]> jfr.im git - solanum.git/blob - authd/provider.h
projects / solanum.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
chmode: Get elevated access for op-only queries
[solanum.git] / authd / provider.h
1 /* authd/provider.h - authentication provider framework
2 * Copyright (c) 2016 Elizabeth Myers <elizabeth@interlinked.me>
3 *
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice is present in all copies.
7 *
8 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
9 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
10 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
11 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
12 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
13 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
14 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
15 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
16 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
17 * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
18 * POSSIBILITY OF SUCH DAMAGE.
19 */
20
21 #ifndef __SOLANUM_AUTHD_PROVIDER_H__
22 #define __SOLANUM_AUTHD_PROVIDER_H__
23
24 #include "stdinc.h"
25 #include "authd.h"
26 #include "rb_dictionary.h"
27
28 #define MAX_PROVIDERS 32 /* This should be enough */
29
30 typedef enum
31 {
32 PROVIDER_STATUS_NOTRUN = 0,
33 PROVIDER_STATUS_RUNNING,
34 PROVIDER_STATUS_DONE,
35 } provider_status_t;
36
37 struct auth_client_data
38 {
39 struct auth_provider *provider; /* Pointer back */
40 time_t timeout; /* Provider timeout */
41 void *data; /* Provider data */
42 provider_status_t status; /* Provider status */
43 };
44
45 struct auth_client
46 {
47 uint32_t cid; /* Client ID */
48
49 int protocol; /* IP protocol (TCP/SCTP) */
50
51 char l_ip[HOSTIPLEN + 1]; /* Listener IP address */
52 uint16_t l_port; /* Listener port */
53 struct rb_sockaddr_storage l_addr; /* Listener address/port */
54
55 char c_ip[HOSTIPLEN + 1]; /* Client IP address */
56 uint16_t c_port; /* Client port */
57 struct rb_sockaddr_storage c_addr; /* Client address/port */
58
59 char hostname[HOSTLEN + 1]; /* Used for DNS lookup */
60 char username[USERLEN + 1]; /* Used for ident lookup */
61
62 bool providers_starting; /* Providers are still warming up */
63 bool providers_cancelled; /* Providers are being cancelled */
64 unsigned int providers_active; /* Number of active providers */
65 unsigned int refcount; /* Held references */
66
67 struct auth_client_data *data; /* Provider-specific data */
68 };
69
70 typedef bool (*provider_init_t)(void);
71 typedef void (*provider_destroy_t)(void);
72
73 typedef bool (*provider_start_t)(struct auth_client *);
74 typedef void (*provider_cancel_t)(struct auth_client *);
75 typedef void (*uint32_timeout_t)(struct auth_client *);
76 typedef void (*provider_complete_t)(struct auth_client *, uint32_t);
77
78 struct auth_stats_handler
79 {
80 const char letter;
81 authd_stat_handler handler;
82 };
83
84 struct auth_provider
85 {
86 rb_dlink_node node;
87
88 uint32_t id; /* Provider ID */
89
90 const char *name; /* Name of the provider */
91 char letter; /* Letter used on reject, etc. */
92
93 provider_init_t init; /* Initalise the provider */
94 provider_destroy_t destroy; /* Terminate the provider */
95
96 provider_start_t start; /* Perform authentication */
97 provider_cancel_t cancel; /* Authentication cancelled */
98 uint32_timeout_t timeout; /* Timeout callback */
99 provider_complete_t completed; /* Callback for when other performers complete (think dependency chains) */
100
101 struct auth_stats_handler stats_handler;
102
103 struct auth_opts_handler *opt_handlers;
104 };
105
106 extern struct auth_provider rdns_provider;
107 extern struct auth_provider ident_provider;
108 extern struct auth_provider dnsbl_provider;
109 extern struct auth_provider opm_provider;
110
111 extern rb_dlink_list auth_providers;
112 extern rb_dictionary *auth_clients;
113
114 void load_provider(struct auth_provider *provider);
115 void unload_provider(struct auth_provider *provider);
116
117 void init_providers(void);
118 void destroy_providers(void);
119 void cancel_providers(struct auth_client *auth);
120
121 void provider_done(struct auth_client *auth, uint32_t id);
122 void accept_client(struct auth_client *auth);
123 void reject_client(struct auth_client *auth, uint32_t id, const char *data, const char *fmt, ...);
124
125 void handle_new_connection(int parc, char *parv[]);
126 void handle_cancel_connection(int parc, char *parv[]);
127 void auth_client_free(struct auth_client *auth);
128
129 static inline void
130 auth_client_ref(struct auth_client *auth)
131 {
132 auth->refcount++;
133 }
134
135 static inline void
136 auth_client_unref(struct auth_client *auth)
137 {
138 auth->refcount--;
139 if (auth->refcount == 0)
140 auth_client_free(auth);
141 }
142
143 /* Get a provider by name */
144 static inline struct auth_provider *
145 find_provider(const char *name)
146 {
147 rb_dlink_node *ptr;
148
149 RB_DLINK_FOREACH(ptr, auth_providers.head)
150 {
151 struct auth_provider *provider = ptr->data;
152
153 if(strcasecmp(provider->name, name) == 0)
154 return provider;
155 }
156
157 return NULL;
158 }
159
160 /* Get a provider's id by name */
161 static inline bool
162 get_provider_id(const char *name, uint32_t *id)
163 {
164 struct auth_provider *provider = find_provider(name);
165
166 if(provider != NULL)
167 {
168 *id = provider->id;
169 return true;
170 }
171 else
172 return false;
173 }
174
175 /* Get a provider's raw status */
176 static inline provider_status_t
177 get_provider_status(struct auth_client *auth, uint32_t provider)
178 {
179 return auth->data[provider].status;
180 }
181
182 /* Check if provider is operating on this auth client */
183 static inline bool
184 is_provider_running(struct auth_client *auth, uint32_t provider)
185 {
186 return get_provider_status(auth, provider) == PROVIDER_STATUS_RUNNING;
187 }
188
189 /* Check if provider has finished on this client */
190 static inline bool
191 is_provider_done(struct auth_client *auth, uint32_t provider)
192 {
193 return get_provider_status(auth, provider) == PROVIDER_STATUS_DONE;
194 }
195
196 /* Check if provider doesn't exist or has finished on this client */
197 static inline bool
198 run_after_provider(struct auth_client *auth, const char *name)
199 {
200 uint32_t id;
201
202 if (get_provider_id(name, &id)) {
203 return get_provider_status(auth, id) == PROVIDER_STATUS_DONE;
204 } else {
205 return true;
206 }
207 }
208
209 /* Get provider auth client data */
210 static inline void *
211 get_provider_data(struct auth_client *auth, uint32_t id)
212 {
213 return auth->data[id].data;
214 }
215
216 /* Set provider auth client data */
217 static inline void
218 set_provider_data(struct auth_client *auth, uint32_t id, void *data)
219 {
220 auth->data[id].data = data;
221 }
222
223 /* Set timeout relative to current time on provider
224 * When the timeout lapses, the provider's timeout call will execute */
225 static inline void
226 set_provider_timeout_relative(struct auth_client *auth, uint32_t id, time_t timeout)
227 {
228 auth->data[id].timeout = timeout + rb_current_time();
229 }
230
231 /* Set timeout value in absolute time (Unix timestamp)
232 * When the timeout lapses, the provider's timeout call will execute */
233 static inline void
234 set_provider_timeout_absolute(struct auth_client *auth, uint32_t id, time_t timeout)
235 {
236 auth->data[id].timeout = timeout;
237 }
238
239 /* Get the timeout value for the provider */
240 static inline time_t
241 get_provider_timeout(struct auth_client *auth, uint32_t id)
242 {
243 return auth->data[id].timeout;
244 }
245
246 #endif /* __SOLANUM_AUTHD_PROVIDER_H__ */
Fork of solanum ircd, history is rebased regularly