search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
New attempt to get the svn revision into the AboutAROS requester.
[cake.git] / compiler / include / libraries / security.h
blob9c308750a4feef8bcc29df1b68e0f3dafd6b4ebb
1 /*
2 Copyright © 1995-2001, The AROS Development Team. All rights reserved.
3 $Id$
4
5 Desc: definitions for the security.library
6 Lang: english
7 */
8 #ifndef _SECURITY_H
9 #define _SECURITY_H
10
11 #ifndef EXEC_TYPES_H
12 #include <exec/types.h>
13 #endif /* EXEC_TYPES_H */
14
15 #ifndef EXEC_LISTS_H
16 #include <exec/lists.h>
17 #endif /* EXEC_LISTS_H */
18
19 #ifndef EXEC_LIBRARIES_H
20 #include <exec/libraries.h>
21 #endif /* EXEC_LIBRARIES_H */
22
23 #ifndef EXEC_EXECBASE_H
24 #include <exec/execbase.h>
25 #endif /* EXEC_EXECBASE_H */
26
27 #ifndef EXEC_PORTS_H
28 #include <exec/ports.h>
29 #endif /* EXEC_PORTS_H */
30
31 #ifndef LIBRARIES_DOS_H
32 #include <libraries/dos.h>
33 #endif /* LIBRARIES_DOS_H */
34
35 #ifndef UTILITY_TAGITEM_H
36 #include <utility/tagitem.h>
37 #endif /* UTILITY_TAGITEM_H */
38
39 #define DEBUG 1
40
41 #define TASKHASHVALUE 23
42 #define MEMHASHVALUE 101
43
44 /*
45 Reserved users/groups
46
47 WARNING: a uid may NOT be 65535!
48 */
49
50 #define secOWNER_SYSTEM 0x00000000 /* always owner */
51 #define secOWNER_NOBODY 0xffffffff /* no rights */
52
53 #define secMASK_UID 0xffff0000 /* Mask for uid bits */
54 #define secMASK_GID 0x0000ffff /* Mask for gid bits */
55
56 #define secROOT_UID 0x0000 /* super user uid */
57 #define secROOT_GID 0x0000 /* super user gid */
58
59 #define secNOBODY_UID 0xffff /* nobody uid */
60
61 #define secUSERIDSIZE 32 /* Maximum size for a User ID */
62 #define secGROUPIDSIZE 32 /* Maximum size for a Group ID */
63 #define secPASSWORDSIZE 32 /* Maximum size for a Password */
64 #define secUSERNAMESIZE 220 /* Maximum size for a User Name */
65 #define secGROUPNAMESIZE 220 /* Maximum size for a Group Name */
66 #define secHOMEDIRSIZE 256 /* Maximum size for a Home Directory */
67 #define secSHELLSIZE 256 /* Maximum size for a Shell */
68
69 /*
70 Tags for secLogoutA(), secLoginA() & secSetDefProtectionA()
71 */
72
73 #define secT_Input (TAG_USER+1) /* filehandle - default is Input() */
74 #define secT_Output (TAG_USER+2) /* filehandle - default is Output() */
75 #define secT_Graphical (TAG_USER+3) /* boolean - default is FALSE */
76 #define secT_PubScrName (TAG_USER+4) /* name of public screen */
77 #define secT_Task (TAG_USER+5) /* task (NOT the name!!) */
78 #define secT_Own (TAG_USER+6) /* make a task owned by this user */
79 #define secT_Global (TAG_USER+7) /* change it for all tasks on the */
80 /* same level as this one */
81 #define secT_Quiet (TAG_USER+8) /* for secLogoutA(), don't give a */
82 /* login prompt, simply logout */
83 #define secT_UserID (TAG_USER+9) /* UserID for secLoginA() */
84 #define secT_Password (TAG_USER+10) /* Password for secLoginA(), secst */
85 /* be combined with secT_UserID!! */
86 #define secT_DefProtection (TAG_USER+11) /* Default protection bits */
87 /* default is RWED GROUP R OTHER R */
88 #define secT_All (TAG_USER+12) /* for secLogoutA(), logout until */
89 /* user stack is empty */
90 #define secT_NoLog (TAG_USER+13) /* for secLoginA(), only root */
91
92 /*
93 KeyTypes for secGetUserInfo() and secGetGroupInfo()
94 */
95
96 #define secKeyType_First (0)
97 #define secKeyType_Next (1)
98 #define secKeyType_gid (4)
99
100 /*
101 KeyTypes for secGetUserInfo() only
102 */
103
104 #define secKeyType_UserID (2) /* Case-sensitive */
105 #define secKeyType_uid (3)
106 #define secKeyType_gidNext (5)
107 #define secKeyType_UserName (6) /* Case-insensitive */
108 #define secKeyType_WUserID (7) /* Case-insensitive, wild cards allowed */
109 #define secKeyType_WUserName (8) /* Case-insensitive, wild cards allowed */
110 #define secKeyType_WUserIDNext (9)
111 #define secKeyType_WUserNameNext (10)
112
113 /*
114 KeyTypes for secGetGroupInfo() only
115 */
116
117 #define secKeyType_GroupID (11) /* Case-sensitive */
118 #define secKeyType_WGroupID (12) /* Case-insensitive, wild cards allowed */
119 #define secKeyType_WGroupIDNext (13)
120 #define secKeyType_GroupName (14) /* Case-insensitive */
121 #define secKeyType_WGroupName (15) /* Case-insensitive, wild cards allowed */
122 #define secKeyType_WGroupNameNext (16)
123 #define secKeyType_MgrUid (17)
124 #define secKeyType_MgrUidNext (18)
125
126 /*
127 Protection bits (see also <dos/dos.h> :-)
128 */
129
130 #define secFIBB_SET_UID (31) /* Change owner during execution */
131 #define secFIBB_SET_GID (30) /* Change group during execution - not yet implemented */
132
133 #define secFIBF_SET_UID (1<<secFIBB_SET_UID)
134 #define secFIBF_SET_GID (1<<secFIBB_SET_GID)
135
136 /*
137 Default Protection Bits
138 */
139
140 #define DEFPROTECTION (FIBF_OTR_READ | FIBF_GRP_READ)
141
142
143 /*
144 Relations returned by secGetRelationshipA()
145 */
146
147 #define secRelB_ROOT_UID (0) /* User == super user */
148 #define secRelB_ROOT_GID (1) /* User belongs to the super user group */
149 #define secRelB_NOBODY (2) /* User == nobody */
150 #define secRelB_UID_MATCH (3) /* User == owner */
151 #define secRelB_GID_MATCH (4) /* User belongs to owner group */
152 #define secRelB_PRIM_GID (5) /* User's primary group == owner group */
153 #define secRelB_NO_OWNER (6) /* Owner == nobody */
154
155 #define secRelF_ROOT_UID (1<<secRelB_ROOT_UID)
156 #define secRelF_ROOT_GID (1<<secRelB_ROOT_GID)
157 #define secRelF_NOBODY (1<<secRelB_NOBODY)
158 #define secRelF_UID_MATCH (1<<secRelB_UID_MATCH)
159 #define secRelF_GID_MATCH (1<<secRelB_GID_MATCH)
160 #define secRelF_PRIM_GID (1<<secRelB_PRIM_GID)
161 #define secRelF_NO_OWNER (1<<secRelB_NO_OWNER)
162
163 /*
164 Monitor Modes
165 */
166
167 #define secMon_IGNORE (0)
168 #define secMon_SEND_SIGNAL (1)
169 #define secMon_SEND_MESSAGE (2)
170
171 /*
172 Monitor Triggers
173 */
174
175 #define secTrgB_OwnerChange (0) /* Task Owner Change */
176 /* From: uid of old user */
177 /* To: uid of new user */
178 #define secTrgB_Login (1) /* successful Login/Logout */
179 /* From: uid of old user */
180 /* To: uid of new user */
181 /* UserID: UserID of new user */
182 #define secTrgB_LoginFail (2) /* unsuccessful Login/Logout */
183 /* From: uid of old user */
184 /* UserID: UserID of new user */
185 #define secTrgB_Passwd (3) /* successful Passwd */
186 /* From: uid of user */
187 #define secTrgB_PasswdFail (4) /* unsuccessful Passwd */
188 /* From: uid of user */
189 #define secTrgB_CheckPasswd (5) /* successful CheckPasswd */
190 /* From: uid of user */
191 #define secTrgB_CheckPasswdFail (6) /* unsuccessful CheckPasswd */
192 /* From: uid of user */
193
194 #define secTrgF_OwnerChange (1<<secTrgB_OwnerChange)
195 #define secTrgF_Login (1<<secTrgB_Login)
196 #define secTrgF_LoginFail (1<<secTrgB_LoginFail)
197 #define secTrgF_Passwd (1<<secTrgB_Passwd)
198 #define secTrgF_PasswdFail (1<<secTrgB_PasswdFail)
199 #define secTrgF_CheckPasswd (1<<secTrgB_CheckPasswd)
200 #define secTrgF_CheckPasswdFail (1<<secTrgB_CheckPasswdFail)
201
202
203 /* Public secMemInfo structure. Don't expect it to remain */
204
205 struct secMemInfo
206 {
207 APTR Address;
208 ULONG Size;
209 struct secMemInfo *next;
210 };
211
212
213 /* This is what you get a pointer to from secLocksecBase() */
214
215 struct secPointers
216 {
217 struct MinList *Monitors;
218 struct MinList *Segments;
219 struct MinList *Sessions;
220 struct MinList *Tasks;
221 struct secVolume *Volumes;
222 };
223
224 /*
225 Public User Information Structure
226
227
228 For future compatibility, you should ALWAYS use secAllocUserInfo()
229 to allocate this structure. NEVER do it by yourself!!
230 */
231
232 struct secUserInfo
233 {
234 char UserID[secUSERIDSIZE];
235 UWORD uid;
236 UWORD gid;
237 char UserName[secUSERNAMESIZE];
238 char HomeDir[secHOMEDIRSIZE];
239 UWORD NumSecGroups; /* Number of Secondary Groups this */
240 /* user belongs to */
241 UWORD *SecGroups; /* Points to an array of NumSecGroups */
242 /* Secondary Group Numbers */
243 char Shell[secSHELLSIZE];
244 };
245
246
247 /*
248 Public Group Information Structure
249
250
251 For future compatibility, you should ALWAYS use secAllocGroupInfo()
252 to allocate this structure. NEVER do it by yourself!!
253 */
254
255 struct secGroupInfo
256 {
257 char GroupID[secGROUPIDSIZE];
258 UWORD gid;
259 UWORD MgrUid; /* Manager of this group */
260 char GroupName[secGROUPNAMESIZE];
261 };
262
263 /*
264 Extended Owner Information Structure
265
266 A pointer to this structure is returned by secGetTaskExtOwner().
267 You MUST use secFreeExtOwner() to deallocate it!!
268 */
269
270 struct secExtOwner
271 {
272 UWORD uid;
273 UWORD gid;
274 UWORD NumSecGroups; /* Number of Secondary Groups this */
275 /* user belongs too. */
276 };
277
278 /*
279 Monitor Structure
280
281 The use of this structure is restricted to root.
282 Do not modify or reuse this structure while it is active!
283 */
284
285 struct secMonitor
286 {
287 struct MinNode Node;
288 ULONG Mode; /* see definitions below */
289 ULONG Triggers; /* see definitions below */
290 union
291 {
292 struct
293 { /* for SEND_SIGNAL */
294 struct Task *Task;
295 ULONG SignalNum;
296 } Signal;
297
298 struct
299 { /* for SEND_MESSAGE */
300 struct MsgPort *Port;
301 } Message;
302 } u;
303
304 /* NOTE: This structure may be extended in future! */
305 };
306
307 /*
308 Monitor Message
309
310
311 Sent to the application if SEND_MESSAGE is specified.
312 Do NOT forget to reply!
313 */
314
315 struct secMonMsg
316 {
317 struct Message ExecMsg;
318 struct secMonitor *Monitor; /* The monitor that sent the message */
319 ULONG Trigger; /* The trigger that caused the message */
320 UWORD From;
321 UWORD To;
322 char UserID[secUSERIDSIZE];
323 };
324
325 /****************************************************************************
326
327 -------------- Plugins ------------------
328
329 ****************************************************************************/
330
331 /* All plugins have this suffix */
332
333 #define secPLUGIN_SUFFIX ".secp"
334
335 /* Return values for plugin functions */
336 #define secpiTRUE 0UL /* operation completed with success */
337 #define secpiFALSE 1UL /* operation completed but failed: handling stops at this stage */
338 #define secpiASYNC 2UL /* operation will continue asynchronously and notify
339 the system when complete. The system will provide
340 the secSPacket that prompted the call and this
341 should be passed to the completion function. */
342 #define secpiFALSECONT 3UL /* operation completed but failed; the system may continue with other handlers
343 to see if they can satisfy the request */
344 #define secpiNOTSUPP 4UL /* Operation/Handler not supported */
345
346 /*
347 Plugins overview -:
348
349 A plugin is a special form of executable.
350
351 The plugin should return a pointer to a 'Plugin' which describes what kind
352 of plugin it is, so that secFS can add it to the relevant list internally.
353
354 A plugin is recognized by a magic marker within the first 256 bytes of the
355 file.
356
357 All plugins are kept in the config dir, so the the library doesn't have to
358 search paths to find them.
359
360 The plugin is free to allocate memory/spawn processes (they will be
361 super-user priveleged) etc. without fear of being UnLoadSeg'd without the
362 library first calling its Incompatible function, which should cause the plugin
363 to free its resources. It will them be UnLoadSeg'd. Note that this only
364 occurs when a plugin is rejected for some reason (wrong version ?).
365
366 */
367
368 #define secFS_PLUGIN_IFACE1 1UL
369 #define secFS_PLUGIN_INTERFACE SEC_PLUGIN_IFACE1
370
371 #ifndef MAKE_ID /* also defined in <libraries/iffparse.h> */
372 #define MAKE_ID(a,b,c,d) ((ULONG)(a)<<24 | (ULONG)(b)<<16 | (ULONG)(c)<<8 | (ULONG)(d))
373 #endif
374
375 #define secPLUGIN_RECOGNITION MAKE_ID('m', 'S', 'p', 'I')
376
377 /*
378 Function called to initialize the plugin.
379 The plugin should perform any initialization it needs, and then formally
380 register itself with the security.library.
381 module should be passed to the security.library when a handler is registered.
382 */
383
384
385 /* Plugin Module Definition - secst be located in the executeable */
386 struct secPluginHeader
387 {
388 ULONG plugin_magic; /* This should be secPLUGIN_RECOGNITION */
389 /* Module Descriptor */
390 ULONG Version; /* = SEC_PLUGIN_INTERFACE */
391 APTR Initialize;
392 APTR Terminate;
393 // secInitPluginFunc Initialize;
394 // secTerminatePluginFunc Terminate;
395 };
396
397 /* internal plugin records */
398 typedef struct
399 {
400 struct MinNode Node;
401 ULONG reference_count;
402 BPTR SegList;
403 struct secPluginHeader * header; /* For locating the init/fini functions */
404 UBYTE modulename[64]; /* For displaying */
405 } secPluginModule;
406
407 struct plugin_ops
408 {
409 ULONG HandlerType; /* = ID_PLUGIN_XXX */
410 secPluginModule * module; /* As provied by the Initialization function */
411 };
412
413 /* Encryption plugin */
414
415 #define ID_PLUGIN_ENCRYPTION MAKE_ID('c', 'r', 'p', 't')
416 struct plugin_crypt_ops
417 {
418 struct plugin_ops ops;
419 //ULONG (*Crypt)(STRPTR buffer, STRPTR key, STRPTR setting); /* Encrypt the supplied text using the supplied key and place the result in buffer */
420 //ULONG (*MaxPwdLen)(void); /* Return the maximum length of an encrypted password */
421 //ULONG (*CheckPassword)(STRPTR userid, STRPTR thepass, STRPTR suppliedpass); /* Check a password to see if it is valid */
422 //ULONG (*EncryptPassword)(STRPTR buffer, STRPTR userid, STRPTR thepass); /* Encrypt Password for storing in a userdb */
423 };
424
425 /* User DataBase Operations Plugin */
426
427 #define ID_PLUGIN_USER_DATABASE MAKE_ID('u', 'r', 'd', 'b')
428
429 struct sec_passwd /* Compatible with standard unix struct passwd */
430 {
431 char *pw_name; /* user name */
432 char *pw_passwd; /* user password */
433 int pw_uid; /* user id */
434 int pw_gid; /* group id */
435 char *pw_gecos; /* real name */
436 char *pw_dir; /* home directory */
437 char *pw_shell; /* shell program */
438 };
439
440 struct plugin_userdb_ops
441 {
442 struct plugin_ops ops;
443 // ULONG (*getpwent)(void);
444 };
445
446 /* Volumes */
447
448 struct secVolume
449 {
450 struct secVolume *Next;
451 struct DosList *DosList; /* DosList for this Volume */
452 struct MsgPort *Process; /* Process for this Volume */
453
454 /* Extensions from MUFS2 */
455
456 LONG FS_Flags; /* Allow set{g,u}id, read-only etc. */
457
458 /* If FS_Flags == 0, the rest of this structure is ignored; this indicates
459 * that the volume is a true MUFS compatable volume */
460
461 LONG RootProtection; /* Permissions for the root dir */
462 ULONG RootOwner; /* UID:GID of owner of root dir */
463
464 STRPTR FS_Name; /* So we dont re-run on the same volume */
465 struct MsgPort* OrigProc; /* The real FS */
466 struct MsgPort* RepPort; /* For talking with the real FS */
467 struct MinList FHCache[TASKHASHVALUE]; /* HashList of cached FileHandles */
468 struct FileInfoBlock *fib;
469 LONG PassKey; /* If non-zero, contains the 32 bit passkey
470 needed to write enable the filesystem
471 with ACTION_WRITE_PROTECT */
472 /* proxy enforcer */
473 struct MinList ProxyLocks; /* List of locks */
474 struct MinList ProxyHandles[TASKHASHVALUE]; /* HashList of proxy filehandles */
475 struct DeviceNode *ProxyDosList; /* Dos entry created by the proxy filesystem */
476 struct DeviceList *ProxyDosListVolume; /* Dos entry created by the proxy filesystem */
477 ULONG LockCount; /* Number of proxy locks in existence */
478
479 };
480
481 /* Security Configuration */
482
483 struct secConfig
484 {
485 ULONG Flags; /* See definitions*/
486 ULONG LogFlags; /* See definitions*/
487 UWORD PasswduidLevel; /* Lowest uid for users who can */
488 /* change their passwords */
489 UWORD PasswdgidLevel; /* Lowest gid for users who can */
490 /* change their passwords */
491 };
492
493 /****************************************************************************
494
495 -------------- Library Base ------------------
496
497 ****************************************************************************/
498
499
500 struct secBase
501 {
502 struct Library LibNode;
503 UBYTE Flags;
504 UBYTE Pad;
505 BPTR SegList;
506
507 /* The Server's Process */
508
509 struct Process *Server;
510
511 /* The Server's Packet MsgPort */
512
513 struct MsgPort *ServerPort;
514
515 /* List of sessions */
516
517 struct MinList SessionsList;
518
519 /* List of Tasks and their Owner(s) */
520
521 struct SignalSemaphore TaskOwnerSem;
522 struct MinList TaskOwnerList[TASKHASHVALUE];
523
524 /* List of memory chunks and address, size, owner.
525 It's using the tasksemaphore since one usually wants that one
526 too when dealing with this list. */
527
528 /* struct MinList MemOwnerList[MEMHASHVALUE];*/
529
530 /* List of Segments and their Owner */
531
532 struct SignalSemaphore SegOwnerSem;
533 struct MinList SegOwnerList;
534
535 /* Configuration */
536
537 struct secConfig Config;
538
539 /* Signals for Passwd File Notification and Consistency Check */
540
541 ULONG NotifySig;
542 ULONG ConsistencySig;
543
544 /* Security violation flag */
545
546 BOOL SecurityViolation;
547
548 /* Volumes */
549
550 struct SignalSemaphore VolumesSem;
551 struct secVolume *Volumes;
552
553 /* Monitoring */
554
555 struct SignalSemaphore MonitorSem;
556 struct MinList MonitorList;
557 struct MsgPort *MonitorPort;
558
559 /* Task Control */
560
561 struct MinList Frozen;
562 struct MinList Zombies;
563
564 /* LocaleInfo for logfile */
565
566 APTR LogInfo;
567
568 /* You must get this one if you intend to get more than one sem. */
569
570 struct SignalSemaphore SuperSem;
571
572 /* Plugins */
573
574 struct SignalSemaphore PluginModuleSem;
575 struct MinList PluginModuleList; /* List of loaded plugin modules */
576
577 /** OBSOLETE DEFINITIONS (or they will be once we integrate into aros..) */
578 /* Old AddTask()/RemTask() */
579
580 // AddTaskFunc OLDAddTask;
581 // RemTaskFunc OLDRemTask;
582
583 /* Old AllocMem()/FreeMem() */
584
585 // AllocMemFunc OLDAllocMem;
586 // FreeMemFunc OLDFreeMem;
587
588 /* Old LoadSeg()/NewLoadSeg()/UnLoadSeg()/InternalLoadSeg()/
589 InternalUnLoadSeg()/CreateProc()/CreateNewProc()/RunCommand()/
590 SetProtection() */
591
592 // LoadSegFunc OLDLoadSeg;
593 // NewLoadSegFunc OLDNewLoadSeg;
594 // UnLoadSegFunc OLDUnLoadSeg;
595 // InternalLoadSegFunc OLDInternalLoadSeg;
596 // InternalUnLoadSegFunc OLDInternalUnLoadSeg;
597 // CreateProcFunc OLDCreateProc;
598 // CreateNewProcFunc OLDCreateNewProc;
599 // RunCommandFunc OLDRunCommand;
600 // SetProtectionFunc OLDSetProtection;
601 };
602
603 #endif /* _SECURITY_H */
The AROS cake. Goodness baked in, have it and eat it too. Delicious!