /* Enable logging debug information */
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    AUTH_MASTER_FLAG_DEBUG          = 0x01,
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    /* Don't disconnect from auth socket when idling */
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    AUTH_MASTER_FLAG_NO_IDLE_TIMEOUT    = 0x02
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi};
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumistruct auth_user_info {
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    const char *service;
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    struct ip_addr local_ip, remote_ip;
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    unsigned int local_port, remote_port;
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi};
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumistruct auth_user_reply {
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    uid_t uid;
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    gid_t gid;
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    const char *home, *chroot;
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi    ARRAY_TYPE(const_string) extra_fields;
8900b9eb2514c07047541833286428572493a9fdStéphane Graber};
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumistruct auth_master_connection *
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumiauth_master_init(const char *auth_socket_path, enum auth_master_flags flags);
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumivoid auth_master_deinit(struct auth_master_connection **conn);
faefa7f8584a7d1567df2e6f1f9240a28a6466abStéphane Graber
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi/* Do a USER lookup. Returns -1 = error, 0 = user not found, 1 = ok.
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi   When returning -1 and fields[0] isn't NULL, it contains an error message
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi   that should be shown to user. */
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumiint auth_master_user_lookup(struct auth_master_connection *conn,
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi                const char *user, const struct auth_user_info *info,
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi                pool_t pool, const char **username_r,
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi                const char *const **fields_r);
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi/* Do a PASS lookup (the actual password isn't returned). */
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumiint auth_master_pass_lookup(struct auth_master_connection *conn,
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi                const char *user, const struct auth_user_info *info,
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi                pool_t pool, const char *const **fields_r);
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi/* Flush authentication cache for everyone (users=NULL) or only for specified
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi   users. Returns number of users flushed from cache. */
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumiint auth_master_cache_flush(struct auth_master_connection *conn,
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi                const char *const *users, unsigned int *count_r);
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi/* Parse userdb extra fields into auth_user_reply structure. */
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumivoid auth_user_fields_parse(const char *const *fields, pool_t pool,
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi                struct auth_user_reply *reply_r);
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi/* Iterate through all users. If user_mask is non-NULL, it contains a string
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi   with wildcards ('*', '?') that the auth server MAY use to limit what users
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi   are returned (but it may as well return all users anyway). */
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumistruct auth_master_user_list_ctx *
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumiauth_master_user_list_init(struct auth_master_connection *conn,
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi               const char *user_mask,
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi               const struct auth_user_info *info);
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumiconst char *auth_master_user_list_next(struct auth_master_user_list_ctx *ctx);
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumiunsigned int auth_master_user_list_count(struct auth_master_user_list_ctx *ctx);
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi/* Returns -1 if anything failed, 0 if ok */
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumiint auth_master_user_list_deinit(struct auth_master_user_list_ctx **ctx);
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi#endif
57da8c32f85c0255efa61ee32e260068afdaa565KATOH Yasufumi