X-Git-Url: https://git.distorted.org.uk/~mdw/tripe/blobdiff_plain/6ebbf072683ac7ea09a0aaafa0bb12fc0678d068..388e0319a0faf48193658c82228133bd1ea24eb6:/priv/priv.h

diff --git a/priv/priv.h b/priv/priv.h
new file mode 100644
index 00000000..225075a6
--- /dev/null
+++ b/priv/priv.h
@@ -0,0 +1,188 @@
+/* -*-c-*-
+ *
+ * Privilege separation definitions
+ *
+ * (c) 2008 Straylight/Edgeware
+ */
+
+/*----- Licensing notice --------------------------------------------------*
+ *
+ * This file is part of Trivial IP Encryption (TrIPE).
+ *
+ * TrIPE is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * TrIPE is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with TrIPE; if not, write to the Free Software Foundation,
+ * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
+ */
+
+#ifndef PRIV_H
+#define PRIV_H
+
+#ifdef __cplusplus
+  extern "C" {
+#endif
+
+/*----- Header files ------------------------------------------------------*/
+
+#include "config.h"
+
+#include <errno.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+#include <sys/types.h>
+#include <unistd.h>
+#include <fcntl.h>
+
+#include <sys/socket.h>
+#include <sys/un.h>
+
+#include <mLib/dstr.h>
+#include <mLib/fdpass.h>
+#include <mLib/quis.h>
+#include <mLib/report.h>
+#include <mLib/trace.h>
+
+#include "util.h"
+
+#undef sun
+
+/*----- Protocol ----------------------------------------------------------*/
+
+/* --- Notes --- *
+ *
+ * The protocol is synchronous.  The socket is not marked as nonblocking;
+ * instead we just trust the helper to respond in good time; this is
+ * reasonable since it's not doing anything complicated.  The helper is
+ * completely trusted.
+ *
+ * The protocol works like this.  Messages begin with a request code which is
+ * a single @unsigned int@.  The server sends a request @PS_TUNRQ@ to the
+ * helper, followed by a @const tunnel_ops *@ referring to the tunnel driver
+ * of interest.  The server responds with a sequence of @PS_TRACE@ and/or
+ * @PS_WARN@ messages, followed by either a @PS_TUNFD@ carrying a file
+ * descriptor, or a @PS_TUNERR@ followed by an integer @errno@ code.
+ *
+ * If all else fails, the helper process will just quit.
+ */
+
+enum {
+  PS_TUNRQ,				/* Request (@tunnel_ops *@) */
+  PS_TUNFD,				/* Tunnel descriptor (string) */
+  PS_TUNERR,				/* Error (@int errno@) */
+#ifndef NTRACE
+  PS_TRACE,				/* Trace (@unsigned mask@, string) */
+#endif
+  PS_WARN,				/* Warning (string) */
+};
+
+/*----- Tracing definitions -----------------------------------------------*/
+
+#define T_PRIVSEP 512u
+
+/*----- Global variables --------------------------------------------------*/
+
+extern int pc_fd;			/* File descriptor for comms */
+
+/*----- Functions provided ------------------------------------------------*/
+
+#define COMM_TYPES(_)							\
+  _(err, int)								\
+  _(uint, unsigned int)							\
+  _(sz, size_t)
+
+/* --- @put@ --- *
+ *
+ * Arguments:	@const void *p@ = pointer to buffer
+ *		@size_t sz@ = size of the buffer
+ *
+ * Returns:	Zero on success, @-1@ on error (and @errno@ set).
+ *
+ * Use:		Writes a buffer, handling short writes and other bogosity.
+ */
+
+extern int pc_put(const void */*p*/, size_t /*sz*/);
+
+/* --- @puterr@, @putuint@, @putsz@, @puttops@ --- *
+ *
+ * Arguments:	@int err@ = error number to write
+ *		@uint u@ = unsigned integer to write
+ *		@size_t sz@ = size to write
+ *		@const tunnel_ops *tops@ = tunnel pointer to write
+ *
+ * Returns:	Zero on success, @-1@ on error (and @errno@ set).
+ *
+ * Use:		Sends an error/integer/size/tunnel-ops pointer.
+ */
+
+#define DECL(abbr, type) extern int pc_put##abbr(type /*x*/);
+COMM_TYPES(DECL)
+#undef DECL
+
+/* --- @putstring@ --- *
+ *
+ * Arguments:	@const char *s@ = pointer to string to write
+ *
+ * Returns:	Zero on success, @-1@ on error (and @errno@ set).
+ *
+ * Use:		Sends a string/error/integer/tunnel-ops pointer.
+ */
+
+extern int pc_putstring(const char */*s*/);
+
+/* --- @get@ --- *
+ *
+ * Arguments:	@void *p@ = pointer to buffer
+ *		@size_t sz@ = size of the buffer
+ *
+ * Returns:	Zero on success, @-1@ on error (and @errno@ set).
+ *
+ * Use:		Receives a buffer, handling short reads and other bogosity.
+ */
+
+extern int pc_get(void */*p*/, size_t /*sz*/);
+
+/* --- @geterr@, @getuint@, @getsz@, @getops@ --- *
+ *
+ * Arguments:	@int *err@ = where to put the error number
+ *		@uint *u@ = where to put the unsigned integer
+ *		@size_t *sz@ = where to put the size
+ *		@const tunnel_ops **tops@ = where to put the tunnel pointer
+ *
+ * Returns:	Zero on success, @-1@ on error (and @errno@ set).
+ *
+ * Use:		Receives an error/integer/size/tunnel-ops pointer.
+ */
+
+#define DECL(abbr, type) extern int pc_get##abbr(type */*x*/);
+COMM_TYPES(DECL)
+#undef DECL
+
+/* --- @gettring@ --- *
+ *
+ * Arguments:	@dstr *d@ = where to put the string
+ *
+ * Returns:	Zero on success, @-1@ on error (and @errno@ set).
+ *
+ * Use:		Receives a string.
+ */
+
+extern int pc_getstring(dstr */*d*/);
+
+/*----- That's all, folks -------------------------------------------------*/
+
+#ifdef __cplusplus
+  }
+#endif
+
+#endif