Wed, 05 Jun 2024 19:50:44 +0200
add extra nullptr check in the event loop to handle the case when the finish ptr is set to NULL after it was already scheduled
59
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
1 | /* |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
2 | * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
3 | * |
211
2160585200ac
add propfind/proppatch parser and first iteration of the new webdav api
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
63
diff
changeset
|
4 | * Copyright 2018 Olaf Wintermann. All rights reserved. |
59
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
5 | * |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
6 | * Redistribution and use in source and binary forms, with or without |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
7 | * modification, are permitted provided that the following conditions are met: |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
8 | * |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
9 | * 1. Redistributions of source code must retain the above copyright |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
10 | * notice, this list of conditions and the following disclaimer. |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
11 | * |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
12 | * 2. Redistributions in binary form must reproduce the above copyright |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
13 | * notice, this list of conditions and the following disclaimer in the |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
14 | * documentation and/or other materials provided with the distribution. |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
15 | * |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
16 | * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
17 | * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
18 | * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
19 | * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
20 | * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
21 | * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
22 | * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
23 | * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
24 | * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
25 | * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
26 | * POSSIBILITY OF SUCH DAMAGE. |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
27 | */ |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
28 | |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
29 | #ifndef WS_ACL_H |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
30 | #define WS_ACL_H |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
31 | |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
32 | #include "nsapi.h" |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
33 | #include "auth.h" |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
34 | |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
35 | #ifdef __cplusplus |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
36 | extern "C" { |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
37 | #endif |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
38 | |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
39 | // ACLListHandle typedef in nsapi.h |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
40 | typedef struct ACLListElm ACLListElm; |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
41 | typedef struct ACLList ACLList; |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
42 | |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
43 | typedef struct WSAcl WSAcl; |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
44 | typedef struct WSAce WSAce; |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
45 | |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
46 | /* |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
47 | * a wrapper struct for acls |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
48 | */ |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
49 | struct ACLListHandle { |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
50 | AuthDB *defaultauthdb; |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
51 | ACLListElm *listhead; |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
52 | ACLListElm *listtail; |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
53 | }; |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
54 | |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
55 | struct ACLListElm { |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
56 | ACLList *acl; |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
57 | ACLListElm *next; |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
58 | }; |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
59 | |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
60 | /* |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
61 | * abstract ACL |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
62 | */ |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
63 | typedef int(*acl_check_f)(ACLList*, User*, int); |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
64 | struct ACLList { |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
65 | AuthDB *authdb; |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
66 | char *authprompt; |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
67 | int isextern; |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
68 | /* int check(ACLList *acl, User *user, int access_mask) */ |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
69 | int(*check)(ACLList *acl, User *user, int access_mask); |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
70 | }; |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
71 | |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
72 | /* |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
73 | * a webserver access control list |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
74 | * |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
75 | * Access control is determined by the ace field. The ece field is a separat |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
76 | * list for audit and alarm entries. |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
77 | */ |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
78 | struct WSAcl { |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
79 | ACLList acl; |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
80 | WSAce **ace; // access control entries |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
81 | WSAce **ece; // event control entries (audit/alarm entries) |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
82 | int acenum; // number of aces |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
83 | int ecenum; // number of eces |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
84 | }; |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
85 | |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
86 | |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
87 | struct WSAce { |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
88 | char *who; // user or group name |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
89 | uint32_t access_mask; |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
90 | uint16_t flags; |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
91 | uint16_t type; |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
92 | }; |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
93 | |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
94 | |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
95 | /* |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
96 | * access permissions |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
97 | */ |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
98 | #define ACL_READ_DATA 0x0001 |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
99 | #define ACL_WRITE_DATA 0x0002 |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
100 | #define ACL_APPEND 0x0002 |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
101 | #define ACL_ADD_FILE 0x0004 |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
102 | #define ACL_ADD_SUBDIRECTORY 0x0004 |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
103 | #define ACL_READ_XATTR 0x0008 |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
104 | #define ACL_WRITE_XATTR 0x0010 |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
105 | #define ACL_EXECUTE 0x0020 |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
106 | #define ACL_DELETE_CHILD 0x0040 |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
107 | #define ACL_DELETE 0x0040 |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
108 | #define ACL_READ_ATTRIBUTES 0x0080 |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
109 | #define ACL_WRITE_ATTRIBUTES 0x0100 |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
110 | #define ACL_LIST 0x0200 |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
111 | #define ACL_READ_ACL 0x0400 |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
112 | #define ACL_WRITE_ACL 0x0800 |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
113 | #define ACL_WRITE_OWNER 0x1000 |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
114 | #define ACL_SYNCHRONIZE 0x2000 |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
115 | #define ACL_READ \ |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
116 | (ACL_READ_DATA|ACL_READ_XATTR|ACL_READ_ATTRIBUTES) |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
117 | #define ACL_WRITE \ |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
118 | (ACL_WRITE_DATA|ACL_WRITE_XATTR|ACL_WRITE_ATTRIBUTES) |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
119 | |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
120 | /* |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
121 | * ace flags |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
122 | */ |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
123 | #define ACL_FILE_INHERIT 0x0001 |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
124 | #define ACL_DIR_INHERIT 0x0002 |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
125 | #define ACL_NO_PROPAGATE 0x0004 |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
126 | #define ACL_INHERIT_ONLY 0x0008 |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
127 | #define ACL_SUCCESSFUL_ACCESS_FLAG 0x0010 |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
128 | #define ACL_FAILED_ACCESS_ACE_FLAG 0x0020 |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
129 | #define ACL_IDENTIFIER_GROUP 0x0040 |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
130 | #define ACL_OWNER 0x1000 |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
131 | #define ACL_GROUP 0x2000 |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
132 | #define ACL_EVERYONE 0x4000 |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
133 | |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
134 | /* |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
135 | * ace type |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
136 | */ |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
137 | #define ACL_TYPE_ALLOWED 0x01 |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
138 | #define ACL_TYPE_DENIED 0x02 |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
139 | #define ACL_TYPE_AUDIT 0x03 |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
140 | #define ACL_TYPE_ALARM 0x04 |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
141 | |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
142 | |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
143 | /* |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
144 | * public API |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
145 | */ |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
146 | |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
147 | // list |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
148 | void acllist_append(Session *sn, Request *rq, ACLList *acl); |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
149 | void acllist_prepend(Session *sn, Request *rq, ACLList *acl); |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
150 | |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
151 | /* |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
152 | * gets a access mask from open flags |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
153 | */ |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
154 | uint32_t acl_oflag2mask(int oflags); |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
155 | |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
156 | /* |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
157 | * authenticates the user with the user database specified in the acl list |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
158 | */ |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
159 | User* acllist_getuser(Session *sn, Request *rq, ACLListHandle *list); |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
160 | |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
161 | /* |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
162 | * sets the status to 403 or 401 and sets www-authenticate |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
163 | * |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
164 | * use this only if a ACL denies access |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
165 | */ |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
166 | void acl_set_error_status(Session *sn, Request *rq, ACLList *acl, User *user); |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
167 | |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
168 | /* |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
169 | * acl_evaluate |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
170 | * |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
171 | * Evaluates all ACLs in rq->acllist. It combines rq->aclreqaccess and |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
172 | * access_mask. If access is denied and no user is authenticated it sets the |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
173 | * www-authenticate header and the status to 401 Unauthorized. |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
174 | * |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
175 | * returns REQ_PROCEED if access is allowed or REQ_ABORTED if access is denied |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
176 | */ |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
177 | int acl_evaluate(Session *sn, Request *rq, int access_mask); |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
178 | |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
179 | /* |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
180 | * acl_evallist |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
181 | * |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
182 | * evalutes all ACLs in acllist |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
183 | * |
63
66442f81f823
supports file system ACLs on Solaris
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
184 | * externacl is set if an acl is extern, otherwise it is set to NULL |
66442f81f823
supports file system ACLs on Solaris
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
185 | * |
59
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
186 | * returns NULL if access is allowed or a pointer to the ACLList which |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
187 | * denied access |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
188 | */ |
63
66442f81f823
supports file system ACLs on Solaris
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
189 | ACLList* acl_evallist( |
66442f81f823
supports file system ACLs on Solaris
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
190 | ACLListHandle *acllist, |
66442f81f823
supports file system ACLs on Solaris
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
191 | User *user, |
66442f81f823
supports file system ACLs on Solaris
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
192 | int access_mask, |
66442f81f823
supports file system ACLs on Solaris
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
59
diff
changeset
|
193 | ACLList **externacl); |
59
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
194 | |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
195 | #ifdef __cplusplus |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
196 | } |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
197 | #endif |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
198 | |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
199 | #endif /* WS_ACL_H */ |
ab25c0a231d0
some fixes and new public APIs
Olaf Wintermann <olaf.wintermann@gmail.com>
parents:
diff
changeset
|
200 |