1 /* $NetBSD: aclconf.h,v 1.7 2014/12/10 04:38:02 christos Exp $ */ 2 3 /* 4 * Copyright (C) 2004-2007, 2010-2014 Internet Systems Consortium, Inc. ("ISC") 5 * Copyright (C) 1999-2001 Internet Software Consortium. 6 * 7 * Permission to use, copy, modify, and/or distribute this software for any 8 * purpose with or without fee is hereby granted, provided that the above 9 * copyright notice and this permission notice appear in all copies. 10 * 11 * THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES WITH 12 * REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF MERCHANTABILITY 13 * AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR ANY SPECIAL, DIRECT, 14 * INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM 15 * LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE 16 * OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR 17 * PERFORMANCE OF THIS SOFTWARE. 18 */ 19 20 /* Id */ 21 22 #ifndef ISCCFG_ACLCONF_H 23 #define ISCCFG_ACLCONF_H 1 24 25 #include <isc/lang.h> 26 27 #include <isccfg/cfg.h> 28 29 #ifdef HAVE_GEOIP 30 #include <dns/geoip.h> 31 #endif 32 #include <dns/types.h> 33 34 typedef struct cfg_aclconfctx { 35 ISC_LIST(dns_acl_t) named_acl_cache; 36 isc_mem_t *mctx; 37 #ifdef HAVE_GEOIP 38 dns_geoip_databases_t *geoip; 39 #endif 40 isc_refcount_t references; 41 } cfg_aclconfctx_t; 42 43 /*** 44 *** Functions 45 ***/ 46 47 ISC_LANG_BEGINDECLS 48 49 isc_result_t 50 cfg_aclconfctx_create(isc_mem_t *mctx, cfg_aclconfctx_t **ret); 51 /* 52 * Creates and initializes an ACL configuration context. 53 */ 54 55 void 56 cfg_aclconfctx_detach(cfg_aclconfctx_t **actxp); 57 /* 58 * Removes a reference to an ACL configuration context; when references 59 * reaches zero, clears the contents and deallocate the structure. 60 */ 61 62 void 63 cfg_aclconfctx_attach(cfg_aclconfctx_t *src, cfg_aclconfctx_t **dest); 64 /* 65 * Attaches a pointer to an existing ACL configuration context. 66 */ 67 68 isc_result_t 69 cfg_acl_fromconfig(const cfg_obj_t *caml, const cfg_obj_t *cctx, 70 isc_log_t *lctx, cfg_aclconfctx_t *ctx, 71 isc_mem_t *mctx, unsigned int nest_level, 72 dns_acl_t **target); 73 74 isc_result_t 75 cfg_acl_fromconfig2(const cfg_obj_t *caml, const cfg_obj_t *cctx, 76 isc_log_t *lctx, cfg_aclconfctx_t *ctx, 77 isc_mem_t *mctx, unsigned int nest_level, 78 isc_uint16_t family, dns_acl_t **target); 79 /* 80 * Construct a new dns_acl_t from configuration data in 'caml' and 81 * 'cctx'. Memory is allocated through 'mctx'. 82 * 83 * Any named ACLs referred to within 'caml' will be be converted 84 * into nested dns_acl_t objects. Multiple references to the same 85 * named ACLs will be converted into shared references to a single 86 * nested dns_acl_t object when the referring objects were created 87 * passing the same ACL configuration context 'ctx'. 88 * 89 * cfg_acl_fromconfig() is a backward-compatible version of 90 * cfg_acl_fromconfig2(), which allows an address family to be 91 * specified. If 'family' is not zero, then only addresses/prefixes 92 * of a matching family (AF_INET or AF_INET6) may be configured. 93 * 94 * On success, attach '*target' to the new dns_acl_t object. 95 */ 96 97 ISC_LANG_ENDDECLS 98 99 #endif /* ISCCFG_ACLCONF_H */ 100