modules/ac/access_control.h

/* [<][>][^][v][top]
[bottom][index][help] */

FUNCTIONS

This source file includes following functions.

   1 #ifndef READ_ACCESS_CONTROL
   2 #define READ_ACCESS_CONTROL
   3 
   4 /***************************************
   5   $Revision: 1.17 $
   6 
   7   Access Control module (ac) - the header file.
   8 
   9   Status: NOT REVUED, NOT TESTED
  10  
  11   Design and implementation by: Marek Bukowy
  12 
  13   ******************/ /******************
  14   Copyright (c) 1999                              RIPE NCC
  15  
  16   All Rights Reserved
  17   
  18   Permission to use, copy, modify, and distribute this software and its
  19   documentation for any purpose and without fee is hereby granted,
  20   provided that the above copyright notice appear in all copies and that
  21   both that copyright notice and this permission notice appear in
  22   supporting documentation, and that the name of the author not be
  23   used in advertising or publicity pertaining to distribution of the
  24   software without specific, written prior permission.
  25   
  26   THE AUTHOR DISCLAIMS ALL WARRANTIES WITH REGARD TO THIS SOFTWARE, INCLUDING
  27   ALL IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS; IN NO EVENT SHALL
  28   AUTHOR BE LIABLE FOR ANY SPECIAL, INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY
  29   DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN
  30   AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
  31   OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
  32   ***************************************/
  33 
  34 #include "erroutines.h"
  35 #include "iproutines.h"
  36 #include "rxroutines.h"
  37 #include "mysql_driver.h"
  38 
  39 #ifdef AC_IMPL
  40 #define EXTDEF 
  41 #else
  42 #define EXTDEF extern
  43 #endif
  44 
  45 /* Access control structure */
  46 typedef struct {
  47                         /* max bonus values before temporary denial,
  48                          * -1 == unlimited: */
  49   int      maxprivate;  /* --  private objects */
  50   int      maxpublic;   /* --  public objects */
  51   short    maxdenials;  /* before the permanent ban is set */
  52   char     deny;        /* THE ban itself */
  53   char     trustpass;   /* has power to pass ip addresses */
  54 } acl_st;
  55 
  56 
  57 #ifdef AC_IMPL
  58 /* order must correspond to the array below */
  59 typedef enum {
  60   AC_AR_MAXPRIVATE = 0,
  61     AC_AR_MAXPUBLIC,
  62     AC_AR_MAXDENIALS,
  63     AC_AR_DENY,
  64     AC_AR_TRUSTPASS,
  65     AC_AR_SIZE
  66 } AC_ar_elements;
  67 
  68 /* this array is used for setting the values from the command line
  69    of the admin interface (with getsubopt)
  70 */
  71 char* AC_ar_acl[]  = {
  72   "maxprivate",  
  73   "maxpublic",
  74   "maxdenials",
  75   "deny",
  76   "trustpass",
  77   NULL };
  78 #endif
  79 
  80 
  81 /* Accounting == counters */
  82 typedef struct {
  83   int connections;
  84   int addrpasses;
  85   int denials;
  86   int queries;
  87   int referrals;
  88   int public_objects;     
  89   int private_objects;    
  90   float public_bonus;       /* those two are .. */
  91   float private_bonus;      /* .. maintained only in the runtime tree */
  92 } acc_st;
  93 
  94 
  95 #define ACC_PLUS 0
  96 #define ACC_MINUS 1
  97 
  98 
  99 /* prototypes */
 100 er_ret_t AC_build(void);
 101 er_ret_t AC_fetch_acc( ip_addr_t *, acc_st * );
 102 er_ret_t AC_check_acl( ip_addr_t *, acc_st *, acl_st *);
 103 void AC_acc_addup(acc_st *, acc_st *, int);
 104 er_ret_t AC_commit(ip_addr_t *, acc_st *,acl_st * );
 105 er_ret_t AC_acc_load(void);
 106 er_ret_t AC_decay(void);
 107 
 108 /* interface to modifications on the fly */
 109 er_ret_t AC_asc_ban_set(char *addrstr, char *text, int denyflag);
 110 
 111 
 112 /* printing */
 113 char *AC_credit_to_string(acc_st *a);
 114 unsigned AC_print_acl(GString *output);
 115 unsigned AC_print_access(GString *output);
 116 
 117 int AC_credit_isdenied(acc_st    *acc_credit);
 118 void AC_count_object( acc_st    *acc_credit, acl_st    *acl, int private );
 119 int AC_get_higher_limit(acc_st    *acc_credit, acl_st    *acl);
 120 
 121 er_ret_t AC_asc_acl_command_set( char *command, char *comment );
 122 er_ret_t AC_asc_set_nodeny(char *ip);
 123 SQ_connection_t *AC_dbopen_admin(void);
 124 
 125 /* declare global accounting trees */
 126 EXTDEF rx_tree_t  *act_runtime;
 127 EXTDEF rx_tree_t  *act_hour;
 128 EXTDEF rx_tree_t  *act_minute;
 129 
 130 /* declare global access control list tree */
 131 EXTDEF rx_tree_t  *act_acl;
 132 
 133 #undef EXTDEF
 134 #endif /* READ_ACCESS_CONTROL */

/* [<][>][^][v][top][bottom][index][help] */