83520f8d05
for crypt(3) by now. In any case: Add crypt_set_format(3) + documentation to -lcrypt. Add login_setcryptfmt(3) + documentation to -lutil. Support for switching crypt formats in passwd(8). Support for switching crypt formats in pw(8). The simple synopsis is: edit login.conf; add a passwd_format field set to "des" or "md5"; go nuts :) Reviewed by: peter
158 lines
6.1 KiB
C
158 lines
6.1 KiB
C
/*-
|
|
* Copyright (c) 1996 by
|
|
* Sean Eric Fagan <sef@kithrup.com>
|
|
* David Nugent <davidn@blaze.net.au>
|
|
* All rights reserved.
|
|
*
|
|
* Redistribution and use in source and binary forms, with or without
|
|
* modification, is permitted provided that the following conditions
|
|
* are met:
|
|
* 1. Redistributions of source code must retain the above copyright
|
|
* notice immediately at the beginning of the file, without modification,
|
|
* this list of conditions, and the following disclaimer.
|
|
* 2. Redistributions in binary form must reproduce the above copyright
|
|
* notice, this list of conditions and the following disclaimer in the
|
|
* documentation and/or other materials provided with the distribution.
|
|
* 3. This work was done expressly for inclusion into FreeBSD. Other use
|
|
* is permitted provided this notation is included.
|
|
* 4. Absolutely no warranty of function or purpose is made by the authors.
|
|
* 5. Modifications may be freely made to this file providing the above
|
|
* conditions are met.
|
|
*
|
|
* Low-level routines relating to the user capabilities database
|
|
*
|
|
* Was login_cap.h,v 1.9 1997/05/07 20:00:01 eivind Exp
|
|
* $FreeBSD$
|
|
*/
|
|
|
|
#ifndef _LOGIN_CAP_H_
|
|
#define _LOGIN_CAP_H_
|
|
|
|
#define LOGIN_DEFCLASS "default"
|
|
#define LOGIN_DEFROOTCLASS "root"
|
|
#define LOGIN_MECLASS "me"
|
|
#define LOGIN_DEFSTYLE "passwd"
|
|
#define LOGIN_DEFSERVICE "login"
|
|
#define LOGIN_DEFUMASK 022
|
|
#define LOGIN_DEFPRI 0
|
|
#define _PATH_LOGIN_CONF "/etc/login.conf"
|
|
#define _FILE_LOGIN_CONF ".login_conf"
|
|
#define _PATH_AUTHPROG "/usr/libexec/login_"
|
|
|
|
#define LOGIN_SETGROUP 0x0001 /* set group */
|
|
#define LOGIN_SETLOGIN 0x0002 /* set login (via setlogin) */
|
|
#define LOGIN_SETPATH 0x0004 /* set path */
|
|
#define LOGIN_SETPRIORITY 0x0008 /* set priority */
|
|
#define LOGIN_SETRESOURCES 0x0010 /* set resources (cputime, etc.) */
|
|
#define LOGIN_SETUMASK 0x0020 /* set umask, obviously */
|
|
#define LOGIN_SETUSER 0x0040 /* set user (via setuid) */
|
|
#define LOGIN_SETENV 0x0080 /* set user environment */
|
|
#define LOGIN_SETALL 0x00ff /* set everything */
|
|
|
|
#define BI_AUTH "authorize" /* accepted authentication */
|
|
#define BI_REJECT "reject" /* rejected authentication */
|
|
#define BI_CHALLENG "reject challenge" /* reject with a challenge */
|
|
#define BI_SILENT "reject silent" /* reject silently */
|
|
#define BI_REMOVE "remove" /* remove file on error */
|
|
#define BI_ROOTOKAY "authorize root" /* root authenticated */
|
|
#define BI_SECURE "authorize secure" /* okay on non-secure line */
|
|
#define BI_SETENV "setenv" /* set environment variable */
|
|
#define BI_VALUE "value" /* set local variable */
|
|
|
|
#define AUTH_OKAY 0x01 /* user authenticated */
|
|
#define AUTH_ROOTOKAY 0x02 /* root login okay */
|
|
#define AUTH_SECURE 0x04 /* secure login */
|
|
#define AUTH_SILENT 0x08 /* silent rejection */
|
|
#define AUTH_CHALLENGE 0x10 /* a chellenge was given */
|
|
|
|
#define AUTH_ALLOW (AUTH_OKAY | AUTH_ROOTOKAY | AUTH_SECURE)
|
|
|
|
typedef struct login_cap {
|
|
char *lc_class;
|
|
char *lc_cap;
|
|
char *lc_style;
|
|
} login_cap_t;
|
|
|
|
typedef struct login_time {
|
|
u_short lt_start; /* Start time */
|
|
u_short lt_end; /* End time */
|
|
#define LTM_NONE 0x00
|
|
#define LTM_SUN 0x01
|
|
#define LTM_MON 0x02
|
|
#define LTM_TUE 0x04
|
|
#define LTM_WED 0x08
|
|
#define LTM_THU 0x10
|
|
#define LTM_FRI 0x20
|
|
#define LTM_SAT 0x40
|
|
#define LTM_ANY 0x7F
|
|
#define LTM_WK 0x3E
|
|
#define LTM_WD 0x41
|
|
u_char lt_dow; /* Days of week */
|
|
} login_time_t;
|
|
|
|
#define LC_MAXTIMES 64
|
|
|
|
#include <sys/cdefs.h>
|
|
__BEGIN_DECLS
|
|
struct passwd;
|
|
|
|
void login_close __P((login_cap_t *));
|
|
login_cap_t *login_getclassbyname __P((const char *, const struct passwd *));
|
|
login_cap_t *login_getclass __P((const char *));
|
|
login_cap_t *login_getpwclass __P((const struct passwd *));
|
|
login_cap_t *login_getuserclass __P((const struct passwd *));
|
|
|
|
char *login_getcapstr __P((login_cap_t*, const char *, char *, char *));
|
|
char **login_getcaplist __P((login_cap_t *, const char *, const char *));
|
|
char *login_getstyle __P((login_cap_t *, char *, const char *));
|
|
rlim_t login_getcaptime __P((login_cap_t *, const char *, rlim_t, rlim_t));
|
|
rlim_t login_getcapnum __P((login_cap_t *, const char *, rlim_t, rlim_t));
|
|
rlim_t login_getcapsize __P((login_cap_t *, const char *, rlim_t, rlim_t));
|
|
char *login_getpath __P((login_cap_t *, const char *, char *));
|
|
int login_getcapbool __P((login_cap_t *, const char *, int));
|
|
const char *login_setcryptfmt __P((login_cap_t *, const char *, const char *));
|
|
|
|
int setclasscontext __P((const char*, unsigned int));
|
|
int setusercontext __P((login_cap_t*, const struct passwd*, uid_t, unsigned int));
|
|
void setclassresources __P((login_cap_t *));
|
|
void setclassenvironment __P((login_cap_t *, const struct passwd *, int));
|
|
|
|
/* Most of these functions are deprecated */
|
|
int auth_approve __P((login_cap_t*, const char*, const char*));
|
|
int auth_check __P((const char *, const char *, const char *, const char *, int *));
|
|
void auth_env __P((void));
|
|
char *auth_mkvalue __P((const char *n));
|
|
int auth_response __P((const char *, const char *, const char *, const char *, int *, const char *, const char *));
|
|
void auth_rmfiles __P((void));
|
|
int auth_scan __P((int));
|
|
int auth_script __P((const char*, ...));
|
|
int auth_script_data __P((const char *, int, const char *, ...));
|
|
char *auth_valud __P((const char *));
|
|
int auth_setopt __P((const char *, const char *));
|
|
void auth_clropts __P((void));
|
|
|
|
void auth_checknologin __P((login_cap_t*));
|
|
int auth_cat __P((const char*));
|
|
|
|
int auth_ttyok __P((login_cap_t*, const char *));
|
|
int auth_hostok __P((login_cap_t*, const char *, char const *));
|
|
int auth_timeok __P((login_cap_t*, time_t));
|
|
|
|
struct tm;
|
|
|
|
login_time_t parse_lt __P((const char *));
|
|
int in_ltm __P((const login_time_t *, struct tm *, time_t *));
|
|
int in_ltms __P((const login_time_t *, struct tm *, time_t *));
|
|
|
|
/* helper functions */
|
|
|
|
int login_strinlist __P((char **, char const *, int));
|
|
int login_str2inlist __P((char **, const char *, const char *, int));
|
|
login_time_t * login_timelist __P((login_cap_t *, char const *, int *, login_time_t **));
|
|
int login_ttyok __P((login_cap_t *, const char *, const char *, const char *));
|
|
int login_hostok __P((login_cap_t *, const char *, const char *, const char *, const char *));
|
|
|
|
__END_DECLS
|
|
|
|
#endif /* _LOGIN_CAP_H_ */
|