src/privilege.c

   1 /*
   2  * charybdis: an advanced ircd.
   3  * privilege.c: Dynamic privileges API.
   4  *
   5  * Copyright (c) 2008 William Pitcock <nenolod@dereferenced.org>
   6  *
   7  * Permission to use, copy, modify, and/or distribute this software for any
   8  * purpose with or without fee is hereby granted, provided that the above
   9  * copyright notice and this permission notice is present in all copies.
  10  *
  11  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
  12  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
  13  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
  14  * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
  15  * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
  16  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
  17  * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  18  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  19  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
  20  * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  21  * POSSIBILITY OF SUCH DAMAGE.
  22  */
  23
  24 #include <stdinc.h>
  25 #include "s_conf.h"
  26 #include "privilege.h"
  27
  28 static rb_dlink_list privilegeset_list = {};
  29
  30 int
  31 privilegeset_in_set(struct PrivilegeSet *set, const char *priv)
  32 {
  33         s_assert(set != NULL);
  34         s_assert(priv != NULL);
  35
  36         return strstr(set->privs, priv) != NULL;
  37 }
  38
  39 static struct PrivilegeSet *
  40 privilegeset_get_any(const char *name)
  41 {
  42         rb_dlink_node *iter;
  43
  44         s_assert(name != NULL);
  45
  46         RB_DLINK_FOREACH(iter, privilegeset_list.head)
  47         {
  48                 struct PrivilegeSet *set = (struct PrivilegeSet *) iter->data;
  49
  50                 if (!strcasecmp(set->name, name))
  51                         return set;
  52         }
  53
  54         return NULL;
  55 }
  56
  57 struct PrivilegeSet *
  58 privilegeset_set_new(const char *name, const char *privs, PrivilegeFlags flags)
  59 {
  60         struct PrivilegeSet *set;
  61
  62         set = privilegeset_get_any(name);
  63         if (set != NULL)
  64         {
  65                 if (!(set->status & CONF_ILLEGAL))
  66                         ilog(L_MAIN, "Duplicate privset %s", name);
  67                 set->status &= ~CONF_ILLEGAL;
  68                 rb_free(set->privs);
  69         }
  70         else
  71         {
  72                 set = rb_malloc(sizeof(struct PrivilegeSet));
  73                 set->status = 0;
  74                 set->refs = 0;
  75                 set->name = rb_strdup(name);
  76
  77                 rb_dlinkAdd(set, &set->node, &privilegeset_list);
  78         }
  79         set->privs = rb_strdup(privs);
  80         set->flags = flags;
  81
  82         return set;
  83 }
  84
  85 struct PrivilegeSet *
  86 privilegeset_extend(struct PrivilegeSet *parent, const char *name, const char *privs, PrivilegeFlags flags)
  87 {
  88         struct PrivilegeSet *set;
  89
  90         s_assert(parent != NULL);
  91         s_assert(name != NULL);
  92         s_assert(privs != NULL);
  93
  94         set = privilegeset_get_any(name);
  95         if (set != NULL)
  96         {
  97                 if (!(set->status & CONF_ILLEGAL))
  98                         ilog(L_MAIN, "Duplicate privset %s", name);
  99                 set->status &= ~CONF_ILLEGAL;
 100                 rb_free(set->privs);
 101         }
 102         else
 103         {
 104                 set = rb_malloc(sizeof(struct PrivilegeSet));
 105                 set->status = 0;
 106                 set->refs = 0;
 107                 set->name = rb_strdup(name);
 108
 109                 rb_dlinkAdd(set, &set->node, &privilegeset_list);
 110         }
 111         set->flags = flags;
 112         set->privs = rb_malloc(strlen(parent->privs) + 1 + strlen(privs) + 1);
 113         strcpy(set->privs, parent->privs);
 114         strcat(set->privs, " ");
 115         strcat(set->privs, privs);
 116
 117         return set;
 118 }
 119
 120 struct PrivilegeSet *
 121 privilegeset_get(const char *name)
 122 {
 123         struct PrivilegeSet *set;
 124
 125         set = privilegeset_get_any(name);
 126         if (set != NULL && set->status & CONF_ILLEGAL)
 127                 set = NULL;
 128         return set;
 129 }
 130
 131 struct PrivilegeSet *
 132 privilegeset_ref(struct PrivilegeSet *set)
 133 {
 134         s_assert(set != NULL);
 135
 136         set->refs++;
 137
 138         return set;
 139 }
 140
 141 void
 142 privilegeset_unref(struct PrivilegeSet *set)
 143 {
 144         s_assert(set != NULL);
 145
 146         if (set->refs > 0)
 147                 set->refs--;
 148         else
 149                 ilog(L_MAIN, "refs on privset %s is already 0",
 150                                 set->name);
 151         if (set->refs == 0 && set->status & CONF_ILLEGAL)
 152         {
 153                 rb_dlinkDelete(&set->node, &privilegeset_list);
 154
 155                 rb_free(set->name);
 156                 rb_free(set->privs);
 157                 rb_free(set);
 158         }
 159 }
 160
 161 void
 162 privilegeset_mark_all_illegal(void)
 163 {
 164         rb_dlink_node *iter;
 165
 166         RB_DLINK_FOREACH(iter, privilegeset_list.head)
 167         {
 168                 struct PrivilegeSet *set = (struct PrivilegeSet *) iter->data;
 169
 170                 /* the "default" privset is special and must remain available */
 171                 if (!strcmp(set->name, "default"))
 172                         continue;
 173
 174                 set->status |= CONF_ILLEGAL;
 175                 /* but do not free it yet */
 176         }
 177 }
 178
 179 void
 180 privilegeset_delete_all_illegal(void)
 181 {
 182         rb_dlink_node *iter, *next;
 183
 184         RB_DLINK_FOREACH_SAFE(iter, next, privilegeset_list.head)
 185         {
 186                 struct PrivilegeSet *set = (struct PrivilegeSet *) iter->data;
 187
 188                 privilegeset_ref(set);
 189                 privilegeset_unref(set);
 190         }
 191 }