|
Packit Service |
9f2c4a |
/* Copyright (C) 2011 the GSS-PROXY contributors, see COPYING for license */
|
|
Packit Service |
9f2c4a |
|
|
Packit Service |
9f2c4a |
#ifndef _GP_PROXY_H_
|
|
Packit Service |
9f2c4a |
#define _GP_PROXY_H_
|
|
Packit Service |
9f2c4a |
|
|
Packit Service |
9f2c4a |
#include <libintl.h>
|
|
Packit Service |
9f2c4a |
#include <stdbool.h>
|
|
Packit Service |
9f2c4a |
#include <stdint.h>
|
|
Packit Service |
9f2c4a |
#include <gssapi/gssapi_ext.h>
|
|
Packit Service |
9f2c4a |
#include "verto.h"
|
|
Packit Service |
9f2c4a |
#include "gp_common.h"
|
|
Packit Service |
9f2c4a |
#include "gp_selinux.h"
|
|
Packit Service |
9f2c4a |
|
|
Packit Service |
9f2c4a |
#define _(STRING) gettext(STRING)
|
|
Packit Service |
9f2c4a |
#define discard_const(ptr) ((void *)((uintptr_t)(ptr)))
|
|
Packit Service |
9f2c4a |
|
|
Packit Service |
9f2c4a |
#define LINUX_PROC_USE_GSS_PROXY_FILE "/proc/net/rpc/use-gss-proxy"
|
|
Packit Service |
9f2c4a |
|
|
Packit Service |
9f2c4a |
#define GP_CRED_KRB5 0x01
|
|
Packit Service |
9f2c4a |
|
|
Packit Service |
9f2c4a |
struct gp_creds_handle;
|
|
Packit Service |
9f2c4a |
|
|
Packit Service |
9f2c4a |
struct gp_cred_krb5 {
|
|
Packit Service |
9f2c4a |
char *principal;
|
|
Packit Service |
9f2c4a |
gss_key_value_set_desc store;
|
|
Packit Service |
9f2c4a |
struct gp_creds_handle *creds_handle;
|
|
Packit Service |
9f2c4a |
};
|
|
Packit Service |
9f2c4a |
|
|
Packit Service |
9f2c4a |
struct gp_service {
|
|
Packit Service |
9f2c4a |
char *name;
|
|
Packit Service |
9f2c4a |
uid_t euid;
|
|
Packit Service |
9f2c4a |
bool any_uid;
|
|
Packit Service |
9f2c4a |
bool allow_proto_trans;
|
|
Packit Service |
9f2c4a |
bool allow_const_deleg;
|
|
Packit Service |
9f2c4a |
bool allow_cc_sync;
|
|
Packit Service |
9f2c4a |
bool trusted;
|
|
Packit Service |
9f2c4a |
bool kernel_nfsd;
|
|
Packit Service |
9f2c4a |
bool impersonate;
|
|
Packit Service |
9f2c4a |
char *socket;
|
|
Packit Service |
9f2c4a |
SELINUX_CTX selinux_ctx;
|
|
Packit Service |
9f2c4a |
gss_cred_usage_t cred_usage;
|
|
Packit Service |
9f2c4a |
uint32_t filter_flags;
|
|
Packit Service |
9f2c4a |
uint32_t enforce_flags;
|
|
Packit Service |
9f2c4a |
char *program;
|
|
Packit Service |
9f2c4a |
|
|
Packit Service |
9f2c4a |
uint32_t mechs;
|
|
Packit Service |
9f2c4a |
struct gp_cred_krb5 krb5;
|
|
Packit Service |
9f2c4a |
|
|
Packit Service |
9f2c4a |
verto_ev *ev;
|
|
Packit Service |
9f2c4a |
};
|
|
Packit Service |
9f2c4a |
|
|
Packit Service |
9f2c4a |
struct gp_config {
|
|
Packit Service |
9f2c4a |
char *config_file; /* gssproxy configuration file */
|
|
Packit Service |
9f2c4a |
char *config_dir; /* gssproxy configuration directory */
|
|
Packit Service |
9f2c4a |
bool daemonize; /* let gssproxy daemonize */
|
|
Packit Service |
9f2c4a |
char *socket_name; /* the socket name to use for */
|
|
Packit Service |
9f2c4a |
int num_workers; /* number of worker threads */
|
|
Packit Service |
9f2c4a |
|
|
Packit Service |
9f2c4a |
struct gp_service **svcs;
|
|
Packit Service |
9f2c4a |
int num_svcs;
|
|
Packit Service |
9f2c4a |
|
|
Packit Service |
9f2c4a |
char *proxy_user; /* user to drop privs to if not NULL */
|
|
Packit Service |
9f2c4a |
};
|
|
Packit Service |
9f2c4a |
|
|
Packit Service |
9f2c4a |
struct gp_workers;
|
|
Packit Service |
9f2c4a |
|
|
Packit Service |
9f2c4a |
struct gssproxy_ctx {
|
|
Packit Service |
9f2c4a |
struct gp_config *config;
|
|
Packit Service |
9f2c4a |
struct gp_workers *workers;
|
|
Packit Service |
9f2c4a |
verto_ctx *vctx;
|
|
Packit Service |
9f2c4a |
verto_ev *sock_ev; /* default socket event */
|
|
Packit Service |
9f2c4a |
};
|
|
Packit Service |
9f2c4a |
|
|
Packit Service |
9f2c4a |
struct gp_sock_ctx {
|
|
Packit Service |
9f2c4a |
struct gssproxy_ctx *gpctx;
|
|
Packit Service |
9f2c4a |
const char *socket;
|
|
Packit Service |
9f2c4a |
int fd;
|
|
Packit Service |
9f2c4a |
};
|
|
Packit Service |
9f2c4a |
|
|
Packit Service |
9f2c4a |
struct gp_conn;
|
|
Packit Service |
9f2c4a |
|
|
Packit Service |
9f2c4a |
struct gp_call_ctx {
|
|
Packit Service |
9f2c4a |
struct gssproxy_ctx *gpctx;
|
|
Packit Service |
9f2c4a |
struct gp_service *service;
|
|
Packit Service |
9f2c4a |
struct gp_conn *connection;
|
|
Packit Service |
9f2c4a |
void (*destroy_callback)(void *);
|
|
Packit Service |
9f2c4a |
void *destroy_callback_data;
|
|
Packit Service |
9f2c4a |
};
|
|
Packit Service |
9f2c4a |
|
|
Packit Service |
9f2c4a |
/* from gp_config.c */
|
|
Packit Service |
9f2c4a |
struct gp_config *read_config(char *config_file, char *config_dir,
|
|
Packit Service |
9f2c4a |
char *socket_name, int opt_daemonize);
|
|
Packit Service |
9f2c4a |
struct gp_creds_handle *gp_service_get_creds_handle(struct gp_service *svc);
|
|
Packit Service |
9f2c4a |
void free_config(struct gp_config **config);
|
|
Packit Service |
9f2c4a |
void free_cred_store_elements(gss_key_value_set_desc *cs);
|
|
Packit Service |
9f2c4a |
|
|
Packit Service |
9f2c4a |
/* from gp_init.c */
|
|
Packit Service |
9f2c4a |
void init_server(bool daemonize, int *wait_fd);
|
|
Packit Service |
9f2c4a |
void init_done(int wait_fd);
|
|
Packit Service |
9f2c4a |
void fini_server(void);
|
|
Packit Service |
9f2c4a |
verto_ctx *init_event_loop(void);
|
|
Packit Service |
9f2c4a |
void init_proc_nfsd(struct gp_config *cfg);
|
|
Packit Service |
9f2c4a |
void write_pid(void);
|
|
Packit Service |
9f2c4a |
int drop_privs(struct gp_config *cfg);
|
|
Packit Service |
9f2c4a |
|
|
Packit Service |
9f2c4a |
/* from gp_socket.c */
|
|
Packit Service |
9f2c4a |
void free_unix_socket(verto_ctx *ctx, verto_ev *ev);
|
|
Packit Service |
9f2c4a |
struct gp_sock_ctx *init_unix_socket(struct gssproxy_ctx *gpctx,
|
|
Packit Service |
9f2c4a |
const char *file_name);
|
|
Packit Service |
9f2c4a |
void accept_sock_conn(verto_ctx *vctx, verto_ev *ev);
|
|
Packit Service |
9f2c4a |
void gp_conn_free(struct gp_conn *conn);
|
|
Packit Service |
9f2c4a |
void gp_socket_send_data(verto_ctx *vctx, struct gp_conn *conn,
|
|
Packit Service |
9f2c4a |
uint8_t *buffer, size_t buflen);
|
|
Packit Service |
9f2c4a |
struct gp_creds *gp_conn_get_creds(struct gp_conn *conn);
|
|
Packit Service |
9f2c4a |
uid_t gp_conn_get_uid(struct gp_conn *conn);
|
|
Packit Service |
9f2c4a |
const char *gp_conn_get_socket(struct gp_conn *conn);
|
|
Packit Service |
9f2c4a |
int gp_conn_get_cid(struct gp_conn *conn);
|
|
Packit Service |
9f2c4a |
const char *gp_conn_get_program(struct gp_conn *conn);
|
|
Packit Service |
9f2c4a |
bool gp_selinux_ctx_equal(SELINUX_CTX ctx1, SELINUX_CTX ctx2);
|
|
Packit Service |
9f2c4a |
bool gp_conn_check_selinux(struct gp_conn *conn, SELINUX_CTX ctx);
|
|
Packit Service |
9f2c4a |
|
|
Packit Service |
9f2c4a |
/* from gp_workers.c */
|
|
Packit Service |
9f2c4a |
int gp_workers_init(struct gssproxy_ctx *gpctx);
|
|
Packit Service |
9f2c4a |
void gp_workers_free(struct gp_workers *w);
|
|
Packit Service |
9f2c4a |
int gp_query_new(struct gp_workers *w, struct gp_conn *conn,
|
|
Packit Service |
9f2c4a |
uint8_t *buffer, size_t buflen);
|
|
Packit Service |
9f2c4a |
|
|
Packit Service |
9f2c4a |
/* from gp_rpc.c */
|
|
Packit Service |
9f2c4a |
int gp_rpc_process_call(struct gp_call_ctx *gpcall,
|
|
Packit Service |
9f2c4a |
uint8_t *inbuf, size_t inlen,
|
|
Packit Service |
9f2c4a |
uint8_t **outbuf, size_t *outlen);
|
|
Packit Service |
9f2c4a |
|
|
Packit Service |
9f2c4a |
/* from gp_creds.c */
|
|
Packit Service |
9f2c4a |
struct gp_service *gp_creds_match_conn(struct gssproxy_ctx *gpctx,
|
|
Packit Service |
9f2c4a |
struct gp_conn *conn);
|
|
Packit Service |
9f2c4a |
|
|
Packit Service |
9f2c4a |
/* from gp_export.c */
|
|
Packit Service |
9f2c4a |
uint32_t gp_init_creds_handle(uint32_t *min, const char *svc_name,
|
|
Packit Service |
9f2c4a |
const char *keytab,
|
|
Packit Service |
9f2c4a |
struct gp_creds_handle **out);
|
|
Packit Service |
9f2c4a |
void gp_free_creds_handle(struct gp_creds_handle **in);
|
|
Packit Service |
9f2c4a |
|
|
Packit Service |
9f2c4a |
#endif /* _GP_PROXY_H_ */
|