1 /* authd/provider.h - authentication provider framework
2 * Copyright (c) 2016 Elizabeth Myers <elizabeth@interlinked.me>
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice is present in all copies.
8 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
9 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
10 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
11 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
12 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
13 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
14 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
15 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
16 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
17 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
18 * POSSIBILITY OF SUCH DAMAGE.
21 #ifndef __CHARYBDIS_AUTHD_PROVIDER_H__
22 #define __CHARYBDIS_AUTHD_PROVIDER_H__
26 #include "rb_dictionary.h"
28 #define MAX_PROVIDERS 32 /* This should be enough */
32 PROVIDER_STATUS_NOTRUN
= 0,
33 PROVIDER_STATUS_RUNNING
,
37 struct auth_client_data
39 struct auth_provider
*provider
; /* Pointer back */
40 time_t timeout
; /* Provider timeout */
41 void *data
; /* Provider data */
42 provider_status_t status
; /* Provider status */
47 uint32_t cid
; /* Client ID */
49 int protocol
; /* IP protocol (TCP/SCTP) */
51 char l_ip
[HOSTIPLEN
+ 1]; /* Listener IP address */
52 uint16_t l_port
; /* Listener port */
53 struct rb_sockaddr_storage l_addr
; /* Listener address/port */
55 char c_ip
[HOSTIPLEN
+ 1]; /* Client IP address */
56 uint16_t c_port
; /* Client port */
57 struct rb_sockaddr_storage c_addr
; /* Client address/port */
59 char hostname
[HOSTLEN
+ 1]; /* Used for DNS lookup */
60 char username
[USERLEN
+ 1]; /* Used for ident lookup */
62 bool providers_starting
; /* Providers are still warming up */
63 bool providers_cancelled
; /* Providers are being cancelled */
64 unsigned int providers_active
; /* Number of active providers */
65 unsigned int refcount
; /* Held references */
67 struct auth_client_data
*data
; /* Provider-specific data */
70 typedef bool (*provider_init_t
)(void);
71 typedef void (*provider_destroy_t
)(void);
73 typedef bool (*provider_start_t
)(struct auth_client
*);
74 typedef void (*provider_cancel_t
)(struct auth_client
*);
75 typedef void (*uint32_timeout_t
)(struct auth_client
*);
76 typedef void (*provider_complete_t
)(struct auth_client
*, uint32_t);
78 struct auth_stats_handler
81 authd_stat_handler handler
;
88 uint32_t id
; /* Provider ID */
90 const char *name
; /* Name of the provider */
91 char letter
; /* Letter used on reject, etc. */
93 provider_init_t init
; /* Initalise the provider */
94 provider_destroy_t destroy
; /* Terminate the provider */
96 provider_start_t start
; /* Perform authentication */
97 provider_cancel_t cancel
; /* Authentication cancelled */
98 uint32_timeout_t timeout
; /* Timeout callback */
99 provider_complete_t completed
; /* Callback for when other performers complete (think dependency chains) */
101 struct auth_stats_handler stats_handler
;
103 struct auth_opts_handler
*opt_handlers
;
106 extern struct auth_provider rdns_provider
;
107 extern struct auth_provider ident_provider
;
108 extern struct auth_provider dnsbl_provider
;
109 extern struct auth_provider opm_provider
;
111 extern rb_dlink_list auth_providers
;
112 extern rb_dictionary
*auth_clients
;
114 void load_provider(struct auth_provider
*provider
);
115 void unload_provider(struct auth_provider
*provider
);
117 void init_providers(void);
118 void destroy_providers(void);
119 void cancel_providers(struct auth_client
*auth
);
121 void provider_done(struct auth_client
*auth
, uint32_t id
);
122 void accept_client(struct auth_client
*auth
);
123 void reject_client(struct auth_client
*auth
, uint32_t id
, const char *data
, const char *fmt
, ...);
125 void handle_new_connection(int parc
, char *parv
[]);
126 void handle_cancel_connection(int parc
, char *parv
[]);
127 void auth_client_free(struct auth_client
*auth
);
130 auth_client_ref(struct auth_client
*auth
)
136 auth_client_unref(struct auth_client
*auth
)
139 if (auth
->refcount
== 0)
140 auth_client_free(auth
);
143 /* Get a provider by name */
144 static inline struct auth_provider
*
145 find_provider(const char *name
)
149 RB_DLINK_FOREACH(ptr
, auth_providers
.head
)
151 struct auth_provider
*provider
= ptr
->data
;
153 if(strcasecmp(provider
->name
, name
) == 0)
160 /* Get a provider's id by name */
162 get_provider_id(const char *name
, uint32_t *id
)
164 struct auth_provider
*provider
= find_provider(name
);
175 /* Get a provider's raw status */
176 static inline provider_status_t
177 get_provider_status(struct auth_client
*auth
, uint32_t provider
)
179 return auth
->data
[provider
].status
;
182 /* Check if provider is operating on this auth client */
184 is_provider_running(struct auth_client
*auth
, uint32_t provider
)
186 return get_provider_status(auth
, provider
) == PROVIDER_STATUS_RUNNING
;
189 /* Check if provider has finished on this client */
191 is_provider_done(struct auth_client
*auth
, uint32_t provider
)
193 return get_provider_status(auth
, provider
) == PROVIDER_STATUS_DONE
;
196 /* Check if provider doesn't exist or has finished on this client */
198 run_after_provider(struct auth_client
*auth
, const char *name
)
202 if (get_provider_id(name
, &id
)) {
203 return get_provider_status(auth
, id
) == PROVIDER_STATUS_DONE
;
209 /* Get provider auth client data */
211 get_provider_data(struct auth_client
*auth
, uint32_t id
)
213 return auth
->data
[id
].data
;
216 /* Set provider auth client data */
218 set_provider_data(struct auth_client
*auth
, uint32_t id
, void *data
)
220 auth
->data
[id
].data
= data
;
223 /* Set timeout relative to current time on provider
224 * When the timeout lapses, the provider's timeout call will execute */
226 set_provider_timeout_relative(struct auth_client
*auth
, uint32_t id
, time_t timeout
)
228 auth
->data
[id
].timeout
= timeout
+ rb_current_time();
231 /* Set timeout value in absolute time (Unix timestamp)
232 * When the timeout lapses, the provider's timeout call will execute */
234 set_provider_timeout_absolute(struct auth_client
*auth
, uint32_t id
, time_t timeout
)
236 auth
->data
[id
].timeout
= timeout
;
239 /* Get the timeout value for the provider */
241 get_provider_timeout(struct auth_client
*auth
, uint32_t id
)
243 return auth
->data
[id
].timeout
;
246 #endif /* __CHARYBDIS_AUTHD_PROVIDER_H__ */