ES ESF Manager Request Processing. More...
Defines | |
| #define | saf78_SAFADMIN_DATA_AREAS |
| #define | SafCACHE_MAX_ENTITY_LEN 1024 |
| #define | SafPT_UNKNOWN (1u<<7) |
| #define | SafPT_GEN_ALLOWED (1u<<0) |
| #define | SafPT_USE_ALLOWED (1u<<1) |
Functions | |
| mf_uns32 | SafProcInit (struct SafInit *Init) |
| ESF Request Processing Initialization. | |
| int | SafVerify (struct safpb_parameter_block *PBlock) |
| Process a Verify Request. | |
| int | SafAuth (struct safpb_parameter_block *PBlock) |
| Process an Auth Request. | |
| int | SafXauth (struct safpb_parameter_block *PBlock) |
| Process an Xauth Request. | |
| int | SafStat (struct safpb_parameter_block *PBlock) |
| Process an Stat Request. | |
| int | SafAudit (struct safpb_parameter_block *PBlock) |
| Process an Audit Request. | |
| int | SafAdmin (struct safpb_parameter_block *PBlock) |
| Process an Admin Request. | |
| int | SafUpdate (struct safpb_parameter_block *PBlock) |
| Process an Admin Update Notification Request. | |
ES ESF Manager Request Processing.
This module satisfies requests made to the ESF API
by iterating through the configured ESM Modules until one of them provides an authoritive response
. (If none of the ESM Modules provides an authoritive response, the result of the request depends on the setting of the "Allow unknown users" or "Allow unknown resources" options.)
| mf_uns32 SafProcInit | ( | struct SafInit * | Init | ) |
ESF Request Processing Initialization.
This function is invoked by the ESF Manager Initialization routine to initialize the request-processing layer.
| [in] | Init | The ESF Manager initialization block |
References SafInit::Config, SafInit::ESMCnt, SafInit::FailAudit, SafINIT_OK, SafQueryCfg(), SafR_OK, and SafInit::Version.
Referenced by safmgr().
| int SafVerify | ( | struct safpb_parameter_block * | PBlock | ) |
Process a Verify Request.
Pass a ESF API Verify request to the active ESM Modules.
| [in,out] | PBlock | ESF API parameter block |
References safpb_parameter_block::DISCRETE, SafACEE::Flag3, safpb_parameter_block::REQUESTS, safpb_parameter_block::RETCODES, saf78_FLAG_TRACE, saf78_FROM_CACHE, saf78_RC_NO_USER_PROFILE, saf78_RC_TOKEN_REFUSED, saf78_REQUEST_FLAGS, saf78_SAF_RC_FAILURE, saf78_SAF_RC_NOT_COMPLETE, saf78_SAF_RC_SUCCESS, saf78_TYPE_ENVIR_DESTROY, saf78_TYPE_TOKEN_CREATE, saf78_TYPE_TOKEN_DELETE, saf78_TYPE_USER_CHECK, saf78_VER_NO_PASSWORD, saf78_VER_PASSTOKEN, saf78_VER_PT_SURROGATE, saf78_VER_PT_TICKET, SafACEE_F3_DUID, SafACEE_F3_NPWR, SafAceeAlloc(), SafCACHE_FOUND, SafCacheQuery(), SafCacheStore(), SafCasOldAcee, SafEsmCVerify(), SafEsmName(), SafESMRC_EXTERNAL, SafESMRC_FAIL, SafESMRC_MGRFAIL, SafESMRC_NOTIMPL, SafESMRC_OK, SafESMRC_PARAM, SafESMRC_RESOURCE, SafEventData(), SafLog(), SafMsgERR, SafMsgINFO, safpb_parameter_block::safpb_flag, safpb_parameter_block::safpb_safesm_index, safpb_parameter_block::safpb_type, safpb_verify::safpb_verify_ACEE_ptr, safpb_verify::safpb_verify_group, safpb_verify::safpb_verify_TOKEN_len, safpb_verify::safpb_verify_TOKEN_ptr, safpb_verify::safpb_verify_USERID_len, safpb_verify::safpb_verify_USERID_ptr, SafQueryCfg(), SafRaiseAuditEvent(), SafState(), SafSTRCMP, SafSTRCMP_CI, SafACEE::UserLen, and safpb_parameter_block::VERIFY.
| int SafAuth | ( | struct safpb_parameter_block * | PBlock | ) |
Process an Auth Request.
Pass a ESF API Auth request to the active ESM Modules.
| [in,out] | PBlock | ESF API parameter block |
References safpb_parameter_block::AUTH, safpb_parameter_block::DISCRETE, safpb_parameter_block::REQUESTS, safpb_parameter_block::RETCODES, saf78_FLAG_TRACE, saf78_FROM_CACHE, saf78_RC_RESOURCE_NOT_PROT, saf78_RS_NO_RESOURCE_PROF, saf78_SAF_RC_FAILURE, saf78_SAF_RC_NOT_COMPLETE, saf78_SAF_RC_SUCCESS, saf78_TYPE_ATTR_ALTER, saf78_TYPE_ATTR_CONTROL, saf78_TYPE_ATTR_EXECUTE, saf78_TYPE_ATTR_READ, saf78_TYPE_ATTR_STATUS_ACC, saf78_TYPE_ATTR_UPDATE, SafACEE_NAME, SafCACHE_FOUND, SafCacheQuery(), SafCacheStore(), SafEsmCAuth(), SafEsmName(), SafESMRC_EXTERNAL, SafESMRC_FAIL, SafESMRC_MGRFAIL, SafESMRC_NOTIMPL, SafESMRC_OK, SafESMRC_PARAM, SafESMRC_RESOURCE, SafEventData(), SafLog(), SafMsgERR, SafMsgINFO, safpb_auth::safpb_auth_ACEE_ptr, safpb_auth::safpb_auth_class, safpb_auth::safpb_auth_ENTITY_len, safpb_auth::safpb_auth_ENTITY_ptr, safpb_parameter_block::safpb_flag, safpb_parameter_block::safpb_safesm_index, safpb_parameter_block::safpb_type, SafRaiseAuditEvent(), SafState(), SafACEE::User, and SafACEE::UserLen.
| int SafXauth | ( | struct safpb_parameter_block * | PBlock | ) |
Process an Xauth Request.
Pass a ESF API Xauth request to the active ESM Modules.
| [in,out] | PBlock | ESF API parameter block |
References safpb_parameter_block::AUTH, safpb_parameter_block::DISCRETE, safpb_parameter_block::REQUESTS, safpb_parameter_block::RETCODES, saf78_FLAG_TRACE, saf78_FROM_CACHE, saf78_PERM_ADD, saf78_PERM_ALTER, saf78_PERM_CONTROL, saf78_PERM_DELETE, saf78_PERM_EXECUTE, saf78_PERM_READ, saf78_PERM_UPDATE, saf78_RC_RESOURCE_NOT_PROT, saf78_RS_NO_RESOURCE_PROF, saf78_SAF_RC_FAILURE, saf78_SAF_RC_NOT_COMPLETE, saf78_SAF_RC_SUCCESS, saf78_TYPE_ATTR_STATUS_ACC, SafACEE_NAME, SafCACHE_FOUND, SafCacheQuery(), SafCacheStore(), SafEsmCXAuth(), SafEsmName(), SafESMRC_EXTERNAL, SafESMRC_FAIL, SafESMRC_MGRFAIL, SafESMRC_NOTIMPL, SafESMRC_OK, SafESMRC_PARAM, SafESMRC_RESOURCE, SafEventData(), SafLog(), SafMsgERR, SafMsgINFO, safpb_auth::safpb_auth_ACEE_ptr, safpb_parameter_block::safpb_flag, safpb_parameter_block::safpb_safesm_index, safpb_parameter_block::safpb_type, safpb_xauth::safpb_xauth_ACEE_ptr, safpb_xauth::safpb_xauth_CLASS_len, safpb_xauth::safpb_xauth_CLASS_ptr, safpb_xauth::safpb_xauth_ENTITY_len, safpb_xauth::safpb_xauth_ENTITY_ptr, safpb_xauth::safpb_xauth_PERMISSIONS, SafRaiseAuditEvent(), SafState(), SafACEE::User, SafACEE::UserLen, and safpb_parameter_block::XAUTH.
| int SafStat | ( | struct safpb_parameter_block * | PBlock | ) |
Process an Stat Request.
Pass a ESF API Stat request to the active ESM Modules.
| [in,out] | PBlock | ESF API parameter block |
References safpb_parameter_block::DISCRETE, safpb_parameter_block::RETCODES, and saf78_SAF_RC_NOT_COMPLETE.
| int SafAudit | ( | struct safpb_parameter_block * | PBlock | ) |
Process an Audit Request.
Pass a ESF API Audit request to the active ESM Modules.
| [in,out] | PBlock | ESF API parameter block |
References safpb_parameter_block::DISCRETE, safpb_parameter_block::RETCODES, and saf78_SAF_RC_NOT_COMPLETE.
| int SafAdmin | ( | struct safpb_parameter_block * | PBlock | ) |
Process an Admin Request.
Pass a ESF API Admin request to the specified or active ESM Modules. If the ESM Index field (safpb_parameter_block::safpb_safesm_index) is nonzero, call only that module (indexed from 1); otherwise, call all enabled modules in turn.
| [in,out] | PBlock | ESF API parameter block |
References safpb_parameter_block::ADMIN, safpb_parameter_block::DISCRETE, SafACEE::Flag3, safpb_parameter_block::REQUESTS, safpb_parameter_block::RETCODES, saf78_SAF_RC_FAILURE, saf78_SAF_RC_NOT_COMPLETE, saf78_TYPE_ADMIN_ADDCLASS, saf78_TYPE_ADMIN_ADDGROUP, saf78_TYPE_ADMIN_ADDRES, saf78_TYPE_ADMIN_ADDUSER, saf78_TYPE_ADMIN_ALTCLASS, saf78_TYPE_ADMIN_ALTGROUP, saf78_TYPE_ADMIN_ALTRES, saf78_TYPE_ADMIN_ALTUSER, saf78_TYPE_ADMIN_DELCLASS, saf78_TYPE_ADMIN_DELGROUP, saf78_TYPE_ADMIN_DELRES, saf78_TYPE_ADMIN_DELUSER, saf78_TYPE_ADMIN_FREELIST, saf78_TYPE_ADMIN_LISTCLASS, saf78_TYPE_ADMIN_LISTGROUP, saf78_TYPE_ADMIN_LISTRES, saf78_TYPE_ADMIN_LISTUSER, saf78_TYPE_ADMIN_SETOPTS, saf78_TYPE_ADMIN_SETPSWD, SafACEE_F3_NPWR, SafESM_MAX, SafEsmCAdmin(), SafEsmName(), SafESMRC_NOTIMPL, SafESMRC_OK, SafEventData(), SafLog(), SafMsgERR, SafMsgWARN, safpb_admin::safpb_admin_ACEE_ptr, safpb_admin::safpb_admin_LIST_ptr, safpb_parameter_block::safpb_safesm_index, safpb_parameter_block::safpb_type, SafQueryCfg(), SafRaiseAuditEvent(), SafState(), SafACEE::User, and SafACEE::UserLen.
| int SafUpdate | ( | struct safpb_parameter_block * | PBlock | ) |
Process an Admin Update Notification Request.
Handle a request that notifies us of an administrative change in an external security manager. See External Administrative Update Notification for more information.
Update notification processing takes the following steps:
| [in,out] | PBlock | ESF API parameter block |
References safpb_parameter_block::DISCRETE, safpb_parameter_block::REQUESTS, safpb_parameter_block::RETCODES, saf78_FLAG_TRACE, saf78_SAF_RC_FAILURE, saf78_SAF_RC_NOT_COMPLETE, SafCacheUpdate(), SafESM_UPDATE, SafEsmCUpdate(), SafEsmName(), SafESMRC_NOTIMPL, SafESMRC_OK, SafEventData(), SafLog(), SafMsgERR, SafMsgINFO, SafMsgWARN, safpb_parameter_block::safpb_flag, safpb_parameter_block::safpb_safesm_index, safpb_parameter_block::safpb_type, safpb_update::safpb_update_ACEE_ptr, safpb_update::safpb_update_ACTION, safpb_update::safpb_update_ENTITY_len, safpb_update::safpb_update_ENTITY_ptr, SafRaiseAuditEvent(), SafState(), safpb_parameter_block::UPDATE, SafACEE::User, and SafACEE::UserLen.