|
Packit |
f574b8 |
/* PROTECTION SETUP FILE
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
*/
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
#ifndef HTAAPROT_H
|
|
Packit |
f574b8 |
#define HTAAPROT_H
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
#include <HTGroup.h>
|
|
Packit |
f574b8 |
#include <HTAssoc.h>
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
#ifdef __cplusplus
|
|
Packit |
f574b8 |
extern "C" {
|
|
Packit |
f574b8 |
#endif
|
|
Packit |
f574b8 |
/*
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
Server's Representation of Document (Tree) Protections
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
*/ typedef struct {
|
|
Packit |
f574b8 |
char *ctemplate; /* Template for this protection */
|
|
Packit |
f574b8 |
char *filename; /* Current document file */
|
|
Packit |
f574b8 |
char *uid_name; /* Effective uid (name of it) */
|
|
Packit |
f574b8 |
char *gid_name; /* Effective gid (name of it) */
|
|
Packit |
f574b8 |
GroupDef *mask_group; /* Allowed users and IP addresses */
|
|
Packit |
f574b8 |
HTList *valid_schemes; /* Valid authentication schemes */
|
|
Packit |
f574b8 |
HTAssocList *values; /* Association list for scheme specific */
|
|
Packit |
f574b8 |
/* parameters. */
|
|
Packit |
f574b8 |
} HTAAProt;
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
/*
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
Callbacks for rule system
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
The following three functioncs are called by the rule system:
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
HTAA_clearProtections() when starting to translate a filename
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
HTAA_setDefaultProtection() when "defprot" rule is matched
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
HTAA_setCurrentProtection() when "protect" rule is matched
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
Protection setup files are cached by these functions.
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
*/
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
/* PUBLIC HTAA_setDefaultProtection()
|
|
Packit |
f574b8 |
* SET THE DEFAULT PROTECTION MODE
|
|
Packit |
f574b8 |
* (called by rule system when a
|
|
Packit |
f574b8 |
* "defprot" rule is matched)
|
|
Packit |
f574b8 |
* ON ENTRY:
|
|
Packit |
f574b8 |
* cur_docname is the current result of rule translations.
|
|
Packit |
f574b8 |
* prot_filename is the protection setup file (second argument
|
|
Packit |
f574b8 |
* for "defprot" rule, optional)
|
|
Packit |
f574b8 |
* eff_ids contains user and group names separated by
|
|
Packit |
f574b8 |
* a dot, corresponding to the effective uid
|
|
Packit |
f574b8 |
* gid under which the server should run,
|
|
Packit |
f574b8 |
* default is "nobody.nogroup" (third argument
|
|
Packit |
f574b8 |
* for "defprot" rule, optional; can be given
|
|
Packit |
f574b8 |
* only if protection setup file is also given).
|
|
Packit |
f574b8 |
*
|
|
Packit |
f574b8 |
* ON EXIT:
|
|
Packit |
f574b8 |
* returns nothing.
|
|
Packit |
f574b8 |
* Sets the module-wide variable default_prot.
|
|
Packit |
f574b8 |
*/
|
|
Packit |
f574b8 |
extern void HTAA_setDefaultProtection(const char *cur_docname,
|
|
Packit |
f574b8 |
const char *prot_filename,
|
|
Packit |
f574b8 |
const char *eff_ids);
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
/* PUBLIC HTAA_setCurrentProtection()
|
|
Packit |
f574b8 |
* SET THE CURRENT PROTECTION MODE
|
|
Packit |
f574b8 |
* (called by rule system when a
|
|
Packit |
f574b8 |
* "protect" rule is matched)
|
|
Packit |
f574b8 |
* ON ENTRY:
|
|
Packit |
f574b8 |
* cur_docname is the current result of rule translations.
|
|
Packit |
f574b8 |
* prot_filename is the protection setup file (second argument
|
|
Packit |
f574b8 |
* for "protect" rule, optional)
|
|
Packit |
f574b8 |
* eff_ids contains user and group names separated by
|
|
Packit |
f574b8 |
* a dot, corresponding to the effective uid
|
|
Packit |
f574b8 |
* gid under which the server should run,
|
|
Packit |
f574b8 |
* default is "nobody.nogroup" (third argument
|
|
Packit |
f574b8 |
* for "protect" rule, optional; can be given
|
|
Packit |
f574b8 |
* only if protection setup file is also given).
|
|
Packit |
f574b8 |
*
|
|
Packit |
f574b8 |
* ON EXIT:
|
|
Packit |
f574b8 |
* returns nothing.
|
|
Packit |
f574b8 |
* Sets the module-wide variable current_prot.
|
|
Packit |
f574b8 |
*/
|
|
Packit |
f574b8 |
extern void HTAA_setCurrentProtection(const char *cur_docname,
|
|
Packit |
f574b8 |
const char *prot_filename,
|
|
Packit |
f574b8 |
const char *eff_ids);
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
/* SERVER INTERNAL HTAA_clearProtections()
|
|
Packit |
f574b8 |
* CLEAR DOCUMENT PROTECTION MODE
|
|
Packit |
f574b8 |
* (ALSO DEFAULT PROTECTION)
|
|
Packit |
f574b8 |
* (called by the rule system)
|
|
Packit |
f574b8 |
* ON ENTRY:
|
|
Packit |
f574b8 |
* No arguments.
|
|
Packit |
f574b8 |
*
|
|
Packit |
f574b8 |
* ON EXIT:
|
|
Packit |
f574b8 |
* returns nothing.
|
|
Packit |
f574b8 |
* Frees the memory used by protection information.
|
|
Packit |
f574b8 |
*/
|
|
Packit |
f574b8 |
extern void HTAA_clearProtections(void);
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
/*
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
Getting Protection Settings
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
HTAA_getCurrentProtection() returns the current protection mode (if there was a
|
|
Packit |
f574b8 |
"protect" rule). NULL, if no "protect" rule has been matched.
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
HTAA_getDefaultProtection() sets the current protection mode to what it was set to
|
|
Packit |
f574b8 |
by "defprot" rule and also returns it (therefore after this call also
|
|
Packit |
f574b8 |
HTAA_getCurrentProtection() returns the same structure.
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
*/
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
/* PUBLIC HTAA_getCurrentProtection()
|
|
Packit |
f574b8 |
* GET CURRENT PROTECTION SETUP STRUCTURE
|
|
Packit |
f574b8 |
* (this is set up by callbacks made from
|
|
Packit |
f574b8 |
* the rule system when matching "protect"
|
|
Packit |
f574b8 |
* (and "defprot") rules)
|
|
Packit |
f574b8 |
* ON ENTRY:
|
|
Packit |
f574b8 |
* HTTranslate() must have been called before calling
|
|
Packit |
f574b8 |
* this function.
|
|
Packit |
f574b8 |
*
|
|
Packit |
f574b8 |
* ON EXIT:
|
|
Packit |
f574b8 |
* returns a HTAAProt structure representing the
|
|
Packit |
f574b8 |
* protection setup of the HTTranslate()'d file.
|
|
Packit |
f574b8 |
* This must not be free()'d.
|
|
Packit |
f574b8 |
*/
|
|
Packit |
f574b8 |
extern HTAAProt *HTAA_getCurrentProtection(void);
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
/* PUBLIC HTAA_getDefaultProtection()
|
|
Packit |
f574b8 |
* GET DEFAULT PROTECTION SETUP STRUCTURE
|
|
Packit |
f574b8 |
* (this is set up by callbacks made from
|
|
Packit |
f574b8 |
* the rule system when matching "defprot"
|
|
Packit |
f574b8 |
* rules)
|
|
Packit |
f574b8 |
* ON ENTRY:
|
|
Packit |
f574b8 |
* HTTranslate() must have been called before calling
|
|
Packit |
f574b8 |
* this function.
|
|
Packit |
f574b8 |
*
|
|
Packit |
f574b8 |
* ON EXIT:
|
|
Packit |
f574b8 |
* returns a HTAAProt structure representing the
|
|
Packit |
f574b8 |
* default protection setup of the HTTranslate()'d
|
|
Packit |
f574b8 |
* file (if HTAA_getCurrentProtection() returned
|
|
Packit |
f574b8 |
* NULL, i.e., if there is no "protect" rule
|
|
Packit |
f574b8 |
* but ACL exists, and we need to know default
|
|
Packit |
f574b8 |
* protection settings).
|
|
Packit |
f574b8 |
* This must not be free()'d.
|
|
Packit |
f574b8 |
*/
|
|
Packit |
f574b8 |
extern HTAAProt *HTAA_getDefaultProtection(void);
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
/*
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
Get User and Group IDs to Which Set to
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
*/
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
#ifndef NOUSERS
|
|
Packit |
f574b8 |
/* PUBLIC HTAA_getUid()
|
|
Packit |
f574b8 |
* GET THE USER ID TO CHANGE THE PROCESS UID TO
|
|
Packit |
f574b8 |
* ON ENTRY:
|
|
Packit |
f574b8 |
* No arguments.
|
|
Packit |
f574b8 |
*
|
|
Packit |
f574b8 |
* ON EXIT:
|
|
Packit |
f574b8 |
* returns the uid number to give to setuid() system call.
|
|
Packit |
f574b8 |
* Default is 65534 (nobody).
|
|
Packit |
f574b8 |
*/
|
|
Packit |
f574b8 |
extern int HTAA_getUid(void);
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
/* PUBLIC HTAA_getGid()
|
|
Packit |
f574b8 |
* GET THE GROUP ID TO CHANGE THE PROCESS GID TO
|
|
Packit |
f574b8 |
* ON ENTRY:
|
|
Packit |
f574b8 |
* No arguments.
|
|
Packit |
f574b8 |
*
|
|
Packit |
f574b8 |
* ON EXIT:
|
|
Packit |
f574b8 |
* returns the uid number to give to setgid() system call.
|
|
Packit |
f574b8 |
* Default is 65534 (nogroup).
|
|
Packit |
f574b8 |
*/
|
|
Packit |
f574b8 |
extern int HTAA_getGid(void);
|
|
Packit |
f574b8 |
#endif /* !NOUSERS */
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
/* PUBLIC HTAA_UidToName
|
|
Packit |
f574b8 |
* GET THE USER NAME
|
|
Packit |
f574b8 |
* ON ENTRY:
|
|
Packit |
f574b8 |
* The user-id
|
|
Packit |
f574b8 |
*
|
|
Packit |
f574b8 |
* ON EXIT:
|
|
Packit |
f574b8 |
* returns the user name
|
|
Packit |
f574b8 |
*/
|
|
Packit |
f574b8 |
extern const char *HTAA_UidToName(int uid);
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
/* PUBLIC HTAA_NameToUid
|
|
Packit |
f574b8 |
* GET THE USER ID
|
|
Packit |
f574b8 |
* ON ENTRY:
|
|
Packit |
f574b8 |
* The user-name
|
|
Packit |
f574b8 |
*
|
|
Packit |
f574b8 |
* ON EXIT:
|
|
Packit |
f574b8 |
* returns the user id
|
|
Packit |
f574b8 |
*/
|
|
Packit |
f574b8 |
extern int HTAA_NameToUid(const char *name);
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
/* PUBLIC HTAA_GidToName
|
|
Packit |
f574b8 |
* GET THE GROUP NAME
|
|
Packit |
f574b8 |
* ON ENTRY:
|
|
Packit |
f574b8 |
* The group-id
|
|
Packit |
f574b8 |
*
|
|
Packit |
f574b8 |
* ON EXIT:
|
|
Packit |
f574b8 |
* returns the group name
|
|
Packit |
f574b8 |
*/
|
|
Packit |
f574b8 |
extern const char *HTAA_GidToName(int gid);
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
/* PUBLIC HTAA_NameToGid
|
|
Packit |
f574b8 |
* GET THE GROUP ID
|
|
Packit |
f574b8 |
* ON ENTRY:
|
|
Packit |
f574b8 |
* The group-name
|
|
Packit |
f574b8 |
*
|
|
Packit |
f574b8 |
* ON EXIT:
|
|
Packit |
f574b8 |
* returns the group id
|
|
Packit |
f574b8 |
*/
|
|
Packit |
f574b8 |
extern int HTAA_NameToGid(const char *name);
|
|
Packit |
f574b8 |
|
|
Packit |
f574b8 |
#ifdef __cplusplus
|
|
Packit |
f574b8 |
}
|
|
Packit |
f574b8 |
#endif
|
|
Packit |
f574b8 |
#endif /* not HTAAPROT_H */
|