X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=include%2Ftr_filter.h;h=d241a500957b8206b2e5343c0b23ad8f3247be3b;hb=3feea37388d58efac91a7e10b85043bb52c8bf19;hp=23842ae879feda5f0fde6cc15da3cd8a3453a8d2;hpb=1b419d2f80dd88c79565bece98dfcb591e722b3e;p=trust_router.git diff --git a/include/tr_filter.h b/include/tr_filter.h index 23842ae..d241a50 100644 --- a/include/tr_filter.h +++ b/include/tr_filter.h @@ -37,18 +37,17 @@ #include #include +#include -#include +#include +#include #include - -#define TR_MAX_FILTERS 5 -#define TR_MAX_FILTER_LINES 8 -#define TR_MAX_FILTER_SPECS 8 -#define TR_MAX_FILTER_MATCHES 8 +#include +#include /* Filter actions */ -typedef enum { - TR_FILTER_ACTION_REJECT=0, +typedef enum tr_filter_action { + TR_FILTER_ACTION_REJECT = 0, TR_FILTER_ACTION_ACCEPT, TR_FILTER_ACTION_UNKNOWN } TR_FILTER_ACTION; @@ -59,45 +58,109 @@ typedef enum { /* Filter types */ typedef enum { - TR_FILTER_TYPE_TID_INCOMING=0, + TR_FILTER_TYPE_TID_INBOUND = 0, + TR_FILTER_TYPE_TRP_INBOUND, + TR_FILTER_TYPE_TRP_OUTBOUND, TR_FILTER_TYPE_UNKNOWN } TR_FILTER_TYPE; -/* #define for backward compatibility, TODO: get rid of this -jlr */ -#define TR_FILTER_TYPE_RP_PERMITTED TR_FILTER_TYPE_TID_INCOMING - typedef struct tr_fspec { TR_NAME *field; - TR_NAME *match[TR_MAX_FILTER_MATCHES]; + TR_LIST *match; } TR_FSPEC; typedef struct tr_fline { TR_FILTER_ACTION action; - TR_FSPEC *specs[TR_MAX_FILTER_SPECS]; + TR_LIST *specs; TR_CONSTRAINT *realm_cons; TR_CONSTRAINT *domain_cons; } TR_FLINE; - + typedef struct tr_filter { TR_FILTER_TYPE type; - TR_FLINE *lines[TR_MAX_FILTER_LINES]; + TR_LIST *lines; } TR_FILTER; +typedef struct tr_filter_set TR_FILTER_SET; +struct tr_filter_set { + TR_FILTER *this; + TR_FILTER_SET *next; +}; + +/** + * Structure to hold information needed to filter different targets. + */ +typedef struct tr_filter_target { + /* An inforec also needs realm and community information */ + TRP_INFOREC *trp_inforec; + TRP_UPD *trp_upd; + + /* a TID request has all the data it needs to be filtered */ + TID_REQ *tid_req; +} TR_FILTER_TARGET; + +TR_FILTER_SET *tr_filter_set_new(TALLOC_CTX *mem_ctx); +void tr_filter_set_free(TR_FILTER_SET *fs); +int tr_filter_set_add(TR_FILTER_SET *set, TR_FILTER *new); +TR_FILTER *tr_filter_set_get(TR_FILTER_SET *set, TR_FILTER_TYPE type); + TR_FILTER *tr_filter_new(TALLOC_CTX *mem_ctx); void tr_filter_free(TR_FILTER *filt); + void tr_filter_set_type(TR_FILTER *filt, TR_FILTER_TYPE type); TR_FILTER_TYPE tr_filter_get_type(TR_FILTER *filt); +TR_FLINE *tr_filter_add_line(TR_FILTER *filt, TR_FLINE *line); TR_FLINE *tr_fline_new(TALLOC_CTX *mem_ctx); void tr_fline_free(TR_FLINE *fline); +TR_FSPEC *tr_fline_add_spec(TR_FLINE *fline, TR_FSPEC *spec); + TR_FSPEC *tr_fspec_new(TALLOC_CTX *mem_ctx); void tr_fspec_free(TR_FSPEC *fspec); -int tr_fspec_add_match(TR_FSPEC *fspec, TR_NAME *match); -int tr_fspec_matches(TR_FSPEC *fspec, TR_NAME *name); +TR_NAME *tr_fspec_add_match(TR_FSPEC *fspec, TR_NAME *match); + +int tr_fspec_matches(TR_FSPEC *fspec, TR_FILTER_TYPE ftype, TR_FILTER_TARGET *target); + +/* Iterator for TR_FILTER lines */ +typedef TR_LIST_ITER TR_FILTER_ITER; +#define tr_filter_iter_new(CTX) (tr_list_iter_new(CTX)) +#define tr_filter_iter_free(ITER) (tr_list_iter_free(ITER)) +#define tr_filter_iter_first(ITER, FILT) ((TR_FLINE *) tr_list_iter_first((ITER), (FILT)->lines)) +#define tr_filter_iter_next(ITER) ((TR_FLINE *) tr_list_iter_next(ITER)) +#define tr_filter_add_line(FILT, LINE) ((TR_FLINE *) tr_list_add((FILT)->lines, (LINE), 1)) +/* Iterator for TR_FSPEC matches */ +typedef TR_LIST_ITER TR_FSPEC_ITER; +#define tr_fspec_iter_new(CTX) (tr_list_iter_new(CTX)) +#define tr_fspec_iter_free(ITER) (tr_list_iter_free(ITER)) +#define tr_fspec_iter_first(ITER, SPEC) (tr_list_iter_first((ITER), (SPEC)->match)) +#define tr_fspec_iter_next(ITER) (tr_list_iter_next(ITER)) +#define tr_fspec_add_match(SPEC, MATCH) ((TR_NAME *) tr_list_add((SPEC)->match, (MATCH), 0)) + +/* Iterator for TR_FLINE specs */ +typedef TR_LIST_ITER TR_FLINE_ITER; +#define tr_fline_iter_new(CTX) (tr_list_iter_new(CTX)) +#define tr_fline_iter_free(ITER) (tr_list_iter_free(ITER)) +#define tr_fline_iter_first(ITER, LINE) (tr_list_iter_first((ITER), (LINE)->specs)) +#define tr_fline_iter_next(ITER) (tr_list_iter_next(ITER)) +#define tr_fline_add_spec(LINE, SPEC) ((TR_NAME *) tr_list_add((LINE)->specs, (SPEC), 1)) /*In tr_constraint.c and exported, but not really a public symbol; needed by tr_filter.c and by tr_constraint.c*/ -int TR_EXPORT tr_prefix_wildcard_match (const char *str, const char *wc_str); -int tr_filter_process_rp_permitted (TR_NAME *rp_realm, TR_FILTER *rpp_filter, TR_CONSTRAINT_SET *in_constraints, TR_CONSTRAINT_SET **out_constraints, int *out_action); -TR_CONSTRAINT_SET *tr_constraint_set_from_fline (TR_FLINE *fline); +int TR_EXPORT tr_prefix_wildcard_match(const char *str, const char *wc_str); + +int tr_filter_apply(TR_FILTER_TARGET *target, TR_FILTER *filt, TR_CONSTRAINT_SET **constraints, TR_FILTER_ACTION *out_action); +void tr_filter_target_free(TR_FILTER_TARGET *target); +TR_FILTER_TARGET *tr_filter_target_tid_req(TALLOC_CTX *mem_ctx, TID_REQ *req); +TR_FILTER_TARGET *tr_filter_target_trp_inforec(TALLOC_CTX *mem_ctx, TRP_UPD *upd, TRP_INFOREC *inforec); + +TR_CONSTRAINT_SET *tr_constraint_set_from_fline(TR_FLINE *fline); + +int tr_filter_validate(TR_FILTER *filt); +int tr_filter_validate_spec_field(TR_FILTER_TYPE ftype, TR_FSPEC *fspec); +const char *tr_filter_type_to_string(TR_FILTER_TYPE ftype); +TR_FILTER_TYPE tr_filter_type_from_string(const char *s); + +/* tr_filter_encoders.c */ +json_t *tr_filter_set_to_json(TR_FILTER_SET *filter_set); + #endif