source: libabac/abac.h @ 0779c99

abac0-leakabac0-meicompt_changesgec13mei-idmei-rt0-nmei_rt0mei_rt2mei_rt2_fix_1meiyap-rt1meiyap1rt2tvf-new-xml
Last change on this file since 0779c99 was 0779c99, checked in by Mike Ryan <mikeryan@…>, 14 years ago

return meaningful error codes when loading certificates

  • Property mode set to 100644
File size: 2.8 KB
RevLine 
[90d20f0]1#ifndef __ABAC_H__
2#define __ABAC_H__
3
[390f749]4typedef struct _abac_context_t abac_context_t;
[401a054]5typedef struct _abac_credential_t abac_credential_t;
[1743825]6typedef struct _abac_role_t abac_role_t;
[90d20f0]7
[9efbfbf]8typedef struct _abac_chunk_t {
9    unsigned char *ptr;
10    int len;
11} abac_chunk_t;
12
[0bf0e67]13/*
14 * Init/deinit the library.
15 */
[90d20f0]16void libabac_init(void);
17void libabac_deinit(void);
18
[0bf0e67]19/*
20 * ABAC functions, operating on an ABAC context.
21 */
[390f749]22abac_context_t *abac_context_new(void);
23abac_context_t *abac_context_dup(abac_context_t *ctx);
24void abac_context_free(abac_context_t *ctx);
[90d20f0]25
[0779c99]26/* see the bottom of the file for possible return codes */
[390f749]27int abac_context_load_id_file(abac_context_t *ctx, char *filename);
28int abac_context_load_id_chunk(abac_context_t *ctx, abac_chunk_t cert);
29int abac_context_load_attribute_file(abac_context_t *ctx, char *filename);
30int abac_context_load_attribute_chunk(abac_context_t *ctx, abac_chunk_t cert);
[90d20f0]31
[03b3293]32/* load an entire directory full of certs */
[390f749]33void abac_context_load_directory(abac_context_t *ctx, char *path);
[03b3293]34
[401a054]35/* abac query, returns a NULL-terminated array of credentials on success, NULL on fail */
[4e426c9]36abac_credential_t **abac_context_query(abac_context_t *ctx, char *role, char *principal, int *success);
[401a054]37void abac_context_query_free(abac_credential_t **credentials);
[90d20f0]38
[0bf0e67]39/*
[401a054]40 * Operations on credentials
[0bf0e67]41 */
[401a054]42abac_role_t *abac_credential_head(abac_credential_t *cred);
43abac_role_t *abac_credential_tail(abac_credential_t *cred);
44abac_chunk_t abac_credential_attribute_cert(abac_credential_t *cred);
45abac_chunk_t abac_credential_issuer_cert(abac_credential_t *cred);
[0bf0e67]46
[401a054]47abac_credential_t *abac_credential_dup(abac_credential_t *cred);
48void abac_credential_free(abac_credential_t *cred);
[0bf0e67]49
50/*
51 * Operations on roles.
52 */
[dcc1a8e]53abac_role_t *abac_role_principal_new(char *principal);
54abac_role_t *abac_role_role_new(char *principal, char *abac_role_name);
55abac_role_t *abac_role_linking_new(char *principal, char *linked_role, char *abac_role_name);
[0bf0e67]56
[dcc1a8e]57void abac_role_free(abac_role_t *role);
[0bf0e67]58
[dcc1a8e]59abac_role_t *abac_role_from_string(char *string);
60abac_role_t *abac_role_dup(abac_role_t *role);
[0bf0e67]61
[dcc1a8e]62int abac_role_is_principal(abac_role_t *role);
63int abac_role_is_role(abac_role_t *role);
64int abac_role_is_linking(abac_role_t *role);
[0bf0e67]65
[dcc1a8e]66char *abac_role_string(abac_role_t *role);
67char *abac_role_linked_role(abac_role_t *role);
68char *abac_role_role_name(abac_role_t *role);
69char *abac_role_principal(abac_role_t *role);
[0bf0e67]70
[dcc1a8e]71char *abac_role_attr_key(abac_role_t *head_role, abac_role_t *tail_role);
[0bf0e67]72
[0779c99]73/*
74 * Error codes for loading certificates.
75 */
76#define ABAC_CERT_SUCCESS           0   // certificate loaded, all is well
77#define ABAC_CERT_INVALID           -1  // invalid format; also file not found
78#define ABAC_CERT_BAD_SIG           -2  // invalid signature
79#define ABAC_CERT_MISSING_ISSUER    -3  // missing ID cert that issued the attribute cert
80
[90d20f0]81#endif /* __ABAC_H__ */
Note: See TracBrowser for help on using the repository browser.