src/util/util.h

	util.h revision 2efebde7ddd5f1729a70ef4ec9de607cc393214c
97a9a944b5887e91042b019776c41d5dd74557aferikabele/*
97a9a944b5887e91042b019776c41d5dd74557aferikabele    Authors:
97a9a944b5887e91042b019776c41d5dd74557aferikabele        Simo Sorce <ssorce@redhat.com>
a945f35eff8b6a88009ce73de6d4c862ce58de3cslive
a945f35eff8b6a88009ce73de6d4c862ce58de3cslive    Copyright (C) 2009 Red Hat
a945f35eff8b6a88009ce73de6d4c862ce58de3cslive
fe64b2ba25510d8c9dba5560a2d537763566cf40nd    This program is free software; you can redistribute it and/or modify
fe64b2ba25510d8c9dba5560a2d537763566cf40nd    it under the terms of the GNU General Public License as published by
fe64b2ba25510d8c9dba5560a2d537763566cf40nd    the Free Software Foundation; either version 3 of the License, or
fe64b2ba25510d8c9dba5560a2d537763566cf40nd    (at your option) any later version.
fe64b2ba25510d8c9dba5560a2d537763566cf40nd
fe64b2ba25510d8c9dba5560a2d537763566cf40nd    This program is distributed in the hope that it will be useful,
fe64b2ba25510d8c9dba5560a2d537763566cf40nd    but WITHOUT ANY WARRANTY; without even the implied warranty of
fe64b2ba25510d8c9dba5560a2d537763566cf40nd    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
fe64b2ba25510d8c9dba5560a2d537763566cf40nd    GNU General Public License for more details.
52fff662005b1866a3ff09bb6c902800c5cc6dedjerenkrantz
fe64b2ba25510d8c9dba5560a2d537763566cf40nd    You should have received a copy of the GNU General Public License
fe64b2ba25510d8c9dba5560a2d537763566cf40nd    along with this program.  If not, see <http://www.gnu.org/licenses/>.
fe64b2ba25510d8c9dba5560a2d537763566cf40nd*/
4b5981e276e93df97c34e4da05ca5cf8bbd937dand
fe64b2ba25510d8c9dba5560a2d537763566cf40nd#ifndef __SSSD_UTIL_H__
a63f0ab647ad2ab72efc9bea7a66e24e9ebc5cc2nd#define __SSSD_UTIL_H__
3b3b7fc78d1f5bfc2769903375050048ff41ff26nd
ad74a0524a06bfe11b7de9e3b4ce7233ab3bd3f7nd#include "config.h"
4aa805f8500255bc52a4c03259fe46df10a1d07cyoshiki#include <stdio.h>
dfb59c684345700bf9186b8d44936f8b1ba082ffgryzor#include <stdint.h>
ecc5150d35c0dc5ee5119c2717e6660fa331abbftakashi#include <stdbool.h>
ecc5150d35c0dc5ee5119c2717e6660fa331abbftakashi#include <unistd.h>
3b3b7fc78d1f5bfc2769903375050048ff41ff26nd#include <fcntl.h>
fe64b2ba25510d8c9dba5560a2d537763566cf40nd#include <string.h>
fe64b2ba25510d8c9dba5560a2d537763566cf40nd#include <strings.h>
fe64b2ba25510d8c9dba5560a2d537763566cf40nd#include <ctype.h>
fe64b2ba25510d8c9dba5560a2d537763566cf40nd#include <errno.h>
fe64b2ba25510d8c9dba5560a2d537763566cf40nd#include <libintl.h>
fe64b2ba25510d8c9dba5560a2d537763566cf40nd#include <limits.h>
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna#include <locale.h>
fe64b2ba25510d8c9dba5560a2d537763566cf40nd#include <time.h>
117c1f888a14e73cdd821dc6c23eb0411144a41cnd#include <pcre.h>
117c1f888a14e73cdd821dc6c23eb0411144a41cnd#include <sys/types.h>
58699879a562774640b95e9eedfd891f336e38c2nd#include <sys/stat.h>
4335f1cbf345c91bb996eec540c11ba8ce5d4268nd#include <arpa/inet.h>
117c1f888a14e73cdd821dc6c23eb0411144a41cnd#include <netinet/in.h>
117c1f888a14e73cdd821dc6c23eb0411144a41cnd
117c1f888a14e73cdd821dc6c23eb0411144a41cnd#include <talloc.h>
117c1f888a14e73cdd821dc6c23eb0411144a41cnd#include <tevent.h>
9597f440430d8c876dd64f5f78066804650a18ecnoodl#include <ldb.h>
117c1f888a14e73cdd821dc6c23eb0411144a41cnd#include <dhash.h>
117c1f888a14e73cdd821dc6c23eb0411144a41cnd
117c1f888a14e73cdd821dc6c23eb0411144a41cnd#include "confdb/confdb.h"
117c1f888a14e73cdd821dc6c23eb0411144a41cnd#include "util/atomic_io.h"
5f86589186bcc15ee13e288a9d73acbeab2409fbdpejesh#include "util/util_errors.h"
117c1f888a14e73cdd821dc6c23eb0411144a41cnd#include "util/util_safealign.h"
117c1f888a14e73cdd821dc6c23eb0411144a41cnd#include "util/sss_format.h"
e797af4d7b0cada1278d72d6c8ac77210ef78632minfrin#include "util/debug.h"
117c1f888a14e73cdd821dc6c23eb0411144a41cnd
117c1f888a14e73cdd821dc6c23eb0411144a41cnd#define _(STRING) gettext (STRING)
117c1f888a14e73cdd821dc6c23eb0411144a41cnd
117c1f888a14e73cdd821dc6c23eb0411144a41cnd#define ENUM_INDICATOR "*"
117c1f888a14e73cdd821dc6c23eb0411144a41cnd
3cc4ff86e6cc4cfd7d4ccfc58dedff599091444bnoodl#define CLEAR_MC_FLAG "clear_mc_flag"
117c1f888a14e73cdd821dc6c23eb0411144a41cnd
117c1f888a14e73cdd821dc6c23eb0411144a41cnd/** Default secure umask */
117c1f888a14e73cdd821dc6c23eb0411144a41cnd#define SSS_DFL_UMASK 0177
117c1f888a14e73cdd821dc6c23eb0411144a41cnd
117c1f888a14e73cdd821dc6c23eb0411144a41cnd/** Secure mask with executable bit */
117c1f888a14e73cdd821dc6c23eb0411144a41cnd#define SSS_DFL_X_UMASK 0077
117c1f888a14e73cdd821dc6c23eb0411144a41cnd
6c45910d5394acbc3f20ab3f2615d9ed2b4e6533nd#ifndef NULL
117c1f888a14e73cdd821dc6c23eb0411144a41cnd#define NULL 0
117c1f888a14e73cdd821dc6c23eb0411144a41cnd#endif
117c1f888a14e73cdd821dc6c23eb0411144a41cnd
117c1f888a14e73cdd821dc6c23eb0411144a41cnd#define ZERO_STRUCT(x) memset((char *)&(x), 0, sizeof(x))
117c1f888a14e73cdd821dc6c23eb0411144a41cnd
117c1f888a14e73cdd821dc6c23eb0411144a41cnd#define SSSD_MAIN_OPTS SSSD_DEBUG_OPTS
117c1f888a14e73cdd821dc6c23eb0411144a41cnd
117c1f888a14e73cdd821dc6c23eb0411144a41cnd#define SSSD_SERVER_OPTS(uid, gid) \
117c1f888a14e73cdd821dc6c23eb0411144a41cnd        {"uid", 0, POPT_ARG_INT, &uid, 0, \
709e3a21ba73b8433462959cd56c773454b34441trawick          _("The user ID to run the server as"), NULL}, \
117c1f888a14e73cdd821dc6c23eb0411144a41cnd        {"gid", 0, POPT_ARG_INT, &gid, 0, \
117c1f888a14e73cdd821dc6c23eb0411144a41cnd          _("The group ID to run the server as"), NULL},
117c1f888a14e73cdd821dc6c23eb0411144a41cnd
117c1f888a14e73cdd821dc6c23eb0411144a41cnd#define FLAGS_NONE 0x0000
117c1f888a14e73cdd821dc6c23eb0411144a41cnd#define FLAGS_DAEMON 0x0001
117c1f888a14e73cdd821dc6c23eb0411144a41cnd#define FLAGS_INTERACTIVE 0x0002
e797af4d7b0cada1278d72d6c8ac77210ef78632minfrin#define FLAGS_PID_FILE 0x0004
117c1f888a14e73cdd821dc6c23eb0411144a41cnd#define FLAGS_GEN_CONF 0x0008
117c1f888a14e73cdd821dc6c23eb0411144a41cnd
117c1f888a14e73cdd821dc6c23eb0411144a41cnd#define PIPE_INIT { -1, -1 }
117c1f888a14e73cdd821dc6c23eb0411144a41cnd
117c1f888a14e73cdd821dc6c23eb0411144a41cnd#define PIPE_FD_CLOSE(fd) do {      \
117c1f888a14e73cdd821dc6c23eb0411144a41cnd    if (fd != -1) {                 \
117c1f888a14e73cdd821dc6c23eb0411144a41cnd        close(fd);                  \
117c1f888a14e73cdd821dc6c23eb0411144a41cnd        fd = -1;                    \
117c1f888a14e73cdd821dc6c23eb0411144a41cnd    }                               \
117c1f888a14e73cdd821dc6c23eb0411144a41cnd} while(0);
117c1f888a14e73cdd821dc6c23eb0411144a41cnd
b00fe3c3354db01001b8eddfd9b88441380f837dwrowe#define PIPE_CLOSE(p) do {          \
e797af4d7b0cada1278d72d6c8ac77210ef78632minfrin    PIPE_FD_CLOSE(p[0]);            \
117c1f888a14e73cdd821dc6c23eb0411144a41cnd    PIPE_FD_CLOSE(p[1]);            \
a38b5f73e7f0f3b8726fb47d27b145f37036ead0jim} while(0);
117c1f888a14e73cdd821dc6c23eb0411144a41cnd
fe64b2ba25510d8c9dba5560a2d537763566cf40nd#ifndef talloc_zfree
fe64b2ba25510d8c9dba5560a2d537763566cf40nd#define talloc_zfree(ptr) do { talloc_free(discard_const(ptr)); ptr = NULL; } while(0)
fe64b2ba25510d8c9dba5560a2d537763566cf40nd#endif
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna#ifndef discard_const_p
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna#if defined(__intptr_t_defined) || defined(HAVE_INTPTR_T)
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna# define discard_const_p(type, ptr) ((type *)((intptr_t)(ptr)))
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna#else
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna# define discard_const_p(type, ptr) ((type *)(ptr))
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna#endif
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna#endif
88d86cfadffe2275a3dfb67a4d7bdc018630b661rbowen
88d86cfadffe2275a3dfb67a4d7bdc018630b661rbowen#define TEVENT_REQ_RETURN_ON_ERROR(req) do { \
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna    enum tevent_req_state TRROEstate; \
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna    uint64_t TRROEuint64; \
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna    errno_t TRROEerr; \
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna    \
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna    if (tevent_req_is_error(req, &TRROEstate, &TRROEuint64)) { \
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna        TRROEerr = (errno_t)TRROEuint64; \
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe        if (TRROEstate == TEVENT_REQ_USER_ERROR) { \
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe            if (TRROEerr == 0) { \
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe                return ERR_INTERNAL; \
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe            } \
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe            return TRROEerr; \
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe        } \
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe        return ERR_INTERNAL; \
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe    } \
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna} while (0)
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna#define OUT_OF_ID_RANGE(id, min, max) \
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna    (id == 0 || (min && (id < min)) || (max && (id > max)))
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna#include "util/dlinklist.h"
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna/* From debug.c */
90efa9f1730742d874edb5a7803adce11c9f08eanoodlvoid ldb_debug_messages(void *context, enum ldb_debug_level level,
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna                        const char *fmt, va_list ap);
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquernaint chown_debug_file(const char *filename, uid_t uid, gid_t gid);
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquernaint open_debug_file_ex(const char *filename, FILE **filep, bool want_cloexec);
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquernaint open_debug_file(void);
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquernaint rotate_debug_files(void);
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquernavoid talloc_log_fn(const char *msg);
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna/* From sss_log.c */
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna#define SSS_LOG_EMERG   0   /* system is unusable */
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna#define SSS_LOG_ALERT   1   /* action must be taken immediately */
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna#define SSS_LOG_CRIT    2   /* critical conditions */
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna#define SSS_LOG_ERR     3   /* error conditions */
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna#define SSS_LOG_WARNING 4   /* warning conditions */
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna#define SSS_LOG_NOTICE  5   /* normal but significant condition */
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna#define SSS_LOG_INFO    6   /* informational */
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna#define SSS_LOG_DEBUG   7   /* debug-level messages */
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquernavoid sss_log(int priority, const char *format, ...) SSS_ATTRIBUTE_PRINTF(2, 3);
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquernavoid sss_log_ext(int priority, int facility, const char *format, ...) SSS_ATTRIBUTE_PRINTF(3, 4);
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe/* from server.c */
5ae609a8a09239d20f48a4a95c4f21b713995babwrowestruct main_context {
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe    struct tevent_context *event_ctx;
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe    struct confdb_ctx *confdb_ctx;
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe    pid_t parent_pid;
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe};
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe
5ae609a8a09239d20f48a4a95c4f21b713995babwroweerrno_t server_common_rotate_logs(struct confdb_ctx *confdb,
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe                                  const char *conf_entry);
5ae609a8a09239d20f48a4a95c4f21b713995babwroweint die_if_parent_died(void);
5ae609a8a09239d20f48a4a95c4f21b713995babwroweint pidfile(const char *path, const char *name);
5ae609a8a09239d20f48a4a95c4f21b713995babwroweint server_setup(const char *name, int flags,
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe                 uid_t uid, gid_t gid,
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe                 const char *conf_entry,
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe                 struct main_context **main_ctx);
5ae609a8a09239d20f48a4a95c4f21b713995babwrowevoid server_loop(struct main_context *main_ctx);
5ae609a8a09239d20f48a4a95c4f21b713995babwrowevoid orderly_shutdown(int status);
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe/* from signal.c */
5ae609a8a09239d20f48a4a95c4f21b713995babwrowe#include <signal.h>
5ae609a8a09239d20f48a4a95c4f21b713995babwrowevoid BlockSignals(bool block, int signum);
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquernavoid (*CatchSignal(int signum,void (*handler)(int )))(int);
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna
7e8f5c6496b3825b6b128e2aacc4b1b09d28553dpquerna/* from memory.c */
fe64b2ba25510d8c9dba5560a2d537763566cf40ndtypedef int (void_destructor_fn_t)(void *);
fe64b2ba25510d8c9dba5560a2d537763566cf40nd
fe64b2ba25510d8c9dba5560a2d537763566cf40ndstruct mem_holder {
fe64b2ba25510d8c9dba5560a2d537763566cf40nd    void *mem;
fe64b2ba25510d8c9dba5560a2d537763566cf40nd    void_destructor_fn_t *fn;
fe64b2ba25510d8c9dba5560a2d537763566cf40nd};
fe64b2ba25510d8c9dba5560a2d537763566cf40nd
fe64b2ba25510d8c9dba5560a2d537763566cf40ndvoid *sss_mem_attach(TALLOC_CTX *mem_ctx,
fe64b2ba25510d8c9dba5560a2d537763566cf40nd                     void *ptr,
fe64b2ba25510d8c9dba5560a2d537763566cf40nd                     void_destructor_fn_t *fn);
88d86cfadffe2275a3dfb67a4d7bdc018630b661rbowen
fe64b2ba25510d8c9dba5560a2d537763566cf40ndint password_destructor(void *memctx);
06ba4a61654b3763ad65f52283832ebf058fdf1cslive
06ba4a61654b3763ad65f52283832ebf058fdf1cslive/* from usertools.c */
06ba4a61654b3763ad65f52283832ebf058fdf1cslivechar *get_uppercase_realm(TALLOC_CTX *memctx, const char *name);
06ba4a61654b3763ad65f52283832ebf058fdf1cslive
06ba4a61654b3763ad65f52283832ebf058fdf1cslivestruct sss_names_ctx {
fb77c505254b6e9c925e23e734463e87574f8f40kess    char *re_pattern;
fb77c505254b6e9c925e23e734463e87574f8f40kess    char *fq_fmt;
06ba4a61654b3763ad65f52283832ebf058fdf1cslive
06ba4a61654b3763ad65f52283832ebf058fdf1cslive    pcre *re;
06ba4a61654b3763ad65f52283832ebf058fdf1cslive};
06ba4a61654b3763ad65f52283832ebf058fdf1cslive
06ba4a61654b3763ad65f52283832ebf058fdf1cslive/* initialize sss_names_ctx directly from arguments */
06ba4a61654b3763ad65f52283832ebf058fdf1csliveint sss_names_init_from_args(TALLOC_CTX *mem_ctx,
fb77c505254b6e9c925e23e734463e87574f8f40kess                             const char *re_pattern,
06ba4a61654b3763ad65f52283832ebf058fdf1cslive                             const char *fq_fmt,
06ba4a61654b3763ad65f52283832ebf058fdf1cslive                             struct sss_names_ctx **out);
06ba4a61654b3763ad65f52283832ebf058fdf1cslive
06ba4a61654b3763ad65f52283832ebf058fdf1cslive/* initialize sss_names_ctx from domain configuration */
fb77c505254b6e9c925e23e734463e87574f8f40kessint sss_names_init(TALLOC_CTX *mem_ctx,
06ba4a61654b3763ad65f52283832ebf058fdf1cslive                   struct confdb_ctx *cdb,
06ba4a61654b3763ad65f52283832ebf058fdf1cslive                   const char *domain,
06ba4a61654b3763ad65f52283832ebf058fdf1cslive                   struct sss_names_ctx **out);
06ba4a61654b3763ad65f52283832ebf058fdf1cslive
06ba4a61654b3763ad65f52283832ebf058fdf1csliveint sss_ad_default_names_ctx(TALLOC_CTX *mem_ctx,
fb77c505254b6e9c925e23e734463e87574f8f40kess                             struct sss_names_ctx **_out);
06ba4a61654b3763ad65f52283832ebf058fdf1cslive
06ba4a61654b3763ad65f52283832ebf058fdf1csliveint sss_parse_name(TALLOC_CTX *memctx,
06ba4a61654b3763ad65f52283832ebf058fdf1cslive                   struct sss_names_ctx *snctx,
fb77c505254b6e9c925e23e734463e87574f8f40kess                   const char *orig, char **_domain, char **_name);
fb77c505254b6e9c925e23e734463e87574f8f40kess
06ba4a61654b3763ad65f52283832ebf058fdf1csliveint sss_parse_name_for_domains(TALLOC_CTX *memctx,
fb77c505254b6e9c925e23e734463e87574f8f40kess                               struct sss_domain_info *domains,
bc4b55ec8f31569d606d5680d50189a355bcd7a6rbowen                               const char *default_domain,
fb77c505254b6e9c925e23e734463e87574f8f40kess                               const char *orig, char **domain, char **name);
06ba4a61654b3763ad65f52283832ebf058fdf1cslive
06ba4a61654b3763ad65f52283832ebf058fdf1cslivechar *
06ba4a61654b3763ad65f52283832ebf058fdf1cslivesss_get_cased_name(TALLOC_CTX *mem_ctx, const char *orig_name,
06ba4a61654b3763ad65f52283832ebf058fdf1cslive                   bool case_sensitive);
fb77c505254b6e9c925e23e734463e87574f8f40kess
fb77c505254b6e9c925e23e734463e87574f8f40kesserrno_t
06ba4a61654b3763ad65f52283832ebf058fdf1cslivesss_get_cased_name_list(TALLOC_CTX *mem_ctx, const char * const *orig,
fb77c505254b6e9c925e23e734463e87574f8f40kess                        bool case_sensitive, const char ***_cased);
fb77c505254b6e9c925e23e734463e87574f8f40kess
06ba4a61654b3763ad65f52283832ebf058fdf1cslive/* Return fully-qualified name according to the fq_fmt. The name is allocated using
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd * talloc on top of mem_ctx
130d299c4b2b15be45532a176604c71fdc7bea5bnd */
130d299c4b2b15be45532a176604c71fdc7bea5bndchar *
130d299c4b2b15be45532a176604c71fdc7bea5bndsss_tc_fqname(TALLOC_CTX *mem_ctx, struct sss_names_ctx *nctx,
130d299c4b2b15be45532a176604c71fdc7bea5bnd              struct sss_domain_info *domain, const char *name);
130d299c4b2b15be45532a176604c71fdc7bea5bnd
ef8e89e090461194ecadd31e8796a2c51e0531a2kess/* Return fully-qualified name according to the fq_fmt. The name is allocated using
130d299c4b2b15be45532a176604c71fdc7bea5bnd * talloc on top of mem_ctx. In contrast to sss_tc_fqname() sss_tc_fqname2()
130d299c4b2b15be45532a176604c71fdc7bea5bnd * expects the domain and flat domain name as separate arguments.
130d299c4b2b15be45532a176604c71fdc7bea5bnd */
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cndchar *
fe64b2ba25510d8c9dba5560a2d537763566cf40ndsss_tc_fqname2(TALLOC_CTX *mem_ctx, struct sss_names_ctx *nctx,
fe64b2ba25510d8c9dba5560a2d537763566cf40nd               const char *dom_name, const char *flat_dom_name,
fe64b2ba25510d8c9dba5560a2d537763566cf40nd               const char *name);
fe64b2ba25510d8c9dba5560a2d537763566cf40nd
fe64b2ba25510d8c9dba5560a2d537763566cf40nd/* Return fully-qualified name formatted according to the fq_fmt. The buffer in "str" is
fe64b2ba25510d8c9dba5560a2d537763566cf40nd * "size" bytes long. Returns the number of bytes written on success or a negative
fe64b2ba25510d8c9dba5560a2d537763566cf40nd * value of failure.
fe64b2ba25510d8c9dba5560a2d537763566cf40nd *
fe64b2ba25510d8c9dba5560a2d537763566cf40nd * Pass a zero size to calculate the length that would be needed by the fully-qualified
fe64b2ba25510d8c9dba5560a2d537763566cf40nd * name.
fe64b2ba25510d8c9dba5560a2d537763566cf40nd */
fe64b2ba25510d8c9dba5560a2d537763566cf40ndint
313bb560bc5c323cfd40c9cad7335b4b8e060aedkesssss_fqname(char *str, size_t size, struct sss_names_ctx *nctx,
ff797e743eb73c1d45b08158aa6b288c2d0c46eeslive           struct sss_domain_info *domain, const char *name);
ff797e743eb73c1d45b08158aa6b288c2d0c46eeslive
6b64034fa2a644ba291c484c0c01c7df5b8d982ckess
6b64034fa2a644ba291c484c0c01c7df5b8d982ckess/* Accepts fqname in the format shortname@domname only. */
06ba4a61654b3763ad65f52283832ebf058fdf1csliveerrno_t sss_parse_internal_fqname(TALLOC_CTX *mem_ctx,
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd                                  const char *fqname,
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd                                  char **_shortname,
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd                                  char **_dom_name);
06ba4a61654b3763ad65f52283832ebf058fdf1cslive
06ba4a61654b3763ad65f52283832ebf058fdf1cslive/* Creates internal fqname in format shortname@domname.
06ba4a61654b3763ad65f52283832ebf058fdf1cslive * The domain portion is lowercased. */
06ba4a61654b3763ad65f52283832ebf058fdf1cslivechar *sss_create_internal_fqname(TALLOC_CTX *mem_ctx,
06ba4a61654b3763ad65f52283832ebf058fdf1cslive                                 const char *shortname,
06ba4a61654b3763ad65f52283832ebf058fdf1cslive                                 const char *dom_name);
06ba4a61654b3763ad65f52283832ebf058fdf1cslive
130d299c4b2b15be45532a176604c71fdc7bea5bnd/* Creates internal fqnames list in format shortname@domname.
130d299c4b2b15be45532a176604c71fdc7bea5bnd * The domain portion is lowercased. */
130d299c4b2b15be45532a176604c71fdc7bea5bndchar **sss_create_internal_fqname_list(TALLOC_CTX *mem_ctx,
130d299c4b2b15be45532a176604c71fdc7bea5bnd                                       const char * const *shortname_list,
130d299c4b2b15be45532a176604c71fdc7bea5bnd                                       const char *dom_name);
130d299c4b2b15be45532a176604c71fdc7bea5bnd
130d299c4b2b15be45532a176604c71fdc7bea5bnd/* Turn fqname into cased shortname with replaced space. */
fe64b2ba25510d8c9dba5560a2d537763566cf40ndchar *sss_output_name(TALLOC_CTX *mem_ctx,
fe64b2ba25510d8c9dba5560a2d537763566cf40nd                      const char *fqname,
fe64b2ba25510d8c9dba5560a2d537763566cf40nd                      bool case_sensitive,
fe64b2ba25510d8c9dba5560a2d537763566cf40nd                      const char replace_space);
fe64b2ba25510d8c9dba5560a2d537763566cf40nd
fe64b2ba25510d8c9dba5560a2d537763566cf40nd/* from backup-file.c */
fe64b2ba25510d8c9dba5560a2d537763566cf40ndint backup_file(const char *src, int dbglvl);
fe64b2ba25510d8c9dba5560a2d537763566cf40nd
fe64b2ba25510d8c9dba5560a2d537763566cf40nd/* check_file()
fe64b2ba25510d8c9dba5560a2d537763566cf40nd * Verify that a file has certain permissions and/or is of a certain
fe64b2ba25510d8c9dba5560a2d537763566cf40nd * file type. This function can be used to determine if a file is a
5224ff8eae5156a05f676f1dad8add2e2f2efe1dnd * symlink.
627c978514c54179736d152923478be7c8707f9bnd * Warning: use of this function implies a potential race condition
fe64b2ba25510d8c9dba5560a2d537763566cf40nd * Opening a file before or after checking it does NOT guarantee that
fe64b2ba25510d8c9dba5560a2d537763566cf40nd * it is still the same file. Additional checks should be performed
fe64b2ba25510d8c9dba5560a2d537763566cf40nd * on the caller_stat_buf to ensure that it has the same device and
fe64b2ba25510d8c9dba5560a2d537763566cf40nd * inode to minimize impact. Permission changes may have occurred,
fe64b2ba25510d8c9dba5560a2d537763566cf40nd * however.
fe64b2ba25510d8c9dba5560a2d537763566cf40nd */
fe64b2ba25510d8c9dba5560a2d537763566cf40nderrno_t check_file(const char *filename,
5224ff8eae5156a05f676f1dad8add2e2f2efe1dnd                   uid_t uid, gid_t gid, mode_t mode, mode_t mask,
5224ff8eae5156a05f676f1dad8add2e2f2efe1dnd                   struct stat *caller_stat_buf, bool follow_symlink);
5224ff8eae5156a05f676f1dad8add2e2f2efe1dnd
888b616027180cc8aaa4d2bee5ecc6acec175bc5nd/* check_fd()
b95ae799514ad86a15610ad75808d7065e9847c9kess * Verify that an open file descriptor has certain permissions and/or
888b616027180cc8aaa4d2bee5ecc6acec175bc5nd * is of a certain file type. This function CANNOT detect symlinks,
5224ff8eae5156a05f676f1dad8add2e2f2efe1dnd * as the file is already open and symlinks have been traversed. This
5224ff8eae5156a05f676f1dad8add2e2f2efe1dnd * is the safer way to perform file checks and should be preferred
5224ff8eae5156a05f676f1dad8add2e2f2efe1dnd * over check_file for nearly all situations.
5224ff8eae5156a05f676f1dad8add2e2f2efe1dnd */
5224ff8eae5156a05f676f1dad8add2e2f2efe1dnderrno_t check_fd(int fd, uid_t uid, gid_t gid,
604c89126c27104f659d7a51b0113e3bd435faf8fielding                 mode_t mode, mode_t mask,
5224ff8eae5156a05f676f1dad8add2e2f2efe1dnd                 struct stat *caller_stat_buf);
06ba4a61654b3763ad65f52283832ebf058fdf1cslive
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd/* check_and_open_readonly()
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd * Utility function to open a file and verify that it has certain
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd * permissions and is of a certain file type. This function wraps
fe64b2ba25510d8c9dba5560a2d537763566cf40nd * check_fd(), and is considered race-condition safe.
888b616027180cc8aaa4d2bee5ecc6acec175bc5nd */
5224ff8eae5156a05f676f1dad8add2e2f2efe1dnderrno_t check_and_open_readonly(const char *filename, int *fd,
5224ff8eae5156a05f676f1dad8add2e2f2efe1dnd                                uid_t uid, gid_t gid,
5224ff8eae5156a05f676f1dad8add2e2f2efe1dnd                                mode_t mode, mode_t mask);
5224ff8eae5156a05f676f1dad8add2e2f2efe1dnd
5224ff8eae5156a05f676f1dad8add2e2f2efe1dnd/* from util.c */
5224ff8eae5156a05f676f1dad8add2e2f2efe1dnd#define SSS_NO_LINKLOCAL 0x01
5224ff8eae5156a05f676f1dad8add2e2f2efe1dnd#define SSS_NO_LOOPBACK 0x02
5224ff8eae5156a05f676f1dad8add2e2f2efe1dnd#define SSS_NO_MULTICAST 0x04
5224ff8eae5156a05f676f1dad8add2e2f2efe1dnd#define SSS_NO_BROADCAST 0x08
5224ff8eae5156a05f676f1dad8add2e2f2efe1dnd
5224ff8eae5156a05f676f1dad8add2e2f2efe1dnd#define SSS_NO_SPECIAL \
5224ff8eae5156a05f676f1dad8add2e2f2efe1dnd        (SSS_NO_LINKLOCAL|SSS_NO_LOOPBACK|SSS_NO_MULTICAST|SSS_NO_BROADCAST)
5224ff8eae5156a05f676f1dad8add2e2f2efe1dnd
5224ff8eae5156a05f676f1dad8add2e2f2efe1dnd/* These two functions accept addr in network order */
fe64b2ba25510d8c9dba5560a2d537763566cf40ndbool check_ipv4_addr(struct in_addr *addr, uint8_t check);
fe64b2ba25510d8c9dba5560a2d537763566cf40ndbool check_ipv6_addr(struct in6_addr *addr, uint8_t check);
fe64b2ba25510d8c9dba5560a2d537763566cf40nd
fe64b2ba25510d8c9dba5560a2d537763566cf40ndconst char * const * get_known_services(void);
604c89126c27104f659d7a51b0113e3bd435faf8fielding
fb77c505254b6e9c925e23e734463e87574f8f40kesserrno_t sss_user_by_name_or_uid(const char *input, uid_t *_uid, gid_t *_gid);
604c89126c27104f659d7a51b0113e3bd435faf8fielding
fe64b2ba25510d8c9dba5560a2d537763566cf40ndint split_on_separator(TALLOC_CTX *mem_ctx, const char *str,
fe64b2ba25510d8c9dba5560a2d537763566cf40nd                       const char sep, bool trim, bool skip_empty,
fe64b2ba25510d8c9dba5560a2d537763566cf40nd                       char ***_list, int *size);
fe64b2ba25510d8c9dba5560a2d537763566cf40nd
88d86cfadffe2275a3dfb67a4d7bdc018630b661rbowenchar **parse_args(const char *str);
fe64b2ba25510d8c9dba5560a2d537763566cf40nd
58699879a562774640b95e9eedfd891f336e38c2ndstruct cert_verify_opts {
604c89126c27104f659d7a51b0113e3bd435faf8fielding    bool do_ocsp;
6fe26506780e73be2a412d758af77fafdf03291and    bool do_verification;
6fe26506780e73be2a412d758af77fafdf03291and    char *ocsp_default_responder;
58699879a562774640b95e9eedfd891f336e38c2nd    char *ocsp_default_responder_signing_cert;
fb77c505254b6e9c925e23e734463e87574f8f40kess};
fb77c505254b6e9c925e23e734463e87574f8f40kess
fb77c505254b6e9c925e23e734463e87574f8f40kesserrno_t parse_cert_verify_opts(TALLOC_CTX *mem_ctx, const char *verify_opts,
fb77c505254b6e9c925e23e734463e87574f8f40kess                               struct cert_verify_opts **cert_verify_opts);
fb77c505254b6e9c925e23e734463e87574f8f40kess
58699879a562774640b95e9eedfd891f336e38c2nderrno_t sss_hash_create(TALLOC_CTX *mem_ctx,
58699879a562774640b95e9eedfd891f336e38c2nd                        unsigned long count,
58699879a562774640b95e9eedfd891f336e38c2nd                        hash_table_t **tbl);
58699879a562774640b95e9eedfd891f336e38c2nd
58699879a562774640b95e9eedfd891f336e38c2nderrno_t sss_hash_create_ex(TALLOC_CTX *mem_ctx,
6b64034fa2a644ba291c484c0c01c7df5b8d982ckess                           unsigned long count,
6b64034fa2a644ba291c484c0c01c7df5b8d982ckess                           hash_table_t **tbl,
58699879a562774640b95e9eedfd891f336e38c2nd                           unsigned int directory_bits,
6b64034fa2a644ba291c484c0c01c7df5b8d982ckess                           unsigned int segment_bits,
58699879a562774640b95e9eedfd891f336e38c2nd                           unsigned long min_load_factor,
58699879a562774640b95e9eedfd891f336e38c2nd                           unsigned long max_load_factor,
fb77c505254b6e9c925e23e734463e87574f8f40kess                           hash_delete_callback *delete_callback,
fb77c505254b6e9c925e23e734463e87574f8f40kess                           void *delete_private_data);
fb77c505254b6e9c925e23e734463e87574f8f40kess
58699879a562774640b95e9eedfd891f336e38c2nd/* Returns true if sudoUser value is a username or a groupname */
58699879a562774640b95e9eedfd891f336e38c2ndbool is_user_or_group_name(const char *sudo_user_value);
58699879a562774640b95e9eedfd891f336e38c2nd
58699879a562774640b95e9eedfd891f336e38c2nd/**
58699879a562774640b95e9eedfd891f336e38c2nd * @brief Add two list of strings
58699879a562774640b95e9eedfd891f336e38c2nd *
58699879a562774640b95e9eedfd891f336e38c2nd * Create a new NULL-termintated list of strings by adding two lists together.
58699879a562774640b95e9eedfd891f336e38c2nd *
58699879a562774640b95e9eedfd891f336e38c2nd * @param[in] mem_ctx      Talloc memory context for the new list.
58699879a562774640b95e9eedfd891f336e38c2nd * @param[in] l1           First NULL-termintated list of strings.
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess * @param[in] l2           Second NULL-termintated list of strings.
4a7affccb2f1f5b94cab395e1bf3825aed715ebcnd * @param[in] copy_strings If set to 'true' the list items will be copied
9b5e2c5e769dc678a1aca06df75c32022b2f1492trawick *                         otherwise only the pointers to the items are
604c89126c27104f659d7a51b0113e3bd435faf8fielding *                         copied.
604c89126c27104f659d7a51b0113e3bd435faf8fielding * @param[out] new_list    New NULL-terminated list of strings. Must be freed
604c89126c27104f659d7a51b0113e3bd435faf8fielding *                         with talloc_free() by the caller. If copy_strings
604c89126c27104f659d7a51b0113e3bd435faf8fielding *                         is 'true' the new elements will be freed as well.
4a7affccb2f1f5b94cab395e1bf3825aed715ebcnd */
4a7affccb2f1f5b94cab395e1bf3825aed715ebcnderrno_t add_strings_lists(TALLOC_CTX *mem_ctx, const char **l1, const char **l2,
4a7affccb2f1f5b94cab395e1bf3825aed715ebcnd                          bool copy_strings, char ***_new_list);
58699879a562774640b95e9eedfd891f336e38c2nd
fe64b2ba25510d8c9dba5560a2d537763566cf40nd/**
fe64b2ba25510d8c9dba5560a2d537763566cf40nd * @brief set file descriptor as nonblocking
fe64b2ba25510d8c9dba5560a2d537763566cf40nd *
fe64b2ba25510d8c9dba5560a2d537763566cf40nd * Set the O_NONBLOCK flag for the input fd
fe64b2ba25510d8c9dba5560a2d537763566cf40nd *
fe64b2ba25510d8c9dba5560a2d537763566cf40nd * @param[in] fd            The file descriptor to set as nonblocking
fe64b2ba25510d8c9dba5560a2d537763566cf40nd *
fe64b2ba25510d8c9dba5560a2d537763566cf40nd * @return                  EOK on success, errno code otherwise
fe64b2ba25510d8c9dba5560a2d537763566cf40nd */
4335f1cbf345c91bb996eec540c11ba8ce5d4268nderrno_t sss_fd_nonblocking(int fd);
4335f1cbf345c91bb996eec540c11ba8ce5d4268nd
9583adab6bc4b3758e41963c905d9dad9f067131nd/* Copy a NULL-terminated string list
4335f1cbf345c91bb996eec540c11ba8ce5d4268nd * Returns NULL on out of memory error or invalid input
4335f1cbf345c91bb996eec540c11ba8ce5d4268nd */
4335f1cbf345c91bb996eec540c11ba8ce5d4268ndconst char **dup_string_list(TALLOC_CTX *memctx, const char **str_list);
4335f1cbf345c91bb996eec540c11ba8ce5d4268nd
4335f1cbf345c91bb996eec540c11ba8ce5d4268nd/* Take two string lists (terminated on a NULL char*)
4335f1cbf345c91bb996eec540c11ba8ce5d4268nd * and return up to three arrays of strings based on
88d86cfadffe2275a3dfb67a4d7bdc018630b661rbowen * shared ownership.
4335f1cbf345c91bb996eec540c11ba8ce5d4268nd *
4335f1cbf345c91bb996eec540c11ba8ce5d4268nd * Pass NULL to any return type you don't care about
4335f1cbf345c91bb996eec540c11ba8ce5d4268nd */
4335f1cbf345c91bb996eec540c11ba8ce5d4268nderrno_t diff_string_lists(TALLOC_CTX *memctx,
4335f1cbf345c91bb996eec540c11ba8ce5d4268nd                          char **string1,
4335f1cbf345c91bb996eec540c11ba8ce5d4268nd                          char **string2,
4335f1cbf345c91bb996eec540c11ba8ce5d4268nd                          char ***string1_only,
4335f1cbf345c91bb996eec540c11ba8ce5d4268nd                          char ***string2_only,
4335f1cbf345c91bb996eec540c11ba8ce5d4268nd                          char ***both_strings);
4335f1cbf345c91bb996eec540c11ba8ce5d4268nd
4335f1cbf345c91bb996eec540c11ba8ce5d4268nd/* Sanitize an input string (e.g. a username) for use in
9b5e2c5e769dc678a1aca06df75c32022b2f1492trawick * an LDAP/LDB filter
4335f1cbf345c91bb996eec540c11ba8ce5d4268nd * Returns a newly-constructed string attached to mem_ctx
4335f1cbf345c91bb996eec540c11ba8ce5d4268nd * It will fail only on an out of memory condition, where it
4335f1cbf345c91bb996eec540c11ba8ce5d4268nd * will return ENOMEM.
4335f1cbf345c91bb996eec540c11ba8ce5d4268nd */
4335f1cbf345c91bb996eec540c11ba8ce5d4268nderrno_t sss_filter_sanitize(TALLOC_CTX *mem_ctx,
4335f1cbf345c91bb996eec540c11ba8ce5d4268nd                            const char *input,
4335f1cbf345c91bb996eec540c11ba8ce5d4268nd                            char **sanitized);
4335f1cbf345c91bb996eec540c11ba8ce5d4268nd
4335f1cbf345c91bb996eec540c11ba8ce5d4268nderrno_t sss_filter_sanitize_ex(TALLOC_CTX *mem_ctx,
4335f1cbf345c91bb996eec540c11ba8ce5d4268nd                               const char *input,
fe64b2ba25510d8c9dba5560a2d537763566cf40nd                               char **sanitized,
fe64b2ba25510d8c9dba5560a2d537763566cf40nd                               const char *ignore);
fe64b2ba25510d8c9dba5560a2d537763566cf40nd
627c978514c54179736d152923478be7c8707f9bnderrno_t sss_filter_sanitize_for_dom(TALLOC_CTX *mem_ctx,
fb77c505254b6e9c925e23e734463e87574f8f40kess                                    const char *input,
fe64b2ba25510d8c9dba5560a2d537763566cf40nd                                    struct sss_domain_info *dom,
fe64b2ba25510d8c9dba5560a2d537763566cf40nd                                    char **sanitized,
fe64b2ba25510d8c9dba5560a2d537763566cf40nd                                    char **lc_sanitized);
fe64b2ba25510d8c9dba5560a2d537763566cf40nd
fe64b2ba25510d8c9dba5560a2d537763566cf40ndchar *
fe64b2ba25510d8c9dba5560a2d537763566cf40ndsss_escape_ip_address(TALLOC_CTX *mem_ctx, int family, const char *addr);
fb77c505254b6e9c925e23e734463e87574f8f40kess
fb77c505254b6e9c925e23e734463e87574f8f40kess/* This function only removes first and last
fb77c505254b6e9c925e23e734463e87574f8f40kess * character if the first character was '['.
6b64034fa2a644ba291c484c0c01c7df5b8d982ckess *
06ba4a61654b3763ad65f52283832ebf058fdf1cslive * NOTE: This means, that ipv6addr must NOT be followed
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess * by port number.
10673857794a4b3d9568ca2d983722a87ed352f1rbowen */
fb77c505254b6e9c925e23e734463e87574f8f40kesserrno_t
ed0dae472b518c553c923a86fb4322d4c50d86a6ndremove_ipv6_brackets(char *ipv6addr);
ed0dae472b518c553c923a86fb4322d4c50d86a6nd
10673857794a4b3d9568ca2d983722a87ed352f1rbowen
10673857794a4b3d9568ca2d983722a87ed352f1rbowenerrno_t add_string_to_list(TALLOC_CTX *mem_ctx, const char *string,
06ba4a61654b3763ad65f52283832ebf058fdf1cslive                           char ***list_p);
fb77c505254b6e9c925e23e734463e87574f8f40kess
fb77c505254b6e9c925e23e734463e87574f8f40kessbool string_in_list(const char *string, char **list, bool case_sensitive);
fb77c505254b6e9c925e23e734463e87574f8f40kess
06ba4a61654b3763ad65f52283832ebf058fdf1cslive/**
06ba4a61654b3763ad65f52283832ebf058fdf1cslive * @brief Safely zero a segment of memory,
06ba4a61654b3763ad65f52283832ebf058fdf1cslive *        prevents the compiler from optimizing out
fb77c505254b6e9c925e23e734463e87574f8f40kess *
06ba4a61654b3763ad65f52283832ebf058fdf1cslive * @param data   The address of buffer to wipe
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd * @param size   Size of the buffer
06ba4a61654b3763ad65f52283832ebf058fdf1cslive */
06ba4a61654b3763ad65f52283832ebf058fdf1cslivevoid safezero(void *data, size_t size);
06ba4a61654b3763ad65f52283832ebf058fdf1cslive
06ba4a61654b3763ad65f52283832ebf058fdf1csliveint domain_to_basedn(TALLOC_CTX *memctx, const char *domain, char **basedn);
06ba4a61654b3763ad65f52283832ebf058fdf1cslive
06ba4a61654b3763ad65f52283832ebf058fdf1cslivebool is_host_in_domain(const char *host, const char *domain);
06ba4a61654b3763ad65f52283832ebf058fdf1cslive
1f53e295ebd19aed1767d12da7abfab9936c148cjerenkrantz/* from nscd.c */
1f53e295ebd19aed1767d12da7abfab9936c148cjerenkrantzenum nscd_db {
cb3a1082aec4b3b4f4ed238c93c3cc54933a7f0end    NSCD_DB_PASSWD,
9335f6d807d76d60e54af4ededdebebddb3e3d13noodl    NSCD_DB_GROUP
9335f6d807d76d60e54af4ededdebebddb3e3d13noodl};
06ba4a61654b3763ad65f52283832ebf058fdf1cslive
06ba4a61654b3763ad65f52283832ebf058fdf1csliveint flush_nscd_cache(enum nscd_db flush_db);
06ba4a61654b3763ad65f52283832ebf058fdf1cslive
06ba4a61654b3763ad65f52283832ebf058fdf1csliveerrno_t sss_nscd_parse_conf(const char *conf_path);
604c89126c27104f659d7a51b0113e3bd435faf8fielding
604c89126c27104f659d7a51b0113e3bd435faf8fielding/* from sss_tc_utf8.c */
604c89126c27104f659d7a51b0113e3bd435faf8fieldingchar *
604c89126c27104f659d7a51b0113e3bd435faf8fieldingsss_tc_utf8_str_tolower(TALLOC_CTX *mem_ctx, const char *s);
604c89126c27104f659d7a51b0113e3bd435faf8fieldinguint8_t *
604c89126c27104f659d7a51b0113e3bd435faf8fieldingsss_tc_utf8_tolower(TALLOC_CTX *mem_ctx, const uint8_t *s, size_t len, size_t *_nlen);
604c89126c27104f659d7a51b0113e3bd435faf8fieldingbool sss_string_equal(bool cs, const char *s1, const char *s2);
604c89126c27104f659d7a51b0113e3bd435faf8fielding
604c89126c27104f659d7a51b0113e3bd435faf8fielding/* len includes terminating '\0' */
909ce17e2bd0faef7b1c294f2307f009793fd493ndstruct sized_string {
909ce17e2bd0faef7b1c294f2307f009793fd493nd    const char *str;
909ce17e2bd0faef7b1c294f2307f009793fd493nd    size_t len;
909ce17e2bd0faef7b1c294f2307f009793fd493nd};
06ba4a61654b3763ad65f52283832ebf058fdf1cslive
06ba4a61654b3763ad65f52283832ebf058fdf1cslivevoid to_sized_string(struct sized_string *out, const char *in);
06ba4a61654b3763ad65f52283832ebf058fdf1cslive
06ba4a61654b3763ad65f52283832ebf058fdf1cslive/* from domain_info.c */
06ba4a61654b3763ad65f52283832ebf058fdf1cslivestruct sss_domain_info *get_domains_head(struct sss_domain_info *domain);
97a9a944b5887e91042b019776c41d5dd74557aferikabele
97a9a944b5887e91042b019776c41d5dd74557aferikabele#define SSS_GND_DESCEND 0x01
97a9a944b5887e91042b019776c41d5dd74557aferikabele#define SSS_GND_INCLUDE_DISABLED 0x02
97a9a944b5887e91042b019776c41d5dd74557aferikabele#define SSS_GND_ALL_DOMAINS (SSS_GND_DESCEND | SSS_GND_INCLUDE_DISABLED)
06ba4a61654b3763ad65f52283832ebf058fdf1cslivestruct sss_domain_info *get_next_domain(struct sss_domain_info *domain,
06ba4a61654b3763ad65f52283832ebf058fdf1cslive                                        uint32_t gnd_flags);
06ba4a61654b3763ad65f52283832ebf058fdf1cslivestruct sss_domain_info *find_domain_by_name(struct sss_domain_info *domain,
06ba4a61654b3763ad65f52283832ebf058fdf1cslive                                            const char *name,
06ba4a61654b3763ad65f52283832ebf058fdf1cslive                                            bool match_any);
cb3a1082aec4b3b4f4ed238c93c3cc54933a7f0endstruct sss_domain_info *find_domain_by_sid(struct sss_domain_info *domain,
06ba4a61654b3763ad65f52283832ebf058fdf1cslive                                           const char *sid);
8e31885fc494b603e0650113dde9e29d1b1d2602maczniakenum sss_domain_state sss_domain_get_state(struct sss_domain_info *dom);
06ba4a61654b3763ad65f52283832ebf058fdf1cslivevoid sss_domain_set_state(struct sss_domain_info *dom,
06ba4a61654b3763ad65f52283832ebf058fdf1cslive                          enum sss_domain_state state);
06ba4a61654b3763ad65f52283832ebf058fdf1cslive
97a9a944b5887e91042b019776c41d5dd74557aferikabelestruct sss_domain_info*
8e31885fc494b603e0650113dde9e29d1b1d2602maczniaksss_get_domain_by_sid_ldap_fallback(struct sss_domain_info *domain,
8e31885fc494b603e0650113dde9e29d1b1d2602maczniak                                    const char* sid);
f23fb63b05f89f47d7a3099491f2c68dcce432e9kess
06ba4a61654b3763ad65f52283832ebf058fdf1cslivestruct sss_domain_info *
06ba4a61654b3763ad65f52283832ebf058fdf1cslivefind_domain_by_object_name(struct sss_domain_info *domain,
06ba4a61654b3763ad65f52283832ebf058fdf1cslive                           const char *object_name);
06ba4a61654b3763ad65f52283832ebf058fdf1cslive
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cndbool subdomain_enumerates(struct sss_domain_info *parent,
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd                          const char *sd_name);
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd
fe64b2ba25510d8c9dba5560a2d537763566cf40nderrno_t sssd_domain_init(TALLOC_CTX *mem_ctx,
ed0dae472b518c553c923a86fb4322d4c50d86a6nd                         struct confdb_ctx *cdb,
ed0dae472b518c553c923a86fb4322d4c50d86a6nd                         const char *domain_name,
ed0dae472b518c553c923a86fb4322d4c50d86a6nd                         const char *db_path,
ed0dae472b518c553c923a86fb4322d4c50d86a6nd                         struct sss_domain_info **_domain);
da637bcae7b6e150470e701af29da5604a34a17erbowen
da637bcae7b6e150470e701af29da5604a34a17erbowen#define IS_SUBDOMAIN(dom) ((dom)->parent != NULL)
da637bcae7b6e150470e701af29da5604a34a17erbowen
da637bcae7b6e150470e701af29da5604a34a17erbowen#define DOM_HAS_VIEWS(dom) ((dom)->has_views)
da637bcae7b6e150470e701af29da5604a34a17erbowen
da637bcae7b6e150470e701af29da5604a34a17erbowen/* the directory domain - realm mappings and other krb5 config snippers are
da637bcae7b6e150470e701af29da5604a34a17erbowen * written to */
da637bcae7b6e150470e701af29da5604a34a17erbowen#define KRB5_MAPPING_DIR PUBCONF_PATH"/krb5.include.d"
fe64b2ba25510d8c9dba5560a2d537763566cf40nd
fe64b2ba25510d8c9dba5560a2d537763566cf40nderrno_t sss_get_domain_mappings_content(TALLOC_CTX *mem_ctx,
fe64b2ba25510d8c9dba5560a2d537763566cf40nd                                        struct sss_domain_info *domain,
fe64b2ba25510d8c9dba5560a2d537763566cf40nd                                        char **content);
fe64b2ba25510d8c9dba5560a2d537763566cf40nd
fe64b2ba25510d8c9dba5560a2d537763566cf40nderrno_t sss_write_domain_mappings(struct sss_domain_info *domain);
fe64b2ba25510d8c9dba5560a2d537763566cf40nd
fe64b2ba25510d8c9dba5560a2d537763566cf40nderrno_t sss_write_krb5_conf_snippet(const char *path, bool canonicalize);
fe64b2ba25510d8c9dba5560a2d537763566cf40nd
fe64b2ba25510d8c9dba5560a2d537763566cf40nderrno_t get_dom_names(TALLOC_CTX *mem_ctx,
fb77c505254b6e9c925e23e734463e87574f8f40kess                      struct sss_domain_info *start_dom,
fe64b2ba25510d8c9dba5560a2d537763566cf40nd                      char ***_dom_names,
fb77c505254b6e9c925e23e734463e87574f8f40kess                      int *_dom_names_count);
fe64b2ba25510d8c9dba5560a2d537763566cf40nd
fe64b2ba25510d8c9dba5560a2d537763566cf40nd/* from util_lock.c */
fe64b2ba25510d8c9dba5560a2d537763566cf40nderrno_t sss_br_lock_file(int fd, size_t start, size_t len,
fe64b2ba25510d8c9dba5560a2d537763566cf40nd                         int num_tries, useconds_t wait);
c985aca104389df30d6ec0a637ce0ccaac904362nd#include "io.h"
fe64b2ba25510d8c9dba5560a2d537763566cf40nd
88d86cfadffe2275a3dfb67a4d7bdc018630b661rbowen#ifdef HAVE_PAC_RESPONDER
fb77c505254b6e9c925e23e734463e87574f8f40kess#define BUILD_WITH_PAC_RESPONDER true
fb77c505254b6e9c925e23e734463e87574f8f40kess#else
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess#define BUILD_WITH_PAC_RESPONDER false
313bb560bc5c323cfd40c9cad7335b4b8e060aedkess#endif
fe64b2ba25510d8c9dba5560a2d537763566cf40nd
fe64b2ba25510d8c9dba5560a2d537763566cf40nd/* from well_known_sids.c */
fe64b2ba25510d8c9dba5560a2d537763566cf40nderrno_t well_known_sid_to_name(const char *sid, const char **dom,
fe64b2ba25510d8c9dba5560a2d537763566cf40nd                               const char **name);
fe64b2ba25510d8c9dba5560a2d537763566cf40nd
627c978514c54179736d152923478be7c8707f9bnderrno_t name_to_well_known_sid(const char *dom, const char *name,
fe64b2ba25510d8c9dba5560a2d537763566cf40nd                               const char **sid);
fb77c505254b6e9c925e23e734463e87574f8f40kess
fb77c505254b6e9c925e23e734463e87574f8f40kess/* from string_utils.c */
fe64b2ba25510d8c9dba5560a2d537763566cf40ndchar * sss_replace_space(TALLOC_CTX *mem_ctx,
fe64b2ba25510d8c9dba5560a2d537763566cf40nd                         const char *orig_name,
fe64b2ba25510d8c9dba5560a2d537763566cf40nd                         const char replace_char);
fe64b2ba25510d8c9dba5560a2d537763566cf40ndchar * sss_reverse_replace_space(TALLOC_CTX *mem_ctx,
fe64b2ba25510d8c9dba5560a2d537763566cf40nd                                 const char *orig_name,
06ba4a61654b3763ad65f52283832ebf058fdf1cslive                                 const char replace_char);
06ba4a61654b3763ad65f52283832ebf058fdf1cslive
5bb5fba250bf526bc51d13b25378d54acb93c1cbnoodl#define GUID_BIN_LENGTH 16
06ba4a61654b3763ad65f52283832ebf058fdf1cslive/* 16 2-digit hex values + 4 dashes + terminating 0 */
06ba4a61654b3763ad65f52283832ebf058fdf1cslive#define GUID_STR_BUF_SIZE (2 * GUID_BIN_LENGTH + 4 + 1)
06ba4a61654b3763ad65f52283832ebf058fdf1cslive
06ba4a61654b3763ad65f52283832ebf058fdf1csliveerrno_t guid_blob_to_string_buf(const uint8_t *blob, char *str_buf,
06ba4a61654b3763ad65f52283832ebf058fdf1cslive                                size_t buf_size);
06ba4a61654b3763ad65f52283832ebf058fdf1cslive
06ba4a61654b3763ad65f52283832ebf058fdf1csliveconst char *get_last_x_chars(const char *str, size_t x);
06ba4a61654b3763ad65f52283832ebf058fdf1cslive
06ba4a61654b3763ad65f52283832ebf058fdf1cslivechar **concatenate_string_array(TALLOC_CTX *mem_ctx,
06ba4a61654b3763ad65f52283832ebf058fdf1cslive                                char **arr1, size_t len1,
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd                                char **arr2, size_t len2);
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnd/* from become_user.c */
a7f40ca49262952d6dd69d021cf5b0c2b452ae4cnderrno_t become_user(uid_t uid, gid_t gid);
06ba4a61654b3763ad65f52283832ebf058fdf1cslivestruct sss_creds;
06ba4a61654b3763ad65f52283832ebf058fdf1csliveerrno_t switch_creds(TALLOC_CTX *mem_ctx,
06ba4a61654b3763ad65f52283832ebf058fdf1cslive                     uid_t uid, gid_t gid,
06ba4a61654b3763ad65f52283832ebf058fdf1cslive                     int num_gids, gid_t *gids,
06ba4a61654b3763ad65f52283832ebf058fdf1cslive                     struct sss_creds **saved_creds);
06ba4a61654b3763ad65f52283832ebf058fdf1csliveerrno_t restore_creds(struct sss_creds *saved_creds);
fb77c505254b6e9c925e23e734463e87574f8f40kess
fb77c505254b6e9c925e23e734463e87574f8f40kess/* from sss_semanage.c */
fb77c505254b6e9c925e23e734463e87574f8f40kess/* Please note that libsemange relies on files and directories created with
fe64b2ba25510d8c9dba5560a2d537763566cf40nd * certain permissions. Therefore the caller should make sure the umask is
fe64b2ba25510d8c9dba5560a2d537763566cf40nd * not too restricted (especially when called from the daemon code).
fe64b2ba25510d8c9dba5560a2d537763566cf40nd */
fe64b2ba25510d8c9dba5560a2d537763566cf40ndint set_seuser(const char *login_name, const char *seuser_name,
fe64b2ba25510d8c9dba5560a2d537763566cf40nd               const char *mlsrange);
604c89126c27104f659d7a51b0113e3bd435faf8fieldingint del_seuser(const char *login_name);
604c89126c27104f659d7a51b0113e3bd435faf8fieldingint get_seuser(TALLOC_CTX *mem_ctx, const char *login_name,
604c89126c27104f659d7a51b0113e3bd435faf8fielding               char **_seuser, char **_mls_range);
604c89126c27104f659d7a51b0113e3bd435faf8fielding
604c89126c27104f659d7a51b0113e3bd435faf8fielding/* convert time from generalized form to unix time */
604c89126c27104f659d7a51b0113e3bd435faf8fieldingerrno_t sss_utc_to_time_t(const char *str, const char *format, time_t *unix_time);
604c89126c27104f659d7a51b0113e3bd435faf8fielding
fe64b2ba25510d8c9dba5560a2d537763566cf40nd/* Creates a unique file using mkstemp with provided umask. The template
fe64b2ba25510d8c9dba5560a2d537763566cf40nd * must end with XXXXXX. Returns the fd, sets _err to an errno value on error.
fe64b2ba25510d8c9dba5560a2d537763566cf40nd *
fe64b2ba25510d8c9dba5560a2d537763566cf40nd * Prefer using sss_unique_file() as it uses a secure umask internally.
88d86cfadffe2275a3dfb67a4d7bdc018630b661rbowen */
fe64b2ba25510d8c9dba5560a2d537763566cf40ndint sss_unique_file_ex(TALLOC_CTX *mem_ctx,
604c89126c27104f659d7a51b0113e3bd435faf8fielding                       char *path_tmpl,
604c89126c27104f659d7a51b0113e3bd435faf8fielding                       mode_t file_umask,
604c89126c27104f659d7a51b0113e3bd435faf8fielding                       errno_t *_err);
06ba4a61654b3763ad65f52283832ebf058fdf1csliveint sss_unique_file(TALLOC_CTX *owner,
22265f1724519886e2a2b5e0ebd61477506b7379noodl                    char *path_tmpl,
22265f1724519886e2a2b5e0ebd61477506b7379noodl                    errno_t *_err);
22265f1724519886e2a2b5e0ebd61477506b7379noodl
22265f1724519886e2a2b5e0ebd61477506b7379noodl/* Creates a unique filename using mkstemp with secure umask. The template
604c89126c27104f659d7a51b0113e3bd435faf8fielding * must end with XXXXXX
604c89126c27104f659d7a51b0113e3bd435faf8fielding *
604c89126c27104f659d7a51b0113e3bd435faf8fielding * path_tmpl must be a talloc context. Destructor would be set on the filename
604c89126c27104f659d7a51b0113e3bd435faf8fielding * so that it's guaranteed the file is removed.
604c89126c27104f659d7a51b0113e3bd435faf8fielding */
604c89126c27104f659d7a51b0113e3bd435faf8fieldingint sss_unique_filename(TALLOC_CTX *owner, char *path_tmpl);
604c89126c27104f659d7a51b0113e3bd435faf8fielding
604c89126c27104f659d7a51b0113e3bd435faf8fielding/* from util_watchdog.c */
604c89126c27104f659d7a51b0113e3bd435faf8fieldingint setup_watchdog(struct tevent_context *ev, int interval);
604c89126c27104f659d7a51b0113e3bd435faf8fieldingvoid teardown_watchdog(void);
fe64b2ba25510d8c9dba5560a2d537763566cf40nd
9597f440430d8c876dd64f5f78066804650a18ecnoodl#endif /* __SSSD_UTIL_H__ */
9597f440430d8c876dd64f5f78066804650a18ecnoodl