providers/proxy/proxy.h

	proxy.h revision 2dd3faebcd3cfd00efda38ffd2585d675e696b12
2454dfa32c93c20a8522c6ed42fe057baaac9f9aStephan Bosch/*
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    SSSD
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    Proxy provider, private header file
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    Authors:
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen        Sumit Bose <sbose@redhat.com>
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    Copyright (C) 2010 Red Hat
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    This program is free software; you can redistribute it and/or modify
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    it under the terms of the GNU General Public License as published by
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    the Free Software Foundation; either version 3 of the License, or
17062405030a3fa095e43d5b8b71afc5536f0a22Timo Sirainen    (at your option) any later version.
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    This program is distributed in the hope that it will be useful,
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    but WITHOUT ANY WARRANTY; without even the implied warranty of
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    GNU General Public License for more details.
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    You should have received a copy of the GNU General Public License
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    along with this program.  If not, see <http://www.gnu.org/licenses/>.
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen*/
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen#ifndef __PROXY_H__
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen#define __PROXY_H__
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen#include <nss.h>
a7512265bcded54af05e68e2383d11cb8638b513Aki Tuomi#include <errno.h>
a7512265bcded54af05e68e2383d11cb8638b513Aki Tuomi#include <pwd.h>
f24edebe360d3effe584a884aa7d119daf3fd371Aki Tuomi#include <grp.h>
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen#include <dlfcn.h>
17062405030a3fa095e43d5b8b71afc5536f0a22Timo Sirainen#include <sys/types.h>
17062405030a3fa095e43d5b8b71afc5536f0a22Timo Sirainen#include <sys/wait.h>
17062405030a3fa095e43d5b8b71afc5536f0a22Timo Sirainen
17062405030a3fa095e43d5b8b71afc5536f0a22Timo Sirainen#include <security/pam_appl.h>
17062405030a3fa095e43d5b8b71afc5536f0a22Timo Sirainen#include <security/pam_modules.h>
17062405030a3fa095e43d5b8b71afc5536f0a22Timo Sirainen
17062405030a3fa095e43d5b8b71afc5536f0a22Timo Sirainen#include "util/util.h"
17062405030a3fa095e43d5b8b71afc5536f0a22Timo Sirainen#include "providers/dp_backend.h"
17062405030a3fa095e43d5b8b71afc5536f0a22Timo Sirainen#include "db/sysdb.h"
17062405030a3fa095e43d5b8b71afc5536f0a22Timo Sirainen#include "proxy.h"
f24edebe360d3effe584a884aa7d119daf3fd371Aki Tuomi#include <dhash.h>
f24edebe360d3effe584a884aa7d119daf3fd371Aki Tuomi
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainenstruct proxy_nss_ops {
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    enum nss_status (*getpwnam_r)(const char *name, struct passwd *result,
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen                                  char *buffer, size_t buflen, int *errnop);
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    enum nss_status (*getpwuid_r)(uid_t uid, struct passwd *result,
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen                                  char *buffer, size_t buflen, int *errnop);
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    enum nss_status (*setpwent)(void);
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    enum nss_status (*getpwent_r)(struct passwd *result,
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen                                  char *buffer, size_t buflen, int *errnop);
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    enum nss_status (*endpwent)(void);
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    enum nss_status (*getgrnam_r)(const char *name, struct group *result,
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen                                  char *buffer, size_t buflen, int *errnop);
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    enum nss_status (*getgrgid_r)(gid_t gid, struct group *result,
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen                                  char *buffer, size_t buflen, int *errnop);
17062405030a3fa095e43d5b8b71afc5536f0a22Timo Sirainen    enum nss_status (*setgrent)(void);
17062405030a3fa095e43d5b8b71afc5536f0a22Timo Sirainen    enum nss_status (*getgrent_r)(struct group *result,
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen                                  char *buffer, size_t buflen, int *errnop);
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    enum nss_status (*endgrent)(void);
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    enum nss_status (*initgroups_dyn)(const char *user, gid_t group,
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen                                      long int *start, long int *size,
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen                                      gid_t **groups, long int limit,
17062405030a3fa095e43d5b8b71afc5536f0a22Timo Sirainen                                      int *errnop);
17062405030a3fa095e43d5b8b71afc5536f0a22Timo Sirainen};
17062405030a3fa095e43d5b8b71afc5536f0a22Timo Sirainen
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainenstruct authtok_conv {
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    uint32_t authtok_size;
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    uint8_t *authtok;
f24edebe360d3effe584a884aa7d119daf3fd371Aki Tuomi
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    uint32_t newauthtok_size;
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    uint8_t *newauthtok;
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    bool sent_old;
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen};
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen
17062405030a3fa095e43d5b8b71afc5536f0a22Timo Sirainenstruct proxy_id_ctx {
17062405030a3fa095e43d5b8b71afc5536f0a22Timo Sirainen    struct be_ctx *be;
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    int entry_cache_timeout;
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    struct proxy_nss_ops ops;
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen};
17062405030a3fa095e43d5b8b71afc5536f0a22Timo Sirainen
17062405030a3fa095e43d5b8b71afc5536f0a22Timo Sirainenstruct proxy_auth_ctx {
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    struct be_ctx *be;
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    char *pam_target;
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    uint32_t max_children;
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    uint32_t running;
17062405030a3fa095e43d5b8b71afc5536f0a22Timo Sirainen    uint32_t next_id;
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    hash_table_t *request_table;
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    struct sbus_connection *sbus_srv;
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    int timeout_ms;
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen};
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainenstruct proxy_child_ctx {
f24edebe360d3effe584a884aa7d119daf3fd371Aki Tuomi    struct proxy_auth_ctx *auth_ctx;
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    struct be_req *be_req;
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    struct pam_data *pd;
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    uint32_t id;
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    pid_t pid;
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    bool running;
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    struct sbus_connection *conn;
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    struct tevent_timer *timer;
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    struct tevent_req *init_req;
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen};
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainenstruct pc_init_ctx {
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    char *command;
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    pid_t pid;
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    struct tevent_timer *timeout;
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    struct tevent_signal *sige;
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    struct proxy_child_ctx *child_ctx;
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen    struct sbus_connection *conn;
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen};
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen#define PROXY_CHILD_PIPE "private/proxy_child"
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen#define DEFAULT_BUFSIZE 4096
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen#define MAX_BUF_SIZE 1024*1024 /* max 1MiB */
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen/* From proxy_common.c */
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainenvoid proxy_reply(struct be_req *req, int dp_err,
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen                 int error, const char *errstr);
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen/* From proxy_id.c */
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainenvoid proxy_get_account_info(struct be_req *breq);
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen/* From proxy_auth.c */
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainenvoid proxy_pam_handler(struct be_req *req);
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen
5ef28f68edef46f69961b19b7c1dcd8ec5a955e8Timo Sirainen#endif /* __PROXY_H__ */
1e2b3bd82f2d4fbae0963f4a220df30b7b5ae628Timo Sirainen