util.h revision 92b2a4023c06c613d4576f70cda820ba79750f56
/*
Authors:
Simo Sorce <ssorce@redhat.com>
Copyright (C) 2009 Red Hat
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef __SSSD_UTIL_H__
#define __SSSD_UTIL_H__
#include "config.h"
#include <stdio.h>
#include <stdint.h>
#include <stdbool.h>
#include <ctype.h>
#include <libintl.h>
#include <limits.h>
#include <locale.h>
#include <time.h>
#include <pcre.h>
#include <talloc.h>
#include <tevent.h>
#include <ldb.h>
#include <dhash.h>
#include "util/atomic_io.h"
#include "util/util_errors.h"
#include "util/util_safealign.h"
#include "util/sss_format.h"
/* name of the monitor server instance */
#define MAX_PID_LENGTH 10
#define ENUM_INDICATOR "*"
#define CLEAR_MC_FLAG "clear_mc_flag"
/** Default secure umask */
#define SSS_DFL_UMASK 0177
/** Secure mask with executable bit */
#define SSS_DFL_X_UMASK 0077
#ifndef NULL
#define NULL 0
#endif
#define ZERO_STRUCT(x) memset((char *)&(x), 0, sizeof(x))
#define SSSD_MAIN_OPTS SSSD_DEBUG_OPTS
_("The user ID to run the server as"), NULL}, \
_("The group ID to run the server as"), NULL},
extern int socket_activated;
extern int dbus_activated;
#ifdef HAVE_SYSTEMD
#define SSSD_RESPONDER_OPTS \
_("Informs that the responder has been socket-activated"), NULL }, \
_("Informs that the responder has been dbus-activated"), NULL },
#else
#define SSSD_RESPONDER_OPTS
#endif
#define FLAGS_NONE 0x0000
#define FLAGS_DAEMON 0x0001
#define FLAGS_INTERACTIVE 0x0002
#define FLAGS_PID_FILE 0x0004
#define FLAGS_GEN_CONF 0x0008
#define FLAGS_NO_WATCHDOG 0x0010
#define PIPE_FD_CLOSE(fd) do { \
if (fd != -1) { \
fd = -1; \
} \
} while(0);
#define PIPE_CLOSE(p) do { \
PIPE_FD_CLOSE(p[0]); \
PIPE_FD_CLOSE(p[1]); \
} while(0);
#ifndef talloc_zfree
#endif
#ifndef discard_const_p
#if defined(__intptr_t_defined) || defined(HAVE_INTPTR_T)
#else
#endif
#endif
#define TEVENT_REQ_RETURN_ON_ERROR(req) do { \
enum tevent_req_state TRROEstate; \
\
if (TRROEstate == TEVENT_REQ_USER_ERROR) { \
if (TRROEerr == 0) { \
return ERR_INTERNAL; \
} \
return TRROEerr; \
} \
return ERR_INTERNAL; \
} \
} while (0)
#include "util/dlinklist.h"
/* From debug.c */
int open_debug_file(void);
int rotate_debug_files(void);
void talloc_log_fn(const char *msg);
/* From sss_log.c */
#define SSS_LOG_EMERG 0 /* system is unusable */
/* from server.c */
struct main_context {
struct tevent_context *event_ctx;
struct confdb_ctx *confdb_ctx;
};
const char *conf_entry);
int die_if_parent_died(void);
const char *conf_entry,
struct main_context **main_ctx);
void orderly_shutdown(int status);
/* from signal.c */
/* from memory.c */
typedef int (void_destructor_fn_t)(void *);
struct mem_holder {
void *mem;
};
void *ptr,
int password_destructor(void *memctx);
/* from usertools.c */
struct sss_names_ctx {
char *re_pattern;
char *fq_fmt;
};
/* initialize sss_names_ctx directly from arguments */
const char *re_pattern,
const char *fq_fmt,
struct sss_names_ctx **out);
/* initialize sss_names_ctx from domain configuration */
struct confdb_ctx *cdb,
const char *domain,
struct sss_names_ctx **out);
struct sss_names_ctx **_out);
struct sss_names_ctx *snctx,
struct sss_domain_info *domains,
const char *default_domain,
char *
bool case_sensitive);
bool case_sensitive, const char ***_cased);
/* Return fully-qualified name according to the fq_fmt. The name is allocated using
* talloc on top of mem_ctx
*/
char *
/* Return fully-qualified name according to the fq_fmt. The name is allocated using
* talloc on top of mem_ctx. In contrast to sss_tc_fqname() sss_tc_fqname2()
* expects the domain and flat domain name as separate arguments.
*/
char *
const char *dom_name, const char *flat_dom_name,
const char *name);
/* Return fully-qualified name formatted according to the fq_fmt. The buffer in "str" is
* "size" bytes long. Returns the number of bytes written on success or a negative
* value of failure.
*
* Pass a zero size to calculate the length that would be needed by the fully-qualified
* name.
*/
int
/* Accepts fqname in the format shortname@domname only. */
const char *fqname,
char **_shortname,
char **_dom_name);
/* Creates internal fqname in format shortname@domname.
* The domain portion is lowercased. */
const char *shortname,
const char *dom_name);
/* Creates internal fqnames list in format shortname@domname.
* The domain portion is lowercased. */
const char * const *shortname_list,
const char *dom_name);
/* Turn fqname into cased shortname with replaced space. */
const char *fqname,
bool case_sensitive,
const char replace_space);
struct sss_domain_info *domain,
const char *name,
char override_space,
char **_output_name);
struct ldb_message *msg);
/* from backup-file.c */
/* check_file()
* file type. This function can be used to determine if a file is a
* symlink.
* Warning: use of this function implies a potential race condition
* Opening a file before or after checking it does NOT guarantee that
* it is still the same file. Additional checks should be performed
* on the caller_stat_buf to ensure that it has the same device and
* inode to minimize impact. Permission changes may have occurred,
* however.
*/
/* check_fd()
* is of a certain file type. This function CANNOT detect symlinks,
* as the file is already open and symlinks have been traversed. This
* is the safer way to perform file checks and should be preferred
* over check_file for nearly all situations.
*/
struct stat *caller_stat_buf);
/* check_and_open_readonly()
* Utility function to open a file and verify that it has certain
* permissions and is of a certain file type. This function wraps
* check_fd(), and is considered race-condition safe.
*/
/* from util.c */
#define SSS_NO_LINKLOCAL 0x01
#define SSS_NO_LOOPBACK 0x02
#define SSS_NO_MULTICAST 0x04
#define SSS_NO_BROADCAST 0x08
#define SSS_NO_SPECIAL \
/* These two functions accept addr in network order */
const char * const * get_known_services(void);
char **parse_args(const char *str);
struct cert_verify_opts {
bool do_ocsp;
bool do_verification;
char *ocsp_default_responder;
};
struct cert_verify_opts **cert_verify_opts);
unsigned long count,
hash_table_t **tbl);
unsigned long count,
hash_table_t **tbl,
unsigned int directory_bits,
unsigned int segment_bits,
unsigned long min_load_factor,
unsigned long max_load_factor,
void *delete_private_data);
/* Returns true if sudoUser value is a username or a groupname */
bool is_user_or_group_name(const char *sudo_user_value);
/* Returns true if the responder has been socket-activated */
bool is_socket_activated(void);
/* Returns true if the responder has been dbus-activated */
bool is_dbus_activated(void);
/**
* @brief Add two list of strings
*
* Create a new NULL-termintated list of strings by adding two lists together.
*
* @param[in] mem_ctx Talloc memory context for the new list.
* @param[in] l1 First NULL-termintated list of strings.
* @param[in] l2 Second NULL-termintated list of strings.
* @param[in] copy_strings If set to 'true' the list items will be copied
* otherwise only the pointers to the items are
* copied.
* @param[out] new_list New NULL-terminated list of strings. Must be freed
* with talloc_free() by the caller. If copy_strings
* is 'true' the new elements will be freed as well.
*/
bool copy_strings, char ***_new_list);
/**
* @brief set file descriptor as nonblocking
*
* Set the O_NONBLOCK flag for the input fd
*
* @param[in] fd The file descriptor to set as nonblocking
*
* @return EOK on success, errno code otherwise
*/
/* Copy a NULL-terminated string list
* Returns NULL on out of memory error or invalid input
*/
/* Take two string lists (terminated on a NULL char*)
* and return up to three arrays of strings based on
* shared ownership.
*
* Pass NULL to any return type you don't care about
*/
char **string1,
char **string2,
char ***string1_only,
char ***string2_only,
char ***both_strings);
/* Sanitize an input string (e.g. a username) for use in
* Returns a newly-constructed string attached to mem_ctx
* It will fail only on an out of memory condition, where it
* will return ENOMEM.
*/
const char *input,
char **sanitized);
const char *input,
char **sanitized,
const char *ignore);
const char *input,
struct sss_domain_info *dom,
char **sanitized,
char **lc_sanitized);
char *
/* This function only removes first and last
* character if the first character was '['.
*
* NOTE: This means, that ipv6addr must NOT be followed
* by port number.
*/
remove_ipv6_brackets(char *ipv6addr);
char ***list_p);
/**
* @brief Safely zero a segment of memory,
* prevents the compiler from optimizing out
*
* @param data The address of buffer to wipe
* @param size Size of the buffer
*/
/* from nscd.c */
enum nscd_db {
};
/* from sss_tc_utf8.c */
char *
uint8_t *
/* len includes terminating '\0' */
struct sized_string {
const char *str;
};
/* from domain_info.c */
#define SSS_GND_DESCEND 0x01
#define SSS_GND_INCLUDE_DISABLED 0x02
const char *name,
bool match_any);
const char *sid);
enum sss_domain_state state);
struct sss_domain_info*
const char* sid);
struct sss_domain_info *
const char *object_name);
const char *sd_name);
struct sss_domain_info *subdomain);
struct confdb_ctx *cdb,
const char *domain_name,
const char *db_path,
struct sss_domain_info **_domain);
/* the directory domain - realm mappings and other krb5 config snippers are
* written to */
struct sss_domain_info *domain,
char **content);
struct sss_domain_info *start_dom,
char ***_dom_names,
int *_dom_names_count);
/* from util_lock.c */
#include "io.h"
#ifdef HAVE_PAC_RESPONDER
#define BUILD_WITH_PAC_RESPONDER true
#else
#define BUILD_WITH_PAC_RESPONDER false
#endif
/* from well_known_sids.c */
const char **name);
const char **sid);
/* from string_utils.c */
const char *in,
const char match,
const char sub);
const char *orig_name,
const char replace_char);
const char *orig_name,
const char replace_char);
#define GUID_BIN_LENGTH 16
/* 16 2-digit hex values + 4 dashes + terminating 0 */
/* from become_user.c */
struct sss_creds;
struct sss_creds **saved_creds);
/* from sss_semanage.c */
/* Please note that libsemange relies on files and directories created with
* certain permissions. Therefore the caller should make sure the umask is
* not too restricted (especially when called from the daemon code).
*/
const char *mlsrange);
int del_seuser(const char *login_name);
char **_seuser, char **_mls_range);
/* convert time from generalized form to unix time */
/* Creates a unique file using mkstemp with provided umask. The template
* must end with XXXXXX. Returns the fd, sets _err to an errno value on error.
*
* Prefer using sss_unique_file() as it uses a secure umask internally.
*/
char *path_tmpl,
char *path_tmpl,
/* Creates a unique filename using mkstemp with secure umask. The template
* must end with XXXXXX
*
* path_tmpl must be a talloc context. Destructor would be set on the filename
* so that it's guaranteed the file is removed.
*/
/* from util_watchdog.c */
void teardown_watchdog(void);
#endif /* __SSSD_UTIL_H__ */