Data Structures | Enumerations | Functions
acl_list.h File Reference

This file keeps track of the list of clients that are allowed to access the server. More...

#include "util/storage/dnstree.h"
#include "services/view.h"

Data Structures

struct  acl_list
 Access control storage structure. More...
 
struct  acl_addr
 An address span with access control information. More...
 

Enumerations

enum  acl_access {
  acl_deny = 0, acl_refuse, acl_deny_non_local, acl_refuse_non_local,
  acl_allow, acl_allow_snoop
}
 Enumeration of access control options for an address range. More...
 

Functions

struct acl_listacl_list_create (void)
 Create acl structure. More...
 
void acl_list_delete (struct acl_list *acl)
 Delete acl structure. More...
 
int acl_list_apply_cfg (struct acl_list *acl, struct config_file *cfg, struct views *v)
 Process access control config. More...
 
enum acl_access acl_get_control (struct acl_addr *acl)
 Lookup access control status for acl structure. More...
 
struct acl_addracl_addr_lookup (struct acl_list *acl, struct sockaddr_storage *addr, socklen_t addrlen)
 Lookup address to see its acl structure. More...
 
size_t acl_list_get_mem (struct acl_list *acl)
 Get memory used by acl structure. More...
 

Detailed Description

This file keeps track of the list of clients that are allowed to access the server.

Enumeration Type Documentation

◆ acl_access

enum acl_access

Enumeration of access control options for an address range.

Allow or deny access.

Enumerator
acl_deny 

disallow any access whatsoever, drop it

acl_refuse 

disallow access, send a polite 'REFUSED' reply

acl_deny_non_local 

disallow any access to zones that aren't local, drop it

acl_refuse_non_local 

disallow access to zones that aren't local, 'REFUSED' reply

acl_allow 

allow full access for recursion (+RD) queries

acl_allow_snoop 

allow full access for all queries, recursion and cache snooping

Function Documentation

◆ acl_list_create()

struct acl_list* acl_list_create ( void  )

Create acl structure.

Returns
new structure or NULL on error.

References acl_list_delete(), acl_list::region, and regional_create().

◆ acl_list_delete()

void acl_list_delete ( struct acl_list acl)

Delete acl structure.

Parameters
aclto delete.

References acl_list::region, and regional_destroy().

Referenced by acl_list_create(), and daemon_delete().

◆ acl_list_apply_cfg()

int acl_list_apply_cfg ( struct acl_list acl,
struct config_file cfg,
struct views v 
)

Process access control config.

Parameters
aclwhere to store.
cfgconfig options.
vviews structure
Returns
0 on error.

References acl_list_str_cfg(), addr_tree_init(), addr_tree_init_parents(), config_file::do_ip6, read_acl_list(), read_acl_tag_actions(), read_acl_tag_datas(), read_acl_tags(), read_acl_view(), acl_list::region, regional_free_all(), and acl_list::tree.

◆ acl_get_control()

enum acl_access acl_get_control ( struct acl_addr acl)

Lookup access control status for acl structure.

Parameters
aclstructure for acl storage.
Returns
: what to do with message from this address.

References acl_deny, and acl_addr::control.

Referenced by worker_handle_request().

◆ acl_addr_lookup()

struct acl_addr* acl_addr_lookup ( struct acl_list acl,
struct sockaddr_storage *  addr,
socklen_t  addrlen 
)

Lookup address to see its acl structure.

Parameters
aclstructure for address storage.
addraddress to check
addrlenlength of addr.
Returns
: acl structure from this address.

References addr_tree_lookup(), and acl_list::tree.

Referenced by worker_handle_request().

◆ acl_list_get_mem()

size_t acl_list_get_mem ( struct acl_list acl)

Get memory used by acl structure.

Parameters
aclstructure for address storage.
Returns
bytes in use.

References acl_list::region, and regional_get_mem().