summaryrefslogtreecommitdiffabout
path: root/src/pies.h
authorSergey Poznyakoff <gray@gnu.org.ua>2015-12-16 12:58:07 (GMT)
committer Sergey Poznyakoff <gray@gnu.org.ua>2015-12-16 12:58:07 (GMT)
commit6bb908898b833ec69c66e918de732af5bad68934 (patch) (side-by-side diff)
treedd715a052f67849d38aedaa25eafa93241e938df /src/pies.h
parent9cb7455b12462a3679ed5208540793d802570481 (diff)
downloadpies-6bb908898b833ec69c66e918de732af5bad68934.tar.gz
pies-6bb908898b833ec69c66e918de732af5bad68934.tar.bz2
Implement authentication on control socket.
* Makefile.am (SUBDIRS): Add src. * configure.ac: Check for crypt.h and PAM Build ident/Makefile * grecs: Update. * ident/Makefile.am: New file. * ident/ident.c: New file. * ident/ident.h: New file. * ident/identity.h: New file. * ident/pam.c: New file. * ident/provider.c: New file. * ident/system.c: New file. * lib/Makefile.am: Add arraymember.c * lib/arraymember.c: New file. * lib/libpies.h (is_array_member): New proto. * src/Makefile.am (LDADD): Add libident.a and @PAM_LIBS@ * src/acl.c (acl_entry): Remove groups. Add new members: names and name_match. (pies_acl_create): Deep copy the locus. Set free_entry function for the list. (pies_acl_free): Free locus. (_parse_from): Set free_entry function for the list. (_parse_group): Parse the "user" construct. (parse_acl_line): Deep copy the locus. Allow for null value. (acl_keywords): Update docstrings. (_acl_check): Rewrite identity checks. * src/acl.h (acl_input)<user,groups>: Remove. <identity>: New member. (pies_acl_free): New proto. * src/ctl.c (identity): New global. (cmdtab): New command: auth (ctlio) <addr,addrlen>: New members. (ctlio_create): Start from authenticated state only if no identity_providers are configured. (cmd_auth): New function. (cmd_help): Print only commands that are available in the current state. (ctl_accept): Initialize io->addr and io->addrlen. * src/inetd-bi.c: Change call to check_acl * src/pies.c: Include identity.h (control_keywords): New statement "identity-acl" (pies_keywords): New statement "identity-provider" (config_init): Register identity mechanisms. (config_parse): New function. (config_help): Print help on identity-provider statements. (main): Use config_parse to parse grecs-style configurations. * src/pies.h: Include identity.h (check_acl): Change argument list. All callers changed. (control): Remove acl. Add conn_acl and id_acl instead. * src/progman.c (check_acl): Change argument list. Take identity as the 3rd argument.
Diffstat (limited to 'src/pies.h') (more/less context) (ignore whitespace changes)
-rw-r--r--src/pies.h7
1 files changed, 5 insertions, 2 deletions
diff --git a/src/pies.h b/src/pies.h
index 82ffddb..3919703 100644
--- a/src/pies.h
+++ b/src/pies.h
@@ -58,6 +58,7 @@
#include "quotearg.h"
#include "fprintftime.h"
+#include "identity.h"
#include "acl.h"
#include "libpies.h"
@@ -338,7 +339,8 @@ void progman_iterate_comp (int (*fun) (struct component *, void *),
void fd_report (int fd, const char *msg);
-int check_acl (pies_acl_t acl, struct sockaddr *s, socklen_t salen);
+int check_acl (pies_acl_t acl, struct sockaddr *s, socklen_t salen,
+ pies_identity_t identity);
void log_setup (int want_stderr);
void signal_setup (RETSIGTYPE (*sf)(int));
@@ -561,7 +563,8 @@ void sysvinit_acct (int what, const char *user, const char *id, pid_t pid,
struct control
{
struct pies_url *url;
- pies_acl_t acl;
+ pies_acl_t conn_acl;
+ pies_acl_t id_acl;
unsigned int idle_timeout;
};

Return to:

Send suggestions and report system problems to the System administrator.