Clean up the sudoers auth API a bit and update the docs.

plugins/sudoers/auth/sudo_auth.h

@@ -24,8 +24,8 @@
 #define AUTH_FATAL	3
 
 typedef struct sudo_auth {
-    short flags;		/* various flags, see below */
-    short status;		/* status from verify routine */
+    int flags;			/* various flags, see below */
+    int status;			/* status from verify routine */
     char *name;			/* name of the method as a string */
     void *data;			/* method-specific data pointer */
     int (*init)(struct passwd *pw, char **prompt, struct sudo_auth *auth);
@@ -37,14 +37,15 @@ typedef struct sudo_auth {
 } sudo_auth;
 
 /* Values for sudo_auth.flags.  */
-/* XXX - these names are too long for my liking */
 #define FLAG_USER	0x01	/* functions must run as the user, not root */
-#define FLAG_CONFIGURED	0x02	/* method configured ok */
-#define FLAG_ONEANDONLY	0x04	/* one and only auth method */
+#define FLAG_DISABLED	0x02	/* method disabled */
+#define FLAG_STANDALONE	0x04	/* standalone auth method */
+#define FLAG_ONEANDONLY	0x08	/* one and only auth method */
 
 /* Shortcuts for using the flags above. */
 #define NEEDS_USER(x)		((x)->flags & FLAG_USER)
-#define IS_CONFIGURED(x)	((x)->flags & FLAG_CONFIGURED)
+#define IS_DISABLED(x)		((x)->flags & FLAG_DISABLED)
+#define IS_STANDALONE(x)	((x)->flags & FLAG_STANDALONE)
 #define IS_ONEANDONLY(x)	((x)->flags & FLAG_ONEANDONLY)
 
 /* Like tgetpass() but uses conversation function */
@@ -89,35 +90,8 @@ int securid_init(struct passwd *pw, char **prompt, sudo_auth *auth);
 int securid_setup(struct passwd *pw, char **prompt, sudo_auth *auth);
 int securid_verify(struct passwd *pw, char *pass, sudo_auth *auth);
 
-/* Fields: need_root, name, init, setup, verify, cleanup */
-#define AUTH_ENTRY(r, n, i, s, v, c, b, e) \
-	{ (r|FLAG_CONFIGURED), AUTH_FAILURE, n, NULL, i, s, v, c , b, e },
-
-/* Some methods cannot (or should not) interoperate with any others */
-#if defined(HAVE_PAM)
-#  define AUTH_STANDALONE \
-	AUTH_ENTRY(0, "pam", \
-	    pam_init, NULL, pam_verify, pam_cleanup, pam_begin_session, pam_end_session)
-#elif defined(HAVE_SECURID)
-#  define AUTH_STANDALONE \
-	AUTH_ENTRY(0, "SecurId", \
-	    securid_init, securid_setup, securid_verify, NULL, NULL, NULL)
-#elif defined(HAVE_SIA_SES_INIT)
-#  define AUTH_STANDALONE \
-	AUTH_ENTRY(0, "sia", \
-	    NULL, sia_setup, sia_verify, sia_cleanup, NULL, NULL)
-#elif defined(HAVE_AIXAUTH)
-#  define AUTH_STANDALONE \
-	AUTH_ENTRY(0, "aixauth", \
-	    NULL, NULL, aixauth_verify, aixauth_cleanup, NULL, NULL)
-#elif defined(HAVE_FWTK)
-#  define AUTH_STANDALONE \
-	AUTH_ENTRY(0, "fwtk", \
-	    fwtk_init, NULL, fwtk_verify, fwtk_cleanup, NULL, NULL)
-#elif defined(HAVE_BSD_AUTH_H)
-#  define AUTH_STANDALONE \
-	AUTH_ENTRY(0, "bsdauth", \
-	    bsdauth_init, NULL, bsdauth_verify, bsdauth_cleanup, NULL, NULL)
-#endif
+/* Fields: name, flags, init, setup, verify, cleanup, begin_sess, end_sess */
+#define AUTH_ENTRY(n, f, i, s, v, c, b, e) \
+	{ (f), AUTH_FAILURE, (n), NULL, (i), (s), (v), (c) , (b), (e) },
 
 #endif /* SUDO_AUTH_H */