00001 /* 00002 * PKCS #11 PAM Login Module 00003 * Copyright (C) 2003 Mario Strasser <mast@gmx.net>, 00004 * Mapper module copyright (c) 2005 Juan Antonio Martinez <jonsito@teleline.es> 00005 * 00006 * This library is free software; you can redistribute it and/or 00007 * modify it under the terms of the GNU Lesser General Public 00008 * License as published by the Free Software Foundation; either 00009 * version 2.1 of the License, or (at your option) any later version. 00010 * 00011 * This library is distributed in the hope that it will be useful, 00012 * but WITHOUT ANY WARRANTY; without even the implied warranty of 00013 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 00014 * Lesser General Public License for more details. 00015 * 00016 * $Id$ 00017 */ 00018 00019 /* 00020 * this module manages dynamic load of mapping modules 00021 * also is used as entry point for cert matching routines 00022 */ 00023 00024 #ifndef _MAPPER_MGR_H_ 00025 #define _MAPPER_MGR_H_ 00026 00027 #ifdef HAVE_CONFIG_H 00028 #include <config.h> 00029 #endif 00030 00031 #include <openssl/x509.h> 00032 00033 #include "../scconf/scconf.h" 00034 #include "../mappers/mapper.h" 00035 00036 /* 00037 * mapper module descriptor 00038 */ 00039 struct mapper_instance { 00040 void *module_handler; 00041 const char *module_name; 00042 const char *module_path; 00043 mapper_module *module_data; 00044 }; 00045 00046 /* 00047 * mapper module list 00048 */ 00049 struct mapper_listitem { 00050 struct mapper_instance *module; 00051 struct mapper_listitem *next; 00052 }; 00053 00054 /* 00055 * load and initialize a module 00056 * returns descriptor on success, null on fail 00057 */ 00058 struct mapper_instance *load_module(scconf_context *ctx, const char * name); 00059 00063 void unload_module( struct mapper_instance *module ); 00064 00068 struct mapper_listitem *load_mappers( scconf_context *ctx ); 00069 00073 void unload_mappers(void); 00074 00075 /* 00076 * this function search mapper module list until 00077 * find a module that returns a login name for 00078 * provided certificate 00079 */ 00080 char * find_user(X509 *x509); 00081 00090 int match_user(X509 *x509, const char *login); 00091 00092 /* 00093 * This funcions goest throught the mapper list 00094 * and trying to get the certificate strings to be used on each 00095 * module to perform find/match functions. 00096 * No map / match are done: just print found strings on stdout. 00097 * This function is mostly used in pkcert_view toool 00098 */ 00099 void inspect_certificate(X509 *x509); 00100 00101 #endif