Wed, 27 Nov 2024 23:00:07 +0100
add TODO to use a future ucx feature
/* * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER. * * Copyright 2013 Olaf Wintermann. All rights reserved. * * Redistribution and use in source and binary forms, with or without * modification, are permitted provided that the following conditions are met: * * 1. Redistributions of source code must retain the above copyright * notice, this list of conditions and the following disclaimer. * * 2. Redistributions in binary form must reproduce the above copyright * notice, this list of conditions and the following disclaimer in the * documentation and/or other materials provided with the distribution. * * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE * ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR CONTRIBUTORS BE * LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. */ #ifndef _CONFIG_ACL_H #define _CONFIG_ACL_H #include "conf.h" #include <inttypes.h> #ifdef __cplusplus extern "C" { #endif #define CFG_ACE_ADD(list_begin, elm) \ cx_linked_list_add((void**)list_begin, NULL, -1, offsetof(ACEConfig, next), elm) #define CFG_ACE_LIST_SIZE(list) \ cx_linked_list_size(list, offsetof(ACEConfig, next)) typedef struct _acl_conf ACLConfig; typedef struct _ace_conf ACEConfig; typedef struct _acl_file { ConfigParser parser; CxList *namedACLs; // ACLConfig list CxList *uriACLs; // ACLConfig list CxList *pathACLs; // ACLConfig list // temp data ACLConfig *cur; } ACLFile; struct _acl_conf { cxmutstr id; // name, uri or path cxmutstr type; // webserver ACL or file system ACL ConfigParam *authparam; // authentication parameters ACEConfig *entries; // ACEConfig list }; struct _ace_conf { cxmutstr who; uint32_t access_mask; uint16_t flags; uint16_t type; ACEConfig *next; }; /* * the flags are a duplicate of the webserver's acl flags */ /* * access permissions */ #define ACLCFG_READ_DATA 0x0001 #define ACLCFG_WRITE_DATA 0x0002 #define ACLCFG_APPEND 0x0002 #define ACLCFG_ADD_FILE 0x0004 #define ACLCFG_ADD_SUBDIRECTORY 0x0004 #define ACLCFG_READ_XATTR 0x0008 #define ACLCFG_WRITE_XATTR 0x0010 #define ACLCFG_EXECUTE 0x0020 #define ACLCFG_DELETE_CHILD 0x0040 #define ACLCFG_DELETE 0x0040 #define ACLCFG_READ_ATTRIBUTES 0x0080 #define ACLCFG_WRITE_ATTRIBUTES 0x0100 #define ACLCFG_LIST 0x0200 #define ACLCFG_READ_ACL 0x0400 #define ACLCFG_WRITE_ACL 0x0800 #define ACLCFG_WRITE_OWNER 0x1000 #define ACLCFG_SYNCHRONIZE 0x2000 #define ACLCFG_READ \ (ACLCFG_READ_DATA|ACLCFG_READ_XATTR|ACLCFG_READ_ATTRIBUTES) #define ACLCFG_WRITE \ (ACLCFG_WRITE_DATA|ACLCFG_ADD_FILE|ACLCFG_WRITE_XATTR|ACLCFG_WRITE_ATTRIBUTES) /* * ace flags */ #define ACLCFG_FILE_INHERIT 0x0001 #define ACLCFG_DIR_INHERIT 0x0002 #define ACLCFG_NO_PROPAGATE 0x0004 #define ACLCFG_INHERIT_ONLY 0x0008 #define ACLCFG_SUCCESSFUL_ACCESS_FLAG 0x0010 #define ACLCFG_FAILED_ACCESS_ACE_FLAG 0x0020 #define ACLCFG_IDENTIFIER_GROUP 0x0040 #define ACLCFG_OWNER 0x1000 #define ACLCFG_GROUP 0x2000 #define ACLCFG_EVERYONE 0x4000 /* * ace type */ #define ACLCFG_TYPE_ALLOWED 0x01 #define ACLCFG_TYPE_DENIED 0x02 #define ACLCFG_TYPE_AUDIT 0x03 #define ACLCFG_TYPE_ALARM 0x04 ACLFile* load_acl_file(const char *file); void free_acl_file(ACLFile *aclfile); int acl_parse(void *p, ConfigLine *begin, ConfigLine *end, cxmutstr line); int parse_ace(ACLFile *f, cxmutstr line); /* * converts a access right string to an integer value */ uint32_t accstr2int(cxstring access); #ifdef __cplusplus } #endif #endif /* _CONFIG_ACL_H */