providers/proxy/proxy.h

	proxy.h revision d7dc57bcc2468bee756bcd568daee0644e5b888d
a11689fe3fbb3bca11b9cb4ae5faf27db96401ccTimo Sirainen/*
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen    SSSD
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen    Proxy provider, private header file
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen    Authors:
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen        Sumit Bose <sbose@redhat.com>
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen    Copyright (C) 2010 Red Hat
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen    This program is free software; you can redistribute it and/or modify
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen    it under the terms of the GNU General Public License as published by
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen    the Free Software Foundation; either version 3 of the License, or
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen    (at your option) any later version.
a78d5bd9772681a232de56b3dd6acefee66cc71bTimo Sirainen
a78d5bd9772681a232de56b3dd6acefee66cc71bTimo Sirainen    This program is distributed in the hope that it will be useful,
a78d5bd9772681a232de56b3dd6acefee66cc71bTimo Sirainen    but WITHOUT ANY WARRANTY; without even the implied warranty of
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen    GNU General Public License for more details.
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen    You should have received a copy of the GNU General Public License
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen    along with this program.  If not, see <http://www.gnu.org/licenses/>.
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen*/
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen#ifndef __PROXY_H__
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen#define __PROXY_H__
d595049948579def2d82718dbce0a6b49a281402Timo Sirainen
d595049948579def2d82718dbce0a6b49a281402Timo Sirainen#include <nss.h>
d595049948579def2d82718dbce0a6b49a281402Timo Sirainen#include <errno.h>
d595049948579def2d82718dbce0a6b49a281402Timo Sirainen#include <pwd.h>
d595049948579def2d82718dbce0a6b49a281402Timo Sirainen#include <grp.h>
d595049948579def2d82718dbce0a6b49a281402Timo Sirainen#include <dlfcn.h>
d595049948579def2d82718dbce0a6b49a281402Timo Sirainen#include <sys/types.h>
d595049948579def2d82718dbce0a6b49a281402Timo Sirainen#include <sys/wait.h>
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen#include <security/pam_appl.h>
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen#include <security/pam_modules.h>
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen#include "util/util.h"
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen#include "providers/dp_backend.h"
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen#include "db/sysdb.h"
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen#include "proxy.h"
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen#include "sss_client/nss_compat.h"
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen#include <dhash.h>
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainenstruct proxy_nss_ops {
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen    enum nss_status (*getpwnam_r)(const char *name, struct passwd *result,
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen                                  char *buffer, size_t buflen, int *errnop);
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen    enum nss_status (*getpwuid_r)(uid_t uid, struct passwd *result,
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen                                  char *buffer, size_t buflen, int *errnop);
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen    enum nss_status (*setpwent)(void);
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen    enum nss_status (*getpwent_r)(struct passwd *result,
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen                                  char *buffer, size_t buflen, int *errnop);
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen    enum nss_status (*endpwent)(void);
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen    enum nss_status (*getgrnam_r)(const char *name, struct group *result,
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen                                  char *buffer, size_t buflen, int *errnop);
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen    enum nss_status (*getgrgid_r)(gid_t gid, struct group *result,
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen                                  char *buffer, size_t buflen, int *errnop);
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen    enum nss_status (*setgrent)(void);
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen    enum nss_status (*getgrent_r)(struct group *result,
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen                                  char *buffer, size_t buflen, int *errnop);
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen    enum nss_status (*endgrent)(void);
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen    enum nss_status (*initgroups_dyn)(const char *user, gid_t group,
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen                                      long int *start, long int *size,
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen                                      gid_t **groups, long int limit,
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen                                      int *errnop);
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen    enum nss_status (*setnetgrent)(const char *netgroup,
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen                                   struct __netgrent *result);
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen    enum nss_status (*getnetgrent_r)(struct __netgrent *result, char *buffer,
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen                                     size_t buflen, int *errnop);
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen    enum nss_status (*endnetgrent)(struct __netgrent *result);
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen};
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainenstruct authtok_conv {
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen    uint32_t authtok_size;
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen    uint8_t *authtok;
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen    uint32_t newauthtok_size;
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen    uint8_t *newauthtok;
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen    bool sent_old;
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen};
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainenstruct proxy_id_ctx {
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen    struct be_ctx *be;
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen    int entry_cache_timeout;
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen    struct proxy_nss_ops ops;
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen};
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainenstruct proxy_auth_ctx {
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen    struct be_ctx *be;
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen    char *pam_target;
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen    uint32_t max_children;
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen    uint32_t running;
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen    uint32_t next_id;
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen    hash_table_t *request_table;
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen    struct sbus_connection *sbus_srv;
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen    int timeout_ms;
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen};
28cb56e6957f06717e876cecb7aabc820fdf632eTimo Sirainen
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainenstruct proxy_child_ctx {
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen    struct proxy_auth_ctx *auth_ctx;
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen    struct be_req *be_req;
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen    struct pam_data *pd;
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen    uint32_t id;
a64adf62fa33f2463a86f990217b0c9078531a40Timo Sirainen    pid_t pid;
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen    bool running;
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen    struct sbus_connection *conn;
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen    struct tevent_timer *timer;
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen    struct tevent_req *init_req;
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen};
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainenstruct pc_init_ctx {
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen    char *command;
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen    pid_t pid;
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen    struct tevent_timer *timeout;
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen    struct tevent_signal *sige;
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen    struct proxy_child_ctx *child_ctx;
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen    struct sbus_connection *conn;
bbc30fd4fa86723f6a72309ad3a2a96f34eabd6cTimo Sirainen};
bbc30fd4fa86723f6a72309ad3a2a96f34eabd6cTimo Sirainen
bbc30fd4fa86723f6a72309ad3a2a96f34eabd6cTimo Sirainen#define PROXY_CHILD_PIPE "private/proxy_child"
bbc30fd4fa86723f6a72309ad3a2a96f34eabd6cTimo Sirainen#define DEFAULT_BUFSIZE 4096
bbc30fd4fa86723f6a72309ad3a2a96f34eabd6cTimo Sirainen#define MAX_BUF_SIZE 1024*1024 /* max 1MiB */
bbc30fd4fa86723f6a72309ad3a2a96f34eabd6cTimo Sirainen
bbc30fd4fa86723f6a72309ad3a2a96f34eabd6cTimo Sirainen/* From proxy_common.c */
bbc30fd4fa86723f6a72309ad3a2a96f34eabd6cTimo Sirainenvoid proxy_reply(struct be_req *req, int dp_err,
bbc30fd4fa86723f6a72309ad3a2a96f34eabd6cTimo Sirainen                 int error, const char *errstr);
bbc30fd4fa86723f6a72309ad3a2a96f34eabd6cTimo Sirainen
bbc30fd4fa86723f6a72309ad3a2a96f34eabd6cTimo Sirainen/* From proxy_id.c */
bbc30fd4fa86723f6a72309ad3a2a96f34eabd6cTimo Sirainenvoid proxy_get_account_info(struct be_req *breq);
bbc30fd4fa86723f6a72309ad3a2a96f34eabd6cTimo Sirainen
bbc30fd4fa86723f6a72309ad3a2a96f34eabd6cTimo Sirainen/* From proxy_auth.c */
bbc30fd4fa86723f6a72309ad3a2a96f34eabd6cTimo Sirainenvoid proxy_pam_handler(struct be_req *req);
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen#endif /* __PROXY_H__ */
1358e2c58ce29231485a5cfa454756d429ad3d2cTimo Sirainen