1 /* 2 * ProFTPD: mod_ctrls -- a module implementing the ftpdctl local socket 3 * server 4 * Copyright (c) 2000-2016 The ProFTPD Project team 5 * 6 * This program is free software; you can redistribute it and/or modify 7 * it under the terms of the GNU General Public License as published by 8 * the Free Software Foundation; either version 2 of the License, or 9 * (at your option) any later version. 10 * 11 * This program is distributed in the hope that it will be useful, 12 * but WITHOUT ANY WARRANTY; without even the implied warranty of 13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 14 * GNU General Public License for more details. 15 * 16 * You should have received a copy of the GNU General Public License 17 * along with this program; if not, write to the Free Software 18 * Foundation, Inc., 51 Franklin Street, Suite 500, Boston, MA 02110-1335, USA. 19 * 20 * As a special exemption, TJ Saunders and other respective copyright holders 21 * give permission to link this program with OpenSSL, and distribute the 22 * resulting executable, without including the source code for OpenSSL in the 23 * source distribution. 24 * 25 * This is mod_ctrls, contrib software for proftpd 1.2 and above. 26 * For more information contact TJ Saunders <tj@castaglia.org>. 27 */ 28 29 #ifndef MOD_CTRLS_H 30 #define MOD_CTRLS_H 31 32 #include <signal.h> 33 #include "conf.h" 34 35 # ifdef PR_USE_CTRLS 36 37 /* Controls access control objects */ 38 39 typedef struct { 40 unsigned char allow; 41 unsigned int nuids; 42 uid_t *uids; 43 } ctrls_usr_acl_t; 44 45 typedef struct { 46 unsigned char allow; 47 unsigned int ngids; 48 gid_t *gids; 49 } ctrls_grp_acl_t; 50 51 typedef struct { 52 pool *acl_pool; 53 ctrls_usr_acl_t acl_usrs; 54 ctrls_grp_acl_t acl_grps; 55 } ctrls_acl_t; 56 57 typedef struct { 58 const char *act_action; 59 const char *act_desc; 60 ctrls_acl_t *act_acl; 61 int (*act_cb)(pr_ctrls_t *, int, char **); 62 } ctrls_acttab_t; 63 64 unsigned char pr_ctrls_check_group_acl(gid_t, const ctrls_grp_acl_t *); 65 unsigned char pr_ctrls_check_user_acl(uid_t, const ctrls_usr_acl_t *); 66 67 /* Returns TRUE if use of ctrl named by action is allowed by the user or group 68 * ACL, FALSE otherwise. The ACLs associated with the given action are 69 * looked up in the given table. The default is to deny everyone, unless an 70 * ACL has been configured to allow them. 71 */ 72 unsigned char pr_ctrls_check_acl(const pr_ctrls_t *ctrl, 73 const ctrls_acttab_t *ctrls_acttab, const char *action); 74 75 /* Initialize an ctrls_acl_t object. */ 76 void pr_ctrls_init_acl(ctrls_acl_t *acl); 77 78 char **pr_ctrls_parse_acl(pool *acl_pool, char *acl_str); 79 80 void pr_ctrls_set_group_acl(pool *, ctrls_grp_acl_t *, const char *, char *); 81 void pr_ctrls_set_user_acl(pool *, ctrls_usr_acl_t *, const char *, char *); 82 83 /* Configures the ACLs for the actions implemented in a Controls module. */ 84 char *pr_ctrls_set_module_acls(ctrls_acttab_t *ctrls_acttab, pool *acl_pool, 85 char **actions, const char *allow, const char *type, char *list); 86 87 /* Unregisters a module's actions according to the configured list. */ 88 char *pr_ctrls_unregister_module_actions(ctrls_acttab_t *ctrls_acttab, 89 char **actions, module *mod); 90 91 /* Set the file descriptor that the Controls API should use for logging. */ 92 int pr_ctrls_set_logfd(int fd); 93 94 /* Logs into a mod_ctrls-specific log file. */ 95 int pr_ctrls_log(const char *module_version, const char *fmt, ...) 96 #ifdef __GNUC__ 97 __attribute__ ((format (printf, 2, 3))); 98 #else 99 ; 100 #endif 101 102 # endif /* PR_USE_CTRLS */ 103 #endif /* MOD_CTRLS_H */ 104