$Revision: 1.18 $
Access control module (ac) - access control for the query part
Status: NOT REVIEWED, TESTED
Design and implementation by: Marek Bukowy
#define AC_INVARG IP_INVARG
#define ACL_FORMAT "%10d %10d %10d %10d %10d"
#define ACL_HEADER "%-20s %10s %10s %10s %10s %10s\n"
#define ACC_FORMAT "%4d %4d %4d %4d %6d %6d %6d"
#define ACC_HEADER "%-20s %4s %4s %4s %4s %6s %6s %6s\n"
Included from | include/access_control.h | |
Visible in: | modules/ac/access_control.c | |
Used in: | AC_build() | modules/ac/access_control.c |
Included from | include/access_control.h | |
Visible in: | modules/ac/access_control.c | |
Used in: | AC_build() | modules/ac/access_control.c |
Prototyped in: | include/access_control.h | |
Called by: | AC_commit_credit() | modules/ac/access_control.c |
Prototyped in: | include/access_control.h | |
Calls: | CO_get_database_port(), CO_get_host(), CO_get_password(), CO_get_user(), RX_rt_node(), SQ_close_connection(), SQ_errno(), SQ_error(), SQ_execute_query(), SQ_free_result(), SQ_get_column_string(), SQ_get_connection(), SQ_row_next(), TH_acquire_write_lock(), TH_release_write_lock(), fprintf(), memset(), sscanf(), wr_real_free(), wr_real_malloc() | |
References Variables: | act_acl | modules/ac/access_control.c |
Calls: | CO_get_database_port(), CO_get_host(), CO_get_password(), CO_get_user(), SQ_close_connection(), SQ_execute_query(), SQ_free_result(), SQ_get_column_string(), SQ_get_connection(), SQ_num_rows(), SQ_row_next(), fprintf(), sprintf(), strlen(), wr_real_free(), wr_real_malloc() | |
Called by: | AC_ban_set() | modules/ac/access_control.c |
Show an access control list structure
More:Authors: marek
Calls: | sprintf(), strcpy(), wr_real_malloc() | |
Called by: | AC_rxwalkhook_print_acl() | modules/ac/access_control.c |
Prototyped in: | include/access_control.h | |
Calls: | fprintf(), sprintf(), wr_real_malloc() |
Prototyped in: | include/access_control.h | |
Calls: | AC_ban_set() | modules/ac/access_control.c |
IP_smart_conv(), NOERR(), g_list_first(), g_list_length(), wr_real_clear_list() |
Calls: | AC_acl_sql() | modules/ac/access_control.c |
AC_findcreate_acl_l() | modules/ac/access_control.c | |
NOERR(), TH_acquire_write_lock(), TH_release_write_lock(), ctime_r(), sprintf(), time() | ||
Called by: | AC_asc_ban_set() | modules/ac/access_control.c |
AC_commit() | modules/ac/access_control.c | |
References Variables: | act_acl | modules/ac/access_control.c |
Prototyped in: | include/access_control.h | |
Calls: | RX_tree_cre(), fprintf() | |
References Variables: | act_acl | modules/ac/access_control.c |
act_hour | modules/ac/access_control.c | |
act_minute | modules/ac/access_control.c | |
act_runtime | modules/ac/access_control.c |
AC_check_acl:er_ret_t AC_check_acl ( ip_addr_t* addr, acc_st* credit_acc, acl_st* acl_store )
search for this ip or less specific record in the access control tree
if( bonus in combined runtime+connection accountings > max_bonus in acl) set denial in the acl for this ip (create if needed) if( combined denialcounter > max_denials in acl) set the permanent ban in acl; save in SQL too calculate credit if pointer provided save the access record (ip if created or found/prefix otherwise) at *acl_store if provided
any of the args except address can be NULL
Prototyped in: | include/access_control.h | |
Calls: | AC_fetch_acc() | modules/ac/access_control.c |
AC_findexless_acl_l() | modules/ac/access_control.c | |
IP_sizebits(), TH_acquire_read_lock(), TH_release_read_lock(), memset() | ||
References Variables: | act_acl | modules/ac/access_control.c |
Prototyped in: | include/access_control.h | |
Calls: | AC_ban_set() | modules/ac/access_control.c |
AC_commit_credit() | modules/ac/access_control.c | |
IP_sizebits(), NOERR(), memset() | ||
References Variables: | act_runtime | modules/ac/access_control.c |
Calls: | AC_acc_addup() | modules/ac/access_control.c |
AC_findcreate_account_l() | modules/ac/access_control.c | |
RX_treecheck(), TH_acquire_write_lock(), TH_release_write_lock(), fprintf() | ||
Called by: | AC_commit() | modules/ac/access_control.c |
References Variables: | act_runtime | modules/ac/access_control.c |
Show credit (for logging of queries)
More:Authors: marek
Prototyped in: | include/access_control.h | |
Calls: | fprintf(), sprintf(), wr_real_malloc() |
Prototyped in: | include/access_control.h | |
Calls: | CO_get_do_server(), SV_sleep(), TH_acquire_write_lock(), TH_release_write_lock(), printf(), rx_walk_tree() | |
References Functions: | AC_decay_hook() | modules/ac/access_control.c |
References Variables: | act_runtime | modules/ac/access_control.c |
Used in: | AC_decay() | modules/ac/access_control.c |
Finds the runtime accounting record for this IP, stores a copy of it in acc_store.er_ret_t AC_fetch_acc ( ip_addr_t* addr, acc_st* acc_store )
If not found, then it is created and initialised to zeros in findcreate()
Prototyped in: | include/access_control.h | |
Calls: | AC_findcreate_account_l() | modules/ac/access_control.c |
IP_sizebits(), TH_acquire_read_lock(), TH_release_read_lock() | ||
Called by: | AC_check_acl() | modules/ac/access_control.c |
References Variables: | act_runtime | modules/ac/access_control.c |
Calls: | RX_bin_search(), RX_rt_node(), fprintf(), g_list_length(), g_list_nth_data(), memset(), wr_real_clear_list(), wr_real_malloc() | |
Called by: | AC_commit_credit() | modules/ac/access_control.c |
AC_fetch_acc() | modules/ac/access_control.c | |
References Variables: | act_runtime | modules/ac/access_control.c |
Calls: | AC_findexless_acl_l() | modules/ac/access_control.c |
NOERR(), RX_bin_search(), RX_rt_node(), fprintf(), g_list_length(), g_list_nth_data(), wr_real_calloc(), wr_real_clear_list() | ||
Called by: | AC_ban_set() | modules/ac/access_control.c |
References Variables: | act_acl | modules/ac/access_control.c |
Calls: | RX_bin_search(), RX_treecheck(), fprintf(), g_list_length(), g_list_nth_data(), wr_real_clear_list() | |
Called by: | AC_check_acl() | modules/ac/access_control.c |
AC_findcreate_acl_l() | modules/ac/access_control.c | |
References Variables: | act_acl | modules/ac/access_control.c |
Prototyped in: | include/access_control.h | |
Calls: | AC_to_string() | modules/ac/access_control.c |
IP_addr_b2a(), SK_cd_puts(), fprintf(), sprintf(), wr_real_free() |
Prototyped in: | include/access_control.h | |
Calls: | AC_acl_to_string() | modules/ac/access_control.c |
IP_pref_b2a(), SK_cd_puts(), fprintf(), sprintf(), wr_real_free() |
Show an access structure
More:Authors: marek
Prototyped in: | include/access_control.h | |
Calls: | sprintf(), strcpy(), wr_real_malloc() | |
Called by: | AC_rxwalkhook_print() | modules/ac/access_control.c |
Prototyped in: | include/access_control.h | |
Calls: | fprintf(), sprintf(), wr_real_malloc() |