Ziti C SDK
Loading...
Searching...
No Matches
ziti_model.h
Go to the documentation of this file.
1// Copyright (c) 2020-2024. NetFoundry Inc.
2//
3// Licensed under the Apache License, Version 2.0 (the "License");
4// you may not use this file except in compliance with the License.
5//
6// You may obtain a copy of the License at
7// https://www.apache.org/licenses/LICENSE-2.0
8//
9// Unless required by applicable law or agreed to in writing, software
10// distributed under the License is distributed on an "AS IS" BASIS,
11// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12// See the License for the specific language governing permissions and
13// limitations under the License.
14
15#ifndef ZITI_SDK_ZITI_MODEL_H
16#define ZITI_SDK_ZITI_MODEL_H
17
18#include "model_support.h"
19
20#if _WIN32
21#include <winsock2.h>
22#include <in6addr.h>
23#else
24
25#include <netinet/in.h>
26
27#endif
28
29#define ZITI_PROTOCOL_ENUM(XX, ...) \
30XX(tcp, __VA_ARGS__) \
31XX(udp, __VA_ARGS__)
32
33#define ZITI_SESSION_TYPE_ENUM(XX, ...) \
34XX(Bind, __VA_ARGS__) \
35XX(Dial, __VA_ARGS__)
36
37#define ZITI_AUTH_QUERY_TYPE_ENUM(XX, ...) \
38XX(MFA, __VA_ARGS__) \
39XX(TOTP, __VA_ARGS__) \
40XX(EXT_JWT, "EXT-JWT", __VA_ARGS__)
41
42#define ZITI_POSTURE_QUERY_TYPE_ENUM(XX, ...) \
43XX(PC_Domain, "DOMAIN", __VA_ARGS__) \
44XX(PC_OS, "OS", __VA_ARGS__) \
45XX(PC_Process, "PROCESS", __VA_ARGS__) \
46XX(PC_Process_Multi, "PROCESS_MULTI", __VA_ARGS__) \
47XX(PC_MAC, "MAC", __VA_ARGS__) \
48XX(PC_MFA, "MFA", __VA_ARGS__) \
49XX(PC_Endpoint_State, "ENDPOINT_STATE", __VA_ARGS__)
50
51#define ZITI_SIGNER_TARGET_TOKEN(XX, ...) \
52XX(access_token, "ACCESS", __VA_ARGS__) \
53XX(id_token, "ID", __VA_ARGS__)
54
55#define ZITI_JWT_SIGNER_MODEL(XX, ...) \
56XX(id, model_string, none, id, __VA_ARGS__) \
57XX(name, model_string, none, name, __VA_ARGS__) \
58XX(enabled, model_bool, none, enabled, __VA_ARGS__) \
59XX(provider_url, model_string, none, externalAuthUrl, __VA_ARGS__) \
60XX(client_id, model_string, none, clientId, __VA_ARGS__) \
61XX(audience, model_string, none, audience, __VA_ARGS__) \
62XX(scopes, model_string, list, scopes, __VA_ARGS__) \
63XX(target_token, ziti_target_token, none, targetToken, __VA_ARGS__)
64
65#define ZITI_ID_CFG_MODEL(XX, ...) \
66XX(cert, model_string, none, cert, __VA_ARGS__) \
67XX(key, model_string, none, key, __VA_ARGS__) \
68XX(ca, model_string, none, ca, __VA_ARGS__) \
69XX(oidc, ziti_jwt_signer, ptr, oidc, __VA_ARGS__)
70
71#define ZITI_CONFIG_MODEL(XX, ...) \
72XX(controller_url, model_string, none, ztAPI, __VA_ARGS__) \
73XX(controllers, model_string, list, ztAPIs, __VA_ARGS__) \
74XX(id, ziti_id_cfg, none, id, __VA_ARGS__) \
75XX(cfg_source, model_string, none, , __VA_ARGS__)
76
77#define ZITI_API_PATH_MODEL(XX, ...) \
78XX(path, model_string, none, path, __VA_ARGS__)
79
80#define ZITI_API_VERSIONS_MODEL(XX, ...) \
81XX(edge, api_path, map, edge, __VA_ARGS__)
82
83#define ZITI_CTRL_CAP_ENUM(XX, ...) \
84XX(HA_CONTROLLER, __VA_ARGS__) \
85XX(OIDC_AUTH, __VA_ARGS__)
86
87#define ZITI_VERSION_MODEL(XX, ...) \
88XX(version, model_string, none, version, __VA_ARGS__) \
89XX(revision, model_string, none, revision, __VA_ARGS__) \
90XX(build_date, model_string, none, buildDate, __VA_ARGS__) \
91XX(capabilities, ziti_ctrl_cap, array, capabilities, __VA_ARGS__) \
92XX(api_versions, ziti_api_versions, ptr, apiVersions, __VA_ARGS__)
93
94#define ZITI_IDENTITY_MODEL(XX, ...) \
95XX(id, model_string, none, id, __VA_ARGS__) \
96XX(name, model_string, none, name, __VA_ARGS__) \
97XX(app_data, json, map, appData, __VA_ARGS__)
98
99#define ZITI_PROCESS_MODEL(XX, ...) \
100XX(path, model_string, none, path, __VA_ARGS__)
101
102#define ZITI_POSTURE_QUERY_MODEL(XX, ...) \
103XX(id, model_string, none, id, __VA_ARGS__) \
104XX(is_passing, model_bool, none, isPassing, __VA_ARGS__) \
105XX(query_type, ziti_posture_query_type, none, queryType, __VA_ARGS__) \
106XX(process, ziti_process, ptr, process, __VA_ARGS__) \
107XX(processes, ziti_process, array, processes, __VA_ARGS__) \
108XX(timeout, model_number, none, timeout, __VA_ARGS__) \
109XX(timeoutRemaining, model_number, ptr, timeoutRemaining, __VA_ARGS__) \
110XX(updated_at,model_string, none, updatedAt, __VA_ARGS__)
111
112#define ZITI_POSTURE_QUERY_SET_MODEL(XX, ...) \
113XX(policy_id, model_string, none, policyId, __VA_ARGS__) \
114XX(is_passing, model_bool, none, isPassing, __VA_ARGS__) \
115XX(policy_type, model_string, none, policyType, __VA_ARGS__) \
116XX(posture_queries, ziti_posture_query, array, postureQueries, __VA_ARGS__)
117
118#define ZITI_SERVICE_MODEL(XX, ...) \
119XX(id, model_string, none, id, __VA_ARGS__) \
120XX(name, model_string, none, name, __VA_ARGS__) \
121XX(permissions, ziti_session_type, array, permissions, __VA_ARGS__) \
122XX(encryption, model_bool, none, encryptionRequired, __VA_ARGS__) \
123XX(perm_flags, model_number, none, NULL, __VA_ARGS__) \
124XX(config, json, map, config, __VA_ARGS__) \
125XX(posture_query_set, ziti_posture_query_set, array, postureQueries, __VA_ARGS__) \
126XX(posture_query_map, ziti_posture_query_set, map, posturePolicies, __VA_ARGS__) \
127XX(updated_at,model_string, none, updatedAt, __VA_ARGS__)
128
129#define ZITI_TERMINATOR_MODEL(XX, ...) \
130XX(identity, model_string, none, identity, __VA_ARGS__) \
131XX(service_id, model_string, none, serviceId, __VA_ARGS__)
132
133#define ZITI_CLIENT_CFG_V1_MODEL(XX, ...) \
134XX(hostname, ziti_address, none, hostname, __VA_ARGS__) \
135XX(port, model_number, none, port, __VA_ARGS__)
136
137#define ZITI_PORT_RANGE_MODEL(XX, ...) \
138XX(low, model_number, none, low, __VA_ARGS__) \
139XX(high, model_number, none, high, __VA_ARGS__)
140
141#define ZITI_INTERCEPT_CFG_V1 "intercept.v1"
142#define ZITI_CLIENT_CFG_V1 "ziti-tunneler-client.v1"
143
144#define ZITI_INTERCEPT_CFG_V1_MODEL(XX, ...) \
145XX(protocols, ziti_protocol, list, protocols, __VA_ARGS__) \
146XX(addresses, ziti_address, list, addresses, __VA_ARGS__) \
147XX(port_ranges, ziti_port_range, list, portRanges, __VA_ARGS__) \
148XX(dial_options, tag, map, dialOptions, __VA_ARGS__) \
149XX(source_ip, model_string, none, sourceIp, __VA_ARGS__) \
150XX(allowed_source_addresses, ziti_address, list, allowedSourceAddresses, __VA_ARGS__)
151
152#define ZITI_SERVER_CFG_V1_MODEL(XX, ...) \
153XX(protocol, model_string, none, protocol, __VA_ARGS__) \
154XX(hostname, model_string, none, hostname, __VA_ARGS__) \
155XX(port, model_number, none, port, __VA_ARGS__)
156
157#define ZITI_PROXY_SERVER_TYPE_ENUM(XX, ...) \
158XX(http, __VA_ARGS__)
159
160#define ZITI_PROXY_SERVER_MODEL(XX, ...) \
161XX(address, model_string, none, address, __VA_ARGS__) \
162XX(type, ziti_proxy_server_type, none, type, __VA_ARGS__)
163
164#define ZITI_ADDRESS_TRANSLATION_MODEL(XX, ...) \
165XX(from, ziti_address, none, from, __VA_ARGS__) \
166XX(to, ziti_address, none, to, __VA_ARGS__) \
167XX(prefix_length, model_number, none, prefixLength, __VA_ARGS__ )
168
169#define ZITI_HOST_CFG_V1_MODEL(XX, ...) \
170XX(protocol, model_string, none, protocol, __VA_ARGS__) \
171XX(forward_protocol, model_bool, none, forwardProtocol, __VA_ARGS__) \
172XX(allowed_protocols, model_string, array, allowedProtocols, __VA_ARGS__) \
173XX(address, model_string, none, address, __VA_ARGS__) \
174XX(forward_address, model_bool, none, forwardAddress, __VA_ARGS__) \
175XX(forward_address_translations, ziti_address_translation, array, forwardAddressTranslations, __VA_ARGS__) \
176XX(allowed_addresses, ziti_address, array, allowedAddresses, __VA_ARGS__) \
177XX(port, model_number, none, port, __VA_ARGS__) \
178XX(forward_port, model_bool, none, forwardPort, __VA_ARGS__) \
179XX(allowed_port_ranges, ziti_port_range, array, allowedPortRanges, __VA_ARGS__) \
180XX(allowed_source_addresses, ziti_address, array, allowedSourceAddresses, __VA_ARGS__) \
181XX(proxy, ziti_proxy_server, none, proxy, __VA_ARGS__) \
182XX(listen_options, ziti_listen_options, ptr, listenOptions, __VA_ARGS__)
183
184#define ZITI_HOST_CFG_V2_MODEL(XX, ...) \
185XX(terminators, ziti_host_cfg_v1, list, terminators, __VA_ARGS__)
186
187#define ZITI_MFA_ENROLLMENT_MODEL(XX, ...) \
188XX(is_verified, model_bool, none, isVerified, __VA_ARGS__) \
189XX(recovery_codes, model_string, array, recoveryCodes, __VA_ARGS__) \
190XX(provisioning_url, model_string, none, provisioningUrl, __VA_ARGS__)
191
192#define ZITI_LISTEN_OPTS_MODEL(XX, ...) \
193XX(bind_with_identity, model_bool, none, bindUsingEdgeIdentity, __VA_ARGS__) \
194XX(connect_timeout, duration, none, connectTimeout, __VA_ARGS__) \
195XX(connect_timeout_seconds, model_number, none, connectTimeoutSeconds, __VA_ARGS__) \
196XX(cost, model_number, none, cost, __VA_ARGS__) \
197XX(identity, model_string, none, identity, __VA_ARGS__) \
198XX(max_connections, model_number, none, maxConnections, __VA_ARGS__)\
199XX(precendence, model_string, none, precendence, __VA_ARGS__)
200
201
202#ifdef __cplusplus
203extern "C" {
204#endif
205
210
211typedef struct ziti_address_s {
213 union {
214 struct {
215 char af;
216 unsigned int bits;
217 struct in6_addr ip;
218 } cidr;
219 char hostname[256];
220 } addr;
222
223
224
225
226// make sure ziti model functions are properly exported
227#ifdef MODEL_VISIBILITY
228#undef MODEL_VISIBILITY
229#endif
230#define MODEL_VISIBILITY ZITI_FUNC
231
232ZITI_FUNC int parse_ziti_address_str(ziti_address *addr, const char *addr_str);
233
234ZITI_FUNC int ziti_address_print(char *buf, size_t max, const ziti_address *address);
235
237
238ZITI_FUNC int ziti_address_match_s(const char *addr, const ziti_address *range);
239
240ZITI_FUNC int ziti_addrstr_match_list(const char *addr, const model_list *range);
242
243ZITI_FUNC int ziti_address_match_array(const char *addr, ziti_address **range);
244
246
248
250ZITI_FUNC int ziti_port_match(int port, const model_list *port_range_list);
251
253
255
257
259
261
263
265
267
269
271
273
275
277
279
281
283
285
287
289
291
293
295
297
299
301
303
305
307
309
310ZITI_FUNC const char *ziti_service_get_raw_config(ziti_service *service, const char *cfg_type);
311
312typedef int (*parse_service_cfg_f)(void *, const char *, size_t);
313
314ZITI_FUNC int ziti_service_get_config(ziti_service *service, const char *cfg_type, void *cfg,
315 parse_service_cfg_f parse_func);
316
318
319ZITI_FUNC int
320ziti_intercept_match(const ziti_intercept_cfg_v1 *intercept, ziti_protocol proto, const char *addr, int port);
321
322ZITI_FUNC int ziti_intercept_match2(const ziti_intercept_cfg_v1 *intercept, ziti_protocol proto, const ziti_address *addr, int port);
323
324
325#ifdef __cplusplus
326}
327#endif
328
329#endif //ZITI_SDK_ZITI_MODEL_H
#define ZITI_FUNC
Definition externs.h:38
bool model_bool
Definition model_support.h:152
#define DECLARE_MODEL(type, model)
Definition model_support.h:80
#define DECLARE_MODEL_FUNCS(T)
Definition model_support.h:86
#define DECLARE_ENUM(Enum, Values)
Definition model_support.h:266
Definition ziti_model.h:262
Definition model_collections.h:97
Definition ziti_model.h:300
Definition ziti_model.h:211
char af
Definition ziti_model.h:215
unsigned int bits
Definition ziti_model.h:216
enum ziti_address_type type
Definition ziti_model.h:212
Definition ziti_model.h:264
Definition ziti_model.h:286
Definition ziti_model.h:272
Definition ziti_model.h:302
Definition ziti_model.h:304
Definition ziti_model.h:270
Definition ziti_model.h:274
Definition ziti_model.h:290
Definition ziti_model.h:268
Definition ziti_model.h:292
Definition ziti_model.h:306
Definition ziti_model.h:288
Definition ziti_model.h:280
Definition ziti_model.h:278
Definition ziti_model.h:276
Definition ziti_model.h:298
Definition ziti_model.h:294
Definition ziti_model.h:282
Definition ziti_model.h:284
Definition ziti_model.h:266
#define ZITI_SESSION_TYPE_ENUM(XX,...)
Definition ziti_model.h:33
model_bool ziti_protocol_match(ziti_protocol proto, const model_list *proto_list)
#define ZITI_IDENTITY_MODEL(XX,...)
Definition ziti_model.h:94
#define ZITI_LISTEN_OPTS_MODEL(XX,...)
Definition ziti_model.h:192
ziti_session_type
Definition ziti_model.h:252
#define ZITI_POSTURE_QUERY_MODEL(XX,...)
Definition ziti_model.h:102
#define ZITI_SIGNER_TARGET_TOKEN(XX,...)
Definition ziti_model.h:51
#define ZITI_PROTOCOL_ENUM(XX,...)
Definition ziti_model.h:29
int ziti_port_match(int port, const model_list *port_range_list)
int parse_ziti_address_str(ziti_address *addr, const char *addr_str)
int ziti_address_print(char *buf, size_t max, const ziti_address *address)
int ziti_address_match_s(const char *addr, const ziti_address *range)
ziti_auth_query_type
Definition ziti_model.h:254
#define ZITI_API_PATH_MODEL(XX,...)
Definition ziti_model.h:77
int ziti_address_match_list(const ziti_address *addr, const model_list *range)
#define ZITI_PROCESS_MODEL(XX,...)
Definition ziti_model.h:99
#define ZITI_CONFIG_MODEL(XX,...)
Definition ziti_model.h:71
#define ZITI_POSTURE_QUERY_TYPE_ENUM(XX,...)
Definition ziti_model.h:42
#define ZITI_INTERCEPT_CFG_V1_MODEL(XX,...)
Definition ziti_model.h:144
ziti_ctrl_cap
Definition ziti_model.h:258
#define ZITI_TERMINATOR_MODEL(XX,...)
Definition ziti_model.h:129
ziti_posture_query_type
Definition ziti_model.h:256
int ziti_intercept_match2(const ziti_intercept_cfg_v1 *intercept, ziti_protocol proto, const ziti_address *addr, int port)
#define ZITI_AUTH_QUERY_TYPE_ENUM(XX,...)
Definition ziti_model.h:37
#define ZITI_POSTURE_QUERY_SET_MODEL(XX,...)
Definition ziti_model.h:112
#define ZITI_SERVICE_MODEL(XX,...)
Definition ziti_model.h:118
#define ZITI_VERSION_MODEL(XX,...)
Definition ziti_model.h:87
#define ZITI_PROXY_SERVER_MODEL(XX,...)
Definition ziti_model.h:160
const char * ziti_service_get_raw_config(ziti_service *service, const char *cfg_type)
int ziti_service_get_config(ziti_service *service, const char *cfg_type, void *cfg, parse_service_cfg_f parse_func)
#define ZITI_SERVER_CFG_V1_MODEL(XX,...)
Definition ziti_model.h:152
#define ZITI_PORT_RANGE_MODEL(XX,...)
Definition ziti_model.h:137
#define ZITI_HOST_CFG_V2_MODEL(XX,...)
Definition ziti_model.h:184
#define ZITI_CLIENT_CFG_V1_MODEL(XX,...)
Definition ziti_model.h:133
int ziti_address_match(const ziti_address *addr, const ziti_address *range)
#define ZITI_HOST_CFG_V1_MODEL(XX,...)
Definition ziti_model.h:169
int ziti_intercept_from_client_cfg(ziti_intercept_cfg_v1 *intercept, const ziti_client_cfg_v1 *client_cfg)
#define ZITI_API_VERSIONS_MODEL(XX,...)
Definition ziti_model.h:80
#define ZITI_ID_CFG_MODEL(XX,...)
Definition ziti_model.h:65
ziti_address_type
Definition ziti_model.h:206
@ ziti_address_hostname
Definition ziti_model.h:207
@ ziti_address_cidr
Definition ziti_model.h:208
#define ZITI_JWT_SIGNER_MODEL(XX,...)
Definition ziti_model.h:55
ziti_proxy_server_type
Definition ziti_model.h:296
#define ZITI_ADDRESS_TRANSLATION_MODEL(XX,...)
Definition ziti_model.h:164
#define ZITI_PROXY_SERVER_TYPE_ENUM(XX,...)
Definition ziti_model.h:157
int ziti_intercept_match(const ziti_intercept_cfg_v1 *intercept, ziti_protocol proto, const char *addr, int port)
int ziti_addrstr_match_list(const char *addr, const model_list *range)
int(* parse_service_cfg_f)(void *, const char *, size_t)
Definition ziti_model.h:312
ziti_protocol
Definition ziti_model.h:247
#define ZITI_MFA_ENROLLMENT_MODEL(XX,...)
Definition ziti_model.h:187
ziti_target_token
Definition ziti_model.h:260
#define ZITI_CTRL_CAP_ENUM(XX,...)
Definition ziti_model.h:83
int ziti_address_match_array(const char *addr, ziti_address **range)
model_bool ziti_service_has_permission(const ziti_service *service, ziti_session_type sessionType)