00001 #ifndef LINUX
00002
00003 #include <security/pam_appl.h>
00004 #endif
00005
00006 #include <security/pam_modules.h>
00007
00008 #ifndef PAM_AUTHTOK_RECOVER_ERR
00009 #define PAM_AUTHTOK_RECOVER_ERR PAM_AUTHTOK_RECOVERY_ERR
00010 #endif
00011
00012 #include <stdio.h>
00013 #include <stdlib.h>
00014 #include <syslog.h>
00015 #include <unistd.h>
00016 #include <sys/types.h>
00017 #include <sys/stat.h>
00018 #include <sys/wait.h>
00019
00020
00021
00022
00023
00024
00025 #define MISTYPED_PASS "Sorry, passwords do not match"
00026
00027
00028
00029 typedef struct {
00030 const char *token;
00031 unsigned int mask;
00032 unsigned int flag;
00033 } SMB_Ctrls;
00034
00035 #ifndef False
00036 #define False (0)
00037 #endif
00038
00039 #ifndef True
00040 #define True (1)
00041 #endif
00042
00043
00044 #define on(x,ctrl) (smb_args[x].flag & ctrl)
00045
00046
00047 #define off(x,ctrl) (!on(x,ctrl))
00048
00049
00050 #define set(x,ctrl) (ctrl = ((ctrl)&smb_args[x].mask)|smb_args[x].flag)
00051 #define unset(x,ctrl) (ctrl &= ~(smb_args[x].flag))
00052
00053
00054 #define _ALL_ON_ (~0U)
00055
00056
00057
00058
00059
00060
00061
00062
00063 #define SMB__OLD_PASSWD 0
00064 #define SMB__VERIFY_PASSWD 1
00065
00066 #define SMB_AUDIT 2
00067
00068 #define SMB_USE_FIRST_PASS 3
00069 #define SMB_TRY_FIRST_PASS 4
00070 #define SMB_NOT_SET_PASS 5
00071
00072 #define SMB__NONULL 6
00073 #define SMB__QUIET 7
00074 #define SMB_USE_AUTHTOK 8
00075 #define SMB__NULLOK 9
00076 #define SMB_DEBUG 10
00077 #define SMB_NODELAY 11
00078 #define SMB_MIGRATE 12
00079
00080 #define SMB_CONF_FILE 13
00081
00082 #define SMB_CTRLS_ 14
00083
00084 static const SMB_Ctrls smb_args[SMB_CTRLS_] = {
00085
00086
00087
00088 { NULL, _ALL_ON_, 01 },
00089 { NULL, _ALL_ON_, 02 },
00090 { "audit", _ALL_ON_, 04 },
00091 { "use_first_pass", _ALL_ON_^(030), 010 },
00092 { "try_first_pass", _ALL_ON_^(030), 020 },
00093 { "not_set_pass", _ALL_ON_, 040 },
00094 { "nonull", _ALL_ON_, 0100 },
00095 { NULL, _ALL_ON_, 0200 },
00096 { "use_authtok", _ALL_ON_, 0400 },
00097 { "nullok", _ALL_ON_^(0100), 0 },
00098 { "debug", _ALL_ON_, 01000 },
00099 { "nodelay", _ALL_ON_, 02000 },
00100 { "migrate", _ALL_ON_^(0100), 04000 },
00101 { "smbconf=", _ALL_ON_, 0 },
00102 };
00103
00104 #define SMB_DEFAULTS (smb_args[SMB__NONULL].flag)
00105
00106
00107
00108
00109
00110
00111 #define FAIL_PREFIX "-SMB-FAIL-"
00112 #define SMB_MAX_RETRIES 3
00113
00114 struct _pam_failed_auth {
00115 char *user;
00116 uid_t id;
00117 char *agent;
00118 int count;
00119 };
00120
00121
00122
00123
00124
00125
00126 int make_remark(pam_handle_t *, unsigned int, int, const char *);