diff options
Diffstat (limited to 'src/auth/auth-settings.h')
| -rw-r--r-- | src/auth/auth-settings.h | 110 |
1 files changed, 110 insertions, 0 deletions
diff --git a/src/auth/auth-settings.h b/src/auth/auth-settings.h new file mode 100644 index 0000000..10ac379 --- /dev/null +++ b/src/auth/auth-settings.h @@ -0,0 +1,110 @@ +#ifndef AUTH_SETTINGS_H +#define AUTH_SETTINGS_H + +struct master_service; +struct master_service_settings_output; + +struct auth_passdb_settings { + const char *name; + const char *driver; + const char *args; + const char *default_fields; + const char *override_fields; + const char *mechanisms; + const char *username_filter; + + const char *skip; + const char *result_success; + const char *result_failure; + const char *result_internalfail; + bool deny; + bool pass; /* deprecated, use result_success=continue instead */ + bool master; + const char *auth_verbose; +}; + +struct auth_userdb_settings { + const char *name; + const char *driver; + const char *args; + const char *default_fields; + const char *override_fields; + + const char *skip; + const char *result_success; + const char *result_failure; + const char *result_internalfail; + const char *auth_verbose; +}; + +struct auth_settings { + const char *mechanisms; + const char *realms; + const char *default_realm; + uoff_t cache_size; + unsigned int cache_ttl; + unsigned int cache_negative_ttl; + bool cache_verify_password_with_worker; + const char *username_chars; + const char *username_translation; + const char *username_format; + const char *master_user_separator; + const char *anonymous_username; + const char *krb5_keytab; + const char *gssapi_hostname; + const char *winbind_helper_path; + const char *proxy_self; + unsigned int failure_delay; + + const char *policy_server_url; + const char *policy_server_api_header; + unsigned int policy_server_timeout_msecs; + const char *policy_hash_mech; + const char *policy_hash_nonce; + const char *policy_request_attributes; + bool policy_reject_on_fail; + bool policy_check_before_auth; + bool policy_check_after_auth; + bool policy_report_after_auth; + bool policy_log_only; + unsigned int policy_hash_truncate; + + bool stats; + bool verbose, debug, debug_passwords; + const char *verbose_passwords; + bool ssl_require_client_cert; + bool ssl_username_from_cert; + bool use_winbind; + + unsigned int worker_max_count; + + /* settings that don't have auth_ prefix: */ + ARRAY(struct auth_passdb_settings *) passdbs; + ARRAY(struct auth_userdb_settings *) userdbs; + + const char *base_dir; + const char *ssl_client_ca_dir; + const char *ssl_client_ca_file; + + bool verbose_proctitle; + unsigned int first_valid_uid; + unsigned int last_valid_uid; + unsigned int first_valid_gid; + unsigned int last_valid_gid; + + /* generated: */ + char username_chars_map[256]; + char username_translation_map[256]; + const char *const *realms_arr; + const struct ip_addr *proxy_self_ips; +}; + +extern const struct setting_parser_info auth_setting_parser_info; +extern struct auth_settings *global_auth_settings; + +struct auth_settings * +auth_settings_read(const char *service, pool_t pool, + struct master_service_settings_output *output_r) + ATTR_NULL(1); + +#endif |