1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
|
#ifndef AUTH_MASTER_H
#define AUTH_MASTER_H
#include "net.h"
enum auth_master_flags {
/* Enable logging debug information */
AUTH_MASTER_FLAG_DEBUG = 0x01,
/* Don't disconnect from auth socket when idling */
AUTH_MASTER_FLAG_NO_IDLE_TIMEOUT = 0x02
};
struct auth_user_info {
const char *service;
const char *session_id;
const char *local_name;
struct ip_addr local_ip, remote_ip, real_local_ip, real_remote_ip;
in_port_t local_port, remote_port, real_local_port, real_remote_port;
const char *forward_fields;
ARRAY_TYPE(const_string) extra_fields;
bool debug;
};
struct auth_user_reply {
uid_t uid;
gid_t gid;
const char *home, *chroot;
ARRAY_TYPE(const_string) extra_fields;
bool anonymous:1;
};
struct auth_master_connection *
auth_master_init(const char *auth_socket_path, enum auth_master_flags flags);
void auth_master_deinit(struct auth_master_connection **conn);
/* Set timeout for lookups. */
void auth_master_set_timeout(struct auth_master_connection *conn,
unsigned int msecs);
/* Returns the auth_socket_path */
const char *auth_master_get_socket_path(struct auth_master_connection *conn);
/* Do a USER lookup. Returns -2 = user-specific error, -1 = internal error,
0 = user not found, 1 = ok. When returning -1 and fields[0] isn't NULL, it
contains an error message that should be shown to user. */
int auth_master_user_lookup(struct auth_master_connection *conn,
const char *user, const struct auth_user_info *info,
pool_t pool, const char **username_r,
const char *const **fields_r);
/* Do a PASS lookup (the actual password isn't returned). */
int auth_master_pass_lookup(struct auth_master_connection *conn,
const char *user, const struct auth_user_info *info,
pool_t pool, const char *const **fields_r);
/* Flush authentication cache for everyone (users=NULL) or only for specified
users. Returns number of users flushed from cache. */
int auth_master_cache_flush(struct auth_master_connection *conn,
const char *const *users, unsigned int *count_r);
/* Parse userdb extra fields into auth_user_reply structure. */
void auth_user_fields_parse(const char *const *fields, pool_t pool,
struct auth_user_reply *reply_r);
/* Iterate through all users. If user_mask is non-NULL, it contains a string
with wildcards ('*', '?') that the auth server MAY use to limit what users
are returned (but it may as well return all users anyway). */
struct auth_master_user_list_ctx *
auth_master_user_list_init(struct auth_master_connection *conn,
const char *user_mask,
const struct auth_user_info *info) ATTR_NULL(3);
const char *auth_master_user_list_next(struct auth_master_user_list_ctx *ctx);
/* Returns -1 if anything failed, 0 if ok */
int auth_master_user_list_deinit(struct auth_master_user_list_ctx **ctx);
/* INTERNAL: */
void auth_user_info_export(string_t *str, const struct auth_user_info *info);
#endif
|
