sssd  2.2.3
About: SSSD provides a set of daemons to manage access to remote directories and authentication mechanisms such as LDAP, Kerberos or FreeIPA. It provides also an NSS and PAM interface toward the system.
  Fossies Dox: sssd-2.2.3.tar.gz  ("unofficial" and yet experimental doxygen-generated source code documentation)  

hbac_evaluator.c File Reference
#include "config.h"
#include <stdlib.h>
#include <string.h>
#include <errno.h>
#include "ipa_hbac.h"
#include "sss_utf8.h"
Include dependency graph for hbac_evaluator.c:

Go to the source code of this file.

Data Structures

struct  hbac_time_rules
 

Macros

#define HAVE_ERRNO_T
 
#define EOK   0
 
#define HBAC_DEBUG(level, format, ...)
 

Typedefs

typedef int errno_t
 

Enumerations

enum  hbac_eval_result_int { HBAC_EVAL_MATCH_ERROR = -1, HBAC_EVAL_MATCHED, HBAC_EVAL_UNMATCHED }
 

Functions

void hbac_enable_debug (hbac_debug_fn_t external_debug_fn)
 HBAC uses external_debug_fn for logging messages. More...
 
static void hbac_request_element_debug_print (struct hbac_request_element *el, const char *label)
 
static void hbac_req_debug_print (struct hbac_eval_req *req)
 
static void hbac_rule_element_debug_print (struct hbac_rule_element *el, const char *label)
 
static void hbac_rule_debug_print (struct hbac_rule *rule)
 
static bool hbac_rule_element_is_complete (struct hbac_rule_element *el)
 
bool hbac_rule_is_complete (struct hbac_rule *rule, uint32_t *missing_attrs)
 Evaluate whether an HBAC rule contains all necessary elements. More...
 
enum hbac_eval_result_int hbac_evaluate_rule (struct hbac_rule *rule, struct hbac_eval_req *hbac_req, enum hbac_error_code *error)
 
enum hbac_eval_result hbac_evaluate (struct hbac_rule **rules, struct hbac_eval_req *hbac_req, struct hbac_info **info)
 Evaluate an authorization request against a set of HBAC rules. More...
 
static errno_t hbac_evaluate_element (struct hbac_rule_element *rule_el, struct hbac_request_element *req_el, bool *matched)
 
const char * hbac_result_string (enum hbac_eval_result result)
 Display result of hbac evaluation in human-readable form. More...
 
void hbac_free_info (struct hbac_info *info)
 Function to safely free hbac_info returned by hbac_evaluate. More...
 
const char * hbac_error_string (enum hbac_error_code code)
 Display error description. More...
 

Variables

static hbac_debug_fn_t hbac_debug_fn = NULL
 

Macro Definition Documentation

◆ EOK

#define EOK   0

Definition at line 40 of file hbac_evaluator.c.

◆ HAVE_ERRNO_T

#define HAVE_ERRNO_T

Definition at line 35 of file hbac_evaluator.c.

◆ HBAC_DEBUG

#define HBAC_DEBUG (   level,
  format,
  ... 
)
Value:
do { \
if (hbac_debug_fn != NULL) { \
hbac_debug_fn(__FILE__, __LINE__, __FUNCTION__, \
level, format, ##__VA_ARGS__); \
} \
} while (0)

Definition at line 46 of file hbac_evaluator.c.

Typedef Documentation

◆ errno_t

typedef int errno_t

Definition at line 36 of file hbac_evaluator.c.

Enumeration Type Documentation

◆ hbac_eval_result_int

Enumerator
HBAC_EVAL_MATCH_ERROR 
HBAC_EVAL_MATCHED 
HBAC_EVAL_UNMATCHED 

Definition at line 84 of file hbac_evaluator.c.

Function Documentation

◆ hbac_evaluate_element()

static errno_t hbac_evaluate_element ( struct hbac_rule_element rule_el,
struct hbac_request_element req_el,
bool *  matched 
)
static

◆ hbac_evaluate_rule()

◆ hbac_req_debug_print()

◆ hbac_request_element_debug_print()

static void hbac_request_element_debug_print ( struct hbac_request_element el,
const char *  label 
)
static

◆ hbac_rule_debug_print()

static void hbac_rule_debug_print ( struct hbac_rule rule)
static

◆ hbac_rule_element_debug_print()

static void hbac_rule_element_debug_print ( struct hbac_rule_element el,
const char *  label 
)
static

◆ hbac_rule_element_is_complete()

static bool hbac_rule_element_is_complete ( struct hbac_rule_element el)
static

Variable Documentation

◆ hbac_debug_fn

hbac_debug_fn_t hbac_debug_fn = NULL
static

Definition at line 54 of file hbac_evaluator.c.

Referenced by hbac_enable_debug().

hbac_debug_fn
static hbac_debug_fn_t hbac_debug_fn
Definition: hbac_evaluator.c:54
NULL
#define NULL
Definition: util.h:67