responder/sudo/sudosrv_private.h

	sudosrv_private.h revision b0abb3bfdfd95951a23c9fc223c735805ffd2969
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster/*
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    Authors:
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster        Pavel Březina <pbrezina@redhat.com>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    Copyright (C) 2011 Red Hat
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    This program is free software; you can redistribute it and/or modify
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    it under the terms of the GNU General Public License as published by
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    the Free Software Foundation; either version 3 of the License, or
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    (at your option) any later version.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    This program is distributed in the hope that it will be useful,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    but WITHOUT ANY WARRANTY; without even the implied warranty of
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    GNU General Public License for more details.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    You should have received a copy of the GNU General Public License
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    along with this program.  If not, see <http://www.gnu.org/licenses/>.
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster*/
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#ifndef _SUDOSRV_PRIVATE_H_
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#define _SUDOSRV_PRIVATE_H_
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#include <stdint.h>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#include <talloc.h>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#include <sys/types.h>
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#include "src/db/sysdb.h"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#include "responder/common/responder.h"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#define SSS_SUDO_ERROR_OK 0
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#define SSS_SUDO_SBUS_SERVICE_VERSION 0x0001
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster#define SSS_SUDO_SBUS_SERVICE_NAME "sudo"
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterenum sss_dp_sudo_type {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    SSS_DP_SUDO_DEFAULTS,
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    SSS_DP_SUDO_USER
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster};
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterstruct sudo_ctx {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    struct resp_ctx *rctx;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    /*
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * options
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    int cache_timeout;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    bool timed;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    /*
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * Key: domain          for SSS_DP_SUDO_DEFAULTS
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     *      domain:username for SSS_DP_SUDO_USER
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     * Val: struct sudo_cache_entry *
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster     */
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    hash_table_t *cache;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster};
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Fosterstruct sudo_cmd_ctx {
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    struct cli_ctx *cli_ctx;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    struct sudo_ctx *sudo_ctx;
a688bcbb4bcff5398fdd29b86f83450257dc0df4Allan Foster    enum sss_dp_sudo_type type;

    /* input data */
    char *username;
    const char *orig_username;
    const char *cased_username;
    struct sss_domain_info *domain;
    bool check_next;

    /* output data */
    struct sysdb_attrs **rules;
    size_t num_rules;
};

struct sudo_dom_ctx {
    struct sudo_cmd_ctx *cmd_ctx;
    struct sss_domain_info *domain;
    bool check_provider;
};

struct sudo_dp_request {
    struct cli_ctx *cctx;
    struct sss_domain_info *domain;
};

struct sss_cmd_table *get_sudo_cmds(void);

errno_t sudosrv_cmd_done(struct sudo_cmd_ctx *cmd_ctx, int ret);

errno_t sudosrv_get_sudorules(struct sudo_dom_ctx *dctx);

errno_t sudosrv_get_rules(struct sudo_cmd_ctx *cmd_ctx);

errno_t sudosrv_parse_query(TALLOC_CTX *mem_ctx,
                            struct resp_ctx *rctx,
                            uint8_t *query_body,
                            size_t query_len,
                            char **_username,
                            struct sss_domain_info **_domain);

errno_t sudosrv_build_response(TALLOC_CTX *mem_ctx,
                               uint32_t error,
                               int rules_num,
                               struct sysdb_attrs **rules,
                               uint8_t **_response_body,
                               size_t *_response_len);

struct tevent_req *
sss_dp_get_sudoers_send(TALLOC_CTX *mem_ctx,
                        struct resp_ctx *rctx,
                        struct sss_domain_info *dom,
                        bool fast_reply,
                        enum sss_dp_sudo_type type,
                        const char *name);

errno_t
sss_dp_get_sudoers_recv(TALLOC_CTX *mem_ctx,
                        struct tevent_req *req,
                        dbus_uint16_t *err_maj,
                        dbus_uint32_t *err_min,
                        char **err_msg);

errno_t sudosrv_cache_init(TALLOC_CTX *mem_ctx,
                           unsigned long count,
                           hash_table_t **table);

errno_t sudosrv_cache_lookup(hash_table_t *table,
                             struct sudo_dom_ctx *dctx,
                             bool check_next,
                             const char *username,
                             size_t *res_count,
                             struct sysdb_attrs ***res);

errno_t sudosrv_cache_set_entry(struct tevent_context *ev,
                                struct sudo_ctx *sudo_ctx,
                                hash_table_t *table,
                                struct sss_domain_info *domain,
                                const char *username,
                                size_t res_count,
                                struct sysdb_attrs **res,
                                time_t timeout);

#endif /* _SUDOSRV_PRIVATE_H_ */