+++ /dev/null
-#include "../librpc/gen_ndr/samr.h"
-#include "../libcli/auth/pam_errors.h"
-#include "passdb.h"
-
-#ifndef LINUX
-/* This is only needed by modules in the Sun implementation. */
-#if defined(HAVE_SECURITY_PAM_APPL_H)
-#include <security/pam_appl.h>
-#elif defined(HAVE_PAM_PAM_APPL_H)
-#include <pam/pam_appl.h>
-#endif
-#endif /* LINUX */
-
-#if defined(HAVE_SECURITY_PAM_MODULES_H)
-#include <security/pam_modules.h>
-#elif defined(HAVE_PAM_PAM_MODULES_H)
-#include <pam/pam_modules.h>
-#endif
-
-#ifndef PAM_AUTHTOK_RECOVER_ERR
-#define PAM_AUTHTOK_RECOVER_ERR PAM_AUTHTOK_RECOVERY_ERR
-#endif
-
-#include "replace.h"
-#include "system/filesys.h"
-#include "system/wait.h"
-#include "system/syslog.h"
-
-/*
- * here is the string to inform the user that the new passwords they
- * typed were not the same.
- */
-
-#define MISTYPED_PASS "Sorry, passwords do not match"
-
-/* type definition for the control options */
-
-typedef struct {
- const char *token;
- unsigned int mask; /* shall assume 32 bits of flags */
- unsigned int flag;
-} SMB_Ctrls;
-
-#ifndef False
-#define False (0)
-#endif
-
-#ifndef True
-#define True (1)
-#endif
-
-/* macro to determine if a given flag is on */
-#define on(x,ctrl) (smb_args[x].flag & ctrl)
-
-/* macro to determine that a given flag is NOT on */
-#define off(x,ctrl) (!on(x,ctrl))
-
-/* macro to turn on/off a ctrl flag manually */
-#define set(x,ctrl) (ctrl = ((ctrl)&smb_args[x].mask)|smb_args[x].flag)
-#define unset(x,ctrl) (ctrl &= ~(smb_args[x].flag))
-
-/* the generic mask */
-#define _ALL_ON_ (~0U)
-
-/* end of macro definitions definitions for the control flags */
-
-/*
- * These are the options supported by the smb password module, very
- * similar to the pwdb options
- */
-
-#define SMB__OLD_PASSWD 0 /* internal */
-#define SMB__VERIFY_PASSWD 1 /* internal */
-
-#define SMB_AUDIT 2 /* print more things than debug..
- some information may be sensitive */
-#define SMB_USE_FIRST_PASS 3
-#define SMB_TRY_FIRST_PASS 4
-#define SMB_NOT_SET_PASS 5 /* don't set the AUTHTOK items */
-
-#define SMB__NONULL 6 /* internal */
-#define SMB__QUIET 7 /* internal */
-#define SMB_USE_AUTHTOK 8 /* insist on reading PAM_AUTHTOK */
-#define SMB__NULLOK 9 /* Null token ok */
-#define SMB_DEBUG 10 /* send more info to syslog(3) */
-#define SMB_NODELAY 11 /* admin does not want a fail-delay */
-#define SMB_MIGRATE 12 /* Does no authentication, just
- updates the smb database. */
-#define SMB_CONF_FILE 13 /* Alternate location of smb.conf */
-
-#define SMB_CTRLS_ 14 /* number of ctrl arguments defined */
-
-static const SMB_Ctrls smb_args[SMB_CTRLS_] = {
-/* symbol token name ctrl mask ctrl *
- * ------------------ ------------------ -------------- ---------- */
-
-/* SMB__OLD_PASSWD */ { NULL, _ALL_ON_, 01 },
-/* SMB__VERIFY_PASSWD */ { NULL, _ALL_ON_, 02 },
-/* SMB_AUDIT */ { "audit", _ALL_ON_, 04 },
-/* SMB_USE_FIRST_PASS */ { "use_first_pass", _ALL_ON_^(030), 010 },
-/* SMB_TRY_FIRST_PASS */ { "try_first_pass", _ALL_ON_^(030), 020 },
-/* SMB_NOT_SET_PASS */ { "not_set_pass", _ALL_ON_, 040 },
-/* SMB__NONULL */ { "nonull", _ALL_ON_, 0100 },
-/* SMB__QUIET */ { NULL, _ALL_ON_, 0200 },
-/* SMB_USE_AUTHTOK */ { "use_authtok", _ALL_ON_, 0400 },
-/* SMB__NULLOK */ { "nullok", _ALL_ON_^(0100), 0 },
-/* SMB_DEBUG */ { "debug", _ALL_ON_, 01000 },
-/* SMB_NODELAY */ { "nodelay", _ALL_ON_, 02000 },
-/* SMB_MIGRATE */ { "migrate", _ALL_ON_^(0100), 04000 },
-/* SMB_CONF_FILE */ { "smbconf=", _ALL_ON_, 0 },
-};
-
-#define SMB_DEFAULTS (smb_args[SMB__NONULL].flag)
-
-/*
- * the following is used to keep track of the number of times a user fails
- * to authenticate themself.
- */
-
-#define SMB_MAX_RETRIES 3
-
-struct _pam_failed_auth {
- char *user; /* user that's failed to be authenticated */
- uid_t id; /* uid of requested user */
- char *agent; /* attempt from user with name */
- int count; /* number of failures so far */
-};
-
-/*
- * General use functions go here
- */
-
-/* from support.c */
-int make_remark(pam_handle_t *, unsigned int, int, const char *);
git.samba.org / samba.git / blobdiff