lib/passwdutil/passwdutil.h

2N/A/*
2N/A * CDDL HEADER START
2N/A *
2N/A * The contents of this file are subject to the terms of the
2N/A * Common Development and Distribution License (the "License").
2N/A * You may not use this file except in compliance with the License.
2N/A *
2N/A * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
2N/A * or http://www.opensolaris.org/os/licensing.
2N/A * See the License for the specific language governing permissions
2N/A * and limitations under the License.
2N/A *
2N/A * When distributing Covered Code, include this CDDL HEADER in each
2N/A * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
2N/A * If applicable, add the following below this CDDL HEADER, with the
2N/A * fields enclosed by brackets "[]" replaced with your own identifying
2N/A * information: Portions Copyright [yyyy] [name of copyright owner]
2N/A *
2N/A * CDDL HEADER END
2N/A */
2N/A/*
2N/A * Copyright (c) 2001, 2012, Oracle and/or its affiliates. All rights reserved.
2N/A */
2N/A
2N/A#ifndef _PASSWDUTIL_H
2N/A#define _PASSWDUTIL_H
2N/A
2N/A#ifdef __cplusplus
2N/Aextern "C" {
2N/A#endif
2N/A
2N/A#include <sys/types.h>
2N/A#include <shadow.h>
2N/A#include <crypt.h>      /* CRYPT_MAXCIPHERTEXTLEN max crypt length */
2N/A
2N/Atypedef enum {
2N/A    /* from plain passwd */
2N/A    ATTR_NAME   = 0x1,
2N/A    ATTR_PASSWD = 0x2,
2N/A    ATTR_UID    = 0x4,
2N/A    ATTR_GID    = 0x8,
2N/A    ATTR_AGE    = 0x10,
2N/A    ATTR_COMMENT    = 0x20,
2N/A    ATTR_GECOS  = 0x40,
2N/A    ATTR_HOMEDIR    = 0x80,
2N/A    ATTR_SHELL  = 0x100,
2N/A    /* from shadow */
2N/A    ATTR_LSTCHG = 0x200,
2N/A    ATTR_MIN    = 0x400,
2N/A    ATTR_MAX    = 0x800,
2N/A    ATTR_WARN   = 0x1000,
2N/A    ATTR_INACT  = 0x2000,
2N/A    ATTR_EXPIRE = 0x4000,
2N/A    ATTR_FLAG   = 0x8000,
2N/A    /* special operations */
2N/A    ATTR_LOCK_ACCOUNT   = 0x10000,  /* Manual lock passwd -l */
2N/A    ATTR_EXPIRE_PASSWORD    = 0x20000,
2N/A    ATTR_NOLOGIN_ACCOUNT    = 0x40000,
2N/A    ATTR_UNLOCK_ACCOUNT = 0x80000,
2N/A    /* Query operations */
2N/A    /* to obtain repository name that contained the info */
2N/A    ATTR_REP_NAME       = 0x100000,
2N/A    /* special attribute */
2N/A    /* to set password following server policy */
2N/A    ATTR_PASSWD_SERVER_POLICY   = 0x200000,
2N/A    /* get history entry from supporting repositories */
2N/A    ATTR_HISTORY    = 0x400000,
2N/A    /* Failed login bookkeeping */
2N/A    ATTR_FAILED_LOGINS  = 0x800000, /* get # of failed logins */
2N/A    ATTR_INCR_FAILED_LOGINS = 0x1000000,    /* increment + lock if needed */
2N/A    ATTR_RST_FAILED_LOGINS  = 0x2000000,    /* reset failed logins */
2N/A    ATTR_LOCK_FAILED_LOGINS = 0x4000000 /* Lock due to failed logins */
2N/A
2N/A} attrtype;
2N/A
2N/Atypedef struct attrlist_s {
2N/A    attrtype type;
2N/A    union {
2N/A        char *val_s;
2N/A        int val_i;
2N/A    } data;
2N/A    struct attrlist_s *next;
2N/A} attrlist;
2N/A
2N/Atypedef struct {
2N/A    char   *type;
2N/A    void   *scope;
2N/A    size_t  scope_len;
2N/A} pwu_repository_t;
2N/A
2N/A#define PWU_DEFAULT_REP (pwu_repository_t *)NULL
2N/A
2N/A#define REP_NOREP   0       /* Can't find suitable repository */
2N/A#define REP_FILES   0x0001      /* /etc/passwd, /etc/shadow */
2N/A#define REP_NIS     0x0002
2N/A#define REP_LDAP    0x0004
2N/A#define REP_NSS     0x0008
2N/A#define REP_LAST    REP_NSS
2N/A#define REP_ERANGE  0x8000      /* Unknown repository specified */
2N/A
2N/A#define REP_COMPAT_NIS      0x1000
2N/A#define REP_COMPAT_LDAP     0x2000
2N/A
2N/A/* For the time being, these are also defined in pam_*.h */
2N/A#undef  IS_FILES
2N/A#undef  IS_NIS
2N/A#undef  IS_LDAP
2N/A
2N/A#define IS_FILES(r) (r.type != NULL && strcmp(r.type, "files") == 0)
2N/A#define IS_NIS(r)   (r.type != NULL && strcmp(r.type, "nis") == 0)
2N/A#define IS_LDAP(r)  (r.type != NULL && strcmp(r.type, "ldap") == 0)
2N/A
2N/A#define MINWEEKS    -1
2N/A#define MAXWEEKS    -1
2N/A#define WARNWEEKS   -1
2N/A
2N/Atypedef struct repops {
2N/A    int (*checkhistory)(char *, char *, pwu_repository_t *);
2N/A    int (*getattr)(char *, attrlist *, pwu_repository_t *);
2N/A    int (*getpwnam)(char *, attrlist *, pwu_repository_t *, void **);
2N/A    int (*update)(attrlist *, pwu_repository_t *, void *);
2N/A    int (*putpwnam)(char *, char *, pwu_repository_t *, void *);
2N/A    int (*user_to_authenticate)(char *, pwu_repository_t *, char **, int *);
2N/A    int (*lock)(void);
2N/A    int (*unlock)(void);
2N/A} repops_t;
2N/A
2N/Aextern repops_t files_repops, nis_repops, ldap_repops, nss_repops;
2N/A
2N/Aextern repops_t *rops[];
2N/A
2N/A/*
2N/A * utils.c
2N/A */
2N/Avoid turn_on_default_aging(struct spwd *);
2N/Aint def_getint(char *name, int defvalue);
2N/A
2N/A/*
2N/A * debug.c
2N/A */
2N/Avoid debug_init(void);
2N/Avoid debug(char *, ...);
2N/A
2N/A/*
2N/A * switch_utils.c
2N/A */
2N/A#define PWU_READ    0 /* Read access to the repository */
2N/A#define PWU_WRITE   1 /* Write (update) access to the repository */
2N/A
2N/Aint get_ns(pwu_repository_t *, int);
2N/Astruct passwd *getpwnam_from(const char *, pwu_repository_t *, int);
2N/Astruct passwd *getpwuid_from(uid_t, pwu_repository_t *, int);
2N/Astruct spwd *getspnam_from(const char *, pwu_repository_t *, int);
2N/Aint name_to_int(char *);
2N/A
2N/A/*
2N/A * __set_authtok_attr.c
2N/A */
2N/Aint __set_authtoken_attr(char *, char *, pwu_repository_t *, attrlist *, int *);
2N/A/*
2N/A * __get_authtokenn_attr.c
2N/A */
2N/Aint __get_authtoken_attr(char *, pwu_repository_t *, attrlist *);
2N/A
2N/A/*
2N/A * __user_to_authenticate.c
2N/A */
2N/Aint __user_to_authenticate(char *, pwu_repository_t *, char **, int *);
2N/A
2N/A/*
2N/A *  Password history definitions
2N/A */
2N/A#define DEFHISTORY  0   /* default history depth */
2N/A#define MAXHISTORY  26  /* max depth of history 1 yr every 2 weeks */
2N/A
2N/A/*
2N/A * __check_history.c
2N/A */
2N/Aint __check_history(char *, char *, pwu_repository_t *);
2N/A
2N/Aint __incr_failed_count(char *, char *, int);
2N/Aint __rst_failed_count(char *, char *);
2N/A
2N/A/*
2N/A * Error / return codes
2N/A */
2N/A#define PWU_SUCCESS      0  /* update succeeded */
2N/A#define PWU_BUSY        -1  /* Password database busy */
2N/A#define PWU_STAT_FAILED     -2  /* stat of password file failed */
2N/A#define PWU_OPEN_FAILED     -3  /* password file open failed */
2N/A#define PWU_WRITE_FAILED    -4  /* can't write to password file */
2N/A#define PWU_CLOSE_FAILED    -5  /* close returned error */
2N/A#define PWU_NOT_FOUND       -6  /* user not found in database */
2N/A#define PWU_UPDATE_FAILED   -7  /* couldn't update password file */
2N/A#define PWU_NOMEM       -8  /* Not enough memory */
2N/A#define PWU_SERVER_ERROR    -9  /* NIS server errors */
2N/A#define PWU_SYSTEM_ERROR    -10 /* NIS local configuration problem */
2N/A#define PWU_DENIED      -11 /* NIS update denied */
2N/A#define PWU_NO_CHANGE       -12 /* Data hasn't changed */
2N/A#define PWU_REPOSITORY_ERROR    -13 /* Unknown repository specified */
2N/A#define PWU_AGING_DISABLED  -14 /* Modifying min/warn while max==-1 */
2N/A
2N/A/* More errors */
2N/A
2N/A#define PWU_PWD_TOO_SHORT   -15 /* new passwd too short */
2N/A#define PWU_PWD_INVALID     -16 /* new passwd has invalid syntax */
2N/A#define PWU_PWD_IN_HISTORY  -17 /* new passwd in history list */
2N/A#define PWU_CHANGE_NOT_ALLOWED  -18 /* change not allowed */
2N/A#define PWU_WITHIN_MIN_AGE  -19 /* change not allowed, within min age */
2N/A#define PWU_ACCOUNT_LOCKED  -20 /* account successfully locked */
2N/A
2N/A#ifdef __cplusplus
2N/A}
2N/A#endif
2N/A
2N/A#endif  /* _PASSWDUTIL_H */