---

---

---

001: /*
002:  * Copyright (c) 2009-2011 Todd C. Miller <Todd.Miller@courtesan.com>
003:  *
004:  * Permission to use, copy, modify, and distribute this software for any
005:  * purpose with or without fee is hereby granted, provided that the above
006:  * copyright notice and this permission notice appear in all copies.
007:  *
008:  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
009:  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
010:  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
011:  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
012:  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
013:  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
014:  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
015:  */
016: 
017: #ifndef _SUDO_PLUGIN_H
018: #define _SUDO_PLUGIN_H
019: 
020: /* API version major/minor */
021: #define SUDO_API_VERSION_MAJOR 1
022: #define SUDO_API_VERSION_MINOR 1
023: #define SUDO_API_MKVERSION(x, y) ((x << 16) | y)
024: #define SUDO_API_VERSION SUDO_API_MKVERSION(SUDO_API_VERSION_MAJOR, SUDO_API_VERSION_MINOR)
025: 
026: /* Getters and setters for API version */
027: #define SUDO_API_VERSION_GET_MAJOR(v) ((v) >> 16)
028: #define SUDO_API_VERSION_GET_MINOR(v) ((v) & 0xffff)
029: #define SUDO_API_VERSION_SET_MAJOR(vp, n) do { \
030:     *(vp) = (*(vp) & 0x0000ffff) | ((n) << 16); \
031: } while(0)
032: #define SUDO_VERSION_SET_MINOR(vp, n) do { \
033:     *(vp) = (*(vp) & 0xffff0000) | (n); \
034: } while(0)
035: 
036: /* Conversation function types and defines */
037: struct sudo_conv_message {
038: #define SUDO_CONV_PROMPT_ECHO_OFF   0x0001  /* do not echo user input */
039: #define SUDO_CONV_PROMPT_ECHO_ON    0x0002  /* echo user input */
040: #define SUDO_CONV_ERROR_MSG         0x0003  /* error message */
041: #define SUDO_CONV_INFO_MSG          0x0004  /* informational message */
042: #define SUDO_CONV_PROMPT_MASK       0x0005  /* mask user input */
043: #define SUDO_CONV_PROMPT_ECHO_OK    0x1000  /* flag: allow echo if no tty */
044:     int msg_type;
045:     int timeout;
046:     const char *msg;
047: };
048: 
049: struct sudo_conv_reply {
050:     char *reply;
051: };
052: 
053: typedef int (*sudo_conv_t)(int num_msgs, const struct sudo_conv_message msgs[],
054:         struct sudo_conv_reply replies[]);
055: typedef int (*sudo_printf_t)(int msg_type, const char *fmt, ...);
056: 
057: /* Policy plugin type and defines */
058: struct passwd;
059: struct policy_plugin {
060: #define SUDO_POLICY_PLUGIN     1
061:     unsigned int type; /* always SUDO_POLICY_PLUGIN */
062:     unsigned int version; /* always SUDO_API_VERSION */
063:     int (*open)(unsigned int version, sudo_conv_t conversation,
064:         sudo_printf_t sudo_printf, char * const settings[],
065:         char * const user_info[], char * const user_env[]);
066:     void (*close)(int exit_status, int error); /* wait status or error */
067:     int (*show_version)(int verbose);
068:     int (*check_policy)(int argc, char * const argv[],
069:         char *env_add[], char **command_info[],
070:         char **argv_out[], char **user_env_out[]);
071:     int (*list)(int argc, char * const argv[], int verbose,
072:         const char *list_user);
073:     int (*validate)(void);
074:     void (*invalidate)(int remove);
075:     int (*init_session)(struct passwd *pwd);
076: };
077: 
078: /* I/O plugin type and defines */
079: struct io_plugin {
080: #define SUDO_IO_PLUGIN      2
081:     unsigned int type; /* always SUDO_IO_PLUGIN */
082:     unsigned int version; /* always SUDO_API_VERSION */
083:     int (*open)(unsigned int version, sudo_conv_t conversation,
084:         sudo_printf_t sudo_printf, char * const settings[],
085:         char * const user_info[], char * const command_info[],
086:         int argc, char * const argv[], char * const user_env[]);
087:     void (*close)(int exit_status, int error); /* wait status or error */
088:     int (*show_version)(int verbose);
089:     int (*log_ttyin)(const char *buf, unsigned int len);
090:     int (*log_ttyout)(const char *buf, unsigned int len);
091:     int (*log_stdin)(const char *buf, unsigned int len);
092:     int (*log_stdout)(const char *buf, unsigned int len);
093:     int (*log_stderr)(const char *buf, unsigned int len);
094: };
095: 
096: /* Sudoers group plugin version major/minor */
097: #define GROUP_API_VERSION_MAJOR 1
098: #define GROUP_API_VERSION_MINOR 0
099: #define GROUP_API_VERSION ((GROUP_API_VERSION_MAJOR << 16) | GROUP_API_VERSION_MINOR)
100: 
101: /* Getters and setters for group version */
102: #define GROUP_API_VERSION_GET_MAJOR(v) ((v) >> 16)
103: #define GROUP_API_VERSION_GET_MINOR(v) ((v) & 0xffff)
104: #define GROUP_API_VERSION_SET_MAJOR(vp, n) do { \
105:     *(vp) = (*(vp) & 0x0000ffff) | ((n) << 16); \
106: } while(0)
107: #define GROUP_API_VERSION_SET_MINOR(vp, n) do { \
108:     *(vp) = (*(vp) & 0xffff0000) | (n); \
109: } while(0)
110: 
111: /*
112:  * version: for compatibility checking
113:  * group_init: return 1 on success, 0 if unconfigured, -1 on error.
114:  * group_cleanup: called to clean up resources used by provider
115:  * user_in_group: returns 1 if user is in group, 0 if not.
116:  *                note that pwd may be NULL if the user is not in passwd.
117:  */
118: struct sudoers_group_plugin {
119:     unsigned int version;
120:     int (*init)(int version, sudo_printf_t sudo_printf, char *const argv[]);
121:     void (*cleanup)(void);
122:     int (*query)(const char *user, const char *group, const struct passwd *pwd);
123: };
124: 
125: #endif /* _SUDO_PLUGIN_H */
126: 

---

---

---