1 #ifndef PMT_PAM_MOUNT_H
2 #define PMT_PAM_MOUNT_H 1
3
4 #include <sys/types.h>
5 #include <limits.h>
6 #include <stdbool.h>
7 #include <libHX/list.h>
8 #include <libHX/option.h>
9 #include <libHX/string.h>
10 #include "config.h"
11
12 #ifdef HAVE_VISIBILITY_HIDDEN
13 # define EXPORT_SYMBOL __attribute__((visibility("default")))
14 #else
15 # define EXPORT_SYMBOL
16 #endif
17
18 #define sizeof_z(x) (sizeof(x) - 1)
19
20 /*
21 * So many programs trash a useful $PATH (including mount(8)),
22 * so just provide our own.
23 */
24 #define PMT_DFL_PATH \
25 "/usr/local/libexec/hxtools:/usr/local/lib/hxtools:" \
26 "/usr/local/sbin:/usr/local/bin:" \
27 "/usr/libexec/hxtools:/usr/lib/hxtools:" \
28 "/usr/sbin:/usr/bin:/sbin:/bin"
29
30 /* Note that you will also need to change PMPREFIX in pmvarrun.c then! */
31 #define l0g(fmt, ...) \
32 misc_log(("%s(%s:%u): " fmt), pmtlog_prefix, HX_basename(__FILE__), \
33 __LINE__, ## __VA_ARGS__)
34 #define w4rn(fmt, ...) \
35 misc_warn(("%s(%s:%u): " fmt), pmtlog_prefix, HX_basename(__FILE__), \
36 __LINE__, ## __VA_ARGS__)
37
38 struct HXdeque;
39 struct HXformatmap;
40 struct HXproc;
41 struct loop_info64;
42
43 enum command_type {
44 CMD_SMBMOUNT,
45 CMD_SMBUMOUNT,
46 CMD_CIFSMOUNT,
47 CMD_NCPMOUNT,
48 CMD_NCPUMOUNT,
49 CMD_FUSEMOUNT,
50 CMD_FUSEUMOUNT,
51 CMD_LCLMOUNT,
52 CMD_CRYPTMOUNT,
53 CMD_CRYPTUMOUNT,
54 CMD_NFSMOUNT,
55 CMD_UMOUNT,
56 CMD_PMHELPER,
57 CMD_FSCK,
58 CMD_PMVARRUN,
59 CMD_FD0SSH,
60 CMD_OFL,
61 _CMD_MAX,
62 CMD_NONE,
63 };
64
65 enum {
66 /* src */
67 PMTLOG_ERR = 0,
68 PMTLOG_DBG,
69 PMTLOG_SRCMAX,
70
71 /* dst */
72 PMTLOG_SYSLOG = 0,
73 PMTLOG_STDERR,
74 PMTLOG_DSTMAX,
75 };
76
77 /**
78 * @server: server name, if any
79 * @volume: path relative to server, or full path in case @server is empty
80 * @combopath: concatenation of @server and @volume dependent upon @fstype
81 */
82 struct vol {
83 struct HXlist_head list;
84 enum command_type type;
85 /* true if configuration from global config, false if luserconf */
86 bool globalconf;
87 /* set, so that umount can rmdir it */
88 bool created_mntpt;
89 /* expansion already took place */
90 bool is_expanded;
91 /* was handed off to mount_op() */
92 bool mnt_processed;
93 const char *user;
94 char *fstype, *server, *volume, *combopath, *mountpoint, *cipher;
95 char *fs_key_cipher, *fs_key_hash, *fs_key_path;
96 /* May be NULL if no options */
97 struct HXclist_head options;
98 bool use_fstab;
99 bool uses_ssh;
100 bool noroot;
101 };
102
103 /**
104 * @sig_hup: send SIGHUP to processes keeping mountpoint open
105 * @sig_term: send SIGTERM - " -
106 * @sig_kill: send SIGKILL - " -
107 * @sig_wait: wait this many seconds between sending signals,
108 * in microseconds
109 */
110 struct config {
111 /* user logging in */
112 char *user;
113 unsigned int debug;
114 bool mkmntpoint, rmdir_mntpt;
115 bool seen_mntoptions_require, seen_mntoptions_allow;
116 hxmc_t *luserconf;
117 struct HXdeque *command[_CMD_MAX];
118 struct HXmap *options_require, *options_allow, *options_deny;
119 struct HXclist_head volume_list;
120 int level;
121 char *msg_authpw, *msg_sessionpw, *path;
122
123 bool sig_hup, sig_term, sig_kill;
124 unsigned int sig_wait;
125 };
126
127 struct kvp {
128 char *key, *value;
129 struct HXlist_head list;
130 };
131
132 /**
133 * struct ehd_request - mapping and mount request for EHD
134 * @mountpoint: where to mount EHD
135 * @fs_cipher: cipher used for filesystem (cryptsetup name)
136 * @fs_hash: hash used for filesystem (cryptsetup name)
137 * @container: path to disk image
138 * @key_data: key material
139 * @key_size: size of key data, in bytes
140 * @trunc_keysize: extra cryptsetup instruction for truncation (in bytes)
141 * @readonly: create readonly mount?
142 */
143 struct ehd_mtreq {
144 const char *mountpoint;
145 const char *fs_cipher, *fs_hash, *container;
146 const void *key_data;
147 unsigned int key_size, trunc_keysize;
148 bool readonly;
149 };
150
151 /**
152 * struct ehd_mount - EHD mount info
153 * @container: path to disk image
154 * @lower_device: link to either @container if a block device,
155 * otherwise points to @loop_device.
156 * @loop_device: loop device that was created, if any
157 * @crypto_name: crypto device that was created (basename only)
158 * @crypto_device: full path to the crypto device
159 */
160 struct ehd_mount {
161 char *container;
162 const char *lower_device;
163 char *loop_device;
164 hxmc_t *crypto_name;
165 hxmc_t *crypto_device;
166 };
167
168 struct ehd_crypto_ops {
169 int (*load)(const struct ehd_mtreq *, struct ehd_mount *);
170 int (*unload)(const struct ehd_mount *);
171 };
172
173 typedef int (mount_op_fn_t)(const struct config *, struct vol *,
174 struct HXformat_map *, const char *);
175
176 /*
177 *
178 */
format_add(struct HXformat_map * table,const char * key,const char * value)179 static inline void format_add(struct HXformat_map *table, const char *key,
180 const char *value)
181 {
182 if (value == NULL)
183 HXformat_add(table, key, "", HXTYPE_STRING);
184 else
185 HXformat_add(table, key, value, HXTYPE_STRING | HXFORMAT_IMMED);
186 }
187
znul(const char * s)188 static inline const char *znul(const char *s)
189 {
190 return (s == NULL) ? "(null)" : s;
191 }
192
193 /*
194 * CRYPTO.C
195 */
196 extern int ehd_load(const struct ehd_mtreq *, struct ehd_mount *);
197 extern int ehd_unload(const struct ehd_mount *);
198 extern void ehd_mtfree(struct ehd_mount *);
199 extern hxmc_t *ehd_decrypt_key(const char *, const char *, const char *,
200 hxmc_t *);
201 extern unsigned int cipher_digest_security(const char *);
202 extern hxmc_t *pmt_get_password(const char *);
203
204 /*
205 * CRYPTO-*.C
206 */
207 extern const struct ehd_crypto_ops ehd_cgd_ops;
208 extern const struct ehd_crypto_ops ehd_dmcrypt_ops;
209
210 extern int dmc_is_luks(const char *, bool);
211
212 /*
213 * LOOP.C
214 */
215 enum {
216 LOSETUP_RW = 0,
217 LOSETUP_RO = 1,
218 };
219
220 extern size_t pmt_block_getsize64(const char *);
221 extern int pmt_loop_setup(const char *, char **, bool);
222 extern int pmt_loop_release(const char *);
223
224 /*
225 * LOG.C
226 */
227 extern const char *pmtlog_prefix;
228 extern bool pmtlog_path[PMTLOG_SRCMAX][PMTLOG_DSTMAX];
229
230 extern int misc_log(const char *, ...);
231 extern int misc_warn(const char *, ...);
232
233 /*
234 * MISC.C
235 */
236 extern void arglist_add(struct HXdeque *, const char *,
237 const struct HXformat_map *);
238 extern struct HXdeque *arglist_build(const struct HXdeque *,
239 const struct HXformat_map *);
240 extern void arglist_log(const struct HXdeque *);
241 extern void arglist_llog(const char *const *);
242 extern bool kvplist_contains(const struct HXclist_head *, const char *);
243 extern char *kvplist_get(const struct HXclist_head *, const char *);
244 extern void kvplist_genocide(struct HXclist_head *);
245 extern hxmc_t *kvplist_to_str(const struct HXclist_head *);
246 extern void misc_add_ntdom(struct HXformat_map *, const char *);
247 extern void misc_dump_id(const char *);
248 extern int pmt_fileop_exists(const char *);
249 extern int pmt_fileop_isreg(const char *);
250 extern int pmt_fileop_owns(const char *, const char *);
251 extern void pmt_readfile(const char *);
252 extern char *relookup_user(const char *);
253 extern long str_to_long(const char *);
254 extern void *xmalloc(size_t);
255 extern void *xrealloc(void *, size_t);
256 extern char *xstrdup(const char *);
257
258 /*
259 * MTAB.C
260 */
261 /* Enum constants must match order of /etc/mtab and /etc/cmtab, respectively. */
262 enum smtab_field {
263 SMTABF_CONTAINER = 0,
264 SMTABF_MOUNTPOINT,
265 __SMTABF_MAX,
266 };
267
268 enum cmtab_field {
269 CMTABF_MOUNTPOINT = 0,
270 CMTABF_CONTAINER,
271 CMTABF_LOOP_DEV,
272 CMTABF_CRYPTO_DEV,
273 __CMTABF_MAX,
274 };
275
276 enum {
277 PMT_BY_CONTAINER = 1 << 0,
278 PMT_BY_CRYPTODEV = 1 << 1,
279 };
280
281 extern int pmt_smtab_add(const char *, const char *,
282 const char *, const char *);
283 extern int pmt_smtab_remove(const char *, enum smtab_field);
284 extern int pmt_smtab_mounted(const char *, const char *,
285 int (*)(const char *, const char *));
286 extern int pmt_cmtab_add(const char *, const char *,
287 const char *, const char *);
288 extern int pmt_cmtab_get(const char *, enum cmtab_field,
289 char **, char **, char **, char **);
290 extern int pmt_cmtab_remove(const char *);
291 extern int pmt_cmtab_mounted(const char *, const char *);
292 extern const char *pmt_cmtab_path(void);
293 extern const char *pmt_smtab_path(void);
294 extern const char *pmt_kmtab_path(void);
295
296 /*
297 * MOUNT.C
298 */
299 extern mount_op_fn_t do_mount, do_unmount;
300 extern int fstype_nodev(const char *);
301 extern int mount_op(mount_op_fn_t *, const struct config *, struct vol *,
302 const char *);
303 extern void umount_final(struct config *);
304 extern int pmt_already_mounted(const struct config *,
305 const struct vol *, struct HXformat_map *);
306 extern hxmc_t *pmt_vol_to_dev(const struct vol *);
307 extern bool fstype_icase(const char *);
308 extern bool fstype2_icase(enum command_type);
309
310 /*
311 * OFL-LIB.C
312 */
313 extern int (*ofl_printf)(const char *, ...);
314 extern bool ofl(const char *, unsigned int);
315
316 /*
317 * PAM_MOUNT.C
318 */
319 #ifndef HAVE_VISIBILITY_HIDDEN
320 /* Workaround Xserver issue */
321 # define Debug pmt_debug
322 #endif
323 extern unsigned int Debug;
324 extern struct config Config;
325
326 /*
327 * RDCONF1.C
328 */
329 extern bool expandconfig(const struct config *);
330 extern void initconfig(struct config *);
331 extern bool readconfig(const char *, bool, struct config *);
332 extern void freeconfig(struct config *);
333
334 /*
335 * RDCONF2.C
336 */
337 extern bool luserconf_volume_record_sane(const struct config *, const struct vol *);
338 extern bool volume_record_sane(const struct config *, const struct vol *);
339
340 /*
341 * SPAWN.C
342 */
343 extern const struct HXproc_ops pmt_spawn_ops, pmt_dropprivs_ops;
344
345 extern int pmt_spawn_dq(struct HXdeque *, struct HXproc *);
346
347 #endif /* PMT_PAM_MOUNT_H */
348