Back to home page

EIC code displayed by LXR
 
 

    

File indexing completed on 2025-02-21 10:04:40 

0001 /* -*- mode: c; c-basic-offset: 4; indent-tabs-mode: nil -*- */
0002 /*
0003  * Copyright (C) 2010 by the Massachusetts Institute of Technology.
0004  * All rights reserved.
0005  *
0006  * Export of this software from the United States of America may
0007  *   require a specific license from the United States Government.
0008  *   It is the responsibility of any person or organization contemplating
0009  *   export to obtain such a license before exporting.
0010  *
0011  * WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
0012  * distribute this software and its documentation for any purpose and
0013  * without fee is hereby granted, provided that the above copyright
0014  * notice appear in all copies and that both that copyright notice and
0015  * this permission notice appear in supporting documentation, and that
0016  * the name of M.I.T. not be used in advertising or publicity pertaining
0017  * to distribution of the software without specific, written prior
0018  * permission.  Furthermore if you modify this software you must label
0019  * your software as modified software and not distribute it in such a
0020  * fashion that it might be confused with the original M.I.T. software.
0021  * M.I.T. makes no representations about the suitability of
0022  * this software for any purpose.  It is provided "as is" without express
0023  * or implied warranty.
0024  */
0025 
0026 /*
0027  * Declarations for password quality plugin module implementors.
0028  *
0029  * The password quality pluggable interface currently has only one supported
0030  * major version, which is 1.  Major version 1 has a current minor version
0031  * number of 1.
0032  *
0033  * Password quality plugin modules should define a function named
0034  * pwqual_<modulename>_initvt, matching the signature:
0035  *
0036  *   krb5_error_code
0037  *   pwqual_modname_initvt(krb5_context context, int maj_ver, int min_ver,
0038  *                         krb5_plugin_vtable vtable);
0039  *
0040  * The initvt function should:
0041  *
0042  * - Check that the supplied maj_ver number is supported by the module, or
0043  *   return KRB5_PLUGIN_VER_NOTSUPP if it is not.
0044  *
0045  * - Cast the vtable pointer as appropriate for maj_ver:
0046  *     maj_ver == 1: Cast to krb5_pwqual_vtable
0047  *
0048  * - Initialize the methods of the vtable, stopping as appropriate for the
0049  *   supplied min_ver.  Optional methods may be left uninitialized.
0050  *
0051  * Memory for the vtable is allocated by the caller, not by the module.
0052  */
0053 
0054 #ifndef KRB5_PWQUAL_PLUGIN_H
0055 #define KRB5_PWQUAL_PLUGIN_H
0056 
0057 #include <krb5/krb5.h>
0058 #include <krb5/plugin.h>
0059 #include <kadm5/admin.h>
0060 
0061 /* An abstract type for password quality module data. */
0062 typedef struct krb5_pwqual_moddata_st *krb5_pwqual_moddata;
0063 
0064 /*** Method type declarations ***/
0065 
0066 /* Optional: Initialize module data.  dictfile is the realm's configured
0067  * dictionary filename. */
0068 typedef krb5_error_code
0069 (*krb5_pwqual_open_fn)(krb5_context context, const char *dict_file,
0070                        krb5_pwqual_moddata *data);
0071 
0072 /*
0073  * Mandatory: Check a password for the principal princ, which has an associated
0074  * password policy named policy_name (or no associated policy if policy_name is
0075  * NULL).  The parameter languages, if not NULL, contains a null-terminated
0076  * list of client-specified language tags as defined in RFC 5646.  The method
0077  * should return one of the following errors if the password fails quality
0078  * standards:
0079  *
0080  * - KADM5_PASS_Q_TOOSHORT: password should be longer
0081  * - KADM5_PASS_Q_CLASS:    password must have more character classes
0082  * - KADM5_PASS_Q_DICT:     password contains dictionary words
0083  * - KADM5_PASS_Q_GENERIC:  unspecified quality failure
0084  *
0085  * The module should also set an extended error message with
0086  * krb5_set_error_message().  The message may be localized according to one of
0087  * the language tags in languages.
0088  */
0089 typedef krb5_error_code
0090 (*krb5_pwqual_check_fn)(krb5_context context, krb5_pwqual_moddata data,
0091                         const char *password, const char *policy_name,
0092                         krb5_principal princ, const char **languages);
0093 
0094 /* Optional: Release resources used by module data. */
0095 typedef void
0096 (*krb5_pwqual_close_fn)(krb5_context context, krb5_pwqual_moddata data);
0097 
0098 /*** vtable declarations **/
0099 
0100 /* Password quality plugin vtable for major version 1. */
0101 typedef struct krb5_pwqual_vtable_st {
0102     const char *name;           /* Mandatory: name of module. */
0103     krb5_pwqual_open_fn open;
0104     krb5_pwqual_check_fn check;
0105     krb5_pwqual_close_fn close;
0106     /* Minor version 1 ends here. */
0107 } *krb5_pwqual_vtable;
0108 
0109 #endif /* KRB5_PWQUAL_PLUGIN_H */
Source navigation ] Diff markup ] Identifier search ] general search ]

This page was automatically generated by the 2.3.7 LXR engine.

The LXR team
Valid CSS 2.1! Valid HTML 4.01!