mirror of
https://git.wownero.com/wownero/wownero.git
synced 2024-12-27 21:58:53 +00:00
130 lines
3.8 KiB
C
130 lines
3.8 KiB
C
|
/*
|
||
|
* daemon/acl_list.h - client access control storage for the server.
|
||
|
*
|
||
|
* Copyright (c) 2007, NLnet Labs. All rights reserved.
|
||
|
*
|
||
|
* This software is open source.
|
||
|
*
|
||
|
* Redistribution and use in source and binary forms, with or without
|
||
|
* modification, are permitted provided that the following conditions
|
||
|
* are met:
|
||
|
*
|
||
|
* Redistributions of source code must retain the above copyright notice,
|
||
|
* this list of conditions and the following disclaimer.
|
||
|
*
|
||
|
* Redistributions in binary form must reproduce the above copyright notice,
|
||
|
* this list of conditions and the following disclaimer in the documentation
|
||
|
* and/or other materials provided with the distribution.
|
||
|
*
|
||
|
* Neither the name of the NLNET LABS nor the names of its contributors may
|
||
|
* be used to endorse or promote products derived from this software without
|
||
|
* specific prior written permission.
|
||
|
*
|
||
|
* THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
|
||
|
* "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
|
||
|
* LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
|
||
|
* A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
|
||
|
* HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
|
||
|
* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
|
||
|
* TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
|
||
|
* PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
|
||
|
* LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
|
||
|
* NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
|
||
|
* SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||
|
*/
|
||
|
|
||
|
/**
|
||
|
* \file
|
||
|
*
|
||
|
* This file keeps track of the list of clients that are allowed to
|
||
|
* access the server.
|
||
|
*/
|
||
|
|
||
|
#ifndef DAEMON_ACL_LIST_H
|
||
|
#define DAEMON_ACL_LIST_H
|
||
|
#include "util/storage/dnstree.h"
|
||
|
struct config_file;
|
||
|
struct regional;
|
||
|
|
||
|
/**
|
||
|
* Enumeration of access control options for an address range.
|
||
|
* Allow or deny access.
|
||
|
*/
|
||
|
enum acl_access {
|
||
|
/** disallow any access whatsoever, drop it */
|
||
|
acl_deny = 0,
|
||
|
/** disallow access, send a polite 'REFUSED' reply */
|
||
|
acl_refuse,
|
||
|
/** disallow any access to zones that aren't local, drop it */
|
||
|
acl_deny_non_local,
|
||
|
/** disallow access to zones that aren't local, 'REFUSED' reply */
|
||
|
acl_refuse_non_local,
|
||
|
/** allow full access for recursion (+RD) queries */
|
||
|
acl_allow,
|
||
|
/** allow full access for all queries, recursion and cache snooping */
|
||
|
acl_allow_snoop
|
||
|
};
|
||
|
|
||
|
/**
|
||
|
* Access control storage structure
|
||
|
*/
|
||
|
struct acl_list {
|
||
|
/** regional for allocation */
|
||
|
struct regional* region;
|
||
|
/**
|
||
|
* Tree of the addresses that are allowed/blocked.
|
||
|
* contents of type acl_addr.
|
||
|
*/
|
||
|
rbtree_t tree;
|
||
|
};
|
||
|
|
||
|
/**
|
||
|
*
|
||
|
* An address span with access control information
|
||
|
*/
|
||
|
struct acl_addr {
|
||
|
/** node in address tree */
|
||
|
struct addr_tree_node node;
|
||
|
/** access control on this netblock */
|
||
|
enum acl_access control;
|
||
|
};
|
||
|
|
||
|
/**
|
||
|
* Create acl structure
|
||
|
* @return new structure or NULL on error.
|
||
|
*/
|
||
|
struct acl_list* acl_list_create(void);
|
||
|
|
||
|
/**
|
||
|
* Delete acl structure.
|
||
|
* @param acl: to delete.
|
||
|
*/
|
||
|
void acl_list_delete(struct acl_list* acl);
|
||
|
|
||
|
/**
|
||
|
* Process access control config.
|
||
|
* @param acl: where to store.
|
||
|
* @param cfg: config options.
|
||
|
* @return 0 on error.
|
||
|
*/
|
||
|
int acl_list_apply_cfg(struct acl_list* acl, struct config_file* cfg);
|
||
|
|
||
|
/**
|
||
|
* Lookup address to see its access control status.
|
||
|
* @param acl: structure for address storage.
|
||
|
* @param addr: address to check
|
||
|
* @param addrlen: length of addr.
|
||
|
* @return: what to do with message from this address.
|
||
|
*/
|
||
|
enum acl_access acl_list_lookup(struct acl_list* acl,
|
||
|
struct sockaddr_storage* addr, socklen_t addrlen);
|
||
|
|
||
|
/**
|
||
|
* Get memory used by acl structure.
|
||
|
* @param acl: structure for address storage.
|
||
|
* @return bytes in use.
|
||
|
*/
|
||
|
size_t acl_list_get_mem(struct acl_list* acl);
|
||
|
|
||
|
#endif /* DAEMON_ACL_LIST_H */
|