From owner-p4-projects Mon Apr 8 4:42:26 2002 Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 72AA837B417; Mon, 8 Apr 2002 04:42:14 -0700 (PDT) Delivered-To: perforce@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id A0C0A37B416 for ; Mon, 8 Apr 2002 04:42:13 -0700 (PDT) Received: (from perforce@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g38BgDV83445 for perforce@freebsd.org; Mon, 8 Apr 2002 04:42:13 -0700 (PDT) (envelope-from des@freebsd.org) Date: Mon, 8 Apr 2002 04:42:13 -0700 (PDT) Message-Id: <200204081142.g38BgDV83445@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: perforce set sender to des@freebsd.org using -f From: Dag-Erling Smorgrav Subject: PERFORCE change 9371 for review To: Perforce Change Reviews Sender: owner-p4-projects@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG http://people.freebsd.org/~peter/p4db/chv.cgi?CH=9371 Change 9371 by des@des.at.des.thinksec.com on 2002/04/08 04:42:13 Add openpam_{borrow,restore}_cred() (for temporarily switching to user credentials) and openpam_free_data() (generic cleanup function for pam_set_data() consumers) Sponsored by: DARPA, NAI Labs Affected files ... ... //depot/projects/openpam/doc/man/Makefile#6 edit ... //depot/projects/openpam/include/security/openpam.h#15 edit ... //depot/projects/openpam/lib/Makefile#13 edit ... //depot/projects/openpam/lib/openpam_borrow_cred.c#1 add ... //depot/projects/openpam/lib/openpam_free_data.c#1 add ... //depot/projects/openpam/lib/openpam_impl.h#12 edit ... //depot/projects/openpam/lib/openpam_restore_cred.c#1 add Differences ... ==== //depot/projects/openpam/doc/man/Makefile#6 (text+ko) ==== @@ -31,12 +31,15 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $P4: //depot/projects/openpam/doc/man/Makefile#5 $ +# $P4: //depot/projects/openpam/doc/man/Makefile#6 $ # MAN = +MAN += openpam_borrow_cred.3 +MAN += openpam_free_data.3 MAN += openpam_get_option.3 MAN += openpam_log.3 +MAN += openpam_restore_cred.3 MAN += openpam_set_option.3 MAN += openpam_ttyconv.3 MAN += pam.3 ==== //depot/projects/openpam/include/security/openpam.h#15 (text+ko) ==== @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/include/security/openpam.h#14 $ + * $P4: //depot/projects/openpam/include/security/openpam.h#15 $ */ #ifndef _SECURITY_OPENPAM_H_INCLUDED @@ -46,14 +46,28 @@ extern "C" { #endif +struct passwd; + /* * API extensions */ +int +openpam_borrow_cred(pam_handle_t *_pamh, + const struct passwd *_pwd); + +void +openpam_free_data(pam_handle_t *_pamh, + void *_data, + int _status); + const char * openpam_get_option(pam_handle_t *_pamh, const char *_option); int +openpam_restore_cred(pam_handle_t *_pamh); + +int openpam_set_option(pam_handle_t *_pamh, const char *_option, const char *_value); ==== //depot/projects/openpam/lib/Makefile#13 (text+ko) ==== @@ -31,7 +31,7 @@ # OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF # SUCH DAMAGE. # -# $P4: //depot/projects/openpam/lib/Makefile#12 $ +# $P4: //depot/projects/openpam/lib/Makefile#13 $ # LIB = pam @@ -44,12 +44,15 @@ CFLAGS += -DLIB_MAJ=${SHLIB_MAJOR} SRCS = +SRCS += openpam_borrow_cred.c SRCS += openpam_dispatch.c SRCS += openpam_dynamic.c SRCS += openpam_findenv.c +SRCS += openpam_free_data.c SRCS += openpam_get_option.c SRCS += openpam_load.c SRCS += openpam_log.c +SRCS += openpam_restore_cred.c SRCS += openpam_set_option.c SRCS += openpam_static.c SRCS += openpam_ttyconv.c ==== //depot/projects/openpam/lib/openpam_impl.h#12 (text+ko) ==== @@ -31,7 +31,7 @@ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF * SUCH DAMAGE. * - * $P4: //depot/projects/openpam/lib/openpam_impl.h#11 $ + * $P4: //depot/projects/openpam/lib/openpam_impl.h#12 $ */ #ifndef _OPENPAM_IMPL_H_INCLUDED @@ -93,6 +93,16 @@ int env_size; }; +#ifdef NGROUPS_MAX +#define PAM_SAVED_CRED "pam_saved_cred" +struct pam_saved_cred { + uid_t euid; + gid_t egid; + gid_t groups[NGROUPS_MAX]; + int ngroups; +}; +#endif + #define PAM_OTHER "other" int openpam_dispatch(pam_handle_t *, int, int); To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message