Project

General

Profile

Statistics
| Revision:

root / lab4 / .minix-src / include / tcpd.h @ 13

History | View | Annotate | Download (7.48 KB)

1 13 up20180614
/*        $NetBSD: tcpd.h,v 1.14 2012/03/22 22:59:43 joerg Exp $        */
2
 /*
3
  * @(#) tcpd.h 1.5 96/03/19 16:22:24
4
  *
5
  * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands.
6
  */
7
8
#include <sys/cdefs.h>
9
#include <stdio.h>
10
11
/* Structure to describe one communications endpoint. */
12
13
#define STRING_LENGTH        128                /* hosts, users, processes */
14
15
struct host_info {
16
    char    name[STRING_LENGTH];        /* access via eval_hostname(host) */
17
    char    addr[STRING_LENGTH];        /* access via eval_hostaddr(host) */
18
    struct sockaddr *sin;                /* socket address or 0 */
19
    struct t_unitdata *unit;                /* TLI transport address or 0 */
20
    struct request_info *request;        /* for shared information */
21
};
22
23
/* Structure to describe what we know about a service request. */
24
25
struct request_info {
26
    int     fd;                                /* socket handle */
27
    char    user[STRING_LENGTH];        /* access via eval_user(request) */
28
    char    daemon[STRING_LENGTH];        /* access via eval_daemon(request) */
29
    char    pid[10];                        /* access via eval_pid(request) */
30
    struct host_info client[1];                /* client endpoint info */
31
    struct host_info server[1];                /* server endpoint info */
32
    void (*sink)(int);                        /* datagram sink function or 0 */
33
    void (*hostname)(struct host_info *); /* address to printable hostname */
34
    void (*hostaddr)(struct host_info *); /* address to printable address */
35
    void (*cleanup)(void);                /* cleanup function or 0 */
36
    struct netconfig *config;                /* netdir handle */
37
};
38
39
/* Common string operations. Less clutter should be more readable. */
40
41
#define STRN_CPY(d,s,l)        { strncpy((d),(s),(l)); (d)[(l)-1] = 0; }
42
43
#define STRN_EQ(x,y,l)        (strncasecmp((x),(y),(l)) == 0)
44
#define STRN_NE(x,y,l)        (strncasecmp((x),(y),(l)) != 0)
45
#define STR_EQ(x,y)        (strcasecmp((x),(y)) == 0)
46
#define STR_NE(x,y)        (strcasecmp((x),(y)) != 0)
47
48
 /*
49
  * Initially, all above strings have the empty value. Information that
50
  * cannot be determined at runtime is set to "unknown", so that we can
51
  * distinguish between `unavailable' and `not yet looked up'. A hostname
52
  * that we do not believe in is set to "paranoid".
53
  */
54
55
#define STRING_UNKNOWN        "unknown"        /* lookup failed */
56
#define STRING_PARANOID        "paranoid"        /* hostname conflict */
57
58
__BEGIN_DECLS
59
extern char unknown[];
60
extern char paranoid[];
61
__END_DECLS
62
63
#define HOSTNAME_KNOWN(s) (STR_NE((s),unknown) && STR_NE((s),paranoid))
64
65
#define NOT_INADDR(s) (s[strspn(s,"01234567890./")] != 0)
66
67
/* Global functions. */
68
69
__BEGIN_DECLS
70
#define fromhost sock_host                /* no TLI support needed */
71
72
extern int hosts_access                        /* access control */
73
                (struct request_info *);
74
extern int hosts_ctl                        /* limited interface to hosts_access */
75
                (char *, char *, char *, char *);
76
extern void shell_cmd                        /* execute shell command */
77
                (char *);
78
extern char *percent_x                        /* do %<char> expansion */
79
                (char *, int, char *, struct request_info *);
80
extern void rfc931                        /* client name from RFC 931 daemon */
81
                (struct sockaddr *, struct sockaddr *, char *);
82
__dead extern void clean_exit                /* clean up and exit */
83
                (struct request_info *);
84
__dead extern void refuse                /* clean up and exit */
85
                (struct request_info *);
86
extern char *xgets                        /* fgets() on steroids */
87
                (char *, int, FILE *);
88
extern char *split_at                        /* strchr() and split */
89
                (char *, int);
90
extern int dot_quad_addr        /* restricted inet_aton() */
91
                (char *, unsigned long *);
92
93
/* Global variables. */
94
95
extern int allow_severity;                /* for connection logging */
96
extern int deny_severity;                /* for connection logging */
97
extern const char *hosts_allow_table;        /* for verification mode redirection */
98
extern const char *hosts_deny_table;        /* for verification mode redirection */
99
extern int hosts_access_verbose;        /* for verbose matching mode */
100
extern int rfc931_timeout;                /* user lookup timeout */
101
extern int resident;                        /* > 0 if resident process */
102
103
 /*
104
  * Routines for controlled initialization and update of request structure
105
  * attributes. Each attribute has its own key.
106
  */
107
108
extern struct request_info *request_init        /* initialize request */
109
                (struct request_info *,...);
110
extern struct request_info *request_set                /* update request structure */
111
                (struct request_info *,...);
112
113
#define RQ_FILE                1                /* file descriptor */
114
#define RQ_DAEMON        2                /* server process (argv[0]) */
115
#define RQ_USER                3                /* client user name */
116
#define RQ_CLIENT_NAME        4                /* client host name */
117
#define RQ_CLIENT_ADDR        5                /* client host address */
118
#define RQ_CLIENT_SIN        6                /* client endpoint (internal) */
119
#define RQ_SERVER_NAME        7                /* server host name */
120
#define RQ_SERVER_ADDR        8                /* server host address */
121
#define RQ_SERVER_SIN        9                /* server endpoint (internal) */
122
123
 /*
124
  * Routines for delayed evaluation of request attributes. Each attribute
125
  * type has its own access method. The trivial ones are implemented by
126
  * macros. The other ones are wrappers around the transport-specific host
127
  * name, address, and client user lookup methods. The request_info and
128
  * host_info structures serve as caches for the lookup results.
129
  */
130
131
extern char *eval_user                        /* client user */
132
                (struct request_info *);
133
extern char *eval_hostname                /* printable hostname */
134
                (struct host_info *);
135
extern char *eval_hostaddr                /* printable host address */
136
                (struct host_info *);
137
extern char *eval_hostinfo                /* host name or address */
138
                (struct host_info *);
139
extern char *eval_client                /* whatever is available */
140
                (struct request_info *);
141
extern char *eval_server                /* whatever is available */
142
                (struct request_info *);
143
#define eval_daemon(r)        ((r)->daemon)        /* daemon process name */
144
#define eval_pid(r)        ((r)->pid)        /* process id */
145
146
/* Socket-specific methods, including DNS hostname lookups. */
147
148
extern void sock_host                        /* look up endpoint addresses */
149
                (struct request_info *);
150
extern void sock_hostname                /* translate address to hostname */
151
                (struct host_info *);
152
extern void sock_hostaddr                /* address to printable address */
153
                (struct host_info *);
154
#define sock_methods(r) \
155
        { (r)->hostname = sock_hostname; (r)->hostaddr = sock_hostaddr; }
156
157
/* The System V Transport-Level Interface (TLI) interface. */
158
159
#if defined(TLI) || defined(PTX) || defined(TLI_SEQUENT)
160
extern void tli_host                        /* look up endpoint addresses etc. */
161
                (struct request_info *);
162
#endif
163
164
 /*
165
  * Problem reporting interface. Additional file/line context is reported
166
  * when available. The jump buffer (tcpd_buf) is not declared here, or
167
  * everyone would have to include <setjmp.h>.
168
  */
169
170
/* Report problem and proceed */
171
void tcpd_warn(const char *, ...) __printflike(1, 2);
172
173
/* Report problem and jump */
174
void tcpd_jump(const char *, ...) __dead __printflike(1, 2);
175
__END_DECLS
176
177
struct tcpd_context {
178
    const char *file;                        /* current file */
179
    int     line;                        /* current line */
180
};
181
__BEGIN_DECLS
182
extern struct tcpd_context tcpd_context;
183
__END_DECLS
184
185
 /*
186
  * While processing access control rules, error conditions are handled by
187
  * jumping back into the hosts_access() routine. This is cleaner than
188
  * checking the return value of each and every silly little function. The
189
  * (-1) returns are here because zero is already taken by longjmp().
190
  */
191
192
#define AC_PERMIT        1                /* permit access */
193
#define AC_DENY                (-1)                /* deny_access */
194
#define AC_ERROR        AC_DENY                /* XXX */
195
196
 /*
197
  * In verification mode an option function should just say what it would do,
198
  * instead of really doing it. An option function that would not return
199
  * should clear the dry_run flag to inform the caller of this unusual
200
  * behavior.
201
  */
202
203
__BEGIN_DECLS
204
extern void process_options                /* execute options */
205
                (char *, struct request_info *);
206
extern int dry_run;                        /* verification flag */
207
extern void fix_options                        /* get rid of IP-level socket options */
208
                (struct request_info *);
209
__END_DECLS