#include "stream.h"
#include "dgram.h"
-#include "queue.h"
+#include "conffile.h"
+#include "security.h"
+#include "event.h"
+
+#define auth_debug(i, ...) do { \
+ if ((i) <= debug_auth) { \
+ dbprintf(__VA_ARGS__); \
+ } \
+} while (0)
+
+
+/*
+ * Magic values for sec_conn->handle
+ */
+#define H_TAKEN -1 /* sec_conn->tok was already read */
+#define H_EOF -2 /* this connection has been shut down */
+
+#ifdef KRB5_SECURITY
+# define KRB5_DEPRECATED 1
+# ifndef KRB5_HEIMDAL_INCLUDES
+# include <gssapi/gssapi_generic.h>
+# else
+# include <gssapi/gssapi.h>
+# endif
+# include <krb5.h>
+#endif
struct sec_handle;
char * errmsg; /* error passed up */
int refcnt; /* number of handles using */
int handle; /* last proto handle read */
+ int event_id; /* event ID fired when token read */
void (*accept_fn)(security_handle_t *, pkt_t *);
- struct sockaddr_in peer;
- TAILQ_ENTRY(tcp_conn) tq; /* queue handle */
+ sockaddr_union peer;
int (*recv_security_ok)(struct sec_handle *, pkt_t *);
char * (*prefix_packet)(void *, pkt_t *);
int toclose;
int donotclose;
+ int auth;
+ char * (*conf_fn)(char *, void *);
+ void * datap;
+ time_t logstamp;
+#ifdef KRB5_SECURITY
+ gss_ctx_id_t gss_context;
+#endif
+ unsigned int netint[2];
+ char * buffer;
+ ssize_t size_header_read;
+ ssize_t size_buffer_read;
};
} fn;
void * arg; /* argument to pass function */
event_handle_t * ev_timeout; /* timeout handle for recv */
- struct sockaddr_in peer;
+ sockaddr_union peer;
int sequence;
event_id_t event_id;
char * proto_handle;
int closed_by_network;
};
-struct connq_s {
- TAILQ_HEAD(, tcp_conn) tailq;
- int qlength;
-};
-extern struct connq_s connq;
-
-#define connq_first() TAILQ_FIRST(&connq.tailq)
-#define connq_next(rc) TAILQ_NEXT(rc, tq)
-#define connq_append(rc) do { \
- TAILQ_INSERT_TAIL(&connq.tailq, rc, tq); \
- connq.qlength++; \
-} while (0)
-#define connq_remove(rc) do { \
- assert(connq.qlength > 0); \
- TAILQ_REMOVE(&connq.tailq, rc, tq); \
- connq.qlength--; \
-} while (0)
-
/*
* This is data local to the datagram socket. We have one datagram
* per process per auth.
typedef struct udp_handle {
const struct security_driver *driver; /* MUST be first */
dgram_t dgram; /* datagram to read/write from */
- struct sockaddr_in peer; /* who sent it to us */
+ sockaddr_union peer; /* who sent it to us */
pkt_t pkt; /* parsed form of dgram */
char *handle; /* handle from recvd packet */
int sequence; /* seq no of packet */
int sec_stream_auth(void *);
int sec_stream_id(void *);
-void sec_accept(const security_driver_t *, int, int,
- void (*)(security_handle_t *, pkt_t *));
+void sec_accept(const security_driver_t *,
+ char *(*)(char *, void *),
+ int, int,
+ void (*)(security_handle_t *, pkt_t *),
+ void *);
void sec_close(void *);
void sec_connect_callback(void *);
void sec_connect_timeout(void *);
void tcpm_stream_read(void *, void (*)(void *, void *, ssize_t), void *);
ssize_t tcpm_stream_read_sync(void *, void **);
void tcpm_stream_read_cancel(void *);
-ssize_t tcpm_send_token(int, int, char **, const void *, size_t);
-ssize_t tcpm_recv_token(int, int *, char **, char **, ssize_t *, int);
+ssize_t tcpm_send_token(struct tcp_conn *, int, int, char **, const void *, size_t);
+ssize_t tcpm_recv_token_timeout(struct tcp_conn *, int, int *, char **, char **, ssize_t *, int);
+ssize_t tcpm_recv_token(struct tcp_conn *, int, int *, char **, char **, ssize_t *);
void tcpm_close_connection(void *, char *);
int tcpma_stream_accept(void *);
void udp_recvpkt_cancel(void *);
void udp_recvpkt_callback(void *);
void udp_recvpkt_timeout(void *);
-int udp_inithandle(udp_handle_t *, struct sec_handle *, struct hostent *,
- in_port_t, char *, int);
+int udp_inithandle(udp_handle_t *, struct sec_handle *, char *hostname,
+ sockaddr_union *, in_port_t, char *, int);
void udp_netfd_read_callback(void *);
struct tcp_conn *sec_tcp_conn_get(const char *, int);
struct passwd *pwd,
const char *user);
char * check_user_amandahosts(const char *host,
- struct in_addr addr,
+ sockaddr_union *addr,
struct passwd *pwd,
const char *user,
const char *service);
-ssize_t net_writev(int, struct iovec *, int);
ssize_t net_read(int, void *, size_t, int);
ssize_t net_read_fillbuf(int, int, void *, size_t);
void show_stat_info(char *a, char *b);
+int check_name_give_sockaddr(const char *hostname, struct sockaddr *addr,
+ char **errstr);
+in_port_t find_port_for_service(char *service, char *proto);
+char *sec_get_authenticated_peer_name_localhost(security_handle_t *);
+char *sec_get_authenticated_peer_name_hostname(security_handle_t *);
#endif /* _SECURITY_INFO_H */