New upstream version 1.0.1

author: Steve Langasek <steve.langasek@ubuntu.com> 2019-01-03 16:26:05 -0800
committer: Steve Langasek <steve.langasek@ubuntu.com> 2019-01-03 17:26:38 -0800
commit: 9c52e721044e7501c3d4567b36d222dc7326224a (patch)
tree: 9011790770130c60a712a6f125ad50d60e07cc74 /modules/pam_unix/support.h
parent: 9727ff2a3fa0e94a42b34a579027bacf4146d571 (diff)
parent: 186ff16e8d12ff15d518000c17f115ccab5275a4 (diff)
download: pam-9c52e721044e7501c3d4567b36d222dc7326224a.tar.gz
pam-9c52e721044e7501c3d4567b36d222dc7326224a.tar.bz2
pam-9c52e721044e7501c3d4567b36d222dc7326224a.zip
1 files changed, 162 insertions, 0 deletions
diff --git a/modules/pam_unix/support.h b/modules/pam_unix/support.h
new file mode 100644
index 00000000..3ccdc5c7
--- /dev/null
+++ b/modules/pam_unix/support.h
@@ -0,0 +1,162 @@
+/*
+ * $Id: support.h,v 1.14 2008/01/23 15:35:13 t8m Exp $
+ */
+
+#ifndef _PAM_UNIX_SUPPORT_H
+#define _PAM_UNIX_SUPPORT_H
+
+#include <pwd.h>
+
+/*
+ * here is the string to inform the user that the new passwords they
+ * typed were not the same.
+ */
+
+#define MISTYPED_PASS "Sorry, passwords do not match"
+
+/* type definition for the control options */
+
+typedef struct {
+	const char *token;
+	unsigned int mask;	/* shall assume 32 bits of flags */
+	unsigned int flag;
+} UNIX_Ctrls;
+
+/*
+ * macro to determine if a given flag is on
+ */
+
+#define on(x,ctrl)  (unix_args[x].flag & ctrl)
+
+/*
+ * macro to determine that a given flag is NOT on
+ */
+
+#define off(x,ctrl) (!on(x,ctrl))
+
+/*
+ * macro to turn on/off a ctrl flag manually
+ */
+
+#define set(x,ctrl)   (ctrl = ((ctrl)&unix_args[x].mask)|unix_args[x].flag)
+#define unset(x,ctrl) (ctrl &= ~(unix_args[x].flag))
+
+/* the generic mask */
+
+#define _ALL_ON_  (~0U)
+
+/* end of macro definitions definitions for the control flags */
+
+/* ****************************************************************** *
+ * ctrl flags proper..
+ */
+
+/*
+ * here are the various options recognized by the unix module. They
+ * are enumerated here and then defined below. Internal arguments are
+ * given NULL tokens.
+ */
+
+#define UNIX__OLD_PASSWD          0	/* internal */
+#define UNIX__VERIFY_PASSWD       1	/* internal */
+#define UNIX__IAMROOT             2	/* internal */
+
+#define UNIX_AUDIT                3	/* print more things than debug..
+					   some information may be sensitive */
+#define UNIX_USE_FIRST_PASS       4
+#define UNIX_TRY_FIRST_PASS       5
+#define UNIX_NOT_SET_PASS         6	/* don't set the AUTHTOK items */
+
+#define UNIX__PRELIM              7	/* internal */
+#define UNIX__UPDATE              8	/* internal */
+#define UNIX__NONULL              9	/* internal */
+#define UNIX__QUIET              10	/* internal */
+#define UNIX_USE_AUTHTOK         11	/* insist on reading PAM_AUTHTOK */
+#define UNIX_SHADOW              12	/* signal shadow on */
+#define UNIX_MD5_PASS            13	/* force the use of MD5 passwords */
+#define UNIX__NULLOK             14	/* Null token ok */
+#define UNIX_DEBUG               15	/* send more info to syslog(3) */
+#define UNIX_NODELAY             16	/* admin does not want a fail-delay */
+#define UNIX_NIS                 17	/* wish to use NIS for pwd */
+#define UNIX_BIGCRYPT            18	/* use DEC-C2 crypt()^x function */
+#define UNIX_LIKE_AUTH           19	/* need to auth for setcred to work */
+#define UNIX_REMEMBER_PASSWD     20	/* Remember N previous passwords */
+#define UNIX_NOREAP              21     /* don't reap child process */
+#define UNIX_BROKEN_SHADOW       22     /* ignore errors reading password aging
+					 * information during acct management */
+#define UNIX_SHA256_PASS         23	/* new password hashes will use SHA256 */
+#define UNIX_SHA512_PASS         24	/* new password hashes will use SHA512 */
+#define UNIX_ALGO_ROUNDS         25	/* optional number of rounds for new 
+					   password hash algorithms */
+/* -------------- */
+#define UNIX_CTRLS_              26	/* number of ctrl arguments defined */
+
+
+static const UNIX_Ctrls unix_args[UNIX_CTRLS_] =
+{
+/* symbol                  token name          ctrl mask             ctrl     *
+ * ----------------------- ------------------- --------------------- -------- */
+
+/* UNIX__OLD_PASSWD */     {NULL,              _ALL_ON_,                  01},
+/* UNIX__VERIFY_PASSWD */  {NULL,              _ALL_ON_,                  02},
+/* UNIX__IAMROOT */        {NULL,              _ALL_ON_,                  04},
+/* UNIX_AUDIT */           {"audit",           _ALL_ON_,                 010},
+/* UNIX_USE_FIRST_PASS */  {"use_first_pass",  _ALL_ON_^(060),           020},
+/* UNIX_TRY_FIRST_PASS */  {"try_first_pass",  _ALL_ON_^(060),           040},
+/* UNIX_NOT_SET_PASS */    {"not_set_pass",    _ALL_ON_,                0100},
+/* UNIX__PRELIM */         {NULL,              _ALL_ON_^(0600),         0200},
+/* UNIX__UPDATE */         {NULL,              _ALL_ON_^(0600),         0400},
+/* UNIX__NONULL */         {NULL,              _ALL_ON_,               01000},
+/* UNIX__QUIET */          {NULL,              _ALL_ON_,               02000},
+/* UNIX_USE_AUTHTOK */     {"use_authtok",     _ALL_ON_,               04000},
+/* UNIX_SHADOW */          {"shadow",          _ALL_ON_,              010000},
+/* UNIX_MD5_PASS */        {"md5",             _ALL_ON_^(0400000),    020000},
+/* UNIX__NULLOK */         {"nullok",          _ALL_ON_^(01000),           0},
+/* UNIX_DEBUG */           {"debug",           _ALL_ON_,              040000},
+/* UNIX_NODELAY */         {"nodelay",         _ALL_ON_,             0100000},
+/* UNIX_NIS */             {"nis",             _ALL_ON_,             0200000},
+/* UNIX_BIGCRYPT */        {"bigcrypt",        _ALL_ON_^(020000),    0400000},
+/* UNIX_LIKE_AUTH */       {"likeauth",        _ALL_ON_,            01000000},
+/* UNIX_REMEMBER_PASSWD */ {"remember=",       _ALL_ON_,            02000000},
+/* UNIX_NOREAP */          {"noreap",          _ALL_ON_,            04000000},
+/* UNIX_BROKEN_SHADOW */   {"broken_shadow",   _ALL_ON_,           010000000},
+/* UNIX_SHA256_PASS */     {"sha256",        _ALL_ON_^(040420000), 020000000},
+/* UNIX_SHA512_PASS */     {"sha512",        _ALL_ON_^(020420000), 040000000},
+/* UNIX_ALGO_ROUNDS */     {"rounds=",         _ALL_ON_,          0100000000},
+};
+
+#define UNIX_DEFAULTS  (unix_args[UNIX__NONULL].flag)
+
+
+/* use this to free strings. ESPECIALLY password strings */
+
+#define _pam_delete(xx)		\
+{				\
+	_pam_overwrite(xx);	\
+	_pam_drop(xx);		\
+}
+
+extern int _make_remark(pam_handle_t * pamh, unsigned int ctrl
+		       ,int type, const char *text);
+extern int _set_ctrl(pam_handle_t * pamh, int flags, int *remember, int *rounds,
+		     int argc, const char **argv);
+extern int _unix_getpwnam (pam_handle_t *pamh,
+			   const char *name, int files, int nis,
+			   struct passwd **ret);
+extern int _unix_comesfromsource (pam_handle_t *pamh,
+				  const char *name, int files, int nis);
+extern int _unix_blankpasswd(pam_handle_t *pamh,unsigned int ctrl,
+			     const char *name);
+extern int _unix_verify_password(pam_handle_t * pamh, const char *name
+			  ,const char *p, unsigned int ctrl);
+extern int _unix_read_password(pam_handle_t * pamh
+			,unsigned int ctrl
+			,const char *comment
+			,const char *prompt1
+			,const char *prompt2
+			,const char *data_name
+			,const void **pass);
+
+extern int _unix_run_verify_binary(pam_handle_t *pamh,
+			unsigned int ctrl, const char *user, int *daysleft);
+#endif /* _PAM_UNIX_SUPPORT_H */
author	Steve Langasek <steve.langasek@ubuntu.com>	2019-01-03 16:26:05 -0800
committer	Steve Langasek <steve.langasek@ubuntu.com>	2019-01-03 17:26:38 -0800
commit	9c52e721044e7501c3d4567b36d222dc7326224a (patch)
tree	9011790770130c60a712a6f125ad50d60e07cc74 /modules/pam_unix/support.h
parent	9727ff2a3fa0e94a42b34a579027bacf4146d571 (diff)
parent	186ff16e8d12ff15d518000c17f115ccab5275a4 (diff)
download	pam-9c52e721044e7501c3d4567b36d222dc7326224a.tar.gz pam-9c52e721044e7501c3d4567b36d222dc7326224a.tar.bz2 pam-9c52e721044e7501c3d4567b36d222dc7326224a.zip