1 /* 2 * Copyright (c) 2003 Can Erkin Acar 3 * 4 * Permission to use, copy, modify, and distribute this software for any 5 * purpose with or without fee is hereby granted, provided that the above 6 * copyright notice and this permission notice appear in all copies. 7 * 8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15 */ 16 17 #ifndef _PRIVSEP_H_ 18 #define _PRIVSEP_H_ 19 20 #include <pcap-int.h> 21 22 #define TCPDUMP_MAGIC 0xa1b2c3d4 23 24 /* file ids used by priv_getlines */ 25 #define FTAB_APPLETALK 0 26 #define FTAB_PFOSFP 1 27 28 enum cmd_types { 29 PRIV_OPEN_BPF, /* open a bpf descriptor */ 30 PRIV_OPEN_DUMP, /* open dump file for reading */ 31 PRIV_OPEN_OUTPUT, /* open output file */ 32 PRIV_SETFILTER, /* set a bpf read filter */ 33 PRIV_GETHOSTBYADDR, /* resolve numeric address into hostname */ 34 PRIV_ETHER_NTOHOST, /* translate ethernet address into host name */ 35 PRIV_GETRPCBYNUMBER, /* translate rpc number into name */ 36 PRIV_GETSERVENTRIES, /* get the service entries table */ 37 PRIV_GETPROTOENTRIES, /* get the ip protocol entries table */ 38 PRIV_LOCALTIME, /* return localtime */ 39 PRIV_GETLINES, /* get lines from a file */ 40 PRIV_INIT_DONE /* signal that the initialization is done */ 41 }; 42 43 struct ether_addr; 44 45 /* Privilege separation */ 46 int priv_init(int, char **); 47 void priv_init_done(void); 48 49 int setfilter(int, int, char *); 50 int pcap_live(const char *, int, int, u_int, pcap_direction_t); 51 52 struct bpf_program *priv_pcap_setfilter(pcap_t *, int, u_int32_t); 53 pcap_t *priv_pcap_live(const char *, int, int, int, char *, u_int, 54 pcap_direction_t); 55 pcap_t *priv_pcap_offline(const char *, char *); 56 57 size_t priv_gethostbyaddr(char *, size_t, int, char *, size_t); 58 size_t priv_ether_ntohost(char *, size_t, struct ether_addr *); 59 size_t priv_getrpcbynumber(int, char *, size_t); 60 61 struct tm *priv_localtime(const time_t *); 62 63 /* Start getting service entries */ 64 void priv_getserventries(void); 65 66 /* Retrieve a single service entry, should be called repeatedly after 67 calling priv_getserventries() until it returns zero */ 68 size_t priv_getserventry(char *, size_t, int *, char *, size_t); 69 70 /* Start getting ip protocol entries */ 71 void priv_getprotoentries(void); 72 73 /* Retrieve a single protocol entry, should be called repeatedly after 74 calling priv_getprotoentries() until it returns zero */ 75 size_t priv_getprotoentry(char *, size_t, int *); 76 77 /* Start getting lines from a file */ 78 void priv_getlines(size_t); 79 80 /* Retrieve a single line from a file, should be called repeatedly after 81 calling priv_getlines() until it returns zero */ 82 size_t priv_getline(char *, size_t); 83 84 pcap_dumper_t *priv_pcap_dump_open(pcap_t *, char *); 85 86 /* File descriptor send/recv */ 87 void send_fd(int, int); 88 int receive_fd(int); 89 90 /* communications over the channel */ 91 int may_read(int, void *, size_t); 92 void must_read(int, void *, size_t); 93 void must_write(int, const void *, size_t); 94 size_t read_block(int, char *, size_t, const char *); 95 size_t read_string(int, char *, size_t, const char *); 96 void write_block(int, size_t, const char *); 97 void write_command(int, int); 98 void write_string(int, const char *); 99 void write_zero(int); 100 101 extern int priv_fd; 102 103 #endif 104