source: trunk/include/slib.h@ 10

Last change on this file since 10 was 8, checked in by rainer, 19 years ago

minor optimisations for speed

File size: 13.2 KB
Line 
1/* --------------------------------------------------------------
2 *
3 * The developement of this library has been stimulated by reading
4 * a paper on 'Robust Programming' by Matt Bishop, although
5 * not all of his ideas might be implemented in the same
6 * strictness as discussed in the paper.
7 *
8 * --------------------------------------------------------------
9 */
10
11#ifndef SL_SLIB_H
12#define SL_SLIB_H
13
14#include <errno.h>
15#include <stdio.h>
16#include <stdlib.h>
17#include <stdarg.h>
18#include <sys/types.h>
19
20#include "config_xor.h"
21
22#ifdef HAVE_UNISTD_H
23#include <unistd.h>
24#endif
25
26/****************
27
28 -- Defined in config.h. --
29
30 #ifndef _(string)
31 #define _(string) string
32 #endif
33
34 #ifndef N_(string)
35 #define N_(string) string
36 #endif
37
38*****************/
39
40/* --------------------------------------------------------------
41 *
42 * Typedefs, global variables, macros.
43 *
44 * --------------------------------------------------------------
45 */
46
47extern long int sl_errno; /* Global error variable. */
48
49
50/* The ticketing system; used to hide internals from the
51 * programmer.
52 */
53typedef long int SL_TICKET; /* Unique ID for opened files. */
54
55
56/*
57 * TRUE, FALSE
58 */
59#define SL_TRUE 1
60#define SL_FALSE 0
61
62
63
64/*
65 * The following macros are provided:
66 *
67 * SL_ISERROR(x) TRUE if return status of 'x' is an error code.
68 * SL_REQUIRE(x, xstr) Abort if 'x' is false.
69 * SL_ENTER(s) Trace entry in function 's'.
70 * SL_RETURN(x, s) Trace return from function 's'.
71 */
72
73
74/*
75 * The error codes.
76 */
77#define SL_ENONE 0
78
79#define SL_ENULL -1024 /* Invalid use of NULL pointer. */
80#define SL_ERANGE -1025 /* Argument out of range. */
81#define SL_ETRUNC -1026 /* Result truncated. */
82#define SL_EREPEAT -1027 /* Illegal repeated use of function. */
83
84#define SL_EINTERNAL -1028 /* Internal error. */
85#define SL_ETICKET -1029 /* Bad ticket. */
86#define SL_EBADFILE -1030 /* File access error. Check errno. */
87#define SL_EBOGUS -1031 /* Bogus file. */
88#define SL_EMEM -1032 /* Out of memory. */
89#define SL_EUNLINK -1033 /* Unlink error. Check errno. */
90#define SL_EREWIND -1034 /* Rewind error. Check errno. */
91#define SL_EFORWARD -1035 /* Forward error. Check errno. */
92#define SL_EREAD -1036 /* Read error. Check errno. */
93#define SL_EWRITE -1037 /* Write error. Check errno. */
94#define SL_ESYNC -1038 /* Write error. Check errno. */
95
96#define SL_EBADNAME -1040 /* Invalid name. */
97#define SL_ESTAT -1041 /* stat of file failed. Check errno. */
98
99#define SL_EBADUID -1050 /* Owner not trustworthy. */
100#define SL_EBADGID -1051 /* Group writeable and not trustworthy.*/
101#define SL_EBADOTH -1052 /* World writeable. */
102
103#define SL_TOOMANY -1053 /* Too many open files */
104#define SL_TIMEOUT -1054 /* Timeout in read */
105/*
106 * All int functions return SL_NONE on success.
107 */
108
109#ifdef __cplusplus
110extern "C" {
111#endif
112
113 int dlog (int flag, char * file, int line, const char *fmt, ...);
114
115 char * sl_get_errmsg();
116
117 /* ----------------------------------------------------------------
118 *
119 * Heap consistency routines
120 *
121 * ---------------------------------------------------------------- */
122
123 int sl_test_heap();
124
125 /* ----------------------------------------------------------------
126 *
127 * Capability routines
128 *
129 * ---------------------------------------------------------------- */
130
131 extern int sl_useCaps;
132
133 int sl_drop_cap ();
134 int sl_drop_cap_sub();
135 int sl_get_cap_sub();
136 int sl_drop_cap_qdel();
137 int sl_get_cap_qdel();
138
139 /* ----------------------------------------------------------------
140 *
141 * String handling routines
142 *
143 * ---------------------------------------------------------------- */
144
145 /*
146 * A memset that does not get optimized away
147 */
148 void *sl_memset(void *s, int c, size_t n);
149#undef memset
150#define memset sl_memset
151
152 /*
153 * Copy src to dst. siz is the length of dst.
154 */
155 int sl_strlcpy(char * dst, /*@null@*/const char * src, size_t siz);
156
157 /*
158 * Append src to dst. siz is the length of dst.
159 */
160 int sl_strlcat(char * dst, /*@null@*/const char *src, size_t siz);
161
162 /*
163 * An implementation of vsnprintf. va_start/va_end are in the caller
164 * function.
165 */
166 int sl_vsnprintf(char *str, size_t n,
167 const char *format, va_list vl );
168
169 /*
170 * An implementation of snprintf.
171 */
172 int sl_snprintf(char *str, size_t n,
173 const char *format, ... );
174
175 /*
176 * A robust drop-in replacement of strncpy. strlcpy is preferable.
177 */
178 char * sl_strncpy(/*@out@*/char *dst, const char *src, size_t size);
179
180 /*
181 * Robust strncat.
182 */
183 char * sl_strncat(char *dst, const char *src, size_t n);
184
185 /*
186 * strstr
187 */
188 char * sl_strstr (const char * haystack, const char * needle);
189
190 /*
191 * robust strncmp replacement
192 */
193 int sl_strncmp(const char * a, const char * b, size_t n);
194
195 /*
196 * robust strcmp replacement
197 */
198 int sl_strcmp(const char * a, const char * b);
199
200 /*
201 * robust strlen replacement
202 */
203#define sl_strlen(arg) ((arg == NULL) ? 0 : (strlen(arg)))
204
205 /* ----------------------------------------------------------------
206 *
207 * Privilege handling routines
208 *
209 * ---------------------------------------------------------------- */
210
211 /*
212 * ONE OF THE FOLLOWING THREE FUNCTIONS
213 * SHOULD BE CALLED BEFORE ANY OTHER OF THE
214 * UID HANDLING FUNCTIONS.
215 */
216 int sl_policy_get_user(char *username); /* drop SUID to <username> */
217 int sl_policy_get_real(char *username); /* drop privs to <username> */
218 int sl_policy_get_root(void); /* drop SUID to root */
219
220 /*
221 * If not using one of the above, use this function,
222 * and then call sh_unset_suid().
223 * This function saves the uid's.
224 * It calls abort() on error.
225 */
226 int sl_save_uids(void);
227
228 /*
229 * This function returns the saved euid.
230 * It calls abort() if the uid's are not saved already.
231 */
232 int sl_get_euid(/*@out@*/uid_t * ret);
233 uid_t sl_ret_euid();
234
235 /*
236 * This function returns the saved egid.
237 * It calls abort() if the uid's are not saved already.
238 */
239 int sl_get_egid(/*@out@*/gid_t * ret);
240
241 /*
242 * This function returns the saved current ruid.
243 * It calls abort() if the uid's are not saved already.
244 */
245 int sl_get_ruid(/*@out@*/uid_t * ret);
246
247 /*
248 * This function returns the saved current rgid.
249 * It calls abort() if the uid's are not saved already.
250 */
251 int sl_get_rgid(gid_t * ret);
252
253 /*
254 * This function returns the saved original ruid.
255 * It calls abort() if the uid's are not saved already.
256 */
257 int sl_get_ruid_orig(uid_t * ret);
258
259 /*
260 * This function returns the saved original rgid.
261 * It calls abort() if the uid's are not saved already.
262 */
263 int sl_get_rgid_orig(gid_t * ret);
264
265 /*
266 * This function returns true if the program is SUID.
267 * It calls abort() if the uid's are not saved already.
268 */
269 int sl_is_suid(void);
270
271 /*
272 * This function sets the effective uid
273 * to the saved effective uid.
274 */
275 int sl_set_suid (void);
276
277 /*
278 * This function sets the effective uid to the real uid.
279 */
280 int sl_unset_suid (void);
281
282 /*
283 * This function drops SUID privileges irrevocably.
284 */
285 int sl_drop_privileges(void);
286
287 /* ----------------------------------------------------------------
288 *
289 * File handling routines
290 *
291 * ---------------------------------------------------------------- */
292
293 SL_TICKET sl_make_ticket (int fd, char * path);
294
295 /* Open for writing.
296 */
297 SL_TICKET sl_open_write (char * fname, int priviledge_mode);
298
299 /* Open for reading.
300 */
301 SL_TICKET sl_open_read (char * fname, int priviledge_mode);
302
303 /* Open for reading w/minimum checking.
304 */
305 SL_TICKET sl_open_fastread (char * fname, int priviledge_mode);
306
307 /* Open for read and write.
308 */
309 SL_TICKET sl_open_rdwr (char * fname, int priviledge_mode);
310
311 /* Open for read and write, fail if file exists.
312 */
313 SL_TICKET sl_open_safe_rdwr (char * fname, int priv);
314
315 /* Open for write, truncate.
316 */
317 SL_TICKET sl_open_write_trunc (char * fname, int priviledge_mode);
318
319 /* Open for read and write, truncate.
320 */
321 SL_TICKET sl_open_rdwr_trunc (char * fname, int priviledge_mode);
322
323 /* Close file.
324 */
325 int sl_close (SL_TICKET ticket);
326
327 /* Unlink file.
328 */
329 int sl_unlink (SL_TICKET ticket);
330
331 /* Rewind file.
332 */
333 int sl_rewind (SL_TICKET ticket);
334
335 /* Seek file.
336 */
337 int sl_seek (SL_TICKET ticket, off_t off_data);
338
339 /* Forward file.
340 */
341 int sl_forward (SL_TICKET ticket);
342
343 /* Sync file.
344 */
345 int sl_sync (SL_TICKET ticket);
346
347 /* Read file.
348 */
349 int sl_read (SL_TICKET ticket, void * buf, size_t count);
350
351 int sl_read_timeout_prep (SL_TICKET ticket);
352
353 int sl_read_timeout (SL_TICKET ticket, void * buf,
354 size_t count, int timeout);
355
356 int sl_read_fast (SL_TICKET ticket, void * buf_in, size_t count);
357
358 /* Write file.
359 */
360 int sl_write (SL_TICKET ticket, void * msg, long nbytes);
361
362 /* Write file, terminate with newline.
363 */
364 int sl_write_line (SL_TICKET ticket, void * msg, long nbytes);
365
366 /* Drop all metadata for file descriptors >= fd.
367 */
368 int sl_dropall(int fd, int except);
369
370 /* Check whether file is trustworthy.
371 */
372 int sl_trustfile(char * path, uid_t * ok, uid_t * bad);
373
374 /* Check whether file is trustworthy.
375 */
376 int sl_trustfile_euid(char * filename, uid_t euid);
377
378 /* purge list of trusted users
379 */
380 int sl_trust_purge_user ();
381
382 /* Add a trusted user.
383 */
384 int sl_trust_add_user (uid_t pwid);
385
386 /* Get error string.
387 */
388 char * sl_error_string(int errorcode);
389
390 /* Get error file.
391 */
392 char * sl_trust_errfile(void);
393
394
395#ifdef __cplusplus
396}
397#endif
398
399/* Privilege modes for file access.
400 */
401#define SL_YESPRIV 0x33
402#define SL_NOPRIV 0x34
403
404#define MAXFILENAME 2048
405
406
407/*
408 * This macro is TRUE if (x) < 0.
409 */
410#define SL_ISERROR(x) ((long)(x) < 0)
411
412#if defined(WITH_TPT)
413#define TPT(arg) dlog arg ;
414#else
415#define TPT(arg)
416#endif
417
418
419/*
420 * The 'require' macro.
421 */
422#define SL_REQUIRE(assertion, astext) \
423do { \
424 /*@i@*/ if (assertion) ; \
425 else { \
426 dlog(0, FIL__, __LINE__, SDG_AFAIL, \
427 FIL__, __LINE__, astext); \
428 _exit(EXIT_FAILURE); \
429 } \
430} while (0)
431
432
433/*
434 * The enter macro. Prints the trace if TRACE is on.
435 */
436extern int slib_do_trace;
437extern int slib_trace_fd;
438
439#if defined(SL_DEBUG)
440#define SL_ENTER(s) sl_stack_push(s, FIL__, __LINE__);
441#else
442#define SL_ENTER(s) if (slib_do_trace != 0) sl_trace_in(s, FIL__, __LINE__);
443#endif
444
445/*
446 * The return macro.
447 */
448#if defined(SL_DEBUG)
449#ifndef S_SPLINT_S
450#define SL_RETURN(x, s) \
451do { \
452 sl_stack_pop(s, FIL__, __LINE__); \
453 return(x); \
454} while(0)
455#else
456/*@notfunction@*/
457#define SL_RETURN(x, s) return(x);
458#endif /* S_SPLINT_S */
459#else
460#ifndef S_SPLINT_S
461#define SL_RETURN(x, s) \
462do { \
463 if (slib_do_trace != 0) \
464 sl_trace_out(s, FIL__, __LINE__); \
465 return(x); \
466} while(0)
467#else
468/*@notfunction@*/
469#define SL_RETURN(x, s) return(x);
470#endif /* S_SPLINT_S */
471#endif /* SL_RETURN macro */
472
473#if defined(SL_DEBUG)
474#define SL_RET0(s) \
475do { \
476 sl_stack_pop(s, FIL__, __LINE__); \
477 return; \
478} while(0)
479#else
480#ifndef S_SPLINT_S
481#define SL_RET0(s) \
482do { \
483 if (slib_do_trace != 0) \
484 sl_trace_out(s, FIL__, __LINE__); \
485 return; \
486} while(0)
487#else
488/*@notfunction@*/
489#define SL_RET0(s) return;
490#endif /* S_SPLINT_S */
491#endif /* SL_RETURN macro */
492
493#if defined(SL_DEBUG)
494void sl_stack_push(char * c, char * file, int line);
495void sl_stack_pop(char * c, char * file, int line);
496void sl_stack_print();
497#endif
498void sl_trace_in (char * str, char * file, int line);
499void sl_trace_out (char * str, char * file, int line);
500int sl_trace_file (char * str);
501int sl_trace_use (char * str);
502
503
504
505
506/*
507 * The internal return macro. Sets sl_errno to the return value.
508 */
509
510#if defined(SL_DEBUG)
511#define SL_IRETURN(x, s) \
512do { \
513 if((long)(x) < 0) { \
514 TPT((0, FIL__, __LINE__, SDG_ERROR, (long)(x))) \
515 sl_errno=(x); \
516 } \
517 sl_stack_pop(s, FIL__, __LINE__); \
518 if (1) return(x); \
519} while(0)
520#else
521#define SL_IRETURN(x, s) \
522do { \
523 if ((long)(x) < 0) sl_errno=(x); \
524 if (slib_do_trace) \
525 sl_trace_out(s, FIL__, __LINE__); \
526 if (1) return(x); \
527} while(0)
528
529#endif /* SL_IRETURN macro */
530
531
532
533/* slib.h */
534#endif
535
536
537
538
Note: See TracBrowser for help on using the repository browser.