191094Sdes/*-
2115619Sdes * Copyright (c) 2002-2003 Networks Associates Technology, Inc.
3348980Sdes * Copyright (c) 2004-2017 Dag-Erling Sm��rgrav
491094Sdes * All rights reserved.
591094Sdes *
691094Sdes * This software was developed for the FreeBSD Project by ThinkSec AS and
799158Sdes * Network Associates Laboratories, the Security Research Division of
899158Sdes * Network Associates, Inc.  under DARPA/SPAWAR contract N66001-01-C-8035
999158Sdes * ("CBOSS"), as part of the DARPA CHATS research program.
1091094Sdes *
1191094Sdes * Redistribution and use in source and binary forms, with or without
1291094Sdes * modification, are permitted provided that the following conditions
1391094Sdes * are met:
1491094Sdes * 1. Redistributions of source code must retain the above copyright
1591094Sdes *    notice, this list of conditions and the following disclaimer.
1691094Sdes * 2. Redistributions in binary form must reproduce the above copyright
1791094Sdes *    notice, this list of conditions and the following disclaimer in the
1891094Sdes *    documentation and/or other materials provided with the distribution.
1991094Sdes * 3. The name of the author may not be used to endorse or promote
2091094Sdes *    products derived from this software without specific prior written
2191094Sdes *    permission.
2291094Sdes *
2391094Sdes * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
2491094Sdes * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
2591094Sdes * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
2691094Sdes * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
2791094Sdes * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
2891094Sdes * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
2991094Sdes * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
3091094Sdes * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
3191094Sdes * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
3291094Sdes * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
3391094Sdes * SUCH DAMAGE.
3491094Sdes *
35348980Sdes * $OpenPAM: pam_appl.h 938 2017-04-30 21:34:42Z des $
3691094Sdes */
3791094Sdes
38174832Sdes#ifndef SECURITY_PAM_APPL_H_INCLUDED
39174832Sdes#define SECURITY_PAM_APPL_H_INCLUDED
4091094Sdes
4191094Sdes#include <security/pam_types.h>
4291094Sdes#include <security/pam_constants.h>
43174832Sdes#include <security/openpam_attr.h>
4491094Sdes
4591094Sdes#ifdef __cplusplus
4691094Sdesextern "C" {
4791094Sdes#endif
4891094Sdes
4991094Sdes/*
5091094Sdes * XSSO 4.2.1, 6
5191094Sdes */
5291094Sdes
5391094Sdesint
5491094Sdespam_acct_mgmt(pam_handle_t *_pamh,
55174832Sdes	int _flags)
56174832Sdes	OPENPAM_NONNULL((1));
5791094Sdes
5891094Sdesint
5991094Sdespam_authenticate(pam_handle_t *_pamh,
60174832Sdes	int _flags)
61174832Sdes	OPENPAM_NONNULL((1));
6291094Sdes
6391094Sdesint
6491094Sdespam_chauthtok(pam_handle_t *_pamh,
65174832Sdes	int _flags)
66174832Sdes	OPENPAM_NONNULL((1));
6791094Sdes
6891094Sdesint
6991094Sdespam_close_session(pam_handle_t *_pamh,
70174832Sdes	int _flags)
71174832Sdes	OPENPAM_NONNULL((1));
7291094Sdes
7391094Sdesint
7491094Sdespam_end(pam_handle_t *_pamh,
75205441Sdes	int _status);
7691094Sdes
7791094Sdesint
78174832Sdespam_get_data(const pam_handle_t *_pamh,
7991094Sdes	const char *_module_data_name,
80174832Sdes	const void **_data)
81174832Sdes	OPENPAM_NONNULL((1,2,3));
8291094Sdes
8391094Sdesint
84174832Sdespam_get_item(const pam_handle_t *_pamh,
8591094Sdes	int _item_type,
86174832Sdes	const void **_item)
87174832Sdes	OPENPAM_NONNULL((1,3));
8891094Sdes
8991094Sdesint
9091094Sdespam_get_user(pam_handle_t *_pamh,
9191094Sdes	const char **_user,
92174832Sdes	const char *_prompt)
93174832Sdes	OPENPAM_NONNULL((1,2));
9491094Sdes
95114536Sdesconst char *
9691094Sdespam_getenv(pam_handle_t *_pamh,
97174832Sdes	const char *_name)
98174832Sdes	OPENPAM_NONNULL((1,2));
9991094Sdes
10091094Sdeschar **
101174832Sdespam_getenvlist(pam_handle_t *_pamh)
102174832Sdes	OPENPAM_NONNULL((1));
10391094Sdes
10491094Sdesint
10591094Sdespam_open_session(pam_handle_t *_pamh,
106174832Sdes	int _flags)
107174832Sdes	OPENPAM_NONNULL((1));
10891094Sdes
10991094Sdesint
11091094Sdespam_putenv(pam_handle_t *_pamh,
111174832Sdes	const char *_namevalue)
112174832Sdes	OPENPAM_NONNULL((1,2));
11391094Sdes
11491094Sdesint
11591094Sdespam_set_data(pam_handle_t *_pamh,
11691094Sdes	const char *_module_data_name,
11791094Sdes	void *_data,
11891094Sdes	void (*_cleanup)(pam_handle_t *_pamh,
11991094Sdes		void *_data,
120174832Sdes		int _pam_end_status))
121174832Sdes	OPENPAM_NONNULL((1,2));
12291094Sdes
12391094Sdesint
12491094Sdespam_set_item(pam_handle_t *_pamh,
12591094Sdes	int _item_type,
126174832Sdes	const void *_item)
127174832Sdes	OPENPAM_NONNULL((1));
12891094Sdes
12991094Sdesint
13091094Sdespam_setcred(pam_handle_t *_pamh,
131174832Sdes	int _flags)
132174832Sdes	OPENPAM_NONNULL((1));
13391094Sdes
13491094Sdesint
13591094Sdespam_start(const char *_service,
13691094Sdes	const char *_user,
13791094Sdes	const struct pam_conv *_pam_conv,
138174832Sdes	pam_handle_t **_pamh)
139174832Sdes	OPENPAM_NONNULL((4));
14091094Sdes
14191094Sdesconst char *
142174832Sdespam_strerror(const pam_handle_t *_pamh,
14391094Sdes	int _error_number);
14491094Sdes
14591094Sdes/*
14691094Sdes * Single Sign-On extensions
14791094Sdes */
14891094Sdes#if 0
14991094Sdesint
15091094Sdespam_authenticate_secondary(pam_handle_t *_pamh,
15191094Sdes	char *_target_username,
15291094Sdes	char *_target_module_type,
15391094Sdes	char *_target_authn_domain,
15491094Sdes	char *_target_supp_data,
15591094Sdes	char *_target_module_authtok,
15691094Sdes	int _flags);
15791094Sdes
15891094Sdesint
15991094Sdespam_get_mapped_authtok(pam_handle_t *_pamh,
16091094Sdes	const char *_target_module_username,
16191094Sdes	const char *_target_module_type,
16291094Sdes	const char *_target_authn_domain,
16391094Sdes	size_t *_target_authtok_len,
16491094Sdes	unsigned char **_target_module_authtok);
16591094Sdes
16691094Sdesint
16791094Sdespam_get_mapped_username(pam_handle_t *_pamh,
16891094Sdes	const char *_src_username,
16991094Sdes	const char *_src_module_type,
17091094Sdes	const char *_src_authn_domain,
17191094Sdes	const char *_target_module_type,
17291094Sdes	const char *_target_authn_domain,
17391094Sdes	char **_target_module_username);
17491094Sdes
17591094Sdesint
17691094Sdespam_set_mapped_authtok(pam_handle_t *_pamh,
17791094Sdes	const char *_target_module_username,
17891094Sdes	size_t _target_authtok_len,
17991094Sdes	unsigned char *_target_module_authtok,
18091094Sdes	const char *_target_module_type,
18191094Sdes	const char *_target_authn_domain);
18291094Sdes
18391094Sdesint
18491094Sdespam_set_mapped_username(pam_handle_t *_pamh,
18591094Sdes	char *_src_username,
18691094Sdes	char *_src_module_type,
18791094Sdes	char *_src_authn_domain,
18891094Sdes	char *_target_module_username,
18991094Sdes	char *_target_module_type,
19091094Sdes	char *_target_authn_domain);
19191094Sdes#endif /* 0 */
19291094Sdes
19391094Sdes#ifdef __cplusplus
19491094Sdes}
19591094Sdes#endif
19691094Sdes
197174832Sdes#endif /* !SECURITY_PAM_APPL_H_INCLUDED */
198