tcpd.h revision 1.1
1 1.1 mrg /* 2 1.1 mrg * @(#) tcpd.h 1.5 96/03/19 16:22:24 3 1.1 mrg * 4 1.1 mrg * Author: Wietse Venema, Eindhoven University of Technology, The Netherlands. 5 1.1 mrg */ 6 1.1 mrg 7 1.1 mrg /* Structure to describe one communications endpoint. */ 8 1.1 mrg 9 1.1 mrg #define STRING_LENGTH 128 /* hosts, users, processes */ 10 1.1 mrg 11 1.1 mrg struct host_info { 12 1.1 mrg char name[STRING_LENGTH]; /* access via eval_hostname(host) */ 13 1.1 mrg char addr[STRING_LENGTH]; /* access via eval_hostaddr(host) */ 14 1.1 mrg struct sockaddr_in *sin; /* socket address or 0 */ 15 1.1 mrg struct t_unitdata *unit; /* TLI transport address or 0 */ 16 1.1 mrg struct request_info *request; /* for shared information */ 17 1.1 mrg }; 18 1.1 mrg 19 1.1 mrg /* Structure to describe what we know about a service request. */ 20 1.1 mrg 21 1.1 mrg struct request_info { 22 1.1 mrg int fd; /* socket handle */ 23 1.1 mrg char user[STRING_LENGTH]; /* access via eval_user(request) */ 24 1.1 mrg char daemon[STRING_LENGTH]; /* access via eval_daemon(request) */ 25 1.1 mrg char pid[10]; /* access via eval_pid(request) */ 26 1.1 mrg struct host_info client[1]; /* client endpoint info */ 27 1.1 mrg struct host_info server[1]; /* server endpoint info */ 28 1.1 mrg void (*sink) (); /* datagram sink function or 0 */ 29 1.1 mrg void (*hostname) (); /* address to printable hostname */ 30 1.1 mrg void (*hostaddr) (); /* address to printable address */ 31 1.1 mrg void (*cleanup) (); /* cleanup function or 0 */ 32 1.1 mrg struct netconfig *config; /* netdir handle */ 33 1.1 mrg }; 34 1.1 mrg 35 1.1 mrg /* Common string operations. Less clutter should be more readable. */ 36 1.1 mrg 37 1.1 mrg #define STRN_CPY(d,s,l) { strncpy((d),(s),(l)); (d)[(l)-1] = 0; } 38 1.1 mrg 39 1.1 mrg #define STRN_EQ(x,y,l) (strncasecmp((x),(y),(l)) == 0) 40 1.1 mrg #define STRN_NE(x,y,l) (strncasecmp((x),(y),(l)) != 0) 41 1.1 mrg #define STR_EQ(x,y) (strcasecmp((x),(y)) == 0) 42 1.1 mrg #define STR_NE(x,y) (strcasecmp((x),(y)) != 0) 43 1.1 mrg 44 1.1 mrg /* 45 1.1 mrg * Initially, all above strings have the empty value. Information that 46 1.1 mrg * cannot be determined at runtime is set to "unknown", so that we can 47 1.1 mrg * distinguish between `unavailable' and `not yet looked up'. A hostname 48 1.1 mrg * that we do not believe in is set to "paranoid". 49 1.1 mrg */ 50 1.1 mrg 51 1.1 mrg #define STRING_UNKNOWN "unknown" /* lookup failed */ 52 1.1 mrg #define STRING_PARANOID "paranoid" /* hostname conflict */ 53 1.1 mrg 54 1.1 mrg extern char unknown[]; 55 1.1 mrg extern char paranoid[]; 56 1.1 mrg 57 1.1 mrg #define HOSTNAME_KNOWN(s) (STR_NE((s),unknown) && STR_NE((s),paranoid)) 58 1.1 mrg 59 1.1 mrg #define NOT_INADDR(s) (s[strspn(s,"01234567890./")] != 0) 60 1.1 mrg 61 1.1 mrg /* Global functions. */ 62 1.1 mrg 63 1.1 mrg #if defined(TLI) || defined(PTX) || defined(TLI_SEQUENT) 64 1.1 mrg extern void fromhost(); /* get/validate client host info */ 65 1.1 mrg #else 66 1.1 mrg #define fromhost sock_host /* no TLI support needed */ 67 1.1 mrg #endif 68 1.1 mrg 69 1.1 mrg extern int hosts_access(); /* access control */ 70 1.1 mrg extern void shell_cmd(); /* execute shell command */ 71 1.1 mrg extern char *percent_x(); /* do %<char> expansion */ 72 1.1 mrg extern void rfc931(); /* client name from RFC 931 daemon */ 73 1.1 mrg extern void clean_exit(); /* clean up and exit */ 74 1.1 mrg extern void refuse(); /* clean up and exit */ 75 1.1 mrg extern char *xgets(); /* fgets() on steroids */ 76 1.1 mrg extern char *split_at(); /* strchr() and split */ 77 1.1 mrg extern unsigned long dot_quad_addr(); /* restricted inet_addr() */ 78 1.1 mrg 79 1.1 mrg /* Global variables. */ 80 1.1 mrg 81 1.1 mrg extern int allow_severity; /* for connection logging */ 82 1.1 mrg extern int deny_severity; /* for connection logging */ 83 1.1 mrg extern char *hosts_allow_table; /* for verification mode redirection */ 84 1.1 mrg extern char *hosts_deny_table; /* for verification mode redirection */ 85 1.1 mrg extern int hosts_access_verbose; /* for verbose matching mode */ 86 1.1 mrg extern int rfc931_timeout; /* user lookup timeout */ 87 1.1 mrg extern int resident; /* > 0 if resident process */ 88 1.1 mrg 89 1.1 mrg /* 90 1.1 mrg * Routines for controlled initialization and update of request structure 91 1.1 mrg * attributes. Each attribute has its own key. 92 1.1 mrg */ 93 1.1 mrg 94 1.1 mrg #ifdef __STDC__ 95 1.1 mrg extern struct request_info *request_init(struct request_info *,...); 96 1.1 mrg extern struct request_info *request_set(struct request_info *,...); 97 1.1 mrg #else 98 1.1 mrg extern struct request_info *request_init(); /* initialize request */ 99 1.1 mrg extern struct request_info *request_set(); /* update request structure */ 100 1.1 mrg #endif 101 1.1 mrg 102 1.1 mrg #define RQ_FILE 1 /* file descriptor */ 103 1.1 mrg #define RQ_DAEMON 2 /* server process (argv[0]) */ 104 1.1 mrg #define RQ_USER 3 /* client user name */ 105 1.1 mrg #define RQ_CLIENT_NAME 4 /* client host name */ 106 1.1 mrg #define RQ_CLIENT_ADDR 5 /* client host address */ 107 1.1 mrg #define RQ_CLIENT_SIN 6 /* client endpoint (internal) */ 108 1.1 mrg #define RQ_SERVER_NAME 7 /* server host name */ 109 1.1 mrg #define RQ_SERVER_ADDR 8 /* server host address */ 110 1.1 mrg #define RQ_SERVER_SIN 9 /* server endpoint (internal) */ 111 1.1 mrg 112 1.1 mrg /* 113 1.1 mrg * Routines for delayed evaluation of request attributes. Each attribute 114 1.1 mrg * type has its own access method. The trivial ones are implemented by 115 1.1 mrg * macros. The other ones are wrappers around the transport-specific host 116 1.1 mrg * name, address, and client user lookup methods. The request_info and 117 1.1 mrg * host_info structures serve as caches for the lookup results. 118 1.1 mrg */ 119 1.1 mrg 120 1.1 mrg extern char *eval_user(); /* client user */ 121 1.1 mrg extern char *eval_hostname(); /* printable hostname */ 122 1.1 mrg extern char *eval_hostaddr(); /* printable host address */ 123 1.1 mrg extern char *eval_hostinfo(); /* host name or address */ 124 1.1 mrg extern char *eval_client(); /* whatever is available */ 125 1.1 mrg extern char *eval_server(); /* whatever is available */ 126 1.1 mrg #define eval_daemon(r) ((r)->daemon) /* daemon process name */ 127 1.1 mrg #define eval_pid(r) ((r)->pid) /* process id */ 128 1.1 mrg 129 1.1 mrg /* Socket-specific methods, including DNS hostname lookups. */ 130 1.1 mrg 131 1.1 mrg extern void sock_host(); /* look up endpoint addresses */ 132 1.1 mrg extern void sock_hostname(); /* translate address to hostname */ 133 1.1 mrg extern void sock_hostaddr(); /* address to printable address */ 134 1.1 mrg #define sock_methods(r) \ 135 1.1 mrg { (r)->hostname = sock_hostname; (r)->hostaddr = sock_hostaddr; } 136 1.1 mrg 137 1.1 mrg /* The System V Transport-Level Interface (TLI) interface. */ 138 1.1 mrg 139 1.1 mrg #if defined(TLI) || defined(PTX) || defined(TLI_SEQUENT) 140 1.1 mrg extern void tli_host(); /* look up endpoint addresses etc. */ 141 1.1 mrg #endif 142 1.1 mrg 143 1.1 mrg /* 144 1.1 mrg * Problem reporting interface. Additional file/line context is reported 145 1.1 mrg * when available. The jump buffer (tcpd_buf) is not declared here, or 146 1.1 mrg * everyone would have to include <setjmp.h>. 147 1.1 mrg */ 148 1.1 mrg 149 1.1 mrg #ifdef __STDC__ 150 1.1 mrg extern void tcpd_warn(char *, ...); /* report problem and proceed */ 151 1.1 mrg extern void tcpd_jump(char *, ...); /* report problem and jump */ 152 1.1 mrg #else 153 1.1 mrg extern void tcpd_warn(); 154 1.1 mrg extern void tcpd_jump(); 155 1.1 mrg #endif 156 1.1 mrg 157 1.1 mrg struct tcpd_context { 158 1.1 mrg char *file; /* current file */ 159 1.1 mrg int line; /* current line */ 160 1.1 mrg }; 161 1.1 mrg extern struct tcpd_context tcpd_context; 162 1.1 mrg 163 1.1 mrg /* 164 1.1 mrg * While processing access control rules, error conditions are handled by 165 1.1 mrg * jumping back into the hosts_access() routine. This is cleaner than 166 1.1 mrg * checking the return value of each and every silly little function. The 167 1.1 mrg * (-1) returns are here because zero is already taken by longjmp(). 168 1.1 mrg */ 169 1.1 mrg 170 1.1 mrg #define AC_PERMIT 1 /* permit access */ 171 1.1 mrg #define AC_DENY (-1) /* deny_access */ 172 1.1 mrg #define AC_ERROR AC_DENY /* XXX */ 173 1.1 mrg 174 1.1 mrg /* 175 1.1 mrg * In verification mode an option function should just say what it would do, 176 1.1 mrg * instead of really doing it. An option function that would not return 177 1.1 mrg * should clear the dry_run flag to inform the caller of this unusual 178 1.1 mrg * behavior. 179 1.1 mrg */ 180 1.1 mrg 181 1.1 mrg extern void process_options(); /* execute options */ 182 1.1 mrg extern int dry_run; /* verification flag */ 183 1.1 mrg 184 1.1 mrg /* Bug workarounds. */ 185 1.1 mrg 186 1.1 mrg #ifdef INET_ADDR_BUG /* inet_addr() returns struct */ 187 1.1 mrg #define inet_addr fix_inet_addr 188 1.1 mrg extern long fix_inet_addr(); 189 1.1 mrg #endif 190 1.1 mrg 191 1.1 mrg #ifdef BROKEN_FGETS /* partial reads from sockets */ 192 1.1 mrg #define fgets fix_fgets 193 1.1 mrg extern char *fix_fgets(); 194 1.1 mrg #endif 195 1.1 mrg 196 1.1 mrg #ifdef RECVFROM_BUG /* no address family info */ 197 1.1 mrg #define recvfrom fix_recvfrom 198 1.1 mrg extern int fix_recvfrom(); 199 1.1 mrg #endif 200 1.1 mrg 201 1.1 mrg #ifdef GETPEERNAME_BUG /* claims success with UDP */ 202 1.1 mrg #define getpeername fix_getpeername 203 1.1 mrg extern int fix_getpeername(); 204 1.1 mrg #endif 205 1.1 mrg 206 1.1 mrg #ifdef SOLARIS_24_GETHOSTBYNAME_BUG /* lists addresses as aliases */ 207 1.1 mrg #define gethostbyname fix_gethostbyname 208 1.1 mrg extern struct hostent *fix_gethostbyname(); 209 1.1 mrg #endif 210 1.1 mrg 211 1.1 mrg #ifdef USE_STRSEP /* libc calls strtok() */ 212 1.1 mrg #define strtok fix_strtok 213 1.1 mrg extern char *fix_strtok(); 214 1.1 mrg #endif 215 1.1 mrg 216 1.1 mrg #ifdef LIBC_CALLS_STRTOK /* libc calls strtok() */ 217 1.1 mrg #define strtok my_strtok 218 1.1 mrg extern char *my_strtok(); 219 1.1 mrg #endif 220
Indexes created Sun Sep 21 20:09:37 GMT 2025