[yaid] / yaid.h

/* -*-c-*-
 *
 * Common definitions for YAID
 *
 * (c) 2012 Straylight/Edgeware
 */

/*----- Licensing notice --------------------------------------------------*
 *
 * This file is part of Yet Another Ident Daemon (YAID).
 *
 * YAID is free software; you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * YAID is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with YAID; if not, write to the Free Software Foundation,
 * Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
 */

#ifndef YAID_H
#define YAID_H

#ifdef __cplusplus
  extern "C" {
#endif

/*----- Header files ------------------------------------------------------*/

#include "config.h"

#include <assert.h>
#include <ctype.h>
#include <errno.h>
#include <limits.h>
#include <stdarg.h>
#include <stdio.h>
#include <string.h>
#include <string.h>

#include <sys/types.h>
#include <unistd.h>
#include <fcntl.h>

#include <pwd.h>

#include <sys/socket.h>
#include <netinet/in.h>
#include <arpa/inet.h>

#include <syslog.h>

#include <mLib/bits.h>
#include <mLib/conn.h>
#include <mLib/darray.h>
#include <mLib/dstr.h>
#include <mLib/fdflags.h>
#include <mLib/fwatch.h>
#include <mLib/quis.h>
#include <mLib/report.h>
#include <mLib/sel.h>
#include <mLib/selbuf.h>

/*----- System specifics --------------------------------------------------*/

#define SYS_UNDEF 0
#define SYS_LINUX 1

#if SYS == SYS_LINUX
#  include <linux/netlink.h>
#  include <linux/rtnetlink.h>
#else
#  error "Unsupported operating system: sorry.  Patches welcome!"
#endif

/*----- Data structures ---------------------------------------------------*/

#define ADDRLEN 64

union addr {
  struct in_addr ipv4;
  struct in6_addr ipv6;
};

struct socket {
  union addr addr;
  unsigned port;
};

struct addrpat {
  unsigned len;
  union addr addr;
};

struct portpat {
  unsigned lo, hi;
};

struct sockpat {
  struct addrpat addr;
  struct portpat port;
};

#define ADDRTYPES(_)							\
  _(ipv4, IPV4)								\
  _(ipv6, IPV6)

struct addrops {
  int af;
  const char *name;
  unsigned len;
  const union addr *any;
  const struct addrops_sys *sys;
  int (*addreq)(const union addr *, const union addr *);
  int (*match_addrpat)(const struct addrpat *, const union addr *);
  void (*socket_to_sockaddr)(const struct socket *s, void *, size_t *);
  void (*sockaddr_to_addr)(const void *, union addr *);
  int (*init_listen_socket)(int);
};

enum {
#define DEFADDR(ty, TY) ADDR_##TY,
  ADDRTYPES(DEFADDR)
#undef DEFADDR
  ADDR_LIMIT
};

extern const struct addrops addroptab[];
#define OPS_SYS(ty, TY)					\
  extern const struct addrops_sys addrops_sys_##ty;
ADDRTYPES(OPS_SYS)
#undef OPS_SYS

enum { L, R, NDIR };

#define RESPONSE(_)							\
  _(ERROR, U(error, unsigned))						\
  _(UID, U(uid, uid_t))							\
  _(NAT, U(nat, struct socket))

#define ERROR(_)							\
  _(INVPORT, "INVALID-PORT")						\
  _(NOUSER, "NO-USER")							\
  _(HIDDEN, "HIDDEN-USER")						\
  _(UNKNOWN, "UNKNOWN-ERROR")
extern const char *const errtok[];

enum {
#define DEFENUM(err, tok) E_##err,
  ERROR(DEFENUM)
#undef DEFENUM
  E_LIMIT
};

enum {
#define DEFENUM(what, branch) R_##what,
  RESPONSE(DEFENUM)
#undef DEFENUM
  R_LIMIT
};

struct query {
  const struct addrops *ao;
  struct socket s[NDIR];
  unsigned resp;
  union {
#define DEFBRANCH(WHAT, branch) branch
#define U(memb, ty) ty memb;
#define N
    RESPONSE(DEFBRANCH)
#undef U
#undef N
#undef DEFBRANCH
  } u;
} query;

enum {
  T_OK,
  T_EOL,
  T_EOF,
  T_ERROR
};

#define ACTIONS(_)							\
  _(USER, "user")							\
  _(TOKEN, "token")							\
  _(NAME, "name")							\
  _(DENY, "deny")							\
  _(HIDE, "hide")							\
  _(LIE, "lie")

enum {
#define DEFENUM(tag, word) A_##tag,
  ACTIONS(DEFENUM)
#undef DEFENUM
  A_LIMIT
};

struct action {
  unsigned act;
  union {
    unsigned user;
    char *lie;
  } u;
};

struct policy {
  const struct addrops *ao;
  struct sockpat sp[NDIR];
  struct action act;
};
#define POLICY_INIT(a) { 0, { { { 0 } } }, { a } }

struct policy_file {
  FILE *fp;
  const struct query *q;
  const char *name;
  const char *what;
  int err;
  int lno;
  struct policy p;
};

DA_DECL(policy_v, struct policy);

/*----- Functions provided ------------------------------------------------*/

int sockeq(const struct addrops *ao,
	   const struct socket *sa, const struct socket *sb);
void dputsock(dstr *d, const struct addrops *ao, const struct socket *s);

void logmsg(const struct query *q, int prio, const char *msg, ...);

void identify(struct query *q);
void init_sys(void);

void init_policy(struct policy *p);
void free_policy(struct policy *p);
void print_policy(const struct policy *p);
int match_policy(const struct policy *p, const struct query *q);
int parse_policy(FILE *fp, struct policy *p);
int open_policy_file(struct policy_file *pf, const char *name,
		     const char *what, const struct query *q);
int read_policy_file(struct policy_file *pf);
void close_policy_file(struct policy_file *pf);
int load_policy_file(const char *file, policy_v *pv);

/*----- That's all, folks -------------------------------------------------*/

#ifdef __cplusplus
  }
#endif

#endif
Commit	Line	Data
9da480be MW	1	/* --c--
	2	*
	3	* Common definitions for YAID
	4	*
	5	* (c) 2012 Straylight/Edgeware
	6	*/
	7
	8	/----- Licensing notice --------------------------------------------------
	9	*
	10	* This file is part of Yet Another Ident Daemon (YAID).
	11	*
	12	* YAID is free software; you can redistribute it and/or modify
	13	* it under the terms of the GNU General Public License as published by
	14	* the Free Software Foundation; either version 2 of the License, or
	15	* (at your option) any later version.
	16	*
	17	* YAID is distributed in the hope that it will be useful,
	18	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	19	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	20	* GNU General Public License for more details.
	21	*
	22	* You should have received a copy of the GNU General Public License
	23	* along with YAID; if not, write to the Free Software Foundation,
	24	* Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA.
	25	*/
	26
	27	#ifndef YAID_H
	28	#define YAID_H
	29
	30	#ifdef __cplusplus
	31	extern "C" {
	32	#endif
	33
	34	/----- Header files ------------------------------------------------------/
	35
bf4d9761 MW	36	#include "config.h"
bf4d9761 MW	37
9da480be MW	38	#include <assert.h>
	39	#include <ctype.h>
	40	#include <errno.h>
	41	#include <limits.h>
	42	#include <stdarg.h>
	43	#include <stdio.h>
	44	#include <string.h>
	45	#include <string.h>
	46
	47	#include <sys/types.h>
	48	#include <unistd.h>
	49	#include <fcntl.h>
	50
	51	#include <pwd.h>
	52
	53	#include <sys/socket.h>
	54	#include <netinet/in.h>
	55	#include <arpa/inet.h>
	56
9da480be MW	57	#include <syslog.h>
	58
	59	#include <mLib/bits.h>
	60	#include <mLib/conn.h>
	61	#include <mLib/darray.h>
	62	#include <mLib/dstr.h>
bf4d9761	63	#include <mLib/fdflags.h>
9da480be MW	64	#include <mLib/fwatch.h>
	65	#include <mLib/quis.h>
	66	#include <mLib/report.h>
	67	#include <mLib/sel.h>
	68	#include <mLib/selbuf.h>
	69
bf4d9761 MW	70	/----- System specifics --------------------------------------------------/
	71
	72	#define SYS_UNDEF 0
	73	#define SYS_LINUX 1
	74
	75	#if SYS == SYS_LINUX
	76	# include <linux/netlink.h>
	77	# include <linux/rtnetlink.h>
	78	#else
	79	# error "Unsupported operating system: sorry. Patches welcome!"
	80	#endif
	81
9da480be MW	82	/----- Data structures ---------------------------------------------------/
	83
	84	#define ADDRLEN 64
	85
	86	union addr {
	87	struct in_addr ipv4;
	88	struct in6_addr ipv6;
	89	};
	90
	91	struct socket {
	92	union addr addr;
	93	unsigned port;
	94	};
	95
bf4d9761 MW	96	struct addrpat {
	97	unsigned len;
	98	union addr addr;
	99	};
	100
	101	struct portpat {
	102	unsigned lo, hi;
	103	};
	104
	105	struct sockpat {
	106	struct addrpat addr;
	107	struct portpat port;
	108	};
	109
	110	#define ADDRTYPES(_) \
3b1bed1d MW	111	_(ipv4, IPV4) \
3b1bed1d MW	112	_(ipv6, IPV6)
bf4d9761 MW	113
	114	struct addrops {
	115	int af;
	116	const char *name;
	117	unsigned len;
	118	const union addr *any;
	119	const struct addrops_sys *sys;
	120	int (addreq)(const union addr , const union addr *);
	121	int (match_addrpat)(const struct addrpat , const union addr *);
	122	void (socket_to_sockaddr)(const struct socket s, void , size_t );
	123	void (sockaddr_to_addr)(const void , union addr *);
	124	int (*init_listen_socket)(int);
	125	};
	126
	127	enum {
3b1bed1d	128	#define DEFADDR(ty, TY) ADDR_##TY,
bf4d9761 MW	129	ADDRTYPES(DEFADDR)
	130	#undef DEFADDR
	131	ADDR_LIMIT
	132	};
	133
	134	extern const struct addrops addroptab[];
3b1bed1d	135	#define OPS_SYS(ty, TY) \
bf4d9761 MW	136	extern const struct addrops_sys addrops_sys_##ty;
	137	ADDRTYPES(OPS_SYS)
	138	#undef OPS_SYS
	139
9da480be MW	140	enum { L, R, NDIR };
	141
	142	#define RESPONSE(_) \
	143	_(ERROR, U(error, unsigned)) \
	144	_(UID, U(uid, uid_t)) \
	145	_(NAT, U(nat, struct socket))
	146
	147	#define ERROR(_) \
	148	_(INVPORT, "INVALID-PORT") \
	149	_(NOUSER, "NO-USER") \
	150	_(HIDDEN, "HIDDEN-USER") \
	151	_(UNKNOWN, "UNKNOWN-ERROR")
	152	extern const char *const errtok[];
	153
	154	enum {
	155	#define DEFENUM(err, tok) E_##err,
	156	ERROR(DEFENUM)
	157	#undef DEFENUM
	158	E_LIMIT
	159	};
	160
	161	enum {
	162	#define DEFENUM(what, branch) R_##what,
	163	RESPONSE(DEFENUM)
	164	#undef DEFENUM
	165	R_LIMIT
	166	};
	167
	168	struct query {
bf4d9761	169	const struct addrops *ao;
9da480be MW	170	struct socket s[NDIR];
	171	unsigned resp;
	172	union {
	173	#define DEFBRANCH(WHAT, branch) branch
	174	#define U(memb, ty) ty memb;
	175	#define N
	176	RESPONSE(DEFBRANCH)
	177	#undef U
	178	#undef N
	179	#undef DEFBRANCH
	180	} u;
	181	} query;
	182
	183	enum {
	184	T_OK,
	185	T_EOL,
	186	T_EOF,
	187	T_ERROR
	188	};
	189
9da480be MW	190	#define ACTIONS(_) \
	191	_(USER, "user") \
	192	_(TOKEN, "token") \
	193	_(NAME, "name") \
	194	_(DENY, "deny") \
	195	_(HIDE, "hide") \
	196	_(LIE, "lie")
	197
	198	enum {
	199	#define DEFENUM(tag, word) A_##tag,
	200	ACTIONS(DEFENUM)
	201	#undef DEFENUM
	202	A_LIMIT
	203	};
	204
	205	struct action {
	206	unsigned act;
	207	union {
	208	unsigned user;
	209	char *lie;
	210	} u;
	211	};
	212
	213	struct policy {
bf4d9761	214	const struct addrops *ao;
9da480be MW	215	struct sockpat sp[NDIR];
	216	struct action act;
	217	};
	218	#define POLICY_INIT(a) { 0, { { { 0 } } }, { a } }
	219
	220	struct policy_file {
	221	FILE *fp;
	222	const struct query *q;
	223	const char *name;
	224	const char *what;
	225	int err;
	226	int lno;
	227	struct policy p;
	228	};
	229
	230	DA_DECL(policy_v, struct policy);
	231
	232	/----- Functions provided ------------------------------------------------/
	233
bf4d9761 MW	234	int sockeq(const struct addrops *ao,
	235	const struct socket sa, const struct socket sb);
	236	void dputsock(dstr d, const struct addrops ao, const struct socket *s);
	237
9da480be MW	238	void logmsg(const struct query q, int prio, const char msg, ...);
	239
	240	void identify(struct query *q);
b093b41d	241	void init_sys(void);
9da480be MW	242
	243	void init_policy(struct policy *p);
	244	void free_policy(struct policy *p);
	245	void print_policy(const struct policy *p);
	246	int match_policy(const struct policy p, const struct query q);
	247	int parse_policy(FILE fp, struct policy p);
	248	int open_policy_file(struct policy_file pf, const char name,
	249	const char what, const struct query q);
	250	int read_policy_file(struct policy_file *pf);
	251	void close_policy_file(struct policy_file *pf);
	252	int load_policy_file(const char file, policy_v pv);
	253
	254	/----- That's all, folks -------------------------------------------------/
	255
	256	#ifdef __cplusplus
	257	}
	258	#endif
	259
	260	#endif