Commit | Line | Data |
---|---|---|
805e021f CE |
1 | /* |
2 | * Copyright 2000, International Business Machines Corporation and others. | |
3 | * All Rights Reserved. | |
4 | * | |
5 | * This software has been released under the terms of the IBM Public | |
6 | * License. For details, see the LICENSE file in the top-level source | |
7 | * directory or online at http://www.openafs.org/dl/license10.html | |
8 | */ | |
9 | ||
10 | /* | |
11 | cellconfig.h: | |
12 | ||
13 | Interface to the routines used by the FileServer to manipulate the cell/server database | |
14 | for the Cellular Andrew system, along with an operation to determine the name of the | |
15 | local cell. Included are a string variable used to hold the local cell name, definitions for | |
16 | the database file format and routines for: | |
17 | 1) Acquiring the local cell name. | |
18 | 2) Reading in the cell/server database from disk. | |
19 | 3) Reporting the set of servers associated with a given cell name. | |
20 | 4) Printing out the contents of the cell/server database. | |
21 | 5) Reclaiming the space used by an in-memory database. | |
22 | ||
23 | Creation date: | |
24 | 17 August 1987 | |
25 | ||
26 | --------------------------------------------------------------------------------------------------------------*/ | |
27 | ||
28 | #ifndef __CELLCONFIG_AFS_INCL_ | |
29 | #define __CELLCONFIG_AFS_INCL_ 1 | |
30 | ||
31 | #ifndef IPPROTO_MAX | |
32 | /* get sockaddr_in */ | |
33 | #ifdef AFS_NT40_ENV | |
34 | #include <winsock2.h> | |
35 | #else | |
36 | #include <sys/types.h> | |
37 | #include <netinet/in.h> | |
38 | #endif | |
39 | #endif | |
40 | #include <rx/rx_opaque.h> | |
41 | #include <opr/queue.h> | |
42 | ||
43 | #define MAXCELLCHARS 64 | |
44 | #define MAXHOSTCHARS 64 | |
45 | #define MAXHOSTSPERCELL 8 | |
46 | ||
47 | /* | |
48 | * Return codes. | |
49 | */ | |
50 | #define AFSCONF_SUCCESS 0 /* worked */ | |
51 | ||
52 | /* | |
53 | * Complete server info for one cell. | |
54 | */ | |
55 | struct afsconf_cell { | |
56 | char name[MAXCELLCHARS]; /*Cell name */ | |
57 | short numServers; /*Num active servers for the cell */ | |
58 | short flags; /* useful flags */ | |
59 | struct sockaddr_in hostAddr[MAXHOSTSPERCELL]; /*IP addresses for cell's servers */ | |
60 | char hostName[MAXHOSTSPERCELL][MAXHOSTCHARS]; /*Names for cell's servers */ | |
61 | char *linkedCell; /* Linked cell name, if any */ | |
62 | int timeout; /* Data timeout, if non-zero */ | |
63 | }; | |
64 | ||
65 | #define AFSCONF_CELL_FLAG_DNS_QUERIED 1 | |
66 | ||
67 | struct afsconf_cellalias { | |
68 | char aliasName[MAXCELLCHARS]; | |
69 | char realName[MAXCELLCHARS]; | |
70 | }; | |
71 | ||
72 | struct afsconf_entry { | |
73 | struct afsconf_entry *next; /* next guy in afsconf_dir */ | |
74 | struct afsconf_cell cellInfo; /* info for this cell */ | |
75 | }; | |
76 | ||
77 | struct afsconf_aliasentry { | |
78 | struct afsconf_aliasentry *next; | |
79 | struct afsconf_cellalias aliasInfo; | |
80 | }; | |
81 | ||
82 | /*! | |
83 | * A set of bit flags to control the selection of a security object | |
84 | */ | |
85 | #define AFSCONF_SECOPTS_NOAUTH 0x1 | |
86 | #define AFSCONF_SECOPTS_LOCALAUTH 0x2 | |
87 | #define AFSCONF_SECOPTS_ALWAYSENCRYPT 0x4 | |
88 | #define AFSCONF_SECOPTS_FALLBACK_NULL 0x8 | |
89 | typedef afs_uint32 afsconf_secflags; | |
90 | ||
91 | struct afsconf_dir { | |
92 | char *name; /* pointer to dir prefix */ | |
93 | char *cellName; /* cell name, if any, we're in */ | |
94 | struct afsconf_entry *entries; /* list of cell entries */ | |
95 | struct opr_queue keyList; /* list of keys */ | |
96 | afs_int32 timeRead; /* time stamp of file last read */ | |
97 | afs_int32 timeCheck; /* time of last check for update */ | |
98 | struct afsconf_aliasentry *alias_entries; /* cell aliases */ | |
99 | afsconf_secflags securityFlags; | |
100 | struct afsconf_realms *local_realms; /* local realms */ | |
101 | struct afsconf_realms *exclusions; /* excluded principals */ | |
102 | }; | |
103 | ||
104 | extern afs_int32 afsconf_FindService(const char *aname); | |
105 | extern const char *afsconf_FindIANAName(const char *aname); | |
106 | extern struct afsconf_dir *afsconf_Open(const char *adir); | |
107 | extern int afsconf_CellApply(struct afsconf_dir *adir, | |
108 | int (*aproc) (struct afsconf_cell * cell, | |
109 | void *arock, | |
110 | struct afsconf_dir * dir), | |
111 | void *arock); | |
112 | extern int afsconf_CellAliasApply(struct afsconf_dir *adir, | |
113 | int (*aproc) (struct afsconf_cellalias * | |
114 | alias, void *arock, | |
115 | struct afsconf_dir * dir), | |
116 | void *arock); | |
117 | extern int afsconf_GetExtendedCellInfo(struct afsconf_dir *adir, | |
118 | char *acellName, char *aservice, | |
119 | struct afsconf_cell *acellInfo, | |
120 | char clones[]); | |
121 | extern int afsconf_GetAfsdbInfo(char *acellName, char *aservice, | |
122 | struct afsconf_cell *acellInfo); | |
123 | extern int afsconf_GetCellInfo(struct afsconf_dir *adir, char *acellName, | |
124 | char *aservice, | |
125 | struct afsconf_cell *acellInfo); | |
126 | extern int afsconf_GetLocalCell(struct afsconf_dir *adir, | |
127 | char *aname, afs_int32 alen); | |
128 | extern int afsconf_Close(struct afsconf_dir *adir); | |
129 | extern int afsconf_UpToDate(void *rock); | |
130 | ||
131 | struct afsconf_keys; | |
132 | extern int afsconf_GetKeys(struct afsconf_dir *adir, | |
133 | struct afsconf_keys *astr); | |
134 | ||
135 | struct ktc_encryptionKey; | |
136 | extern afs_int32 afsconf_GetLatestKey(struct afsconf_dir *adir, | |
137 | afs_int32 * avno, | |
138 | struct ktc_encryptionKey *akey); | |
139 | extern int afsconf_GetKey(void *rock, int avno, | |
140 | struct ktc_encryptionKey *akey); | |
141 | extern int afsconf_AddKey(struct afsconf_dir *adir, afs_int32 akvno, | |
142 | char akey[8], afs_int32 overwrite); | |
143 | extern int afsconf_DeleteKey(struct afsconf_dir *adir, afs_int32 akvno); | |
144 | ||
145 | struct afsconf_typedKey; | |
146 | struct afsconf_typedKeyList { | |
147 | int nkeys; | |
148 | struct afsconf_typedKey **keys; | |
149 | }; | |
150 | ||
151 | typedef enum { | |
152 | afsconf_rxkad = 0, | |
153 | afsconf_rxgk =1, | |
154 | afsconf_rxkad_krb5 =2 | |
155 | } afsconf_keyType; | |
156 | ||
157 | extern struct afsconf_typedKey * | |
158 | afsconf_typedKey_get(struct afsconf_typedKey *); | |
159 | extern void afsconf_typedKey_put(struct afsconf_typedKey **); | |
160 | extern struct afsconf_typedKey * | |
161 | afsconf_typedKey_new(afsconf_keyType type, int kvno, | |
162 | int subType, struct rx_opaque *key); | |
163 | extern void afsconf_typedKey_free(struct afsconf_typedKey **); | |
164 | ||
165 | extern void afsconf_typedKey_values(struct afsconf_typedKey *key, | |
166 | afsconf_keyType *type, | |
167 | int *kvno, | |
168 | int *minorType, | |
169 | struct rx_opaque **keyMaterial); | |
170 | ||
171 | extern int afsconf_GetAllKeys(struct afsconf_dir *, | |
172 | struct afsconf_typedKeyList **); | |
173 | extern int afsconf_GetKeysByType(struct afsconf_dir *dir, | |
174 | afsconf_keyType type, int kvno, | |
175 | struct afsconf_typedKeyList **); | |
176 | extern int afsconf_GetKeyByTypes(struct afsconf_dir *dir, | |
177 | afsconf_keyType type, int kvno, int subType, | |
178 | struct afsconf_typedKey **); | |
179 | extern int afsconf_GetLatestKeysByType(struct afsconf_dir *dir, | |
180 | afsconf_keyType type, | |
181 | struct afsconf_typedKeyList **); | |
182 | extern int afsconf_GetLatestKeyByTypes(struct afsconf_dir *dir, | |
183 | afsconf_keyType type, int subType, | |
184 | struct afsconf_typedKey **); | |
185 | extern void afsconf_PutTypedKeyList(struct afsconf_typedKeyList **keys); | |
186 | extern int afsconf_AddTypedKey(struct afsconf_dir *dir, | |
187 | struct afsconf_typedKey *key, | |
188 | int overwrite); | |
189 | extern int afsconf_DeleteKeyByType(struct afsconf_dir *dir, | |
190 | afsconf_keyType type, int kvno); | |
191 | extern int afsconf_DeleteKeyBySubType(struct afsconf_dir *dir, | |
192 | afsconf_keyType type, int kvno, | |
193 | int subType); | |
194 | ||
195 | /* authcon.c */ | |
196 | struct rx_securityClass; | |
197 | extern afs_int32 afsconf_ServerAuth(void *arock, | |
198 | struct rx_securityClass **, | |
199 | afs_int32 *); | |
200 | extern afs_int32 afsconf_ClientAuth(void *arock, | |
201 | struct rx_securityClass **astr, | |
202 | afs_int32 * aindex); | |
203 | extern afs_int32 afsconf_ClientAuthSecure(void *arock, | |
204 | struct rx_securityClass **astr, | |
205 | afs_int32 * aindex); | |
206 | ||
207 | ||
208 | extern afs_int32 afsconf_ClientAuthToken(struct afsconf_cell *info, | |
209 | afsconf_secflags flags, | |
210 | struct rx_securityClass **sc, | |
211 | afs_int32 *scIndex, | |
212 | time_t *expires); | |
213 | ||
214 | ||
215 | extern afs_int32 afsconf_PickClientSecObj(struct afsconf_dir *dir, | |
216 | afsconf_secflags flags, | |
217 | struct afsconf_cell *info, | |
218 | char *cellName, | |
219 | struct rx_securityClass **sc, | |
220 | afs_int32 *scIndex, | |
221 | time_t *expires); | |
222 | ||
223 | extern void afsconf_SetSecurityFlags(struct afsconf_dir *dir, | |
224 | afsconf_secflags flags); | |
225 | ||
226 | extern void afsconf_BuildServerSecurityObjects(void *, | |
227 | struct rx_securityClass ***, | |
228 | afs_int32 *); | |
229 | ||
230 | /* writeconfig.c */ | |
231 | int afsconf_SetExtendedCellInfo(struct afsconf_dir *adir, const char *apath, | |
232 | struct afsconf_cell *acellInfo, char clones[]); | |
233 | int afsconf_SetCellInfo(struct afsconf_dir *adir, const char *apath, | |
234 | struct afsconf_cell *acellInfo); | |
235 | ||
236 | ||
237 | /* userok.c */ | |
238 | ||
239 | struct rx_call; | |
240 | struct rx_identity; | |
241 | extern int afsconf_CheckAuth(void *arock, struct rx_call *acall); | |
242 | extern int afsconf_GetNoAuthFlag(struct afsconf_dir *adir); | |
243 | extern void afsconf_SetNoAuthFlag(struct afsconf_dir *adir, int aflag); | |
244 | extern int afsconf_DeleteUser(struct afsconf_dir *adir, char *auser); | |
245 | extern int afsconf_DeleteIdentity(struct afsconf_dir *, struct rx_identity *); | |
246 | extern int afsconf_GetNthUser(struct afsconf_dir *adir, afs_int32 an, | |
247 | char *abuffer, afs_int32 abufferLen); | |
248 | extern int afsconf_GetNthIdentity(struct afsconf_dir *, int, | |
249 | struct rx_identity **); | |
250 | extern int afsconf_AddUser(struct afsconf_dir *adir, char *aname); | |
251 | extern int afsconf_AddIdentity(struct afsconf_dir *adir, struct rx_identity *); | |
252 | extern int afsconf_SuperUser(struct afsconf_dir *adir, struct rx_call *acall, | |
253 | char *namep); | |
254 | extern int afsconf_SuperIdentity(struct afsconf_dir *, struct rx_call *, | |
255 | struct rx_identity **); | |
256 | extern int afsconf_IsSuperIdentity(struct afsconf_dir *, struct rx_identity *); | |
257 | extern int afsconf_CheckRestrictedQuery(struct afsconf_dir *adir, | |
258 | struct rx_call *acall, | |
259 | int needed_level); | |
260 | ||
261 | /* | |
262 | * Level constants for the -restricted_query option used by vlserver | |
263 | * and volser. Once we have vlserver and volserver to ptserver | |
264 | * connection, we can add more access levels, like AUTHUSER or | |
265 | * AUTHANDFOREIGNUSER. | |
266 | */ | |
267 | #define RESTRICTED_QUERY_ANYUSER 0 | |
268 | #define RESTRICTED_QUERY_ADMIN 1 | |
269 | ||
270 | /* realms.c */ | |
271 | extern int afsconf_SetLocalRealm(const char *realm); | |
272 | extern int afsconf_IsLocalRealmMatch(struct afsconf_dir *dir, afs_int32 * local, | |
273 | const char *name, const char *instance, | |
274 | const char *cell); | |
275 | ||
276 | /* netrestrict.c */ | |
277 | ||
278 | extern int afsconf_ParseNetRestrictFile(afs_uint32 outAddrs[], | |
279 | afs_uint32 * mask, afs_uint32 * mtu, | |
280 | afs_uint32 maxAddrs, afs_uint32 * nAddrs, | |
281 | char reason[], const char *fileName); | |
282 | ||
283 | extern int afsconf_ParseNetFiles(afs_uint32 addrbuf[], afs_uint32 maskbuf[], | |
284 | afs_uint32 mtubuf[], afs_uint32 max, | |
285 | char reason[], const char *niFileName, | |
286 | const char *nrFileName); | |
287 | ||
288 | /* some well-known ports and their names; new additions to table in cellconfig.c, too */ | |
289 | #define AFSCONF_FILESERVICE "afs" | |
290 | #define AFSCONF_FILEPORT 7000 | |
291 | #define AFSCONF_CALLBACKSERVICE "afscb" | |
292 | #define AFSCONF_CALLBACKPORT 7001 | |
293 | #define AFSCONF_PROTSERVICE "afsprot" | |
294 | #define AFSCONF_PROTPORT 7002 | |
295 | #define AFSCONF_VLDBSERVICE "afsvldb" | |
296 | #define AFSCONF_VLDBPORT 7003 | |
297 | #define AFSCONF_KAUTHSERVICE "afskauth" | |
298 | #define AFSCONF_KAUTHPORT 7004 | |
299 | #define AFSCONF_VOLUMESERVICE "afsvol" | |
300 | #define AFSCONF_VOLUMEPORT 7005 | |
301 | #define AFSCONF_ERRORSERVICE "afserror" | |
302 | #define AFSCONF_ERRORPORT 7006 | |
303 | #define AFSCONF_NANNYSERVICE "afsnanny" | |
304 | #define AFSCONF_NANNYPORT 7007 | |
305 | #define AFSCONF_UPDATESERVICE "afsupdate" | |
306 | #define AFSCONF_UPDATEPORT 7008 | |
307 | #define AFSCONF_RMTSYSSERVICE "afsrmtsys" | |
308 | #define AFSCONF_RMTSYSPORT 7009 | |
309 | #define AFSCONF_RSDBSERVICE "afsres" | |
310 | #define AFSCONF_RESPORT 7010 | |
311 | #define AFSCONF_REMIODBSERVICE "afsremio" | |
312 | #define AFSCONF_REMIOPORT 7011 | |
313 | ||
314 | #endif /* __CELLCONFIG_AFS_INCL_ */ |