PK���������yFZif�L��������
���_pam_macros.hnu���[������������#ifndef PAM_MACROS_H
#define PAM_MACROS_H
/*
* All kind of macros used by PAM, but usable in some other
* programs too.
* Organized by Cristian Gafton <gafton@redhat.com>
*/
/* a 'safe' version of strdup */
#include <stdlib.h>
#include <string.h>
#define x_strdup(s) ( (s) ? strdup(s):NULL )
/* Good policy to strike out passwords with some characters not just
free the memory */
#define _pam_overwrite(x) \
do { \
register char *__xx__; \
if ((__xx__=(x))) \
while (*__xx__) \
*__xx__++ = '\0'; \
} while (0)
#define _pam_overwrite_n(x,n) \
do { \
register char *__xx__; \
register unsigned int __i__ = 0; \
if ((__xx__=(x))) \
for (;__i__<n; __i__++) \
__xx__[__i__] = 0; \
} while (0)
/*
* Don't just free it, forget it too.
*/
#define _pam_drop(X) \
do { \
if (X) { \
free(X); \
X=NULL; \
} \
} while (0)
#define _pam_drop_reply(/* struct pam_response * */ reply, /* int */ replies) \
do { \
int reply_i; \
\
for (reply_i=0; reply_i<replies; ++reply_i) { \
if (reply[reply_i].resp) { \
_pam_overwrite(reply[reply_i].resp); \
free(reply[reply_i].resp); \
} \
} \
if (reply) \
free(reply); \
} while (0)
/* some debugging code */
#ifdef PAM_DEBUG
/*
* This provides the necessary function to do debugging in PAM.
* Cristian Gafton <gafton@redhat.com>
*/
#include <stdio.h>
#include <sys/types.h>
#include <stdarg.h>
#include <errno.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <unistd.h>
/*
* This is for debugging purposes ONLY. DO NOT use on live systems !!!
* You have been warned :-) - CG
*
* to get automated debugging to the log file, it must be created manually.
* _PAM_LOGFILE must exist and be writable to the programs you debug.
*/
#ifndef _PAM_LOGFILE
#define _PAM_LOGFILE "/var/run/pam-debug.log"
#endif
static void _pam_output_debug_info(const char *file, const char *fn
, const int line)
{
FILE *logfile;
int must_close = 1, fd;
#ifdef O_NOFOLLOW
if ((fd = open(_PAM_LOGFILE, O_WRONLY|O_NOFOLLOW|O_APPEND)) != -1) {
#else
if ((fd = open(_PAM_LOGFILE, O_WRONLY|O_APPEND)) != -1) {
#endif
if (!(logfile = fdopen(fd,"a"))) {
logfile = stderr;
must_close = 0;
close(fd);
}
} else {
logfile = stderr;
must_close = 0;
}
fprintf(logfile,"[%s:%s(%d)] ",file, fn, line);
fflush(logfile);
if (must_close)
fclose(logfile);
}
static void _pam_output_debug(const char *format, ...)
{
va_list args;
FILE *logfile;
int must_close = 1, fd;
va_start(args, format);
#ifdef O_NOFOLLOW
if ((fd = open(_PAM_LOGFILE, O_WRONLY|O_NOFOLLOW|O_APPEND)) != -1) {
#else
if ((fd = open(_PAM_LOGFILE, O_WRONLY|O_APPEND)) != -1) {
#endif
if (!(logfile = fdopen(fd,"a"))) {
logfile = stderr;
must_close = 0;
close(fd);
}
} else {
logfile = stderr;
must_close = 0;
}
vfprintf(logfile, format, args);
fprintf(logfile, "\n");
fflush(logfile);
if (must_close)
fclose(logfile);
va_end(args);
}
#define D(x) do { \
_pam_output_debug_info(__FILE__, __FUNCTION__, __LINE__); \
_pam_output_debug x ; \
} while (0)
#define _pam_show_mem(X,XS) do { \
int i; \
register unsigned char *x; \
x = (unsigned char *)X; \
fprintf(stderr, " <start at %p>\n", X); \
for (i = 0; i < XS ; ++x, ++i) { \
fprintf(stderr, " %02X. <%p:%02X>\n", i, x, *x); \
} \
fprintf(stderr, " <end for %p after %d bytes>\n", X, XS); \
} while (0)
#define _pam_show_reply(/* struct pam_response * */reply, /* int */replies) \
do { \
int reply_i; \
setbuf(stderr, NULL); \
fprintf(stderr, "array at %p of size %d\n",reply,replies); \
fflush(stderr); \
if (reply) { \
for (reply_i = 0; reply_i < replies; reply_i++) { \
fprintf(stderr, " elem# %d at %p: resp = %p, retcode = %d\n", \
reply_i, reply+reply_i, reply[reply_i].resp, \
reply[reply_i].resp, _retcode); \
fflush(stderr); \
if (reply[reply_i].resp) { \
fprintf(stderr, " resp[%d] = '%s'\n", \
strlen(reply[reply_i].resp), reply[reply_i].resp); \
fflush(stderr); \
} \
} \
} \
fprintf(stderr, "done here\n"); \
fflush(stderr); \
} while (0)
#else
#define D(x) do { } while (0)
#define _pam_show_mem(X,XS) do { } while (0)
#define _pam_show_reply(reply, replies) do { } while (0)
#endif /* PAM_DEBUG */
#endif /* PAM_MACROS_H */
PK���������yFZ��ٺh2��h2������_pam_types.hnu���[������������/*
* <security/_pam_types.h>
*
* This file defines all of the types common to the Linux-PAM library
* applications and modules.
*
* Note, the copyright+license information is at end of file.
*/
#ifndef _SECURITY__PAM_TYPES_H
#define _SECURITY__PAM_TYPES_H
/* This is a blind structure; users aren't allowed to see inside a
* pam_handle_t, so we don't define struct pam_handle here. This is
* defined in a file private to the PAM library. (i.e., it's private
* to PAM service modules, too!) */
typedef struct pam_handle pam_handle_t;
/* ---------------- The Linux-PAM Version defines ----------------- */
/* Major and minor version number of the Linux-PAM package. Use
these macros to test for features in specific releases. */
#define __LINUX_PAM__ 1
#define __LINUX_PAM_MINOR__ 0
/* ----------------- The Linux-PAM return values ------------------ */
#define PAM_SUCCESS 0 /* Successful function return */
#define PAM_OPEN_ERR 1 /* dlopen() failure when dynamically */
/* loading a service module */
#define PAM_SYMBOL_ERR 2 /* Symbol not found */
#define PAM_SERVICE_ERR 3 /* Error in service module */
#define PAM_SYSTEM_ERR 4 /* System error */
#define PAM_BUF_ERR 5 /* Memory buffer error */
#define PAM_PERM_DENIED 6 /* Permission denied */
#define PAM_AUTH_ERR 7 /* Authentication failure */
#define PAM_CRED_INSUFFICIENT 8 /* Can not access authentication data */
/* due to insufficient credentials */
#define PAM_AUTHINFO_UNAVAIL 9 /* Underlying authentication service */
/* can not retrieve authentication */
/* information */
#define PAM_USER_UNKNOWN 10 /* User not known to the underlying */
/* authenticaiton module */
#define PAM_MAXTRIES 11 /* An authentication service has */
/* maintained a retry count which has */
/* been reached. No further retries */
/* should be attempted */
#define PAM_NEW_AUTHTOK_REQD 12 /* New authentication token required. */
/* This is normally returned if the */
/* machine security policies require */
/* that the password should be changed */
/* beccause the password is NULL or it */
/* has aged */
#define PAM_ACCT_EXPIRED 13 /* User account has expired */
#define PAM_SESSION_ERR 14 /* Can not make/remove an entry for */
/* the specified session */
#define PAM_CRED_UNAVAIL 15 /* Underlying authentication service */
/* can not retrieve user credentials */
/* unavailable */
#define PAM_CRED_EXPIRED 16 /* User credentials expired */
#define PAM_CRED_ERR 17 /* Failure setting user credentials */
#define PAM_NO_MODULE_DATA 18 /* No module specific data is present */
#define PAM_CONV_ERR 19 /* Conversation error */
#define PAM_AUTHTOK_ERR 20 /* Authentication token manipulation error */
#define PAM_AUTHTOK_RECOVERY_ERR 21 /* Authentication information */
/* cannot be recovered */
#define PAM_AUTHTOK_LOCK_BUSY 22 /* Authentication token lock busy */
#define PAM_AUTHTOK_DISABLE_AGING 23 /* Authentication token aging disabled */
#define PAM_TRY_AGAIN 24 /* Preliminary check by password service */
#define PAM_IGNORE 25 /* Ignore underlying account module */
/* regardless of whether the control */
/* flag is required, optional, or sufficient */
#define PAM_ABORT 26 /* Critical error (?module fail now request) */
#define PAM_AUTHTOK_EXPIRED 27 /* user's authentication token has expired */
#define PAM_MODULE_UNKNOWN 28 /* module is not known */
#define PAM_BAD_ITEM 29 /* Bad item passed to pam_*_item() */
#define PAM_CONV_AGAIN 30 /* conversation function is event driven
and data is not available yet */
#define PAM_INCOMPLETE 31 /* please call this function again to
complete authentication stack. Before
calling again, verify that conversation
is completed */
/*
* Add new #define's here - take care to also extend the libpam code:
* pam_strerror() and "libpam/pam_tokens.h" .
*/
#define _PAM_RETURN_VALUES 32 /* this is the number of return values */
/* ---------------------- The Linux-PAM flags -------------------- */
/* Authentication service should not generate any messages */
#define PAM_SILENT 0x8000U
/* Note: these flags are used by pam_authenticate{,_secondary}() */
/* The authentication service should return PAM_AUTH_ERROR if the
* user has a null authentication token */
#define PAM_DISALLOW_NULL_AUTHTOK 0x0001U
/* Note: these flags are used for pam_setcred() */
/* Set user credentials for an authentication service */
#define PAM_ESTABLISH_CRED 0x0002U
/* Delete user credentials associated with an authentication service */
#define PAM_DELETE_CRED 0x0004U
/* Reinitialize user credentials */
#define PAM_REINITIALIZE_CRED 0x0008U
/* Extend lifetime of user credentials */
#define PAM_REFRESH_CRED 0x0010U
/* Note: these flags are used by pam_chauthtok */
/* The password service should only update those passwords that have
* aged. If this flag is not passed, the password service should
* update all passwords. */
#define PAM_CHANGE_EXPIRED_AUTHTOK 0x0020U
/* ------------------ The Linux-PAM item types ------------------- */
/* These defines are used by pam_set_item() and pam_get_item().
Please check the spec which are allowed for use by applications
and which are only allowed for use by modules. */
#define PAM_SERVICE 1 /* The service name */
#define PAM_USER 2 /* The user name */
#define PAM_TTY 3 /* The tty name */
#define PAM_RHOST 4 /* The remote host name */
#define PAM_CONV 5 /* The pam_conv structure */
#define PAM_AUTHTOK 6 /* The authentication token (password) */
#define PAM_OLDAUTHTOK 7 /* The old authentication token */
#define PAM_RUSER 8 /* The remote user name */
#define PAM_USER_PROMPT 9 /* the prompt for getting a username */
/* Linux-PAM extensions */
#define PAM_FAIL_DELAY 10 /* app supplied function to override failure
delays */
#define PAM_XDISPLAY 11 /* X display name */
#define PAM_XAUTHDATA 12 /* X server authentication data */
#define PAM_AUTHTOK_TYPE 13 /* The type for pam_get_authtok */
/* -------------- Special defines used by Linux-PAM -------------- */
#if defined(__GNUC__) && defined(__GNUC_MINOR__)
# define PAM_GNUC_PREREQ(maj, min) \
((__GNUC__ << 16) + __GNUC_MINOR__ >= ((maj) << 16) + (min))
#else
# define PAM_GNUC_PREREQ(maj, min) 0
#endif
#if PAM_GNUC_PREREQ(2,5)
# define PAM_FORMAT(params) __attribute__((__format__ params))
#else
# define PAM_FORMAT(params)
#endif
#if PAM_GNUC_PREREQ(3,3) && !defined(LIBPAM_COMPILE)
# define PAM_NONNULL(params) __attribute__((__nonnull__ params))
#else
# define PAM_NONNULL(params)
#endif
/* ---------- Common Linux-PAM application/module PI ----------- */
extern int PAM_NONNULL((1))
pam_set_item(pam_handle_t *pamh, int item_type, const void *item);
extern int PAM_NONNULL((1))
pam_get_item(const pam_handle_t *pamh, int item_type, const void **item);
extern const char *
pam_strerror(pam_handle_t *pamh, int errnum);
extern int PAM_NONNULL((1,2))
pam_putenv(pam_handle_t *pamh, const char *name_value);
extern const char * PAM_NONNULL((1,2))
pam_getenv(pam_handle_t *pamh, const char *name);
extern char ** PAM_NONNULL((1))
pam_getenvlist(pam_handle_t *pamh);
/* ---------- Common Linux-PAM application/module PI ----------- */
/*
* here are some proposed error status definitions for the
* 'error_status' argument used by the cleanup function associated
* with data items they should be logically OR'd with the error_status
* of the latest return from libpam -- new with .52 and positive
* impression from Sun although not official as of 1996/9/4
* [generally the other flags are to be found in pam_modules.h]
*/
#define PAM_DATA_SILENT 0x40000000 /* used to suppress messages... */
/*
* here we define an externally (by apps or modules) callable function
* that primes the libpam library to delay when a stacked set of
* modules results in a failure. In the case of PAM_SUCCESS this delay
* is ignored.
*
* Note, the pam_[gs]et_item(... PAM_FAIL_DELAY ...) can be used to set
* a function pointer which can override the default fail-delay behavior.
* This item was added to accommodate event driven programs that need to
* manage delays more carefully. The function prototype for this data
* item is
* void (*fail_delay)(int status, unsigned int delay, void *appdata_ptr);
*/
#define HAVE_PAM_FAIL_DELAY
extern int pam_fail_delay(pam_handle_t *pamh, unsigned int musec_delay);
/* ------------ The Linux-PAM conversation structures ------------ */
/* Message styles */
#define PAM_PROMPT_ECHO_OFF 1
#define PAM_PROMPT_ECHO_ON 2
#define PAM_ERROR_MSG 3
#define PAM_TEXT_INFO 4
/* Linux-PAM specific types */
#define PAM_RADIO_TYPE 5 /* yes/no/maybe conditionals */
/* This is for server client non-human interaction.. these are NOT
part of the X/Open PAM specification. */
#define PAM_BINARY_PROMPT 7
/* maximum size of messages/responses etc.. (these are mostly
arbitrary so Linux-PAM should handle longer values). */
#define PAM_MAX_NUM_MSG 32
#define PAM_MAX_MSG_SIZE 512
#define PAM_MAX_RESP_SIZE 512
/* Used to pass prompting text, error messages, or other informatory
* text to the user. This structure is allocated and freed by the PAM
* library (or loaded module). */
struct pam_message {
int msg_style;
const char *msg;
};
/* if the pam_message.msg_style = PAM_BINARY_PROMPT
the 'pam_message.msg' is a pointer to a 'const *' for the following
pseudo-structure. When used with a PAM_BINARY_PROMPT, the returned
pam_response.resp pointer points to an object with the following
structure:
struct {
u32 length; # network byte order
unsigned char type;
unsigned char data[length-5];
};
The 'libpamc' library is designed around this flavor of
message and should be used to handle this flavor of msg_style.
*/
/* Used to return the user's response to the PAM library. This
structure is allocated by the application program, and free()'d by
the Linux-PAM library (or calling module). */
struct pam_response {
char *resp;
int resp_retcode; /* currently un-used, zero expected */
};
/* The actual conversation structure itself */
struct pam_conv {
int (*conv)(int num_msg, const struct pam_message **msg,
struct pam_response **resp, void *appdata_ptr);
void *appdata_ptr;
};
/* Used by the PAM_XAUTHDATA pam item. Contains X authentication
data used by modules to connect to the user's X display. Note:
this structure is intentionally compatible with xcb_auth_info_t. */
struct pam_xauth_data {
int namelen;
char *name;
int datalen;
char *data;
};
/* ... adapted from the pam_appl.h file created by Theodore Ts'o and
*
* Copyright Theodore Ts'o, 1996. All rights reserved.
* Copyright (c) Andrew G. Morgan <morgan@linux.kernel.org>, 1996-8
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, and the entire permission notice in its entirety,
* including the disclaimer of warranties.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior
* written permission.
*
* ALTERNATIVELY, this product may be distributed under the terms of
* the GNU Public License, in which case the provisions of the GPL are
* required INSTEAD OF the above restrictions. (This clause is
* necessary due to a potential bad interaction between the GPL and
* the restrictions contained in a BSD-style copyright.)
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE. */
#endif /* _SECURITY__PAM_TYPES_H */
PK���������yFZsz�7A���A�������pam_filter.hnu���[������������/*
* $Id$
*
* this file is associated with the Linux-PAM filter module.
* it was written by Andrew G. Morgan <morgan@linux.kernel.org>
*
*/
#ifndef PAM_FILTER_H
#define PAM_FILTER_H
#include <sys/file.h>
/*
* this will fail if there is some problem with these file descriptors
* being allocated by the pam_filter Linux-PAM module. The numbers
* here are thought safe, but the filter developer should use the
* macros, as these numbers are subject to change.
*
* The APPXXX_FILENO file descriptors are the STDIN/OUT/ERR_FILENO of the
* application. The filter uses the STDIN/OUT/ERR_FILENO's to converse
* with the user, passes (modified) user input to the application via
* APPIN_FILENO, and receives application output from APPOUT_FILENO/ERR.
*/
#define APPIN_FILENO 3 /* write here to give application input */
#define APPOUT_FILENO 4 /* read here to get application output */
#define APPERR_FILENO 5 /* read here to get application errors */
#define APPTOP_FILE 6 /* used by select */
#endif
PK���������yFZ��u���u���
���pam_modules.hnu���[������������/*
* <security/pam_modules.h>
*
* This header file collects definitions for the PAM API --- that is,
* public interface between the PAM library and PAM modules.
*
* Note, the copyright information is at end of file.
*/
#ifndef _SECURITY_PAM_MODULES_H
#define _SECURITY_PAM_MODULES_H
#ifdef __cplusplus
extern "C" {
#endif
#include <security/_pam_types.h> /* Linux-PAM common defined types */
/* -------------- The Linux-PAM Module PI ------------- */
extern int PAM_NONNULL((1,2))
pam_set_data(pam_handle_t *pamh, const char *module_data_name, void *data,
void (*cleanup)(pam_handle_t *pamh, void *data,
int error_status));
extern int PAM_NONNULL((1,2,3))
pam_get_data(const pam_handle_t *pamh, const char *module_data_name,
const void **data);
extern int PAM_NONNULL((1,2))
pam_get_user(pam_handle_t *pamh, const char **user, const char *prompt);
/* Authentication API's */
int pam_sm_authenticate(pam_handle_t *pamh, int flags,
int argc, const char **argv);
int pam_sm_setcred(pam_handle_t *pamh, int flags,
int argc, const char **argv);
/* Account Management API's */
int pam_sm_acct_mgmt(pam_handle_t *pamh, int flags,
int argc, const char **argv);
/* Session Management API's */
int pam_sm_open_session(pam_handle_t *pamh, int flags,
int argc, const char **argv);
int pam_sm_close_session(pam_handle_t *pamh, int flags,
int argc, const char **argv);
/* Password Management API's */
int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
int argc, const char **argv);
/* The following two flags are for use across the Linux-PAM/module
* interface only. The Application is not permitted to use these
* tokens.
*
* The password service should only perform preliminary checks. No
* passwords should be updated. */
#define PAM_PRELIM_CHECK 0x4000
/* The password service should update passwords Note: PAM_PRELIM_CHECK
* and PAM_UPDATE_AUTHTOK cannot both be set simultaneously! */
#define PAM_UPDATE_AUTHTOK 0x2000
/*
* here are some proposed error status definitions for the
* 'error_status' argument used by the cleanup function associated
* with data items they should be logically OR'd with the error_status
* of the latest return from libpam -- new with .52 and positive
* impression from Sun although not official as of 1996/9/4 there are
* others in _pam_types.h -- they are for common module/app use.
*/
#define PAM_DATA_REPLACE 0x20000000 /* used when replacing a data item */
/* PAM_EXTERN isn't needed anymore, but don't remove it to not break
lot of external code using it. */
#define PAM_EXTERN extern
/* take care of any compatibility issues */
#include <security/_pam_compat.h>
#ifdef __cplusplus
}
#endif
/* Copyright (C) Theodore Ts'o, 1996.
* Copyright (C) Andrew Morgan, 1996-8.
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, and the entire permission notice in its entirety,
* including the disclaimer of warranties.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior
* written permission.
*
* ALTERNATIVELY, this product may be distributed under the terms of
* the GNU General Public License, in which case the provisions of the
* GNU GPL are required INSTEAD OF the above restrictions. (This
* clause is necessary due to a potential bad interaction between the
* GNU GPL and the restrictions contained in a BSD-style copyright.)
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE. */
#endif /* _SECURITY_PAM_MODULES_H */
PK���������yFZiP�7��������
���pam_misc.hnu���[������������/* $Id$ */
#ifndef __PAMMISC_H
#define __PAMMISC_H
#include <security/pam_appl.h>
#include <security/pam_client.h>
#ifdef __cplusplus
extern "C" {
#endif /* __cplusplus */
/* include some useful macros */
#include <security/_pam_macros.h>
/* functions defined in pam_misc.* libraries */
extern int misc_conv(int num_msg, const struct pam_message **msgm,
struct pam_response **response, void *appdata_ptr);
#include <time.h>
extern time_t pam_misc_conv_warn_time; /* time that we should warn user */
extern time_t pam_misc_conv_die_time; /* cut-off time for input */
extern const char *pam_misc_conv_warn_line; /* warning notice */
extern const char *pam_misc_conv_die_line; /* cut-off remark */
extern int pam_misc_conv_died; /* 1 = cut-off time reached (0 not) */
extern int (*pam_binary_handler_fn)(void *appdata, pamc_bp_t *prompt_p);
extern void (*pam_binary_handler_free)(void *appdata, pamc_bp_t *prompt_p);
/*
* Environment helper functions
*/
/* transcribe given environment (to pam) */
extern int pam_misc_paste_env(pam_handle_t *pamh
, const char * const * user_env);
/* delete environment as obtained from (pam_getenvlist) */
extern char **pam_misc_drop_env(char **env);
/* provide something like the POSIX setenv function for the (Linux-)PAM
* environment. */
extern int pam_misc_setenv(pam_handle_t *pamh, const char *name
, const char *value, int readonly);
#ifdef __cplusplus
}
#endif /* def __cplusplus */
#endif /* ndef __PAMMISC_H */
PK���������yFZ��w�G���G�������pam_client.hnu���[������������/*
* $Id$
*
* Copyright (c) 1999 Andrew G. Morgan <morgan@linux.kernel.org>
*
* This header file provides the prototypes for the PAM client API
*/
#ifndef PAM_CLIENT_H
#define PAM_CLIENT_H
#ifdef __cplusplus
extern "C" {
#endif /* def __cplusplus */
#include <unistd.h>
#include <string.h>
#include <stdio.h>
#include <sys/types.h>
/* opaque agent handling structure */
typedef struct pamc_handle_s *pamc_handle_t;
/* binary prompt structure pointer */
typedef struct { u_int32_t length; u_int8_t control; } *pamc_bp_t;
/*
* functions provided by libpamc
*/
/*
* Initialize the agent abstraction library
*/
pamc_handle_t pamc_start(void);
/*
* Terminate the authentication process
*/
int pamc_end(pamc_handle_t *pch);
/*
* force the loading of a specified agent
*/
int pamc_load(pamc_handle_t pch, const char *agent_id);
/*
* Single conversation interface for binary prompts
*/
int pamc_converse(pamc_handle_t pch, pamc_bp_t *prompt_p);
/*
* disable an agent
*/
int pamc_disable(pamc_handle_t pch, const char *agent_id);
/*
* obtain a list of available agents
*/
char **pamc_list_agents(pamc_handle_t pch);
/*
* PAM_BP_ MACROS for creating, destroying and manipulating binary prompts
*/
#include <stdlib.h>
#include <stdio.h>
#include <unistd.h>
#ifndef PAM_BP_ASSERT
# ifdef NDEBUG
# define PAM_BP_ASSERT(x) do {} while (0)
# else
# define PAM_BP_ASSERT(x) do { printf(__FILE__ "(%d): %s\n", \
__LINE__, x) ; exit(1); } while (0)
# endif /* NDEBUG */
#endif /* PAM_BP_ASSERT */
#ifndef PAM_BP_CALLOC
# define PAM_BP_CALLOC calloc
#endif /* PAM_BP_CALLOC */
#ifndef PAM_BP_FREE
# define PAM_BP_FREE free
#endif /* PAM_BP_FREE */
#define __PAM_BP_WOCTET(x,y) (*((y) + (u_int8_t *)(x)))
#define __PAM_BP_ROCTET(x,y) (*((y) + (const u_int8_t *)(x)))
#define PAM_BP_MIN_SIZE (sizeof(u_int32_t) + sizeof(u_int8_t))
#define PAM_BP_MAX_LENGTH 0x20000 /* an advisory limit */
#define PAM_BP_WCONTROL(x) (__PAM_BP_WOCTET(x,4))
#define PAM_BP_RCONTROL(x) (__PAM_BP_ROCTET(x,4))
#define PAM_BP_SIZE(x) ((__PAM_BP_ROCTET(x,0)<<24)+ \
(__PAM_BP_ROCTET(x,1)<<16)+ \
(__PAM_BP_ROCTET(x,2)<< 8)+ \
(__PAM_BP_ROCTET(x,3) ))
#define PAM_BP_LENGTH(x) (PAM_BP_SIZE(x) - PAM_BP_MIN_SIZE)
#define PAM_BP_WDATA(x) (PAM_BP_MIN_SIZE + (u_int8_t *) (x))
#define PAM_BP_RDATA(x) (PAM_BP_MIN_SIZE + (const u_int8_t *) (x))
/* Note, this macro always '\0' terminates renewed packets */
#define PAM_BP_RENEW(old_p, cntrl, data_length) \
do { \
if (old_p) { \
if (*(old_p)) { \
u_int32_t __size; \
__size = PAM_BP_SIZE(*(old_p)); \
memset(*(old_p), 0, __size); \
PAM_BP_FREE(*(old_p)); \
} \
if (cntrl) { \
u_int32_t __size; \
\
__size = PAM_BP_MIN_SIZE + data_length; \
if ((*(old_p) = PAM_BP_CALLOC(1, 1+__size))) { \
__PAM_BP_WOCTET(*(old_p), 3) = __size & 0xFF; \
__PAM_BP_WOCTET(*(old_p), 2) = (__size>>=8) & 0xFF; \
__PAM_BP_WOCTET(*(old_p), 1) = (__size>>=8) & 0xFF; \
__PAM_BP_WOCTET(*(old_p), 0) = (__size>>=8) & 0xFF; \
(*(old_p))->control = cntrl; \
} else { \
PAM_BP_ASSERT("out of memory for binary prompt"); \
} \
} else { \
*old_p = NULL; \
} \
} else { \
PAM_BP_ASSERT("programming error, invalid binary prompt pointer"); \
} \
} while (0)
#define PAM_BP_FILL(prmpt, offset, length, data) \
do { \
size_t bp_length; \
u_int8_t *prompt = (u_int8_t *) (prmpt); \
bp_length = PAM_BP_LENGTH(prompt); \
if (bp_length < ((length)+(offset))) { \
PAM_BP_ASSERT("attempt to write over end of prompt"); \
} \
memcpy((offset) + PAM_BP_WDATA(prompt), (data), (length)); \
} while (0)
#define PAM_BP_EXTRACT(prmpt, offset, length, data) \
do { \
size_t __bp_length; \
const u_int8_t *__prompt = (const u_int8_t *) (prmpt); \
__bp_length = PAM_BP_LENGTH(__prompt); \
if (((offset) < 0) || (__bp_length < ((length)+(offset))) \
|| ((length) < 0)) { \
PAM_BP_ASSERT("invalid extraction from prompt"); \
} \
memcpy((data), (offset) + PAM_BP_RDATA(__prompt), (length)); \
} while (0)
/* Control types */
#define PAM_BPC_FALSE 0
#define PAM_BPC_TRUE 1
#define PAM_BPC_OK 0x01 /* continuation packet */
#define PAM_BPC_SELECT 0x02 /* initialization packet */
#define PAM_BPC_DONE 0x03 /* termination packet */
#define PAM_BPC_FAIL 0x04 /* unable to execute */
/* The following control characters are only legal for echanges
between an agent and a client (it is the responsibility of the
client to enforce this rule in the face of a rogue server): */
#define PAM_BPC_GETENV 0x41 /* obtain client env.var */
#define PAM_BPC_PUTENV 0x42 /* set client env.var */
#define PAM_BPC_TEXT 0x43 /* display message */
#define PAM_BPC_ERROR 0x44 /* display error message */
#define PAM_BPC_PROMPT 0x45 /* echo'd text prompt */
#define PAM_BPC_PASS 0x46 /* non-echo'd text prompt*/
/* quick check for prompts that are legal for the client (by
implication the server too) to send to libpamc */
#define PAM_BPC_FOR_CLIENT(/* pamc_bp_t */ prompt) \
(((prompt)->control <= PAM_BPC_FAIL && (prompt)->control >= PAM_BPC_OK) \
? PAM_BPC_TRUE:PAM_BPC_FALSE)
#ifdef __cplusplus
}
#endif /* def __cplusplus */
#endif /* PAM_CLIENT_H */
PK���������yFZ����d���d���
���pam_modutil.hnu���[������������/*
* Copyright (c) 2001-2002 Andrew Morgan <morgan@kernel.org>
*
* <security/pam_modutil.h>
*
* This file is a list of handy libc wrappers that attempt to provide some
* thread-safe and other convenient functionality to modules in a common form.
*
* A number of these functions reserve space in a pam_[sg]et_data item.
* In all cases, the name of the item is prefixed with "pam_modutil_*".
*
* On systems that simply can't support thread safe programming, these
* functions don't support it either - sorry.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, and the entire permission notice in its entirety,
* including the disclaimer of warranties.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior
* written permission.
*
* ALTERNATIVELY, this product may be distributed under the terms of
* the GNU Public License, in which case the provisions of the GPL are
* required INSTEAD OF the above restrictions. (This clause is
* necessary due to a potential bad interaction between the GPL and
* the restrictions contained in a BSD-style copyright.)
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef _SECURITY__PAM_MODUTIL_H
#define _SECURITY__PAM_MODUTIL_H
#include <sys/types.h>
#include <pwd.h>
#include <grp.h>
#include <shadow.h>
#ifdef __cplusplus
extern "C" {
#endif
#include <security/_pam_types.h>
extern struct passwd * PAM_NONNULL((1,2))
pam_modutil_getpwnam(pam_handle_t *pamh, const char *user);
extern struct passwd * PAM_NONNULL((1))
pam_modutil_getpwuid(pam_handle_t *pamh, uid_t uid);
extern struct group * PAM_NONNULL((1,2))
pam_modutil_getgrnam(pam_handle_t *pamh, const char *group);
extern struct group * PAM_NONNULL((1))
pam_modutil_getgrgid(pam_handle_t *pamh, gid_t gid);
extern struct spwd * PAM_NONNULL((1,2))
pam_modutil_getspnam(pam_handle_t *pamh, const char *user);
extern int PAM_NONNULL((1,2,3))
pam_modutil_user_in_group_nam_nam(pam_handle_t *pamh,
const char *user,
const char *group);
extern int PAM_NONNULL((1,2))
pam_modutil_user_in_group_nam_gid(pam_handle_t *pamh,
const char *user,
gid_t group);
extern int PAM_NONNULL((1,3))
pam_modutil_user_in_group_uid_nam(pam_handle_t *pamh,
uid_t user,
const char *group);
extern int PAM_NONNULL((1))
pam_modutil_user_in_group_uid_gid(pam_handle_t *pamh,
uid_t user,
gid_t group);
extern const char * PAM_NONNULL((1))
pam_modutil_getlogin(pam_handle_t *pamh);
extern int
pam_modutil_read(int fd, char *buffer, int count);
extern int
pam_modutil_write(int fd, const char *buffer, int count);
extern int PAM_NONNULL((1,3))
pam_modutil_audit_write(pam_handle_t *pamh, int type,
const char *message, int retval);
struct pam_modutil_privs {
gid_t *grplist;
int number_of_groups;
int allocated;
gid_t old_gid;
uid_t old_uid;
int is_dropped;
};
#define PAM_MODUTIL_NGROUPS 64
#define PAM_MODUTIL_DEF_PRIVS(n) \
gid_t n##_grplist[PAM_MODUTIL_NGROUPS]; \
struct pam_modutil_privs n = { n##_grplist, PAM_MODUTIL_NGROUPS, 0, -1, -1, 0 }
extern int PAM_NONNULL((1,2,3))
pam_modutil_drop_priv(pam_handle_t *pamh,
struct pam_modutil_privs *p,
const struct passwd *pw);
extern int PAM_NONNULL((1,2))
pam_modutil_regain_priv(pam_handle_t *pamh,
struct pam_modutil_privs *p);
enum pam_modutil_redirect_fd {
PAM_MODUTIL_IGNORE_FD, /* do not redirect */
PAM_MODUTIL_PIPE_FD, /* redirect to a pipe */
PAM_MODUTIL_NULL_FD, /* redirect to /dev/null */
};
/* redirect standard descriptors, close all other descriptors. */
extern int PAM_NONNULL((1))
pam_modutil_sanitize_helper_fds(pam_handle_t *pamh,
enum pam_modutil_redirect_fd redirect_stdin,
enum pam_modutil_redirect_fd redirect_stdout,
enum pam_modutil_redirect_fd redirect_stderr);
#ifdef __cplusplus
}
#endif
#endif /* _SECURITY__PAM_MODUTIL_H */
PK���������yFZX�X���������
���pam_appl.hnu���[������������/*
* <security/pam_appl.h>
*
* This header file collects definitions for the PAM API --- that is,
* public interface between the PAM library and an application program
* that wishes to use it.
*
* Note, the copyright information is at end of file.
*/
#ifndef _SECURITY_PAM_APPL_H
#define _SECURITY_PAM_APPL_H
#ifdef __cplusplus
extern "C" {
#endif
#include <security/_pam_types.h> /* Linux-PAM common defined types */
/* -------------- The Linux-PAM Framework layer API ------------- */
extern int PAM_NONNULL((1,3,4))
pam_start(const char *service_name, const char *user,
const struct pam_conv *pam_conversation,
pam_handle_t **pamh);
extern int PAM_NONNULL((1))
pam_end(pam_handle_t *pamh, int pam_status);
/* Authentication API's */
extern int PAM_NONNULL((1))
pam_authenticate(pam_handle_t *pamh, int flags);
extern int PAM_NONNULL((1))
pam_setcred(pam_handle_t *pamh, int flags);
/* Account Management API's */
extern int PAM_NONNULL((1))
pam_acct_mgmt(pam_handle_t *pamh, int flags);
/* Session Management API's */
extern int PAM_NONNULL((1))
pam_open_session(pam_handle_t *pamh, int flags);
extern int PAM_NONNULL((1))
pam_close_session(pam_handle_t *pamh, int flags);
/* Password Management API's */
extern int PAM_NONNULL((1))
pam_chauthtok(pam_handle_t *pamh, int flags);
/* take care of any compatibility issues */
#include <security/_pam_compat.h>
#ifdef __cplusplus
}
#endif
/*
* Copyright Theodore Ts'o, 1996. All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, and the entire permission notice in its entirety,
* including the disclaimer of warranties.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior
* written permission.
*
* ALTERNATIVELY, this product may be distributed under the terms of
* the GNU Public License, in which case the provisions of the GPL are
* required INSTEAD OF the above restrictions. (This clause is
* necessary due to a potential bad interaction between the GPL and
* the restrictions contained in a BSD-style copyright.)
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#endif /* _SECURITY_PAM_APPL_H */
PK���������yFZ��1��������
���_pam_compat.hnu���[������������#ifndef _PAM_COMPAT_H
#define _PAM_COMPAT_H
/*
* This file was contributed by Derrick J Brashear <shadow@dementia.org>
* slight modification by Brad M. Garcia <bgarcia@fore.com>
*
* A number of operating systems have started to implement PAM.
* unfortunately, they have a different set of numeric values for
* certain constants. This file is included for compatibility's sake.
*/
/* Solaris uses different constants. We redefine to those here */
#if defined(solaris) || (defined(__SVR4) && defined(sun))
# ifdef _SECURITY_PAM_MODULES_H
/* flags for pam_chauthtok() */
# undef PAM_PRELIM_CHECK
# define PAM_PRELIM_CHECK 0x1
# undef PAM_UPDATE_AUTHTOK
# define PAM_UPDATE_AUTHTOK 0x2
# endif /* _SECURITY_PAM_MODULES_H */
# ifdef _SECURITY__PAM_TYPES_H
/* generic for pam_* functions */
# undef PAM_SILENT
# define PAM_SILENT 0x80000000
# undef PAM_CHANGE_EXPIRED_AUTHTOK
# define PAM_CHANGE_EXPIRED_AUTHTOK 0x4
/* flags for pam_setcred() */
# undef PAM_ESTABLISH_CRED
# define PAM_ESTABLISH_CRED 0x1
# undef PAM_DELETE_CRED
# define PAM_DELETE_CRED 0x2
# undef PAM_REINITIALIZE_CRED
# define PAM_REINITIALIZE_CRED 0x4
# undef PAM_REFRESH_CRED
# define PAM_REFRESH_CRED 0x8
/* another binary incompatibility comes from the return codes! */
# undef PAM_CONV_ERR
# define PAM_CONV_ERR 6
# undef PAM_PERM_DENIED
# define PAM_PERM_DENIED 7
# undef PAM_MAXTRIES
# define PAM_MAXTRIES 8
# undef PAM_AUTH_ERR
# define PAM_AUTH_ERR 9
# undef PAM_NEW_AUTHTOK_REQD
# define PAM_NEW_AUTHTOK_REQD 10
# undef PAM_CRED_INSUFFICIENT
# define PAM_CRED_INSUFFICIENT 11
# undef PAM_AUTHINFO_UNAVAIL
# define PAM_AUTHINFO_UNAVAIL 12
# undef PAM_USER_UNKNOWN
# define PAM_USER_UNKNOWN 13
# undef PAM_CRED_UNAVAIL
# define PAM_CRED_UNAVAIL 14
# undef PAM_CRED_EXPIRED
# define PAM_CRED_EXPIRED 15
# undef PAM_CRED_ERR
# define PAM_CRED_ERR 16
# undef PAM_ACCT_EXPIRED
# define PAM_ACCT_EXPIRED 17
# undef PAM_AUTHTOK_EXPIRED
# define PAM_AUTHTOK_EXPIRED 18
# undef PAM_SESSION_ERR
# define PAM_SESSION_ERR 19
# undef PAM_AUTHTOK_ERR
# define PAM_AUTHTOK_ERR 20
# undef PAM_AUTHTOK_RECOVERY_ERR
# define PAM_AUTHTOK_RECOVERY_ERR 21
# undef PAM_AUTHTOK_LOCK_BUSY
# define PAM_AUTHTOK_LOCK_BUSY 22
# undef PAM_AUTHTOK_DISABLE_AGING
# define PAM_AUTHTOK_DISABLE_AGING 23
# undef PAM_NO_MODULE_DATA
# define PAM_NO_MODULE_DATA 24
# undef PAM_IGNORE
# define PAM_IGNORE 25
# undef PAM_ABORT
# define PAM_ABORT 26
# undef PAM_TRY_AGAIN
# define PAM_TRY_AGAIN 27
#endif /* _SECURITY__PAM_TYPES_H */
#else
/* For compatibility with old Linux-PAM implementations. */
#define PAM_AUTHTOK_RECOVER_ERR PAM_AUTHTOK_RECOVERY_ERR
#endif /* defined(solaris) || (defined(__SVR4) && defined(sun)) */
#endif /* _PAM_COMPAT_H */
PK���������yFZ�$��/���/��� ���pam_ext.hnu���[������������/*
* Copyright (C) 2005, 2006, 2008, 2009 Thorsten Kukuk.
*
* <security/pam_ext.h>
*
* This header file collects definitions for the extended PAM API.
* This is a public interface of the PAM library for PAM modules,
* which makes the life of PAM developers easier, but are not documented
* in any standard and are not portable between different PAM
* implementations.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, and the entire permission notice in its entirety,
* including the disclaimer of warranties.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. The name of the author may not be used to endorse or promote
* products derived from this software without specific prior
* written permission.
*
* ALTERNATIVELY, this product may be distributed under the terms of
* the GNU Public License, in which case the provisions of the GPL are
* required INSTEAD OF the above restrictions. (This clause is
* necessary due to a potential bad interaction between the GPL and
* the restrictions contained in a BSD-style copyright.)
*
* THIS SOFTWARE IS PROVIDED ``AS IS'' AND ANY EXPRESS OR IMPLIED
* WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
* DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
* OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#ifndef _SECURITY__PAM_EXT_H_
#define _SECURITY__PAM_EXT_H_
#ifdef __cplusplus
extern "C" {
#endif
#include <security/_pam_types.h>
#include <stdarg.h>
extern void PAM_FORMAT((printf, 3, 0)) PAM_NONNULL((3))
pam_vsyslog (const pam_handle_t *pamh, int priority,
const char *fmt, va_list args);
extern void PAM_FORMAT((printf, 3, 4)) PAM_NONNULL((3))
pam_syslog (const pam_handle_t *pamh, int priority, const char *fmt, ...);
extern int PAM_FORMAT((printf, 4, 0)) PAM_NONNULL((1,4))
pam_vprompt (pam_handle_t *pamh, int style, char **response,
const char *fmt, va_list args);
extern int PAM_FORMAT((printf, 4, 5)) PAM_NONNULL((1,4))
pam_prompt (pam_handle_t *pamh, int style, char **response,
const char *fmt, ...);
#define pam_error(pamh, fmt...) \
pam_prompt(pamh, PAM_ERROR_MSG, NULL, fmt)
#define pam_verror(pamh, fmt, args) \
pam_vprompt(pamh, PAM_ERROR_MSG, NULL, fmt, args)
#define pam_info(pamh, fmt...) pam_prompt(pamh, PAM_TEXT_INFO, NULL, fmt)
#define pam_vinfo(pamh, fmt, args) pam_vprompt(pamh, PAM_TEXT_INFO, NULL, fmt, args)
extern int PAM_NONNULL((1,3))
pam_get_authtok (pam_handle_t *pamh, int item, const char **authtok,
const char *prompt);
extern int PAM_NONNULL((1,2))
pam_get_authtok_noverify (pam_handle_t *pamh, const char **authtok,
const char *prompt);
extern int PAM_NONNULL((1,2))
pam_get_authtok_verify (pam_handle_t *pamh, const char **authtok,
const char *prompt);
#ifdef __cplusplus
}
#endif
#endif
PK�����������yFZif�L��������
�����������������_pam_macros.hnu���[������������PK�����������yFZ��ٺh2��h2��������������������_pam_types.hnu���[������������PK�����������yFZsz�7A���A������������������J��pam_filter.hnu���[������������PK�����������yFZ��u���u���
�������������;O��pam_modules.hnu���[������������PK�����������yFZiP�7��������
��������������a��pam_misc.hnu���[������������PK�����������yFZ��w�G���G������������������h��pam_client.hnu���[������������PK�����������yFZ����d���d���
�����������������pam_modutil.hnu���[������������PK�����������yFZX�X���������
�������������A���pam_appl.hnu���[������������PK�����������yFZ��1��������
�������������\���_pam_compat.hnu���[������������PK�����������yFZ�$��/���/��� �������������5���pam_ext.hnu���[������������PK������
�
�����������