source: trunk/debathena/third/schroot/sbuild/sbuild-auth-pam.h @ 24167

Revision 24167, 3.1 KB checked in by broder, 15 years ago (diff)
Import schroot upstream into subversion.
Line 
1/* Copyright © 2005-2007  Roger Leigh <rleigh@debian.org>
2 *
3 * schroot is free software: you can redistribute it and/or modify it
4 * under the terms of the GNU General Public License as published by
5 * the Free Software Foundation, either version 3 of the License, or
6 * (at your option) any later version.
7 *
8 * schroot is distributed in the hope that it will be useful, but
9 * WITHOUT ANY WARRANTY; without even the implied warranty of
10 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
11 * General Public License for more details.
12 *
13 * You should have received a copy of the GNU General Public License
14 * along with this program.  If not, see
15 * <http://www.gnu.org/licenses/>.
16 *
17 *********************************************************************/
18
19#ifndef SBUILD_AUTH_PAM_H
20#define SBUILD_AUTH_PAM_H
21
22#include <sbuild/sbuild-auth.h>
23#include <sbuild/sbuild-auth-pam-conv.h>
24
25#include <security/pam_appl.h>
26
27namespace sbuild
28{
29
30  /**
31   * Authentication handler.
32   *
33   * auth_pam handles user authentication, authorisation and session
34   * management using the Pluggable Authentication Modules (PAM)
35   * library.  It is essentially an object-oriented wrapper around PAM.
36   */
37  class auth_pam : public auth
38  {
39  private:
40    /**
41     * The constructor.
42     *
43     * @param service_name the PAM service name.  This should be a
44     * hard-coded constant string literal for safety and security.
45     * This is passed to pam_start() when initialising PAM, and is
46     * used to load the correct configuration file from /etc/pam.d.
47     */
48    auth_pam (std::string const& service_name);
49
50  public:
51    /**
52     * The destructor.
53     */
54    virtual ~auth_pam ();
55
56    /**
57     * Create an auth_pam object.
58     *
59     * @param service_name the PAM service name.  This should be a
60     * hard-coded constant string literal for safety and security.
61     * This is passed to pam_start() when initialising PAM, and is
62     * used to load the correct configuration file from /etc/pam.d.
63     */
64    static auth::ptr
65    create (std::string const& service_name);
66
67    virtual environment
68    get_auth_environment () const;
69
70    auth_pam_conv::ptr&
71    get_conv ();
72
73    void
74    set_conv (auth_pam_conv::ptr& conv);
75
76    virtual void
77    start ();
78
79    virtual void
80    stop ();
81
82    virtual void
83    authenticate (status auth_status);
84
85    virtual void
86    setupenv ();
87
88    virtual void
89    account ();
90
91    virtual void
92    cred_establish ();
93
94    virtual void
95    cred_delete ();
96
97    virtual void
98    open_session ();
99
100    virtual void
101    close_session ();
102
103    /**
104     * Check if PAM is initialised (i.e. start has been called).
105     * @returns true if initialised, otherwise false.
106     */
107    virtual bool
108    is_initialised () const;
109
110  private:
111    /**
112     * Get a description of a PAM error.
113     *
114     * @param pam_error the PAM error number.
115     * @returns the description.
116     */
117    const char *
118    pam_strerror (int pam_error);
119
120    /// The PAM handle.
121    pam_handle_t       *pam;
122    /// The PAM conversation handler.
123    auth_pam_conv::ptr  conv;
124  };
125
126}
127
128#endif /* SBUILD_AUTH_PAM_H */
129
130/*
131 * Local Variables:
132 * mode:C++
133 * End:
134 */
Note: See TracBrowser for help on using the repository browser.