diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-03-09 13:19:48 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-03-09 13:20:02 +0000 |
commit | 58daab21cd043e1dc37024a7f99b396788372918 (patch) | |
tree | 96771e43bb69f7c1c2b0b4f7374cb74d7866d0cb /web/server/h2o/libh2o/deps/neverbleed/neverbleed.h | |
parent | Releasing debian version 1.43.2-1. (diff) | |
download | netdata-58daab21cd043e1dc37024a7f99b396788372918.tar.xz netdata-58daab21cd043e1dc37024a7f99b396788372918.zip |
Merging upstream version 1.44.3.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'web/server/h2o/libh2o/deps/neverbleed/neverbleed.h')
-rw-r--r-- | web/server/h2o/libh2o/deps/neverbleed/neverbleed.h | 61 |
1 files changed, 61 insertions, 0 deletions
diff --git a/web/server/h2o/libh2o/deps/neverbleed/neverbleed.h b/web/server/h2o/libh2o/deps/neverbleed/neverbleed.h new file mode 100644 index 000000000..4abfad479 --- /dev/null +++ b/web/server/h2o/libh2o/deps/neverbleed/neverbleed.h @@ -0,0 +1,61 @@ +/* + * Copyright (c) 2015 Kazuho Oku, DeNA Co., Ltd. + * + * Permission is hereby granted, free of charge, to any person obtaining a copy + * of this software and associated documentation files (the "Software"), to + * deal in the Software without restriction, including without limitation the + * rights to use, copy, modify, merge, publish, distribute, sublicense, and/or + * sell copies of the Software, and to permit persons to whom the Software is + * furnished to do so, subject to the following conditions: + * + * The above copyright notice and this permission notice shall be included in + * all copies or substantial portions of the Software. + * + * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR + * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, + * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE + * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER + * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING + * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS + * IN THE SOFTWARE. + */ +#ifndef NEVERBLEED_H +#define NEVERBLEED_H + +#include <pthread.h> +#include <sys/un.h> +#include <openssl/engine.h> + +#ifdef __cplusplus +extern "C" { +#endif + +#define NEVERBLEED_ERRBUF_SIZE (256) +#define NEVERBLEED_AUTH_TOKEN_SIZE 32 + +typedef struct st_neverbleed_t { + ENGINE *engine; + pid_t daemon_pid; + struct sockaddr_un sun_; + pthread_key_t thread_key; + unsigned char auth_token[NEVERBLEED_AUTH_TOKEN_SIZE]; +} neverbleed_t; + +/** + * initializes the privilege separation engine (returns 0 if successful) + */ +int neverbleed_init(neverbleed_t *nb, char *errbuf); +/** + * loads a private key file (returns 1 if successful) + */ +int neverbleed_load_private_key_file(neverbleed_t *nb, SSL_CTX *ctx, const char *fn, char *errbuf); +/** + * setuidgid (also changes the file permissions so that `user` can connect to the daemon, if change_socket_ownership is non-zero) + */ +int neverbleed_setuidgid(neverbleed_t *nb, const char *user, int change_socket_ownership); + +#ifdef __cplusplus +} +#endif + +#endif |