proxy.h revision 4fcc50e133f90cd4c5931a3ac48c84cb628b16fc
286N/A/*
286N/A SSSD
286N/A
286N/A Proxy provider, private header file
286N/A
286N/A Authors:
286N/A Sumit Bose <sbose@redhat.com>
286N/A
286N/A Copyright (C) 2010 Red Hat
286N/A
286N/A This program is free software; you can redistribute it and/or modify
286N/A it under the terms of the GNU General Public License as published by
286N/A the Free Software Foundation; either version 3 of the License, or
286N/A (at your option) any later version.
286N/A
286N/A This program is distributed in the hope that it will be useful,
286N/A but WITHOUT ANY WARRANTY; without even the implied warranty of
286N/A MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
286N/A GNU General Public License for more details.
286N/A
286N/A You should have received a copy of the GNU General Public License
286N/A along with this program. If not, see <http://www.gnu.org/licenses/>.
286N/A*/
286N/A
286N/A#ifndef __PROXY_H__
286N/A#define __PROXY_H__
286N/A
286N/A#include <nss.h>
286N/A#include <errno.h>
286N/A#include <pwd.h>
286N/A#include <grp.h>
286N/A#include <dlfcn.h>
286N/A#include <sys/types.h>
286N/A#include <sys/wait.h>
286N/A
286N/A#include <security/pam_appl.h>
286N/A#include <security/pam_modules.h>
286N/A
286N/A#include "util/util.h"
286N/A#include "providers/dp_backend.h"
286N/A#include "db/sysdb.h"
286N/A#include "sss_client/nss_compat.h"
286N/A#include <dhash.h>
286N/A
286N/Astruct proxy_nss_ops {
286N/A enum nss_status (*getpwnam_r)(const char *name, struct passwd *result,
286N/A char *buffer, size_t buflen, int *errnop);
286N/A enum nss_status (*getpwuid_r)(uid_t uid, struct passwd *result,
286N/A char *buffer, size_t buflen, int *errnop);
286N/A enum nss_status (*setpwent)(void);
286N/A enum nss_status (*getpwent_r)(struct passwd *result,
286N/A char *buffer, size_t buflen, int *errnop);
286N/A enum nss_status (*endpwent)(void);
286N/A
286N/A enum nss_status (*getgrnam_r)(const char *name, struct group *result,
286N/A char *buffer, size_t buflen, int *errnop);
286N/A enum nss_status (*getgrgid_r)(gid_t gid, struct group *result,
286N/A char *buffer, size_t buflen, int *errnop);
286N/A enum nss_status (*setgrent)(void);
286N/A enum nss_status (*getgrent_r)(struct group *result,
286N/A char *buffer, size_t buflen, int *errnop);
286N/A enum nss_status (*endgrent)(void);
286N/A enum nss_status (*initgroups_dyn)(const char *user, gid_t group,
286N/A long int *start, long int *size,
286N/A gid_t **groups, long int limit,
286N/A int *errnop);
286N/A enum nss_status (*setnetgrent)(const char *netgroup,
286N/A struct __netgrent *result);
286N/A enum nss_status (*getnetgrent_r)(struct __netgrent *result, char *buffer,
286N/A size_t buflen, int *errnop);
286N/A enum nss_status (*endnetgrent)(struct __netgrent *result);
286N/A
286N/A /* Services */
286N/A enum nss_status (*getservbyname_r)(const char *name,
286N/A const char *protocol,
286N/A struct servent *result,
286N/A char *buffer, size_t buflen,
286N/A int *errnop);
286N/A enum nss_status (*getservbyport_r)(int port, const char *protocol,
286N/A struct servent *result,
286N/A char *buffer, size_t buflen,
286N/A int *errnop);
286N/A enum nss_status (*setservent)(void);
286N/A enum nss_status (*getservent_r)(struct servent *result,
286N/A char *buffer, size_t buflen,
286N/A int *errnop);
286N/A enum nss_status (*endservent)(void);
286N/A};
286N/A
286N/Astruct authtok_conv {
286N/A struct sss_auth_token *authtok;
286N/A struct sss_auth_token *newauthtok;
286N/A
286N/A bool sent_old;
286N/A};
286N/A
286N/Astruct proxy_id_ctx {
286N/A struct be_ctx *be;
286N/A bool fast_alias;
286N/A struct proxy_nss_ops ops;
286N/A void *handle;
286N/A};
286N/A
286N/Astruct proxy_auth_ctx {
286N/A struct be_ctx *be;
286N/A char *pam_target;
286N/A
286N/A uint32_t max_children;
286N/A uint32_t running;
286N/A uint32_t next_id;
286N/A hash_table_t *request_table;
286N/A struct sbus_connection *sbus_srv;
286N/A int timeout_ms;
286N/A};
286N/A
286N/Astruct proxy_child_ctx {
286N/A struct proxy_auth_ctx *auth_ctx;
286N/A struct be_req *be_req;
286N/A struct pam_data *pd;
286N/A
286N/A uint32_t id;
286N/A pid_t pid;
286N/A bool running;
286N/A
286N/A struct sbus_connection *conn;
286N/A struct tevent_timer *timer;
286N/A
286N/A struct tevent_req *init_req;
286N/A};
286N/A
286N/Astruct pc_init_ctx {
286N/A char *command;
286N/A pid_t pid;
286N/A struct tevent_timer *timeout;
286N/A struct tevent_signal *sige;
286N/A struct proxy_child_ctx *child_ctx;
286N/A struct sbus_connection *conn;
286N/A};
286N/A
286N/A#define PROXY_CHILD_PIPE "private/proxy_child"
286N/A#define DEFAULT_BUFSIZE 4096
286N/A#define MAX_BUF_SIZE 1024*1024 /* max 1MiB */
286N/A
286N/A/* From proxy_id.c */
286N/Avoid proxy_get_account_info(struct be_req *breq);
286N/A
286N/A/* From proxy_auth.c */
286N/Avoid proxy_pam_handler(struct be_req *req);
286N/A
286N/A/* From proxy_netgroup.c */
286N/Aerrno_t get_netgroup(struct proxy_id_ctx *ctx,
286N/A struct sysdb_ctx *sysdb,
286N/A struct sss_domain_info *dom,
286N/A const char *name);
286N/A
286N/Aerrno_t get_serv_byname(struct proxy_id_ctx *ctx,
286N/A struct sss_domain_info *dom,
286N/A const char *name,
286N/A const char *protocol);
286N/A
286N/Aerrno_t
286N/Aget_serv_byport(struct proxy_id_ctx *ctx,
286N/A struct sss_domain_info *dom,
286N/A const char *be_filter,
286N/A const char *protocol);
286N/A
286N/Aerrno_t enum_services(struct proxy_id_ctx *ctx,
286N/A struct sysdb_ctx *sysdb,
286N/A struct sss_domain_info *dom);
286N/A
#endif /* __PROXY_H__ */