]>
Commit | Line | Data |
---|---|---|
0f95a274 | 1 | /* authd/provider.h - authentication provider framework |
05e17ac2 EM |
2 | * Copyright (c) 2016 Elizabeth Myers <elizabeth@interlinked.me> |
3 | * | |
4 | * Permission to use, copy, modify, and/or distribute this software for any | |
5 | * purpose with or without fee is hereby granted, provided that the above | |
6 | * copyright notice and this permission notice is present in all copies. | |
7 | * | |
8 | * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR | |
9 | * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED | |
10 | * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE | |
11 | * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, | |
12 | * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES | |
13 | * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR | |
14 | * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) | |
15 | * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, | |
16 | * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING | |
17 | * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE | |
18 | * POSSIBILITY OF SUCH DAMAGE. | |
19 | */ | |
20 | ||
0f95a274 EM |
21 | #ifndef __CHARYBDIS_AUTHD_PROVIDER_H__ |
22 | #define __CHARYBDIS_AUTHD_PROVIDER_H__ | |
05e17ac2 EM |
23 | |
24 | #include "stdinc.h" | |
a51487e0 | 25 | #include "authd.h" |
3e875f62 | 26 | #include "rb_dictionary.h" |
05e17ac2 | 27 | |
3e875f62 | 28 | #define MAX_PROVIDERS 32 /* This should be enough */ |
05e17ac2 | 29 | |
376ae2e2 EM |
30 | typedef enum |
31 | { | |
32 | PROVIDER_STATUS_NOTRUN = 0, | |
33 | PROVIDER_STATUS_RUNNING, | |
34 | PROVIDER_STATUS_DONE, | |
35 | } provider_status_t; | |
36 | ||
a68d9a2b EM |
37 | struct auth_client_data |
38 | { | |
731d1289 | 39 | struct auth_provider *provider; /* Pointer back */ |
376ae2e2 EM |
40 | time_t timeout; /* Provider timeout */ |
41 | void *data; /* Provider data */ | |
42 | provider_status_t status; /* Provider status */ | |
a68d9a2b EM |
43 | }; |
44 | ||
05e17ac2 EM |
45 | struct auth_client |
46 | { | |
2392770f | 47 | uint32_t cid; /* Client ID */ |
05e17ac2 | 48 | |
2b0cc3d3 EM |
49 | char l_ip[HOSTIPLEN + 1]; /* Listener IP address */ |
50 | uint16_t l_port; /* Listener port */ | |
9c7498d5 | 51 | struct rb_sockaddr_storage l_addr; /* Listener address/port */ |
2b0cc3d3 EM |
52 | |
53 | char c_ip[HOSTIPLEN + 1]; /* Client IP address */ | |
54 | uint16_t c_port; /* Client port */ | |
9c7498d5 | 55 | struct rb_sockaddr_storage c_addr; /* Client address/port */ |
05e17ac2 | 56 | |
5bfc606f | 57 | char hostname[HOSTLEN + 1]; /* Used for DNS lookup */ |
be67cfca | 58 | char username[USERLEN + 1]; /* Used for ident lookup */ |
05e17ac2 | 59 | |
247b304f | 60 | bool providers_starting; /* Providers are still warming up */ |
9f928dc5 | 61 | bool providers_cancelled; /* Providers are being cancelled */ |
a5f52774 | 62 | unsigned int providers_active; /* Number of active providers */ |
376ae2e2 | 63 | unsigned int refcount; /* Held references */ |
f7b37c1d | 64 | |
a68d9a2b | 65 | struct auth_client_data *data; /* Provider-specific data */ |
2b0cc3d3 EM |
66 | }; |
67 | ||
68 | typedef bool (*provider_init_t)(void); | |
2b0cc3d3 EM |
69 | typedef void (*provider_destroy_t)(void); |
70 | ||
89d22b9a EM |
71 | typedef bool (*provider_start_t)(struct auth_client *); |
72 | typedef void (*provider_cancel_t)(struct auth_client *); | |
731d1289 EM |
73 | typedef void (*uint32_timeout_t)(struct auth_client *); |
74 | typedef void (*provider_complete_t)(struct auth_client *, uint32_t); | |
89d22b9a | 75 | |
ee7f9271 EM |
76 | struct auth_stats_handler |
77 | { | |
78 | const char letter; | |
79 | authd_stat_handler handler; | |
80 | }; | |
81 | ||
05e17ac2 EM |
82 | struct auth_provider |
83 | { | |
99e53867 EM |
84 | rb_dlink_node node; |
85 | ||
731d1289 EM |
86 | uint32_t id; /* Provider ID */ |
87 | ||
88 | const char *name; /* Name of the provider */ | |
89 | char letter; /* Letter used on reject, etc. */ | |
05e17ac2 EM |
90 | |
91 | provider_init_t init; /* Initalise the provider */ | |
92 | provider_destroy_t destroy; /* Terminate the provider */ | |
93 | ||
89d22b9a | 94 | provider_start_t start; /* Perform authentication */ |
05e17ac2 | 95 | provider_cancel_t cancel; /* Authentication cancelled */ |
731d1289 | 96 | uint32_timeout_t timeout; /* Timeout callback */ |
05e17ac2 | 97 | provider_complete_t completed; /* Callback for when other performers complete (think dependency chains) */ |
a51487e0 | 98 | |
ee7f9271 EM |
99 | struct auth_stats_handler stats_handler; |
100 | ||
a51487e0 | 101 | struct auth_opts_handler *opt_handlers; |
05e17ac2 EM |
102 | }; |
103 | ||
18764319 | 104 | extern struct auth_provider rdns_provider; |
f1861e48 | 105 | extern struct auth_provider ident_provider; |
add80afd | 106 | extern struct auth_provider blacklist_provider; |
4e85459a | 107 | extern struct auth_provider opm_provider; |
9b5b2ded | 108 | |
d955cd9f | 109 | extern rb_dlink_list auth_providers; |
a71b65b1 | 110 | extern rb_dictionary *auth_clients; |
74909c9a | 111 | |
9b5b2ded EM |
112 | void load_provider(struct auth_provider *provider); |
113 | void unload_provider(struct auth_provider *provider); | |
114 | ||
05e17ac2 EM |
115 | void init_providers(void); |
116 | void destroy_providers(void); | |
117 | void cancel_providers(struct auth_client *auth); | |
118 | ||
731d1289 | 119 | void provider_done(struct auth_client *auth, uint32_t id); |
2f598dac | 120 | void accept_client(struct auth_client *auth); |
731d1289 | 121 | void reject_client(struct auth_client *auth, uint32_t id, const char *data, const char *fmt, ...); |
05e17ac2 | 122 | |
05e17ac2 | 123 | void handle_new_connection(int parc, char *parv[]); |
60374ac9 | 124 | void handle_cancel_connection(int parc, char *parv[]); |
b585278b | 125 | void auth_client_free(struct auth_client *auth); |
05e17ac2 | 126 | |
b585278b AC |
127 | static inline void |
128 | auth_client_ref(struct auth_client *auth) | |
129 | { | |
130 | auth->refcount++; | |
131 | } | |
132 | ||
133 | static inline void | |
134 | auth_client_unref(struct auth_client *auth) | |
135 | { | |
136 | auth->refcount--; | |
137 | if (auth->refcount == 0) | |
138 | auth_client_free(auth); | |
139 | } | |
74909c9a | 140 | |
a71b65b1 AC |
141 | /* Get a provider by name */ |
142 | static inline struct auth_provider * | |
d955cd9f | 143 | find_provider(const char *name) |
a71b65b1 | 144 | { |
d955cd9f SA |
145 | rb_dlink_node *ptr; |
146 | ||
147 | RB_DLINK_FOREACH(ptr, auth_providers.head) | |
148 | { | |
149 | struct auth_provider *provider = ptr->data; | |
150 | ||
151 | if(strcasecmp(provider->name, name) == 0) | |
152 | return provider; | |
153 | } | |
154 | ||
155 | return NULL; | |
a71b65b1 AC |
156 | } |
157 | ||
731d1289 EM |
158 | /* Get a provider's id by name */ |
159 | static inline bool | |
6b3e61f1 | 160 | get_provider_id(const char *name, uint32_t *id) |
731d1289 | 161 | { |
d955cd9f | 162 | struct auth_provider *provider = find_provider(name); |
731d1289 EM |
163 | |
164 | if(provider != NULL) | |
165 | { | |
166 | *id = provider->id; | |
167 | return true; | |
168 | } | |
169 | else | |
170 | return false; | |
171 | } | |
172 | ||
376ae2e2 EM |
173 | /* Get a provider's raw status */ |
174 | static inline provider_status_t | |
731d1289 | 175 | get_provider_status(struct auth_client *auth, uint32_t provider) |
376ae2e2 EM |
176 | { |
177 | return auth->data[provider].status; | |
178 | } | |
179 | ||
05e17ac2 | 180 | /* Check if provider is operating on this auth client */ |
60374ac9 | 181 | static inline bool |
731d1289 | 182 | is_provider_running(struct auth_client *auth, uint32_t provider) |
2b0cc3d3 | 183 | { |
376ae2e2 | 184 | return get_provider_status(auth, provider) == PROVIDER_STATUS_RUNNING; |
2b0cc3d3 EM |
185 | } |
186 | ||
376ae2e2 | 187 | /* Check if provider has finished on this client */ |
60374ac9 | 188 | static inline bool |
731d1289 | 189 | is_provider_done(struct auth_client *auth, uint32_t provider) |
05e17ac2 | 190 | { |
376ae2e2 EM |
191 | return get_provider_status(auth, provider) == PROVIDER_STATUS_DONE; |
192 | } | |
193 | ||
194 | /* Get provider auth client data */ | |
195 | static inline void * | |
196 | get_provider_data(struct auth_client *auth, uint32_t id) | |
197 | { | |
376ae2e2 EM |
198 | return auth->data[id].data; |
199 | } | |
200 | ||
201 | /* Set provider auth client data */ | |
202 | static inline void | |
203 | set_provider_data(struct auth_client *auth, uint32_t id, void *data) | |
204 | { | |
376ae2e2 EM |
205 | auth->data[id].data = data; |
206 | } | |
207 | ||
208 | /* Set timeout relative to current time on provider | |
209 | * When the timeout lapses, the provider's timeout call will execute */ | |
210 | static inline void | |
211 | set_provider_timeout_relative(struct auth_client *auth, uint32_t id, time_t timeout) | |
212 | { | |
376ae2e2 EM |
213 | auth->data[id].timeout = timeout + rb_current_time(); |
214 | } | |
215 | ||
216 | /* Set timeout value in absolute time (Unix timestamp) | |
217 | * When the timeout lapses, the provider's timeout call will execute */ | |
218 | static inline void | |
219 | set_provider_timeout_absolute(struct auth_client *auth, uint32_t id, time_t timeout) | |
220 | { | |
376ae2e2 EM |
221 | auth->data[id].timeout = timeout; |
222 | } | |
223 | ||
224 | /* Get the timeout value for the provider */ | |
225 | static inline time_t | |
226 | get_provider_timeout(struct auth_client *auth, uint32_t id) | |
227 | { | |
376ae2e2 | 228 | return auth->data[id].timeout; |
05e17ac2 EM |
229 | } |
230 | ||
0f95a274 | 231 | #endif /* __CHARYBDIS_AUTHD_PROVIDER_H__ */ |