authd/provider.h

   1 /* authd/provider.h - authentication provider framework
   2  * Copyright (c) 2016 Elizabeth Myers <elizabeth@interlinked.me>
   3  *
   4  * Permission to use, copy, modify, and/or distribute this software for any
   5  * purpose with or without fee is hereby granted, provided that the above
   6  * copyright notice and this permission notice is present in all copies.
   7  *
   8  * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
   9  * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
  10  * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
  11  * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
  12  * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
  13  * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
  14  * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
  15  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
  16  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
  17  * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  18  * POSSIBILITY OF SUCH DAMAGE.
  19  */
  20
  21 #ifndef __CHARYBDIS_AUTHD_PROVIDER_H__
  22 #define __CHARYBDIS_AUTHD_PROVIDER_H__
  23
  24 #include "stdinc.h"
  25 #include "authd.h"
  26 #include "rb_dictionary.h"
  27
  28 #define MAX_PROVIDERS 32        /* This should be enough */
  29
  30 /* Registered providers */
  31 typedef enum
  32 {
  33         PROVIDER_RDNS,
  34         PROVIDER_IDENT,
  35         PROVIDER_BLACKLIST,
  36         PROVIDER_OPM,
  37 } provider_t;
  38
  39 struct auth_client
  40 {
  41         uint16_t cid;                           /* Client ID */
  42
  43         char l_ip[HOSTIPLEN + 1];               /* Listener IP address */
  44         uint16_t l_port;                        /* Listener port */
  45         struct rb_sockaddr_storage l_addr;      /* Listener address/port */
  46
  47         char c_ip[HOSTIPLEN + 1];               /* Client IP address */
  48         uint16_t c_port;                        /* Client port */
  49         struct rb_sockaddr_storage c_addr;      /* Client address/port */
  50
  51         char hostname[HOSTLEN + 1];             /* Used for DNS lookup */
  52         char username[USERLEN + 1];             /* Used for ident lookup */
  53
  54         uint32_t providers;                     /* Providers at work,
  55                                                  * none left when set to 0 */
  56         uint32_t providers_done;                /* Providers completed */
  57         bool providers_starting;                /* Providers are still warming up */
  58
  59         void *data[MAX_PROVIDERS];              /* Provider-specific data slots */
  60         time_t timeout[MAX_PROVIDERS];          /* When to call timeout callback */
  61 };
  62
  63 typedef bool (*provider_init_t)(void);
  64 typedef void (*provider_destroy_t)(void);
  65
  66 typedef bool (*provider_start_t)(struct auth_client *);
  67 typedef void (*provider_cancel_t)(struct auth_client *);
  68 typedef void (*provider_timeout_t)(struct auth_client *);
  69 typedef void (*provider_complete_t)(struct auth_client *, provider_t);
  70
  71 struct auth_stats_handler
  72 {
  73         const char letter;
  74         authd_stat_handler handler;
  75 };
  76
  77 struct auth_provider
  78 {
  79         rb_dlink_node node;
  80
  81         provider_t id;
  82
  83         provider_init_t init;           /* Initalise the provider */
  84         provider_destroy_t destroy;     /* Terminate the provider */
  85
  86         provider_start_t start;         /* Perform authentication */
  87         provider_cancel_t cancel;       /* Authentication cancelled */
  88         provider_timeout_t timeout;     /* Timeout callback */
  89         provider_complete_t completed;  /* Callback for when other performers complete (think dependency chains) */
  90
  91         struct auth_stats_handler stats_handler;
  92
  93         struct auth_opts_handler *opt_handlers;
  94 };
  95
  96 extern rb_dlink_list auth_providers;
  97 extern rb_dictionary *auth_clients;
  98
  99 extern struct auth_provider rdns_provider;
 100 extern struct auth_provider ident_provider;
 101 extern struct auth_provider blacklist_provider;
 102 extern struct auth_provider opm_provider;
 103
 104 void load_provider(struct auth_provider *provider);
 105 void unload_provider(struct auth_provider *provider);
 106
 107 void init_providers(void);
 108 void destroy_providers(void);
 109 void cancel_providers(struct auth_client *auth);
 110
 111 void provider_done(struct auth_client *auth, provider_t id);
 112 void accept_client(struct auth_client *auth, provider_t id);
 113 void reject_client(struct auth_client *auth, provider_t id, const char *data, const char *fmt, ...);
 114
 115 void handle_new_connection(int parc, char *parv[]);
 116 void handle_cancel_connection(int parc, char *parv[]);
 117
 118 /* Provider is operating on this auth_client (set this if you have async work to do) */
 119 static inline void
 120 set_provider_on(struct auth_client *auth, provider_t provider)
 121 {
 122         auth->providers |= (1 << provider);
 123 }
 124
 125 /* Provider is no longer operating on this auth client (you should use provider_done) */
 126 static inline void
 127 set_provider_off(struct auth_client *auth, provider_t provider)
 128 {
 129         auth->providers &= ~(1 << provider);
 130 }
 131
 132 /* Set the provider to done (you should use provider_done) */
 133 static inline void
 134 set_provider_done(struct auth_client *auth, provider_t provider)
 135 {
 136         auth->providers_done |= (1 << provider);
 137 }
 138
 139 /* Check if provider is operating on this auth client */
 140 static inline bool
 141 is_provider_on(struct auth_client *auth, provider_t provider)
 142 {
 143         return auth->providers & (1 << provider);
 144 }
 145
 146 static inline bool
 147 is_provider_done(struct auth_client *auth, provider_t provider)
 148 {
 149         return auth->providers_done & (1 << provider);
 150 }
 151
 152 #endif /* __CHARYBDIS_AUTHD_PROVIDER_H__ */