Annotation of src/lib/libwrap/tcpd.h, Revision 1.12.56.2
1.12.56.2! riz 1: /* $NetBSD: tcpd.h,v 1.12.56.1 2012/04/23 16:48:56 riz Exp $ */
1.1 mrg 2: /*
3: * @(#) tcpd.h 1.5 96/03/19 16:22:24
1.7 simonb 4: *
1.1 mrg 5: * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands.
6: */
1.9 danw 7:
1.11 kleink 8: #include <sys/cdefs.h>
1.9 danw 9: #include <stdio.h>
1.1 mrg 10:
11: /* Structure to describe one communications endpoint. */
12:
13: #define STRING_LENGTH 128 /* hosts, users, processes */
14:
15: struct host_info {
16: char name[STRING_LENGTH]; /* access via eval_hostname(host) */
17: char addr[STRING_LENGTH]; /* access via eval_hostaddr(host) */
1.8 itojun 18: struct sockaddr *sin; /* socket address or 0 */
1.1 mrg 19: struct t_unitdata *unit; /* TLI transport address or 0 */
20: struct request_info *request; /* for shared information */
21: };
22:
23: /* Structure to describe what we know about a service request. */
24:
25: struct request_info {
26: int fd; /* socket handle */
27: char user[STRING_LENGTH]; /* access via eval_user(request) */
28: char daemon[STRING_LENGTH]; /* access via eval_daemon(request) */
29: char pid[10]; /* access via eval_pid(request) */
30: struct host_info client[1]; /* client endpoint info */
31: struct host_info server[1]; /* server endpoint info */
1.12.56.2! riz 32: void (*sink) /* datagram sink function or 0 */
! 33: __P((int));
! 34: void (*hostname) /* address to printable hostname */
! 35: __P((struct host_info *));
! 36: void (*hostaddr) /* address to printable address */
! 37: __P((struct host_info *));
! 38: void (*cleanup) /* cleanup function or 0 */
! 39: __P((void));
1.1 mrg 40: struct netconfig *config; /* netdir handle */
41: };
42:
43: /* Common string operations. Less clutter should be more readable. */
44:
45: #define STRN_CPY(d,s,l) { strncpy((d),(s),(l)); (d)[(l)-1] = 0; }
46:
47: #define STRN_EQ(x,y,l) (strncasecmp((x),(y),(l)) == 0)
48: #define STRN_NE(x,y,l) (strncasecmp((x),(y),(l)) != 0)
49: #define STR_EQ(x,y) (strcasecmp((x),(y)) == 0)
50: #define STR_NE(x,y) (strcasecmp((x),(y)) != 0)
51:
52: /*
53: * Initially, all above strings have the empty value. Information that
54: * cannot be determined at runtime is set to "unknown", so that we can
55: * distinguish between `unavailable' and `not yet looked up'. A hostname
56: * that we do not believe in is set to "paranoid".
57: */
58:
59: #define STRING_UNKNOWN "unknown" /* lookup failed */
60: #define STRING_PARANOID "paranoid" /* hostname conflict */
61:
1.11 kleink 62: __BEGIN_DECLS
1.1 mrg 63: extern char unknown[];
64: extern char paranoid[];
1.11 kleink 65: __END_DECLS
1.1 mrg 66:
67: #define HOSTNAME_KNOWN(s) (STR_NE((s),unknown) && STR_NE((s),paranoid))
68:
69: #define NOT_INADDR(s) (s[strspn(s,"01234567890./")] != 0)
70:
71: /* Global functions. */
72:
1.11 kleink 73: __BEGIN_DECLS
1.1 mrg 74: #define fromhost sock_host /* no TLI support needed */
75:
1.2 christos 76: extern int hosts_access /* access control */
1.12.56.2! riz 77: __P((struct request_info *));
1.2 christos 78: extern int hosts_ctl /* limited interface to hosts_access */
1.12.56.2! riz 79: __P((char *, char *, char *, char *));
1.2 christos 80: extern void shell_cmd /* execute shell command */
1.12.56.2! riz 81: __P((char *));
1.2 christos 82: extern char *percent_x /* do %<char> expansion */
1.12.56.2! riz 83: __P((char *, int, char *, struct request_info *));
1.2 christos 84: extern void rfc931 /* client name from RFC 931 daemon */
1.12.56.2! riz 85: __P((struct sockaddr *, struct sockaddr *, char *));
1.2 christos 86: extern void clean_exit /* clean up and exit */
1.12.56.2! riz 87: __P((struct request_info *));
1.2 christos 88: extern void refuse /* clean up and exit */
1.12.56.2! riz 89: __P((struct request_info *));
1.2 christos 90: extern char *xgets /* fgets() on steroids */
1.12.56.2! riz 91: __P((char *, int, FILE *));
1.2 christos 92: extern char *split_at /* strchr() and split */
1.12.56.2! riz 93: __P((char *, int));
1.5 christos 94: extern int dot_quad_addr /* restricted inet_aton() */
1.12.56.2! riz 95: __P((char *, unsigned long *));
1.1 mrg 96:
97: /* Global variables. */
98:
99: extern int allow_severity; /* for connection logging */
100: extern int deny_severity; /* for connection logging */
1.12.56.2! riz 101: extern char *hosts_allow_table; /* for verification mode redirection */
! 102: extern char *hosts_deny_table; /* for verification mode redirection */
1.1 mrg 103: extern int hosts_access_verbose; /* for verbose matching mode */
104: extern int rfc931_timeout; /* user lookup timeout */
105: extern int resident; /* > 0 if resident process */
106:
107: /*
108: * Routines for controlled initialization and update of request structure
109: * attributes. Each attribute has its own key.
110: */
111:
1.2 christos 112: extern struct request_info *request_init /* initialize request */
1.12.56.2! riz 113: __P((struct request_info *,...));
1.2 christos 114: extern struct request_info *request_set /* update request structure */
1.12.56.2! riz 115: __P((struct request_info *,...));
1.1 mrg 116:
117: #define RQ_FILE 1 /* file descriptor */
118: #define RQ_DAEMON 2 /* server process (argv[0]) */
119: #define RQ_USER 3 /* client user name */
120: #define RQ_CLIENT_NAME 4 /* client host name */
121: #define RQ_CLIENT_ADDR 5 /* client host address */
122: #define RQ_CLIENT_SIN 6 /* client endpoint (internal) */
123: #define RQ_SERVER_NAME 7 /* server host name */
124: #define RQ_SERVER_ADDR 8 /* server host address */
125: #define RQ_SERVER_SIN 9 /* server endpoint (internal) */
126:
127: /*
128: * Routines for delayed evaluation of request attributes. Each attribute
129: * type has its own access method. The trivial ones are implemented by
130: * macros. The other ones are wrappers around the transport-specific host
131: * name, address, and client user lookup methods. The request_info and
132: * host_info structures serve as caches for the lookup results.
133: */
134:
1.2 christos 135: extern char *eval_user /* client user */
1.12.56.2! riz 136: __P((struct request_info *));
1.2 christos 137: extern char *eval_hostname /* printable hostname */
1.12.56.2! riz 138: __P((struct host_info *));
1.2 christos 139: extern char *eval_hostaddr /* printable host address */
1.12.56.2! riz 140: __P((struct host_info *));
1.2 christos 141: extern char *eval_hostinfo /* host name or address */
1.12.56.2! riz 142: __P((struct host_info *));
1.2 christos 143: extern char *eval_client /* whatever is available */
1.12.56.2! riz 144: __P((struct request_info *));
1.2 christos 145: extern char *eval_server /* whatever is available */
1.12.56.2! riz 146: __P((struct request_info *));
1.1 mrg 147: #define eval_daemon(r) ((r)->daemon) /* daemon process name */
148: #define eval_pid(r) ((r)->pid) /* process id */
149:
150: /* Socket-specific methods, including DNS hostname lookups. */
151:
1.2 christos 152: extern void sock_host /* look up endpoint addresses */
1.12.56.2! riz 153: __P((struct request_info *));
1.2 christos 154: extern void sock_hostname /* translate address to hostname */
1.12.56.2! riz 155: __P((struct host_info *));
1.2 christos 156: extern void sock_hostaddr /* address to printable address */
1.12.56.2! riz 157: __P((struct host_info *));
1.1 mrg 158: #define sock_methods(r) \
159: { (r)->hostname = sock_hostname; (r)->hostaddr = sock_hostaddr; }
160:
161: /* The System V Transport-Level Interface (TLI) interface. */
162:
163: #if defined(TLI) || defined(PTX) || defined(TLI_SEQUENT)
1.2 christos 164: extern void tli_host /* look up endpoint addresses etc. */
1.12.56.2! riz 165: __P((struct request_info *));
1.1 mrg 166: #endif
167:
168: /*
169: * Problem reporting interface. Additional file/line context is reported
170: * when available. The jump buffer (tcpd_buf) is not declared here, or
171: * everyone would have to include <setjmp.h>.
172: */
173:
1.2 christos 174: extern void tcpd_warn /* report problem and proceed */
1.12.56.2! riz 175: __P((char *, ...))
1.10 sommerfe 176: __attribute__((__format__(__printf__, 1, 2)));
1.2 christos 177: extern void tcpd_jump /* report problem and jump */
1.12.56.2! riz 178: __P((char *, ...))
1.10 sommerfe 179: __attribute__((__format__(__printf__, 1, 2)));
1.11 kleink 180: __END_DECLS
1.1 mrg 181:
182: struct tcpd_context {
1.12.56.2! riz 183: char *file; /* current file */
1.1 mrg 184: int line; /* current line */
185: };
1.11 kleink 186: __BEGIN_DECLS
1.1 mrg 187: extern struct tcpd_context tcpd_context;
1.11 kleink 188: __END_DECLS
1.1 mrg 189:
190: /*
191: * While processing access control rules, error conditions are handled by
192: * jumping back into the hosts_access() routine. This is cleaner than
193: * checking the return value of each and every silly little function. The
194: * (-1) returns are here because zero is already taken by longjmp().
195: */
196:
197: #define AC_PERMIT 1 /* permit access */
198: #define AC_DENY (-1) /* deny_access */
199: #define AC_ERROR AC_DENY /* XXX */
200:
201: /*
202: * In verification mode an option function should just say what it would do,
203: * instead of really doing it. An option function that would not return
204: * should clear the dry_run flag to inform the caller of this unusual
205: * behavior.
206: */
207:
1.11 kleink 208: __BEGIN_DECLS
1.2 christos 209: extern void process_options /* execute options */
1.12.56.2! riz 210: __P((char *, struct request_info *));
1.1 mrg 211: extern int dry_run; /* verification flag */
1.2 christos 212: extern void fix_options /* get rid of IP-level socket options */
1.12.56.2! riz 213: __P((struct request_info *));
1.11 kleink 214: __END_DECLS
CVSweb <webmaster@jp.NetBSD.org>
![[BACK]](/icons/back.gif){kind=icon}
Return to tcpd.h CVS log ![[TXT]](/icons/text.gif){kind=icon}
![[DIR]](/icons/dir.gif){kind=icon}
Up to [cvs.NetBSD.org] / src / lib / libwrap