![[first]](../icons/first.png){kind=icon}
![[previous]](../icons/n_left.png){kind=icon}
![[next]](../icons/n_right.png){kind=icon}
![[last]](../icons/n_last.png){kind=icon}
![[top]](../icons/n_top.png){kind=icon}
![[bottom]](../icons/bottom.png){kind=icon}
![[index]](../icons/index.png){kind=icon}
![[help]](../icons/help.png){kind=icon}
*/
1 /*
2 * Copyright 2018-2022 the Pacemaker project contributors
3 *
4 * The version control history for this file may have further details.
5 *
6 * This source code is licensed under the GNU Lesser General Public License
7 * version 2.1 or later (LGPLv2.1+) WITHOUT ANY WARRANTY.
8 */
9
10 #ifndef CRMCOMMON_PRIVATE__H
11 # define CRMCOMMON_PRIVATE__H
12
13 /* This header is for the sole use of libcrmcommon, so that functions can be
14 * declared with G_GNUC_INTERNAL for efficiency.
15 */
16
17 #include <stdint.h> // uint8_t, uint32_t
18 #include <stdbool.h> // bool
19 #include <sys/types.h> // size_t
20 #include <glib.h> // GList
21 #include <libxml/tree.h> // xmlNode, xmlAttr
22 #include <qb/qbipcc.h> // struct qb_ipc_response_header
23
24 // Decent chunk size for processing large amounts of data
25 #define PCMK__BUFFER_SIZE 4096
26
27 #if defined(PCMK__UNIT_TESTING)
28 #undef G_GNUC_INTERNAL
29 #define G_GNUC_INTERNAL
30 #endif
31
32 /* When deleting portions of an XML tree, we keep a record so we can know later
33 * (e.g. when checking differences) that something was deleted.
34 */
35 typedef struct pcmk__deleted_xml_s {
36 char *path;
37 int position;
38 } pcmk__deleted_xml_t;
39
40 typedef struct xml_node_private_s {
41 long check;
42 uint32_t flags;
43 } xml_node_private_t;
44
45 typedef struct xml_doc_private_s {
46 long check;
47 uint32_t flags;
48 char *user;
49 GList *acls;
50 GList *deleted_objs; // List of pcmk__deleted_xml_t
51 } xml_doc_private_t;
52
53 #define pcmk__set_xml_flags(xml_priv, flags_to_set) do { \
54 (xml_priv)->flags = pcmk__set_flags_as(__func__, __LINE__, \
55 LOG_NEVER, "XML", "XML node", (xml_priv)->flags, \
56 (flags_to_set), #flags_to_set); \
57 } while (0)
58
59 #define pcmk__clear_xml_flags(xml_priv, flags_to_clear) do { \
60 (xml_priv)->flags = pcmk__clear_flags_as(__func__, __LINE__, \
61 LOG_NEVER, "XML", "XML node", (xml_priv)->flags, \
62 (flags_to_clear), #flags_to_clear); \
63 } while (0)
64
65 G_GNUC_INTERNAL
66 void pcmk__xml2text(xmlNodePtr data, int options, GString *buffer, int depth);
67
68 G_GNUC_INTERNAL
69 bool pcmk__tracking_xml_changes(xmlNode *xml, bool lazy);
70
71 G_GNUC_INTERNAL
72 void pcmk__mark_xml_created(xmlNode *xml);
73
74 G_GNUC_INTERNAL
75 int pcmk__xml_position(const xmlNode *xml,
76 enum xml_private_flags ignore_if_set);
77
78 G_GNUC_INTERNAL
79 xmlNode *pcmk__xml_match(const xmlNode *haystack, const xmlNode *needle,
80 bool exact);
81
82 G_GNUC_INTERNAL
83 void pcmk__xml_log(int log_level, const char *file, const char *function,
84 int line, const char *prefix, const xmlNode *data, int depth,
85 int options);
86
87 G_GNUC_INTERNAL
88 void pcmk__xml_update(xmlNode *parent, xmlNode *target, xmlNode *update,
89 bool as_diff);
90
91 G_GNUC_INTERNAL
92 xmlNode *pcmk__xc_match(const xmlNode *root, const xmlNode *search_comment,
93 bool exact);
94
95 G_GNUC_INTERNAL
96 void pcmk__xc_update(xmlNode *parent, xmlNode *target, xmlNode *update);
97
98 G_GNUC_INTERNAL
99 void pcmk__free_acls(GList *acls);
100
101 G_GNUC_INTERNAL
102 void pcmk__unpack_acl(xmlNode *source, xmlNode *target, const char *user);
103
104 G_GNUC_INTERNAL
105 bool pcmk__is_user_in_group(const char *user, const char *group);
106
107 G_GNUC_INTERNAL
108 void pcmk__apply_acl(xmlNode *xml);
109
110 G_GNUC_INTERNAL
111 void pcmk__apply_creation_acl(xmlNode *xml, bool check_top);
112
113 G_GNUC_INTERNAL
114 void pcmk__mark_xml_attr_dirty(xmlAttr *a);
115
116 G_GNUC_INTERNAL
117 bool pcmk__xa_filterable(const char *name);
118
119 static inline const char *
120 pcmk__xml_attr_value(const xmlAttr *attr)
/* ![[first]](../icons/n_first.png)
![[top]](../icons/top.png)
*/
121 {
122 return ((attr == NULL) || (attr->children == NULL))? NULL
123 : (const char *) attr->children->content;
124 }
125
126 /*
127 * IPC
128 */
129
130 #define PCMK__IPC_VERSION 1
131
132 #define PCMK__CONTROLD_API_MAJOR "1"
133 #define PCMK__CONTROLD_API_MINOR "0"
134
135 // IPC behavior that varies by daemon
136 typedef struct pcmk__ipc_methods_s {
137 /*!
138 * \internal
139 * \brief Allocate any private data needed by daemon IPC
140 *
141 * \param[in,out] api IPC API connection
142 *
143 * \return Standard Pacemaker return code
144 */
145 int (*new_data)(pcmk_ipc_api_t *api);
146
147 /*!
148 * \internal
149 * \brief Free any private data used by daemon IPC
150 *
151 * \param[in,out] api_data Data allocated by new_data() method
152 */
153 void (*free_data)(void *api_data);
154
155 /*!
156 * \internal
157 * \brief Perform daemon-specific handling after successful connection
158 *
159 * Some daemons require clients to register before sending any other
160 * commands. The controller requires a CRM_OP_HELLO (with no reply), and
161 * the CIB manager, executor, and fencer require a CRM_OP_REGISTER (with a
162 * reply). Ideally this would be consistent across all daemons, but for now
163 * this allows each to do its own authorization.
164 *
165 * \param[in,out] api IPC API connection
166 *
167 * \return Standard Pacemaker return code
168 */
169 int (*post_connect)(pcmk_ipc_api_t *api);
170
171 /*!
172 * \internal
173 * \brief Check whether an IPC request results in a reply
174 *
175 * \param[in,out] api IPC API connection
176 * \param[in,out] request IPC request XML
177 *
178 * \return true if request would result in an IPC reply, false otherwise
179 */
180 bool (*reply_expected)(pcmk_ipc_api_t *api, xmlNode *request);
181
182 /*!
183 * \internal
184 * \brief Perform daemon-specific handling of an IPC message
185 *
186 * \param[in,out] api IPC API connection
187 * \param[in,out] msg Message read from IPC connection
188 *
189 * \return true if more IPC reply messages should be expected
190 */
191 bool (*dispatch)(pcmk_ipc_api_t *api, xmlNode *msg);
192
193 /*!
194 * \internal
195 * \brief Perform daemon-specific handling of an IPC disconnect
196 *
197 * \param[in,out] api IPC API connection
198 */
199 void (*post_disconnect)(pcmk_ipc_api_t *api);
200 } pcmk__ipc_methods_t;
201
202 // Implementation of pcmk_ipc_api_t
203 struct pcmk_ipc_api_s {
204 enum pcmk_ipc_server server; // Daemon this IPC API instance is for
205 enum pcmk_ipc_dispatch dispatch_type; // How replies should be dispatched
206 size_t ipc_size_max; // maximum IPC buffer size
207 crm_ipc_t *ipc; // IPC connection
208 mainloop_io_t *mainloop_io; // If using mainloop, I/O source for IPC
209 bool free_on_disconnect; // Whether disconnect should free object
210 pcmk_ipc_callback_t cb; // Caller-registered callback (if any)
211 void *user_data; // Caller-registered data (if any)
212 void *api_data; // For daemon-specific use
213 pcmk__ipc_methods_t *cmds; // Behavior that varies by daemon
214 };
215
216 typedef struct pcmk__ipc_header_s {
217 struct qb_ipc_response_header qb;
218 uint32_t size_uncompressed;
219 uint32_t size_compressed;
220 uint32_t flags;
221 uint8_t version;
222 } pcmk__ipc_header_t;
223
224 G_GNUC_INTERNAL
225 int pcmk__send_ipc_request(pcmk_ipc_api_t *api, xmlNode *request);
226
227 G_GNUC_INTERNAL
228 void pcmk__call_ipc_callback(pcmk_ipc_api_t *api,
229 enum pcmk_ipc_event event_type,
230 crm_exit_t status, void *event_data);
231
232 G_GNUC_INTERNAL
233 unsigned int pcmk__ipc_buffer_size(unsigned int max);
234
235 G_GNUC_INTERNAL
236 bool pcmk__valid_ipc_header(const pcmk__ipc_header_t *header);
237
238 G_GNUC_INTERNAL
239 pcmk__ipc_methods_t *pcmk__attrd_api_methods(void);
240
241 G_GNUC_INTERNAL
242 pcmk__ipc_methods_t *pcmk__controld_api_methods(void);
243
244 G_GNUC_INTERNAL
245 pcmk__ipc_methods_t *pcmk__pacemakerd_api_methods(void);
246
247 G_GNUC_INTERNAL
248 pcmk__ipc_methods_t *pcmk__schedulerd_api_methods(void);
249
250
251 /*
252 * Logging
253 */
254
255 /*!
256 * \brief Check the authenticity of the IPC socket peer process
257 *
258 * If everything goes well, peer's authenticity is verified by the means
259 * of comparing against provided referential UID and GID (either satisfies),
260 * and the result of this check can be deduced from the return value.
261 * As an exception, detected UID of 0 ("root") satisfies arbitrary
262 * provided referential daemon's credentials.
263 *
264 * \param[in] qb_ipc libqb client connection if available
265 * \param[in] sock IPC related, connected Unix socket to check peer of
266 * \param[in] refuid referential UID to check against
267 * \param[in] refgid referential GID to check against
268 * \param[out] gotpid to optionally store obtained PID of the peer
269 * (not available on FreeBSD, special value of 1
270 * used instead, and the caller is required to
271 * special case this value respectively)
272 * \param[out] gotuid to optionally store obtained UID of the peer
273 * \param[out] gotgid to optionally store obtained GID of the peer
274 *
275 * \return Standard Pacemaker return code
276 * ie: 0 if it the connection is authentic
277 * pcmk_rc_ipc_unauthorized if the connection is not authentic,
278 * standard errors.
279 *
280 * \note While this function is tolerant on what constitutes authorized
281 * IPC daemon process (its effective user matches UID=0 or \p refuid,
282 * or at least its group matches \p refgid), either or both (in case
283 * of UID=0) mismatches on the expected credentials of such peer
284 * process \e shall be investigated at the caller when value of 1
285 * gets returned there, since higher-than-expected privileges in
286 * respect to the expected/intended credentials possibly violate
287 * the least privilege principle and may pose an additional risk
288 * (i.e. such accidental inconsistency shall be eventually fixed).
289 */
290 int pcmk__crm_ipc_is_authentic_process(qb_ipcc_connection_t *qb_ipc, int sock,
291 uid_t refuid, gid_t refgid,
292 pid_t *gotpid, uid_t *gotuid,
293 gid_t *gotgid);
294
295
296 /*
297 * Utils
298 */
299 #define PCMK__PW_BUFFER_LEN 500
300
301
302 #endif // CRMCOMMON_PRIVATE__H
![[last]](../icons/last.png){kind=icon}
![[bottom]](../icons/n_bottom.png){kind=icon}
*/