src/privilege.c

   1 /*
   2  * charybdis: an advanced ircd.
   3  * privilege.c: Dynamic privileges API.
   4  *
   5  * Copyright (c) 2008 William Pitcock <nenolod@dereferenced.org>
   6  *
   7  * Permission to use, copy, modify, and/or distribute this software for any
   8  * purpose with or without fee is hereby granted, provided that the above
   9  * copyright notice and this permission notice is present in all copies.
  10  *
  11  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
  12  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
  13  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
  14  * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
  15  * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
  16  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
  17  * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  18  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  19  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
  20  * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  21  * POSSIBILITY OF SUCH DAMAGE.
  22  */
  23
  24 #include <stdinc.h>
  25 #include "s_conf.h"
  26 #include "privilege.h"
  27 #include "numeric.h"
  28
  29 static rb_dlink_list privilegeset_list = {};
  30
  31 int
  32 privilegeset_in_set(struct PrivilegeSet *set, const char *priv)
  33 {
  34         s_assert(set != NULL);
  35         s_assert(priv != NULL);
  36
  37         return strstr(set->privs, priv) != NULL;
  38 }
  39
  40 static struct PrivilegeSet *
  41 privilegeset_get_any(const char *name)
  42 {
  43         rb_dlink_node *iter;
  44
  45         s_assert(name != NULL);
  46
  47         RB_DLINK_FOREACH(iter, privilegeset_list.head)
  48         {
  49                 struct PrivilegeSet *set = (struct PrivilegeSet *) iter->data;
  50
  51                 if (!strcasecmp(set->name, name))
  52                         return set;
  53         }
  54
  55         return NULL;
  56 }
  57
  58 struct PrivilegeSet *
  59 privilegeset_set_new(const char *name, const char *privs, PrivilegeFlags flags)
  60 {
  61         struct PrivilegeSet *set;
  62
  63         set = privilegeset_get_any(name);
  64         if (set != NULL)
  65         {
  66                 if (!(set->status & CONF_ILLEGAL))
  67                         ilog(L_MAIN, "Duplicate privset %s", name);
  68                 set->status &= ~CONF_ILLEGAL;
  69                 rb_free(set->privs);
  70         }
  71         else
  72         {
  73                 set = rb_malloc(sizeof(struct PrivilegeSet));
  74                 set->status = 0;
  75                 set->refs = 0;
  76                 set->name = rb_strdup(name);
  77
  78                 rb_dlinkAdd(set, &set->node, &privilegeset_list);
  79         }
  80         set->privs = rb_strdup(privs);
  81         set->flags = flags;
  82
  83         return set;
  84 }
  85
  86 struct PrivilegeSet *
  87 privilegeset_extend(struct PrivilegeSet *parent, const char *name, const char *privs, PrivilegeFlags flags)
  88 {
  89         struct PrivilegeSet *set;
  90
  91         s_assert(parent != NULL);
  92         s_assert(name != NULL);
  93         s_assert(privs != NULL);
  94
  95         set = privilegeset_get_any(name);
  96         if (set != NULL)
  97         {
  98                 if (!(set->status & CONF_ILLEGAL))
  99                         ilog(L_MAIN, "Duplicate privset %s", name);
 100                 set->status &= ~CONF_ILLEGAL;
 101                 rb_free(set->privs);
 102         }
 103         else
 104         {
 105                 set = rb_malloc(sizeof(struct PrivilegeSet));
 106                 set->status = 0;
 107                 set->refs = 0;
 108                 set->name = rb_strdup(name);
 109
 110                 rb_dlinkAdd(set, &set->node, &privilegeset_list);
 111         }
 112         set->flags = flags;
 113         set->privs = rb_malloc(strlen(parent->privs) + 1 + strlen(privs) + 1);
 114         strcpy(set->privs, parent->privs);
 115         strcat(set->privs, " ");
 116         strcat(set->privs, privs);
 117
 118         return set;
 119 }
 120
 121 struct PrivilegeSet *
 122 privilegeset_get(const char *name)
 123 {
 124         struct PrivilegeSet *set;
 125
 126         set = privilegeset_get_any(name);
 127         if (set != NULL && set->status & CONF_ILLEGAL)
 128                 set = NULL;
 129         return set;
 130 }
 131
 132 struct PrivilegeSet *
 133 privilegeset_ref(struct PrivilegeSet *set)
 134 {
 135         s_assert(set != NULL);
 136
 137         set->refs++;
 138
 139         return set;
 140 }
 141
 142 void
 143 privilegeset_unref(struct PrivilegeSet *set)
 144 {
 145         s_assert(set != NULL);
 146
 147         if (set->refs > 0)
 148                 set->refs--;
 149         else
 150                 ilog(L_MAIN, "refs on privset %s is already 0",
 151                                 set->name);
 152         if (set->refs == 0 && set->status & CONF_ILLEGAL)
 153         {
 154                 rb_dlinkDelete(&set->node, &privilegeset_list);
 155
 156                 rb_free(set->name);
 157                 rb_free(set->privs);
 158                 rb_free(set);
 159         }
 160 }
 161
 162 void
 163 privilegeset_mark_all_illegal(void)
 164 {
 165         rb_dlink_node *iter;
 166
 167         RB_DLINK_FOREACH(iter, privilegeset_list.head)
 168         {
 169                 struct PrivilegeSet *set = (struct PrivilegeSet *) iter->data;
 170
 171                 /* the "default" privset is special and must remain available */
 172                 if (!strcmp(set->name, "default"))
 173                         continue;
 174
 175                 set->status |= CONF_ILLEGAL;
 176                 rb_free(set->privs);
 177                 set->privs = rb_strdup("");
 178                 /* but do not free it yet */
 179         }
 180 }
 181
 182 void
 183 privilegeset_delete_all_illegal(void)
 184 {
 185         rb_dlink_node *iter, *next;
 186
 187         RB_DLINK_FOREACH_SAFE(iter, next, privilegeset_list.head)
 188         {
 189                 struct PrivilegeSet *set = (struct PrivilegeSet *) iter->data;
 190
 191                 privilegeset_ref(set);
 192                 privilegeset_unref(set);
 193         }
 194 }
 195
 196 void
 197 privilegeset_report(struct Client *source_p)
 198 {
 199         rb_dlink_node *ptr;
 200
 201         RB_DLINK_FOREACH(ptr, privilegeset_list.head)
 202         {
 203                 struct PrivilegeSet *set = ptr->data;
 204
 205                 /* use RPL_STATSDEBUG for now -- jilles */
 206                 sendto_one_numeric(source_p, RPL_STATSDEBUG,
 207                                 "O :%s %s",
 208                                 set->name,
 209                                 set->privs);
 210         }
 211 }