jfr.im git - solanum.git/blame_incremental

... / ...

Commit	Line	Data
	1	/* authd/provider.h - authentication provider framework
	2	* Copyright (c) 2016 Elizabeth Myers <elizabeth@interlinked.me>
	3	*
	4	* Permission to use, copy, modify, and/or distribute this software for any
	5	* purpose with or without fee is hereby granted, provided that the above
	6	* copyright notice and this permission notice is present in all copies.
	7	*
	8	* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
	9	* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
	10	* WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
	11	* DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
	12	* INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
	13	* (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
	14	* SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	15	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
	16	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
	17	* IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
	18	* POSSIBILITY OF SUCH DAMAGE.
	19	*/
	20
	21	#ifndef __SOLANUM_AUTHD_PROVIDER_H__
	22	#define __SOLANUM_AUTHD_PROVIDER_H__
	23
	24	#include "stdinc.h"
	25	#include "authd.h"
	26	#include "rb_dictionary.h"
	27
	28	#define MAX_PROVIDERS 32 /* This should be enough */
	29
	30	typedef enum
	31	{
	32	PROVIDER_STATUS_NOTRUN = 0,
	33	PROVIDER_STATUS_RUNNING,
	34	PROVIDER_STATUS_DONE,
	35	} provider_status_t;
	36
	37	struct auth_client_data
	38	{
	39	struct auth_provider provider; / Pointer back */
	40	time_t timeout; /* Provider timeout */
	41	void data; / Provider data */
	42	provider_status_t status; /* Provider status */
	43	};
	44
	45	struct auth_client
	46	{
	47	uint32_t cid; /* Client ID */
	48
	49	int protocol; /* IP protocol (TCP/SCTP) */
	50
	51	char l_ip[HOSTIPLEN + 1]; /* Listener IP address */
	52	uint16_t l_port; /* Listener port */
	53	struct rb_sockaddr_storage l_addr; /* Listener address/port */
	54
	55	char c_ip[HOSTIPLEN + 1]; /* Client IP address */
	56	uint16_t c_port; /* Client port */
	57	struct rb_sockaddr_storage c_addr; /* Client address/port */
	58
	59	char hostname[HOSTLEN + 1]; /* Used for DNS lookup */
	60	char username[USERLEN + 1]; /* Used for ident lookup */
	61
	62	bool providers_starting; /* Providers are still warming up */
	63	bool providers_cancelled; /* Providers are being cancelled */
	64	unsigned int providers_active; /* Number of active providers */
	65	unsigned int refcount; /* Held references */
	66
	67	struct auth_client_data data; / Provider-specific data */
	68	};
	69
	70	typedef bool (*provider_init_t)(void);
	71	typedef void (*provider_destroy_t)(void);
	72
	73	typedef bool (provider_start_t)(struct auth_client );
	74	typedef void (provider_cancel_t)(struct auth_client );
	75	typedef void (uint32_timeout_t)(struct auth_client );
	76	typedef void (provider_complete_t)(struct auth_client , uint32_t);
	77
	78	struct auth_stats_handler
	79	{
	80	const char letter;
	81	authd_stat_handler handler;
	82	};
	83
	84	struct auth_provider
	85	{
	86	rb_dlink_node node;
	87
	88	uint32_t id; /* Provider ID */
	89
	90	const char name; / Name of the provider */
	91	char letter; /* Letter used on reject, etc. */
	92
	93	provider_init_t init; /* Initalise the provider */
	94	provider_destroy_t destroy; /* Terminate the provider */
	95
	96	provider_start_t start; /* Perform authentication */
	97	provider_cancel_t cancel; /* Authentication cancelled */
	98	uint32_timeout_t timeout; /* Timeout callback */
	99	provider_complete_t completed; /* Callback for when other performers complete (think dependency chains) */
	100
	101	struct auth_stats_handler stats_handler;
	102
	103	struct auth_opts_handler *opt_handlers;
	104	};
	105
	106	extern struct auth_provider rdns_provider;
	107	extern struct auth_provider ident_provider;
	108	extern struct auth_provider dnsbl_provider;
	109	extern struct auth_provider opm_provider;
	110
	111	extern rb_dlink_list auth_providers;
	112	extern rb_dictionary *auth_clients;
	113
	114	void load_provider(struct auth_provider *provider);
	115	void unload_provider(struct auth_provider *provider);
	116
	117	void init_providers(void);
	118	void destroy_providers(void);
	119	void cancel_providers(struct auth_client *auth);
	120
	121	void provider_done(struct auth_client *auth, uint32_t id);
	122	void accept_client(struct auth_client *auth);
	123	void reject_client(struct auth_client auth, uint32_t id, const char data, const char *fmt, ...);
	124
	125	void handle_new_connection(int parc, char *parv[]);
	126	void handle_cancel_connection(int parc, char *parv[]);
	127	void auth_client_free(struct auth_client *auth);
	128
	129	static inline void
	130	auth_client_ref(struct auth_client *auth)
	131	{
	132	auth->refcount++;
	133	}
	134
	135	static inline void
	136	auth_client_unref(struct auth_client *auth)
	137	{
	138	auth->refcount--;
	139	if (auth->refcount == 0)
	140	auth_client_free(auth);
	141	}
	142
	143	/* Get a provider by name */
	144	static inline struct auth_provider *
	145	find_provider(const char *name)
	146	{
	147	rb_dlink_node *ptr;
	148
	149	RB_DLINK_FOREACH(ptr, auth_providers.head)
	150	{
	151	struct auth_provider *provider = ptr->data;
	152
	153	if(strcasecmp(provider->name, name) == 0)
	154	return provider;
	155	}
	156
	157	return NULL;
	158	}
	159
	160	/* Get a provider's id by name */
	161	static inline bool
	162	get_provider_id(const char name, uint32_t id)
	163	{
	164	struct auth_provider *provider = find_provider(name);
	165
	166	if(provider != NULL)
	167	{
	168	*id = provider->id;
	169	return true;
	170	}
	171	else
	172	return false;
	173	}
	174
	175	/* Get a provider's raw status */
	176	static inline provider_status_t
	177	get_provider_status(struct auth_client *auth, uint32_t provider)
	178	{
	179	return auth->data[provider].status;
	180	}
	181
	182	/* Check if provider is operating on this auth client */
	183	static inline bool
	184	is_provider_running(struct auth_client *auth, uint32_t provider)
	185	{
	186	return get_provider_status(auth, provider) == PROVIDER_STATUS_RUNNING;
	187	}
	188
	189	/* Check if provider has finished on this client */
	190	static inline bool
	191	is_provider_done(struct auth_client *auth, uint32_t provider)
	192	{
	193	return get_provider_status(auth, provider) == PROVIDER_STATUS_DONE;
	194	}
	195
	196	/* Check if provider doesn't exist or has finished on this client */
	197	static inline bool
	198	run_after_provider(struct auth_client auth, const char name)
	199	{
	200	uint32_t id;
	201
	202	if (get_provider_id(name, &id)) {
	203	return get_provider_status(auth, id) == PROVIDER_STATUS_DONE;
	204	} else {
	205	return true;
	206	}
	207	}
	208
	209	/* Get provider auth client data */
	210	static inline void *
	211	get_provider_data(struct auth_client *auth, uint32_t id)
	212	{
	213	return auth->data[id].data;
	214	}
	215
	216	/* Set provider auth client data */
	217	static inline void
	218	set_provider_data(struct auth_client auth, uint32_t id, void data)
	219	{
	220	auth->data[id].data = data;
	221	}
	222
	223	/* Set timeout relative to current time on provider
	224	* When the timeout lapses, the provider's timeout call will execute */
	225	static inline void
	226	set_provider_timeout_relative(struct auth_client *auth, uint32_t id, time_t timeout)
	227	{
	228	auth->data[id].timeout = timeout + rb_current_time();
	229	}
	230
	231	/* Set timeout value in absolute time (Unix timestamp)
	232	* When the timeout lapses, the provider's timeout call will execute */
	233	static inline void
	234	set_provider_timeout_absolute(struct auth_client *auth, uint32_t id, time_t timeout)
	235	{
	236	auth->data[id].timeout = timeout;
	237	}
	238
	239	/* Get the timeout value for the provider */
	240	static inline time_t
	241	get_provider_timeout(struct auth_client *auth, uint32_t id)
	242	{
	243	return auth->data[id].timeout;
	244	}
	245
	246	#endif /* __SOLANUM_AUTHD_PROVIDER_H__ */