lighttpd1.4/src/mod_authn_pam.c

/*
 * mod_authn_pam - PAM backend for lighttpd HTTP auth
 *
 * Copyright(c) 2018 Glenn Strauss gstrauss()gluelogic.com  All rights reserved
 * License: BSD 3-clause (same as lighttpd)
 */
#include "first.h"

/* mod_authn_pam
 * 
 * FUTURE POTENTIAL PERFORMANCE ENHANCEMENTS:
 * - database response is not cached
 *   TODO: db response caching (for limited time) to reduce load on db
 *     (only cache successful logins to prevent cache bloat?)
 *     (or limit number of entries (size) of cache)
 *     (maybe have negative cache (limited size) of names not found in database)
 * - database query is synchronous and blocks waiting for response
 */

#include <security/pam_appl.h>

#include "base.h"
#include "http_auth.h"
#include "log.h"
#include "plugin.h"

#include <stdlib.h>
#include <string.h>

typedef struct {
    const char *service;
} plugin_config;

typedef struct {
    PLUGIN_DATA;
    plugin_config defaults;
    plugin_config conf;
} plugin_data;

static handler_t mod_authn_pam_basic(request_st *r, void *p_d, const http_auth_require_t *require, const buffer *username, const char *pw);

INIT_FUNC(mod_authn_pam_init) {
    static http_auth_backend_t http_auth_backend_pam =
      { "pam", mod_authn_pam_basic, NULL, NULL };
    plugin_data *p = calloc(1, sizeof(*p));

    /* register http_auth_backend_pam */
    http_auth_backend_pam.p_d = p;
    http_auth_backend_set(&http_auth_backend_pam);

    return p;
}

static void mod_authn_pam_merge_config_cpv(plugin_config * const pconf, const config_plugin_value_t * const cpv) {
    switch (cpv->k_id) { /* index into static config_plugin_keys_t cpk[] */
      case 0: /* auth.backend.pam.opts */
        if (cpv->vtype == T_CONFIG_LOCAL)
            pconf->service = cpv->v.v;
        break;
      default:/* should not happen */
        return;
    }
}

static void mod_authn_pam_merge_config(plugin_config * const pconf, const config_plugin_value_t *cpv) {
    do {
        mod_authn_pam_merge_config_cpv(pconf, cpv);
    } while ((++cpv)->k_id != -1);
}

static void mod_authn_pam_patch_config(request_st * const r, plugin_data * const p) {
    p->conf = p->defaults; /* copy small struct instead of memcpy() */
    /*memcpy(&p->conf, &p->defaults, sizeof(plugin_config));*/
    for (int i = 1, used = p->nconfig; i < used; ++i) {
        if (config_check_cond(r, (uint32_t)p->cvlist[i].k_id))
            mod_authn_pam_merge_config(&p->conf,
                                        p->cvlist + p->cvlist[i].v.u2[0]);
    }
}

SETDEFAULTS_FUNC(mod_authn_pam_set_defaults) {
    static const config_plugin_keys_t cpk[] = {
      { CONST_STR_LEN("auth.backend.pam.opts"),
        T_CONFIG_ARRAY_KVSTRING,
        T_CONFIG_SCOPE_CONNECTION }
     ,{ NULL, 0,
        T_CONFIG_UNSET,
        T_CONFIG_SCOPE_UNSET }
    };

    plugin_data * const p = p_d;
    if (!config_plugin_values_init(srv, p, cpk, "mod_authn_pam"))
        return HANDLER_ERROR;

    /* process and validate config directives
     * (init i to 0 if global context; to 1 to skip empty global context) */
    for (int i = !p->cvlist[0].v.u2[1]; i < p->nconfig; ++i) {
        config_plugin_value_t *cpv = p->cvlist + p->cvlist[i].v.u2[0];
        for (; -1 != cpv->k_id; ++cpv) {
            switch (cpv->k_id) {
              case 0: /* auth.backend.pam.opts */
                if (cpv->v.a->used) {
                    const data_string *ds = (const data_string *)
                      array_get_element_klen(cpv->v.a,CONST_STR_LEN("service"));
                    cpv->v.v = (NULL != ds) ? ds->value.ptr : "http";
                    cpv->vtype = T_CONFIG_LOCAL;
                }
                break;
              default:/* should not happen */
                break;
            }
        }
    }

    p->defaults.service = "http";

    /* initialize p->defaults from global config context */
    if (p->nconfig > 0 && p->cvlist->v.u2[1]) {
        const config_plugin_value_t *cpv = p->cvlist + p->cvlist->v.u2[0];
        if (-1 != cpv->k_id)
            mod_authn_pam_merge_config(&p->defaults, cpv);
    }

    return HANDLER_GO_ON;
}

static int mod_authn_pam_fn_conv(int num_msg, const struct pam_message **msg, struct pam_response **resp, void *appdata_ptr)  {
    const char * const pw = (char *)appdata_ptr;
    struct pam_response * const pr = *resp =
      (struct pam_response *)malloc(num_msg * sizeof(struct pam_response));
    for (int i = 0; i < num_msg; ++i) {
        const int style = msg[i]->msg_style;
        pr[i].resp_retcode = 0;
        pr[i].resp = (style==PAM_PROMPT_ECHO_OFF || style==PAM_PROMPT_ECHO_ON)
          ? strdup(pw)
          : NULL;
    }
    return PAM_SUCCESS;
}

static handler_t mod_authn_pam_query(request_st * const r, void *p_d, const buffer * const username, const char * const realm, const char * const pw) {
    plugin_data *p = (plugin_data *)p_d;
    pam_handle_t *pamh = NULL;
    struct pam_conv conv = { mod_authn_pam_fn_conv, NULL };
    const int flags = PAM_SILENT | PAM_DISALLOW_NULL_AUTHTOK;
    int rc;
    UNUSED(realm);
    *(const char **)&conv.appdata_ptr = pw; /*(cast away const)*/

    mod_authn_pam_patch_config(r, p);

    const char * const addrstr = r->con->dst_addr_buf->ptr;
    rc = pam_start(p->conf.service, username->ptr, &conv, &pamh);
    if (PAM_SUCCESS != rc
     || PAM_SUCCESS !=(rc = pam_set_item(pamh, PAM_RHOST, addrstr))
     || PAM_SUCCESS !=(rc = pam_authenticate(pamh, flags))
     || PAM_SUCCESS !=(rc = pam_acct_mgmt(pamh, flags)))
        log_error(r->conf.errh, __FILE__, __LINE__,
          "pam: %s", pam_strerror(pamh, rc));
    pam_end(pamh, rc);
    return (PAM_SUCCESS == rc) ? HANDLER_GO_ON : HANDLER_ERROR;
}

static handler_t mod_authn_pam_basic(request_st * const r, void *p_d, const http_auth_require_t * const require, const buffer * const username, const char * const pw) {
    char *realm = require->realm->ptr;
    handler_t rc = mod_authn_pam_query(r, p_d, username, realm, pw);
    if (HANDLER_GO_ON != rc) return rc;
    return http_auth_match_rules(require, username->ptr, NULL, NULL)
      ? HANDLER_GO_ON  /* access granted */
      : HANDLER_ERROR;
}

int mod_authn_pam_plugin_init(plugin *p);
int mod_authn_pam_plugin_init(plugin *p) {
    p->version     = LIGHTTPD_VERSION_ID;
    p->name        = "authn_pam";
    p->init        = mod_authn_pam_init;
    p->set_defaults= mod_authn_pam_set_defaults;

    return 0;
}
[multiple] add summaries to top of some modules 2020-05-20 05:06:13 +00:00			`/*`
			`* mod_authn_pam - PAM backend for lighttpd HTTP auth`
			`*`
			`* Copyright(c) 2018 Glenn Strauss gstrauss()gluelogic.com All rights reserved`
			`* License: BSD 3-clause (same as lighttpd)`
			`*/`
[mod_authn_pam] mod_auth PAM support (fixes #688) x-ref: "auth via pam" https://redmine.lighttpd.net/issues/688 2018-09-18 05:51:45 +00:00			`#include "first.h"`

			`/* mod_authn_pam`
			`*`
			`* FUTURE POTENTIAL PERFORMANCE ENHANCEMENTS:`
			`* - database response is not cached`
			`* TODO: db response caching (for limited time) to reduce load on db`
			`* (only cache successful logins to prevent cache bloat?)`
			`* (or limit number of entries (size) of cache)`
			`* (maybe have negative cache (limited size) of names not found in database)`
			`* - database query is synchronous and blocks waiting for response`
			`*/`

			`#include <security/pam_appl.h>`

			`#include "base.h"`
			`#include "http_auth.h"`
			`#include "log.h"`
			`#include "plugin.h"`

			`#include <stdlib.h>`
			`#include <string.h>`

			`typedef struct {`
			`const char *service;`
			`} plugin_config;`

			`typedef struct {`
			`PLUGIN_DATA;`
[mod_auth*] use config_plugin_values_init() 2019-11-07 00:37:11 +00:00			`plugin_config defaults;`
[mod_authn_pam] mod_auth PAM support (fixes #688) x-ref: "auth via pam" https://redmine.lighttpd.net/issues/688 2018-09-18 05:51:45 +00:00			`plugin_config conf;`
			`} plugin_data;`

[multiple] split con, request (very large change) NB: r->tmp_buf == srv->tmp_buf (pointer is copied for quicker access) NB: request read and write chunkqueues currently point to connection chunkqueues; per-request and per-connection chunkqueues are not distinct from one another con->read_queue == r->read_queue con->write_queue == r->write_queue NB: in the future, a separate connection config may be needed for connection-level module hooks. Similarly, might need to have per-request chunkqueues separate from per-connection chunkqueues. Should probably also have a request_reset() which is distinct from connection_reset(). 2020-01-13 02:51:12 +00:00			`static handler_t mod_authn_pam_basic(request_st r, void p_d, const http_auth_require_t require, const buffer username, const char *pw);`
[mod_authn_pam] mod_auth PAM support (fixes #688) x-ref: "auth via pam" https://redmine.lighttpd.net/issues/688 2018-09-18 05:51:45 +00:00
			`INIT_FUNC(mod_authn_pam_init) {`
			`static http_auth_backend_t http_auth_backend_pam =`
			`{ "pam", mod_authn_pam_basic, NULL, NULL };`
			`plugin_data p = calloc(1, sizeof(p));`

			`/* register http_auth_backend_pam */`
			`http_auth_backend_pam.p_d = p;`
			`http_auth_backend_set(&http_auth_backend_pam);`

			`return p;`
			`}`

[mod_auth*] use config_plugin_values_init() 2019-11-07 00:37:11 +00:00			`static void mod_authn_pam_merge_config_cpv(plugin_config * const pconf, const config_plugin_value_t * const cpv) {`
			`switch (cpv->k_id) { /* index into static config_plugin_keys_t cpk[] */`
			`case 0: /* auth.backend.pam.opts */`
			`if (cpv->vtype == T_CONFIG_LOCAL)`
			`pconf->service = cpv->v.v;`
			`break;`
			`default:/* should not happen */`
			`return;`
[mod_authn_pam] mod_auth PAM support (fixes #688) x-ref: "auth via pam" https://redmine.lighttpd.net/issues/688 2018-09-18 05:51:45 +00:00			`}`
			`}`

[mod_auth*] use config_plugin_values_init() 2019-11-07 00:37:11 +00:00			`static void mod_authn_pam_merge_config(plugin_config * const pconf, const config_plugin_value_t *cpv) {`
			`do {`
			`mod_authn_pam_merge_config_cpv(pconf, cpv);`
			`} while ((++cpv)->k_id != -1);`
			`}`
[mod_authn_pam] mod_auth PAM support (fixes #688) x-ref: "auth via pam" https://redmine.lighttpd.net/issues/688 2018-09-18 05:51:45 +00:00
[multiple] split con, request (very large change) NB: r->tmp_buf == srv->tmp_buf (pointer is copied for quicker access) NB: request read and write chunkqueues currently point to connection chunkqueues; per-request and per-connection chunkqueues are not distinct from one another con->read_queue == r->read_queue con->write_queue == r->write_queue NB: in the future, a separate connection config may be needed for connection-level module hooks. Similarly, might need to have per-request chunkqueues separate from per-connection chunkqueues. Should probably also have a request_reset() which is distinct from connection_reset(). 2020-01-13 02:51:12 +00:00			`static void mod_authn_pam_patch_config(request_st * const r, plugin_data * const p) {`
[multiple] copy small struct instead of memcpy() when patching config 2020-01-11 16:07:43 +00:00			`p->conf = p->defaults; /* copy small struct instead of memcpy() */`
			`/memcpy(&p->conf, &p->defaults, sizeof(plugin_config));/`
[mod_auth*] use config_plugin_values_init() 2019-11-07 00:37:11 +00:00			`for (int i = 1, used = p->nconfig; i < used; ++i) {`
[multiple] split con, request (very large change) NB: r->tmp_buf == srv->tmp_buf (pointer is copied for quicker access) NB: request read and write chunkqueues currently point to connection chunkqueues; per-request and per-connection chunkqueues are not distinct from one another con->read_queue == r->read_queue con->write_queue == r->write_queue NB: in the future, a separate connection config may be needed for connection-level module hooks. Similarly, might need to have per-request chunkqueues separate from per-connection chunkqueues. Should probably also have a request_reset() which is distinct from connection_reset(). 2020-01-13 02:51:12 +00:00			`if (config_check_cond(r, (uint32_t)p->cvlist[i].k_id))`
[mod_auth*] use config_plugin_values_init() 2019-11-07 00:37:11 +00:00			`mod_authn_pam_merge_config(&p->conf,`
			`p->cvlist + p->cvlist[i].v.u2[0]);`
			`}`
			`}`
[mod_authn_pam] mod_auth PAM support (fixes #688) x-ref: "auth via pam" https://redmine.lighttpd.net/issues/688 2018-09-18 05:51:45 +00:00
[mod_auth*] use config_plugin_values_init() 2019-11-07 00:37:11 +00:00			`SETDEFAULTS_FUNC(mod_authn_pam_set_defaults) {`
			`static const config_plugin_keys_t cpk[] = {`
			`{ CONST_STR_LEN("auth.backend.pam.opts"),`
[multiple] generic config array type checking 2019-12-08 00:15:55 +00:00			`T_CONFIG_ARRAY_KVSTRING,`
[mod_auth*] use config_plugin_values_init() 2019-11-07 00:37:11 +00:00			`T_CONFIG_SCOPE_CONNECTION }`
			`,{ NULL, 0,`
			`T_CONFIG_UNSET,`
			`T_CONFIG_SCOPE_UNSET }`
			`};`
[mod_authn_pam] mod_auth PAM support (fixes #688) x-ref: "auth via pam" https://redmine.lighttpd.net/issues/688 2018-09-18 05:51:45 +00:00
[mod_auth*] use config_plugin_values_init() 2019-11-07 00:37:11 +00:00			`plugin_data * const p = p_d;`
			`if (!config_plugin_values_init(srv, p, cpk, "mod_authn_pam"))`
			`return HANDLER_ERROR;`

			`/* process and validate config directives`
			`* (init i to 0 if global context; to 1 to skip empty global context) */`
			`for (int i = !p->cvlist[0].v.u2[1]; i < p->nconfig; ++i) {`
			`config_plugin_value_t *cpv = p->cvlist + p->cvlist[i].v.u2[0];`
			`for (; -1 != cpv->k_id; ++cpv) {`
			`switch (cpv->k_id) {`
			`case 0: /* auth.backend.pam.opts */`
			`if (cpv->v.a->used) {`
			`const data_string ds = (const data_string )`
			`array_get_element_klen(cpv->v.a,CONST_STR_LEN("service"));`
			`cpv->v.v = (NULL != ds) ? ds->value.ptr : "http";`
			`cpv->vtype = T_CONFIG_LOCAL;`
			`}`
			`break;`
			`default:/* should not happen */`
			`break;`
[mod_authn_pam] mod_auth PAM support (fixes #688) x-ref: "auth via pam" https://redmine.lighttpd.net/issues/688 2018-09-18 05:51:45 +00:00			`}`
			`}`
			`}`

[mod_auth*] use config_plugin_values_init() 2019-11-07 00:37:11 +00:00			`p->defaults.service = "http";`

			`/* initialize p->defaults from global config context */`
			`if (p->nconfig > 0 && p->cvlist->v.u2[1]) {`
			`const config_plugin_value_t *cpv = p->cvlist + p->cvlist->v.u2[0];`
			`if (-1 != cpv->k_id)`
			`mod_authn_pam_merge_config(&p->defaults, cpv);`
			`}`

			`return HANDLER_GO_ON;`
[mod_authn_pam] mod_auth PAM support (fixes #688) x-ref: "auth via pam" https://redmine.lighttpd.net/issues/688 2018-09-18 05:51:45 +00:00			`}`

			`static int mod_authn_pam_fn_conv(int num_msg, const struct pam_message msg, struct pam_response resp, void *appdata_ptr) {`
			`const char * const pw = (char *)appdata_ptr;`
			`struct pam_response * const pr = *resp =`
			`(struct pam_response )malloc(num_msg sizeof(struct pam_response));`
			`for (int i = 0; i < num_msg; ++i) {`
			`const int style = msg[i]->msg_style;`
			`pr[i].resp_retcode = 0;`
			`pr[i].resp = (style==PAM_PROMPT_ECHO_OFF \|\| style==PAM_PROMPT_ECHO_ON)`
			`? strdup(pw)`
			`: NULL;`
			`}`
			`return PAM_SUCCESS;`
			`}`

[multiple] split con, request (very large change) NB: r->tmp_buf == srv->tmp_buf (pointer is copied for quicker access) NB: request read and write chunkqueues currently point to connection chunkqueues; per-request and per-connection chunkqueues are not distinct from one another con->read_queue == r->read_queue con->write_queue == r->write_queue NB: in the future, a separate connection config may be needed for connection-level module hooks. Similarly, might need to have per-request chunkqueues separate from per-connection chunkqueues. Should probably also have a request_reset() which is distinct from connection_reset(). 2020-01-13 02:51:12 +00:00			`static handler_t mod_authn_pam_query(request_st * const r, void p_d, const buffer const username, const char * const realm, const char * const pw) {`
[mod_authn_pam] mod_auth PAM support (fixes #688) x-ref: "auth via pam" https://redmine.lighttpd.net/issues/688 2018-09-18 05:51:45 +00:00			`plugin_data p = (plugin_data )p_d;`
			`pam_handle_t *pamh = NULL;`
			`struct pam_conv conv = { mod_authn_pam_fn_conv, NULL };`
			`const int flags = PAM_SILENT \| PAM_DISALLOW_NULL_AUTHTOK;`
			`int rc;`
			`UNUSED(realm);`
			`(const char )&conv.appdata_ptr = pw; /(cast away const)*/`

[multiple] split con, request (very large change) NB: r->tmp_buf == srv->tmp_buf (pointer is copied for quicker access) NB: request read and write chunkqueues currently point to connection chunkqueues; per-request and per-connection chunkqueues are not distinct from one another con->read_queue == r->read_queue con->write_queue == r->write_queue NB: in the future, a separate connection config may be needed for connection-level module hooks. Similarly, might need to have per-request chunkqueues separate from per-connection chunkqueues. Should probably also have a request_reset() which is distinct from connection_reset(). 2020-01-13 02:51:12 +00:00			`mod_authn_pam_patch_config(r, p);`
[mod_authn_pam] mod_auth PAM support (fixes #688) x-ref: "auth via pam" https://redmine.lighttpd.net/issues/688 2018-09-18 05:51:45 +00:00
[multiple] split con, request (very large change) NB: r->tmp_buf == srv->tmp_buf (pointer is copied for quicker access) NB: request read and write chunkqueues currently point to connection chunkqueues; per-request and per-connection chunkqueues are not distinct from one another con->read_queue == r->read_queue con->write_queue == r->write_queue NB: in the future, a separate connection config may be needed for connection-level module hooks. Similarly, might need to have per-request chunkqueues separate from per-connection chunkqueues. Should probably also have a request_reset() which is distinct from connection_reset(). 2020-01-13 02:51:12 +00:00			`const char * const addrstr = r->con->dst_addr_buf->ptr;`
[mod_authn_pam] mod_auth PAM support (fixes #688) x-ref: "auth via pam" https://redmine.lighttpd.net/issues/688 2018-09-18 05:51:45 +00:00			`rc = pam_start(p->conf.service, username->ptr, &conv, &pamh);`
			`if (PAM_SUCCESS != rc`
[multiple] split con, request (very large change) NB: r->tmp_buf == srv->tmp_buf (pointer is copied for quicker access) NB: request read and write chunkqueues currently point to connection chunkqueues; per-request and per-connection chunkqueues are not distinct from one another con->read_queue == r->read_queue con->write_queue == r->write_queue NB: in the future, a separate connection config may be needed for connection-level module hooks. Similarly, might need to have per-request chunkqueues separate from per-connection chunkqueues. Should probably also have a request_reset() which is distinct from connection_reset(). 2020-01-13 02:51:12 +00:00			`\|\| PAM_SUCCESS !=(rc = pam_set_item(pamh, PAM_RHOST, addrstr))`
[mod_authn_pam] mod_auth PAM support (fixes #688) x-ref: "auth via pam" https://redmine.lighttpd.net/issues/688 2018-09-18 05:51:45 +00:00			`\|\| PAM_SUCCESS !=(rc = pam_authenticate(pamh, flags))`
			`\|\| PAM_SUCCESS !=(rc = pam_acct_mgmt(pamh, flags)))`
[multiple] split con, request (very large change) NB: r->tmp_buf == srv->tmp_buf (pointer is copied for quicker access) NB: request read and write chunkqueues currently point to connection chunkqueues; per-request and per-connection chunkqueues are not distinct from one another con->read_queue == r->read_queue con->write_queue == r->write_queue NB: in the future, a separate connection config may be needed for connection-level module hooks. Similarly, might need to have per-request chunkqueues separate from per-connection chunkqueues. Should probably also have a request_reset() which is distinct from connection_reset(). 2020-01-13 02:51:12 +00:00			`log_error(r->conf.errh, __FILE__, __LINE__,`
[multiple] prefer (connection ) to (srv ) convert all log_error_write() to log_error() and pass (log_error_st ) use con->errh in preference to srv->errh (even though currently same) avoid passing (server ) when previously used only for logging (errh) 2019-11-25 06:54:08 +00:00			`"pam: %s", pam_strerror(pamh, rc));`
[mod_authn_pam] mod_auth PAM support (fixes #688) x-ref: "auth via pam" https://redmine.lighttpd.net/issues/688 2018-09-18 05:51:45 +00:00			`pam_end(pamh, rc);`
			`return (PAM_SUCCESS == rc) ? HANDLER_GO_ON : HANDLER_ERROR;`
			`}`

[multiple] split con, request (very large change) NB: r->tmp_buf == srv->tmp_buf (pointer is copied for quicker access) NB: request read and write chunkqueues currently point to connection chunkqueues; per-request and per-connection chunkqueues are not distinct from one another con->read_queue == r->read_queue con->write_queue == r->write_queue NB: in the future, a separate connection config may be needed for connection-level module hooks. Similarly, might need to have per-request chunkqueues separate from per-connection chunkqueues. Should probably also have a request_reset() which is distinct from connection_reset(). 2020-01-13 02:51:12 +00:00			`static handler_t mod_authn_pam_basic(request_st * const r, void p_d, const http_auth_require_t const require, const buffer * const username, const char * const pw) {`
[mod_authn_pam] mod_auth PAM support (fixes #688) x-ref: "auth via pam" https://redmine.lighttpd.net/issues/688 2018-09-18 05:51:45 +00:00			`char *realm = require->realm->ptr;`
[multiple] split con, request (very large change) NB: r->tmp_buf == srv->tmp_buf (pointer is copied for quicker access) NB: request read and write chunkqueues currently point to connection chunkqueues; per-request and per-connection chunkqueues are not distinct from one another con->read_queue == r->read_queue con->write_queue == r->write_queue NB: in the future, a separate connection config may be needed for connection-level module hooks. Similarly, might need to have per-request chunkqueues separate from per-connection chunkqueues. Should probably also have a request_reset() which is distinct from connection_reset(). 2020-01-13 02:51:12 +00:00			`handler_t rc = mod_authn_pam_query(r, p_d, username, realm, pw);`
[mod_authn_pam] mod_auth PAM support (fixes #688) x-ref: "auth via pam" https://redmine.lighttpd.net/issues/688 2018-09-18 05:51:45 +00:00			`if (HANDLER_GO_ON != rc) return rc;`
			`return http_auth_match_rules(require, username->ptr, NULL, NULL)`
			`? HANDLER_GO_ON /* access granted */`
			`: HANDLER_ERROR;`
			`}`

			`int mod_authn_pam_plugin_init(plugin *p);`
			`int mod_authn_pam_plugin_init(plugin *p) {`
			`p->version = LIGHTTPD_VERSION_ID;`
[core] const char name in struct plugin put void data (always used) as first member of struct plugin add int nconfig member to PLUGIN_DATA calloc() inits p->data to NULL 2019-10-19 04:30:54 +00:00			`p->name = "authn_pam";`
[mod_authn_pam] mod_auth PAM support (fixes #688) x-ref: "auth via pam" https://redmine.lighttpd.net/issues/688 2018-09-18 05:51:45 +00:00			`p->init = mod_authn_pam_init;`
			`p->set_defaults= mod_authn_pam_set_defaults;`

			`return 0;`
			`}`