1 /*
2 * Copyright (C) 2018 Nikos Mavrogiannopoulos
3 *
4 * Author: Nikos Mavrogiannopoulos
5 *
6 * This file is part of ocserv.
7 *
8 * ocserv is free software; you can redistribute it and/or
9 * modify it under the terms of the GNU Lesser General Public License
10 * as published by the Free Software Foundation; either version 2.1 of
11 * the License, or (at your option) any later version.
12 *
13 * This library is distributed in the hope that it will be useful, but
14 * WITHOUT ANY WARRANTY; without even the implied warranty of
15 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
16 * Lesser General Public License for more details.
17 *
18 * You should have received a copy of the GNU Lesser General Public License
19 * along with this program. If not, see <http://www.gnu.org/licenses/>
20 */
21 #ifndef VHOST_H
22 #define VHOST_H
23
24 /* Virtual host entries; common between main and sec-mod */
25 #include <config.h>
26 #include "tlslib.h"
27
28 #define MAX_PIN_SIZE GNUTLS_PKCS11_MAX_PIN_LEN
29 typedef struct pin_st {
30 char pin[MAX_PIN_SIZE];
31 char srk_pin[MAX_PIN_SIZE];
32 } pin_st;
33
34 typedef struct vhost_cfg_st {
35 struct list_node list;
36 char *name;
37 struct perm_cfg_st perm_config;
38
39 tls_st creds;
40 /* set to non-zero if authentication/accounting is initialized */
41 unsigned auth_init;
42
43 /* vhost is pool by itself on current implementation,
44 * but made explicit to avoid future breakage due to changes */
45 void *pool;
46
47 /* sec-mod accessed items */
48 pin_st pins;
49 time_t cert_last_access; /* last reload/access of certs in certs */
50 time_t crl_last_access; /* last reload/access of crls in creds */
51 time_t params_last_access; /* last reload/access of params in creds */
52 struct config_mod_st *config_module;
53
54 gnutls_privkey_t *key;
55 unsigned key_size;
56
57 /* temporary values used during config loading
58 */
59 char *acct;
60 char **auth;
61 size_t auth_size;
62 char **eauth;
63 size_t eauth_size;
64 unsigned expose_iroutes;
65 unsigned auto_select_group;
66 #ifdef HAVE_GSSAPI
67 char **urlfw;
68 size_t urlfw_size;
69 #endif
70 } vhost_cfg_st;
71
72 #define DEFAULT_VHOST_NAME "default"
73
74 /* macros to retrieve the default vhost configuration; they
75 * are non-null as there is always a configured host. */
76 #ifdef __clang_analyzer__
77 static volatile void *v = 0xffffffff;
78
79 static inline vhost_cfg_st *default_vhost(void * s) __attribute__((returns_nonnull));
default_vhost(void * s)80 static inline vhost_cfg_st *default_vhost(void * s)
81 {
82 return v;
83 }
84
85 static inline struct vhost_cfg_st *GETVHOST(void *s) __attribute__((returns_nonnull));
GETVHOST(void * s)86 static inline struct vhost_cfg_st *GETVHOST(void *s)
87 {
88 return v;
89 }
90
91 static inline struct cfg_st *GETCONFIG(void *s) __attribute__((returns_nonnull));
GETCONFIG(void * s)92 static inline struct cfg_st *GETCONFIG(void *s)
93 {
94 return v;
95 }
96
97 static inline struct perm_cfg_st* GETPCONFIG(void *s) __attribute__((returns_nonnull));
GETPCONFIG(void * s)98 static inline struct perm_cfg_st* GETPCONFIG(void *s)
99 {
100 return v;
101 }
102 #else
103 # define GETVHOST(s) default_vhost((s)->vconfig)
104 # define GETCONFIG(s) GETVHOST(s)->perm_config.config
105 # define GETPCONFIG(s) (&(GETVHOST(s)->perm_config))
106
default_vhost(struct list_head * vconfig)107 inline static vhost_cfg_st *default_vhost(struct list_head *vconfig)
108 {
109 return list_tail(vconfig, struct vhost_cfg_st, list);
110 }
111 #endif
112
113 #define VHOSTNAME(vhost) (vhost!=NULL)?(vhost->name?vhost->name:DEFAULT_VHOST_NAME):("unknown")
114 #define PREFIX_VHOST(vhost) (vhost!=NULL)?(vhost->name?_vhost_prefix(vhost->name):""):("")
115 #define HAVE_VHOSTS(s) (list_tail(s->vconfig, struct vhost_cfg_st, list) == list_top(s->vconfig, struct vhost_cfg_st, list))?0:1
116
117 #include <c-strcase.h>
118
119 /* always returns a vhost */
find_vhost(struct list_head * vconfig,const char * name)120 inline static vhost_cfg_st *find_vhost(struct list_head *vconfig, const char *name)
121 {
122 vhost_cfg_st *vhost = NULL;
123 if (name == NULL)
124 return default_vhost(vconfig);
125
126 list_for_each(vconfig, vhost, list) {
127 if (vhost->name != NULL && c_strcasecmp(vhost->name, name) == 0)
128 return vhost;
129 }
130
131 return default_vhost(vconfig);
132 }
133
134 #endif
135