view libpam-sys/libpam-sys-test/xsso_pam_appl.h @ 141:a508a69c068a

Remove a lot of Results from functions. Many functions are documented to only return failing Results when given improper inputs or when there is a memory allocation failure (which can be verified by looking at the source). In cases where we know our input is correct, we don't need to check for memory allocation errors for the same reason that Rust doesn't do so when you, e.g., create a new Vec.
author Paul Fisher <paul@pfish.zone>
date Sat, 05 Jul 2025 17:16:56 -0400
parents 2b255c92417b
children
line wrap: on
line source

/*
 * The contents of this header are copied directly from the X/SSO PAM spec,
 * with comments and unpopular functions removed.
 *
 * https://pubs.opengroup.org/onlinepubs/8329799/apdxa.htm
 */
#define PAM_SUCCESS 0
#define PAM_OPEN_ERR 1
#define PAM_SYMBOL_ERR 2
#define PAM_SERVICE_ERR 3
#define PAM_SYSTEM_ERR 4
#define PAM_BUF_ERR 5
#define PAM_CONV_ERR 6
#define PAM_PERM_DENIED 7
#define PAM_MAXTRIES 8
#define PAM_AUTH_ERR 9
#define PAM_NEW_AUTHTOK_REQD 10
#define PAM_CRED_INSUFFICIENT 11
#define PAM_AUTHINFO_UNAVAIL 12
#define PAM_USER_UNKNOWN 13
#define PAM_CRED_UNAVAIL 14
#define PAM_CRED_EXPIRED 15
#define PAM_CRED_ERR 16
#define PAM_ACCT_EXPIRED 17
#define PAM_AUTHTOK_EXPIRED 18
#define PAM_SESSION_ERR 19
#define PAM_AUTHTOK_ERR 20
#define PAM_AUTHTOK_RECOVERY_ERR 21
#define PAM_AUTHTOK_LOCK_BUSY 22
#define PAM_AUTHTOK_DISABLE_AGING 23
#define PAM_NO_MODULE_DATA 24
#define PAM_IGNORE 25
#define PAM_ABORT 26
#define PAM_TRY_AGAIN 27
/* PAM_MODULE_UNKNOWN and PAM_DOMAIN_UNKNOWN are not universal. */

struct pam_message {
  int msg_style;
  char *msg;
};

#define PAM_PROMPT_ECHO_OFF 1
#define PAM_PROMPT_ECHO_ON 2
#define PAM_ERROR_MSG 3
#define PAM_TEXT_INFO 4

#define PAM_MAX_NUM_MSG 32
#define PAM_MAX_MSG_SIZE 512
#define PAM_MAX_RESP_SIZE 512

struct pam_response {
  char *resp;
  int resp_retcode;
};

struct pam_conv {
  int (*conv)(int, struct pam_message **, struct pam_response **, void *);
  void *appdata_ptr;
};

typedef struct pam_handle pam_handle_t;

extern int pam_start(const char *service_name,
                     const char *user,
                     const struct pam_conv *pam_conv,
                     pam_handle_t **pamh);

extern int pam_end(pam_handle_t *pamh, int status);

extern int pam_set_item(pam_handle_t *pamh, int item_type, const void *item);

extern int pam_get_item(const pam_handle_t *pamh, int item_type, void **item);

#define PAM_SERVICE 1
#define PAM_USER 2
#define PAM_TTY 3
#define PAM_RHOST 4
#define PAM_CONV 5
#define PAM_AUTHTOK 6
#define PAM_OLDAUTHTOK 7
#define PAM_RUSER 8
#define PAM_USER_PROMPT 9

extern int pam_get_user(pam_handle_t *pamh, char **user, const char *prompt);

extern int pam_set_data(pam_handle_t *pamh,
                        const char *module_data_name,
                        const void *data,
                        void (*cleanup)(pam_handle_t *pamh,
                                        void *data,
                                        int pam_end_status));

extern int pam_get_data(const pam_handle_t *pamh,
                        const char *module_data_name,
                        void **data);

extern char *pam_strerror(pam_handle_t *pamh, int errnum);

#define PAM_SILENT 0x80000000

extern int pam_authenticate(pam_handle_t *pamh, int flags);

#define PAM_DISALLOW_NULL_AUTHTOK 0x1

/* Nobody implements pam_authenticate_secondary. */

extern int pam_acct_mgmt(pam_handle_t *pamh, int flags);

extern int pam_open_session(pam_handle_t *pamh, int flags);

extern int pam_close_session(pam_handle_t *pamh, int flags);

extern int pam_setcred(pam_handle_t *pamh, int flags);

#define PAM_ESTABLISH_CRED 0x1
#define PAM_DELETE_CRED 0x2
#define PAM_REINITIALIZE_CRED 0x4

#define PAM_REFRESH_CRED 0x8

extern int pam_chauthtok(pam_handle_t *pamh, int flags);

#define PAM_CHANGE_EXPIRED_AUTHTOK 0x4

extern char *pam_getenv(pam_handle_t *pamh, const char *name);

extern char **pam_getenvlist(pam_handle_t *pamh);

extern int pam_putenv(pam_handle_t *pamh, const char *namevalue);

/* Nobody implements the _mapped functions. */

extern int pam_get_user(pam_handle_t *pamh, char **user, const char *prompt);

/* The following constants come from the `pam_module.h` part of the page. */
#define PAM_PRELIM_CHECK 0x1
#define PAM_UPDATE_AUTHTOK 0x2

/* The _sm functions are not exported symbols, but prototypes for modules. */