1/* 2 * ipsecmod/ipsecmod-whitelist.h - White listed domains for the ipsecmod to 3 * operate on. 4 * 5 * Copyright (c) 2017, NLnet Labs. All rights reserved. 6 * 7 * This software is open source. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 13 * Redistributions of source code must retain the above copyright notice, 14 * this list of conditions and the following disclaimer. 15 * 16 * Redistributions in binary form must reproduce the above copyright notice, 17 * this list of conditions and the following disclaimer in the documentation 18 * and/or other materials provided with the distribution. 19 * 20 * Neither the name of the NLNET LABS nor the names of its contributors may 21 * be used to endorse or promote products derived from this software without 22 * specific prior written permission. 23 * 24 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS 25 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT 26 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR 27 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT 28 * HOLDER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 29 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 30 * TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR 31 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF 32 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING 33 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS 34 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 35 */ 36/** 37 * \file 38 * 39 * Keep track of the white listed domains for ipsecmod. 40 */ 41 42#ifndef IPSECMOD_WHITELIST_H 43#define IPSECMOD_WHITELIST_H 44#include "util/storage/dnstree.h" 45 46struct config_file; 47struct regional; 48 49/** 50 * Process ipsecmod_whitelist config. 51 * @param ie: ipsecmod environment. 52 * @param cfg: config options. 53 * @return 0 on error. 54 */ 55int ipsecmod_whitelist_apply_cfg(struct ipsecmod_env* ie, 56 struct config_file* cfg); 57 58/** 59 * Delete the ipsecmod whitelist. 60 * @param whitelist: ipsecmod whitelist. 61 */ 62void ipsecmod_whitelist_delete(rbtree_type* whitelist); 63 64/** 65 * See if a domain is whitelisted. 66 * @param ie: ipsecmod environment. 67 * @param dname: domain name to check. 68 * @param dname_len: length of domain name. 69 * @param qclass: query CLASS. 70 * @return: true if the domain is whitelisted for the ipsecmod. 71 */ 72int ipsecmod_domain_is_whitelisted(struct ipsecmod_env* ie, uint8_t* dname, 73 size_t dname_len, uint16_t qclass); 74 75/** 76 * Get memory used by ipsecmod whitelist. 77 * @param whitelist: structure for domain storage. 78 * @return bytes in use. 79 */ 80size_t ipsecmod_whitelist_get_mem(rbtree_type* whitelist); 81 82#endif /* IPSECMOD_WHITELIST_H */ 83