1 | /* Copyright © 2005-2007 Roger Leigh <rleigh@debian.org> |
---|
2 | * |
---|
3 | * schroot is free software: you can redistribute it and/or modify it |
---|
4 | * under the terms of the GNU General Public License as published by |
---|
5 | * the Free Software Foundation, either version 3 of the License, or |
---|
6 | * (at your option) any later version. |
---|
7 | * |
---|
8 | * schroot is distributed in the hope that it will be useful, but |
---|
9 | * WITHOUT ANY WARRANTY; without even the implied warranty of |
---|
10 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU |
---|
11 | * General Public License for more details. |
---|
12 | * |
---|
13 | * You should have received a copy of the GNU General Public License |
---|
14 | * along with this program. If not, see |
---|
15 | * <http://www.gnu.org/licenses/>. |
---|
16 | * |
---|
17 | *********************************************************************/ |
---|
18 | |
---|
19 | #ifndef SBUILD_AUTH_PAM_CONV_H |
---|
20 | #define SBUILD_AUTH_PAM_CONV_H |
---|
21 | |
---|
22 | #include <sbuild/sbuild-auth-pam-message.h> |
---|
23 | #include <sbuild/sbuild-error.h> |
---|
24 | #include <sbuild/sbuild-tr1types.h> |
---|
25 | |
---|
26 | #include <vector> |
---|
27 | |
---|
28 | #include <security/pam_appl.h> |
---|
29 | |
---|
30 | namespace sbuild |
---|
31 | { |
---|
32 | |
---|
33 | class auth_pam; |
---|
34 | |
---|
35 | /** |
---|
36 | * Authentication conversation handler interface. |
---|
37 | * |
---|
38 | * This interface should be implemented by objects which handle |
---|
39 | * interaction with the user during authentication. |
---|
40 | * |
---|
41 | * This is a wrapper around the struct pam_conv PAM conversation |
---|
42 | * interface, and is used by auth when interacting with the user |
---|
43 | * during authentication. |
---|
44 | * |
---|
45 | * A simple implementation is provided in the form of |
---|
46 | * auth_pam_conv_tty. However, more complex implementations might |
---|
47 | * hook into the event loop of a GUI widget system, for example. |
---|
48 | * |
---|
49 | * The interface allows the setting of optional warning timeout and |
---|
50 | * fatal timeout values, which should default to 0 (not enabled). |
---|
51 | * This is an absolute time after which a warning is displayed or |
---|
52 | * the conversation ends with an error. |
---|
53 | * |
---|
54 | * Note that the auth object must be specified, and must never be |
---|
55 | * void while the conversation is in progress. |
---|
56 | */ |
---|
57 | class auth_pam_conv |
---|
58 | { |
---|
59 | public: |
---|
60 | /// A list of messages. |
---|
61 | typedef std::vector<auth_pam_message> message_list; |
---|
62 | typedef std::tr1::shared_ptr<auth_pam> auth_ptr; |
---|
63 | typedef std::tr1::weak_ptr<auth_pam> weak_auth_ptr; |
---|
64 | |
---|
65 | /// A shared_ptr to an auth_pam_conv object. |
---|
66 | typedef std::tr1::shared_ptr<auth_pam_conv> ptr; |
---|
67 | |
---|
68 | protected: |
---|
69 | /// The constructor. |
---|
70 | auth_pam_conv (); |
---|
71 | |
---|
72 | public: |
---|
73 | /// The destructor. |
---|
74 | virtual ~auth_pam_conv (); |
---|
75 | |
---|
76 | /** |
---|
77 | * Get the auth object. |
---|
78 | * |
---|
79 | * @returns the auth object. |
---|
80 | */ |
---|
81 | virtual auth_ptr |
---|
82 | get_auth () = 0; |
---|
83 | |
---|
84 | /** |
---|
85 | * Set the auth object. |
---|
86 | * |
---|
87 | * @param auth the auth object. |
---|
88 | */ |
---|
89 | virtual void |
---|
90 | set_auth (auth_ptr auth) = 0; |
---|
91 | |
---|
92 | /** |
---|
93 | * Get the time at which the user will be warned. |
---|
94 | * |
---|
95 | * @returns the time. |
---|
96 | */ |
---|
97 | virtual time_t |
---|
98 | get_warning_timeout () = 0; |
---|
99 | |
---|
100 | /** |
---|
101 | * Set the time at which the user will be warned. |
---|
102 | * |
---|
103 | * @param timeout the time to set. |
---|
104 | */ |
---|
105 | virtual void |
---|
106 | set_warning_timeout (time_t timeout) = 0; |
---|
107 | |
---|
108 | /** |
---|
109 | * Get the time at which the conversation will be terminated with |
---|
110 | * an error. |
---|
111 | * |
---|
112 | * @returns the time. |
---|
113 | */ |
---|
114 | virtual time_t |
---|
115 | get_fatal_timeout () = 0; |
---|
116 | |
---|
117 | /** |
---|
118 | * Set the time at which the conversation will be terminated with |
---|
119 | * an error. |
---|
120 | * |
---|
121 | * @param timeout the time to set. |
---|
122 | */ |
---|
123 | virtual void |
---|
124 | set_fatal_timeout (time_t timeout) = 0; |
---|
125 | |
---|
126 | /** |
---|
127 | * Hold a conversation with the user. |
---|
128 | * |
---|
129 | * Each of the messages detailed in messages should be displayed |
---|
130 | * to the user, asking for input where required. The type of |
---|
131 | * message is indicated in the auth_pam_message::type field of the |
---|
132 | * auth_pam_message. The auth_pam_message::response field of the |
---|
133 | * auth_pam_message should be filled in if input is required. |
---|
134 | * |
---|
135 | * On error, an exception will be thrown. |
---|
136 | * |
---|
137 | * @param messages the messages to display to the user, and |
---|
138 | * responses to return to the caller. |
---|
139 | */ |
---|
140 | virtual void |
---|
141 | conversation (message_list& messages) = 0; |
---|
142 | }; |
---|
143 | |
---|
144 | } |
---|
145 | |
---|
146 | #endif /* SBUILD_AUTH_PAM_CONV_H */ |
---|
147 | |
---|
148 | /* |
---|
149 | * Local Variables: |
---|
150 | * mode:C++ |
---|
151 | * End: |
---|
152 | */ |
---|