1 /* 2 * The Spread Toolkit. 3 * 4 * The contents of this file are subject to the Spread Open-Source 5 * License, Version 1.0 (the ``License''); you may not use 6 * this file except in compliance with the License. You may obtain a 7 * copy of the License at: 8 * 9 * http://www.spread.org/license/ 10 * 11 * or in the file ``license.txt'' found in this distribution. 12 * 13 * Software distributed under the License is distributed on an AS IS basis, 14 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License 15 * for the specific language governing rights and limitations under the 16 * License. 17 * 18 * The Creators of Spread are: 19 * Yair Amir, Michal Miskin-Amir, Jonathan Stanton. 20 * 21 * Copyright (C) 1993-2004 Spread Concepts LLC <spread@spreadconcepts.com> 22 * 23 * All Rights Reserved. 24 * 25 * Major Contributor(s): 26 * --------------- 27 * Cristina Nita-Rotaru crisn@cs.purdue.edu - group communication security. 28 * Theo Schlossnagle jesus@omniti.com - Perl, skiplists, autoconf. 29 * Dan Schoenblum dansch@cnds.jhu.edu - Java interface. 30 * John Schultz jschultz@cnds.jhu.edu - contribution to process group membership. 31 * 32 */ 33 34 35 36 #ifndef ACM_H 37 #define ACM_H 38 39 #include "arch.h" 40 #include "spread_params.h" /* For MAX_GROUP_NAME */ 41 42 #define MAX_AUTH_METHODS 3 43 #define MAX_AUTH_NAME 30 44 #define MAX_AUTH_LIST_LEN (MAX_AUTH_METHODS * MAX_AUTH_NAME) 45 /* NOTE: (MAX_AUTH_NAME * MAX_AUTH_METHODS) must be < 255 46 * This is because we send the length of the auth methods list as a unsigned char 47 * If we want to increase the number of methods we will have to switch to sending a 48 * short int. This requires a change in the client-server protocol. 49 */ 50 typedef enum ACM_ReturnVal { 51 ACM_ACCESS_DENIED, 52 ACM_ACCESS_ALLOWED, 53 } ACM_ReturnVal; 54 55 struct session_auth_info { 56 mailbox mbox; 57 void *module_data; 58 int num_required_auths; 59 int completed_required_auths; 60 int required_auth_methods[MAX_AUTH_METHODS]; 61 int required_auth_results[MAX_AUTH_METHODS]; 62 }; 63 64 struct auth_ops { 65 void (*auth_client_connection) (struct session_auth_info *sess_auth_p); 66 /* not currently used -- placeholder for future stuff */ 67 void (*auth_monitor_connection) (mailbox mbox, int32 ip_addr); 68 void (*deliver_authinfo) (int info_len, void *authinfo); 69 }; 70 71 struct acp_ops { 72 ACM_ReturnVal (*open_connection) (char *user); 73 ACM_ReturnVal (*open_monitor) (char *user); /* not user currently */ 74 ACM_ReturnVal (*join_group) (char *user, char *group, void *acm_token); 75 ACM_ReturnVal (*leave_group) (char *user, char *group, void *acm_token); 76 ACM_ReturnVal (*p2p_send) (char *user, int num_dests, char dests[][MAX_GROUP_NAME], int service_type, int16 mess_type); 77 ACM_ReturnVal (*mcast_send) (char *user, int num_groups, char groups[][MAX_GROUP_NAME], int service_type, int16 mess_type); 78 }; 79 80 /* Function declarations */ 81 void Acm_init(void); 82 83 /* Auth Functions */ 84 bool Acm_auth_query_allowed(char *auth_name); 85 char *Acm_auth_get_allowed_list(void); 86 bool Acm_auth_add_method(char *name, struct auth_ops *ops); 87 bool Acm_auth_set_enabled(char *auth_name); 88 bool Acm_auth_set_disabled(char *auth_name); 89 bool Acm_auth_set_required(char *auth_name); 90 void * Acm_auth_get_auth_client_connection(int authid); 91 void * Acm_auth_get_auth_client_connection_byname(char *auth_name); 92 struct session_auth_info *Acm_auth_create_sess_info_forIP(mailbox mbox); 93 struct session_auth_info *Acm_auth_create_sess_info(mailbox mbox, char *auth_name); 94 95 /* Access Control Policy Functions */ 96 void Acm_acp_fill_ops(struct acp_ops *acp_ops_h); 97 bool Acm_acp_set_policy(char *policy_name); 98 bool Acm_acp_query_allowed(char *acp_name); 99 bool Acm_acp_add_method(char *name, struct acp_ops *ops); 100 101 #endif /* ACM_H */ 102