diff options
| author | Simo Sorce <ssorce@redhat.com> | 2009-04-11 00:31:50 -0400 |
|---|---|---|
| committer | Simo Sorce <ssorce@redhat.com> | 2009-04-13 09:07:10 -0400 |
| commit | 943df8483b9f8a43df72121883ca67f17571d214 (patch) | |
| tree | a9301004163a7033b4a342057c355da1ea49454b /server/responder/pam/pamsrv.h | |
| parent | f16705ecade500f77b525d1a3df0109196c98ee0 (diff) | |
| download | sssd-943df8483b9f8a43df72121883ca67f17571d214.tar.gz sssd-943df8483b9f8a43df72121883ca67f17571d214.tar.xz sssd-943df8483b9f8a43df72121883ca67f17571d214.zip | |
Implement credentials caching in pam responder.
Implement credentials caching in pam responder.
Currently works only for the proxy backend.
Also cleanup pam responder code and mode common code in data provider.
(the data provider should never include responder private headers)
Diffstat (limited to 'server/responder/pam/pamsrv.h')
| -rw-r--r-- | server/responder/pam/pamsrv.h | 53 |
1 files changed, 14 insertions, 39 deletions
diff --git a/server/responder/pam/pamsrv.h b/server/responder/pam/pamsrv.h index 077b495d4..c751ceed5 100644 --- a/server/responder/pam/pamsrv.h +++ b/server/responder/pam/pamsrv.h @@ -1,59 +1,34 @@ #ifndef __PAMSRV_H__ #define __PAMSRV_H__ - +#include <security/pam_appl.h> #include "util/util.h" #include "sbus/sssd_dbus.h" #include "responder/common/responder.h" #define PAM_DP_TIMEOUT 5000 -#define DEBUG_PAM_DATA(level, pd) do { \ - if (level <= debug_level) pam_print_data(level, pd); \ -} while(0); +struct pam_auth_req; -struct response_data { - int32_t type; - int32_t len; - uint8_t *data; - struct response_data *next; -}; +typedef void (pam_dp_callback_t)(struct pam_auth_req *preq); -struct pam_data { - int cmd; - uint32_t authtok_type; - uint32_t authtok_size; - uint32_t newauthtok_type; - uint32_t newauthtok_size; - char *domain; - char *user; - char *service; - char *tty; - char *ruser; - char *rhost; - uint8_t *authtok; - uint8_t *newauthtok; - - int pam_status; - int response_delay; - struct response_data *resp_list; +struct pam_auth_req { struct cli_ctx *cctx; -}; + struct sss_domain_info *domain; -int pam_add_response(struct pam_data *pd, enum response_type type, - int len, const uint8_t *data); -void pam_print_data(int l, struct pam_data *pd); + struct pam_data *pd; -typedef void (*pam_dp_callback_t)(struct pam_data *pd); + pam_dp_callback_t *callback; +}; struct sbus_method *register_pam_dp_methods(void); struct sss_cmd_table *register_sss_cmds(void); -int pam_dp_send_req(struct cli_ctx *cctx, pam_dp_callback_t callback, - int timeout, struct pam_data *pd); +int pam_dp_send_req(struct pam_auth_req *preq, int timeout); + +int pam_cache_credentials(struct pam_auth_req *preq); +int pam_cache_auth(struct pam_auth_req *preq); + +int LOCAL_pam_handler(struct pam_auth_req *preq); -bool dp_pack_pam_request(DBusMessage *msg, struct pam_data *pd); -bool dp_unpack_pam_request(DBusMessage *msg, struct pam_data *pd, DBusError *dbus_error); -bool dp_pack_pam_response(DBusMessage *msg, struct pam_data *pd); -bool dp_unpack_pam_response(DBusMessage *msg, struct pam_data *pd, DBusError *dbus_error); #endif /* __PAMSRV_H__ */ |