yumapro  20.10-12
YumaPro SDK
agt_acm_ietf.h
Go to the documentation of this file.
1 /*
2  * Copyright (c) 2008 - 2012, Andy Bierman, All Rights Reserved.
3  * Copyright (c) 2012 - 2021, YumaWorks, Inc., All Rights Reserved.
4  *
5  * Unless required by applicable law or agreed to in writing,
6  * software distributed under the License is distributed on an
7  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
8  * KIND, either express or implied. See the License for the
9  * specific language governing permissions and limitations
10  * under the License.
11  */
12 #ifndef _H_agt_acm_ietf
13 #define _H_agt_acm_ietf
14 
15 /* FILE: agt_acm_ietf.h
16 *********************************************************************
17 * *
18 * P U R P O S E *
19 * *
20 *********************************************************************/
21 
27 /*********************************************************************
28 * *
29 * C H A N G E H I S T O R Y *
30 * *
31 *********************************************************************
32 
33 date init comment
34 ----------------------------------------------------------------------
35 18-jun-12 abb Begun; split from agt_acm.h
36 */
37 
38 #include <xmlstring.h>
39 
40 #ifndef _H_agt
41 #include "agt.h"
42 #endif
43 
44 #ifndef _H_dlq
45 #include "dlq.h"
46 #endif
47 
48 #ifndef _H_obj
49 #include "obj.h"
50 #endif
51 
52 #ifndef _H_ses
53 #include "ses.h"
54 #endif
55 
56 #ifndef _H_status
57 #include "status.h"
58 #endif
59 
60 #ifndef _H_val
61 #include "val.h"
62 #endif
63 
64 #ifndef _H_xml_msg
65 #include "xmlmsg.h"
66 #endif
67 
68 #ifndef _H_xmlns
69 #include "xmlns.h"
70 #endif
71 
72 #ifndef _H_xpath
73 #include "xpath.h"
74 #endif
75 
76 #ifdef __cplusplus
77 extern "C" {
78 #endif
79 
80 /********************************************************************
81 * *
82 * C O N S T A N T S *
83 * *
84 *********************************************************************/
85 
86 #define y_ietf_netconf_acm_M_ietf_netconf_acm \
87  (const xmlChar *)"ietf-netconf-acm"
88 
89 // accept either 2012 or 2018 version
90 //#define y_ietf_netconf_acm_R_ietf_netconf_acm (const xmlChar *)"2012-02-22"
91 //#define y_ietf_netconf_acm_R_ietf_netconf_acm (const xmlChar *)"2018-02-14"
92 #define y_ietf_netconf_acm_R_ietf_netconf_acm NULL
93 
94 #define y_ietf_netconf_acm_N_access_operations \
95  (const xmlChar *)"access-operations"
96 #define y_ietf_netconf_acm_N_action (const xmlChar *)"action"
97 #define y_ietf_netconf_acm_N_comment (const xmlChar *)"comment"
98 #define y_ietf_netconf_acm_N_data_node (const xmlChar *)"data-node"
99 #define y_ietf_netconf_acm_N_denied_data_writes \
100  (const xmlChar *)"denied-data-writes"
101 #define y_ietf_netconf_acm_N_denied_notifications \
102  (const xmlChar *)"denied-notifications"
103 #define y_ietf_netconf_acm_N_denied_operations \
104  (const xmlChar *)"denied-operations"
105 #define y_ietf_netconf_acm_N_enable_external_groups \
106  (const xmlChar *)"enable-external-groups"
107 #define y_ietf_netconf_acm_N_enable_nacm (const xmlChar *)"enable-nacm"
108 #define y_ietf_netconf_acm_N_exec_default (const xmlChar *)"exec-default"
109 #define y_ietf_netconf_acm_N_group (const xmlChar *)"group"
110 #define y_ietf_netconf_acm_N_groups (const xmlChar *)"groups"
111 #define y_ietf_netconf_acm_N_module_name (const xmlChar *)"module-name"
112 #define y_ietf_netconf_acm_N_nacm (const xmlChar *)"nacm"
113 #define y_ietf_netconf_acm_N_name (const xmlChar *)"name"
114 #define y_ietf_netconf_acm_N_notification (const xmlChar *)"notification"
115 #define y_ietf_netconf_acm_N_notification_name \
116  (const xmlChar *)"notification-name"
117 #define y_ietf_netconf_acm_N_path (const xmlChar *)"path"
118 #define y_ietf_netconf_acm_N_protocol_operation \
119  (const xmlChar *)"protocol-operation"
120 #define y_ietf_netconf_acm_N_read_default (const xmlChar *)"read-default"
121 #define y_ietf_netconf_acm_N_rpc_name (const xmlChar *)"rpc-name"
122 #define y_ietf_netconf_acm_N_rule (const xmlChar *)"rule"
123 #define y_ietf_netconf_acm_N_rule_list (const xmlChar *)"rule-list"
124 #define y_ietf_netconf_acm_N_rule_type (const xmlChar *)"rule-type"
125 #define y_ietf_netconf_acm_N_user_name (const xmlChar *)"user-name"
126 #define y_ietf_netconf_acm_N_write_default (const xmlChar *)"write-default"
127 
128 
129 /********************************************************************
130 * *
131 * T Y P E S *
132 * *
133 *********************************************************************/
134 
135 
163 typedef status_t
164  (*agt_acm_group_cbfn_t) (const xmlChar *username,
165  xmlChar **retgroups);
166 
167 
168 /********************************************************************
169 * *
170 * F U N C T I O N S *
171 * *
172 *********************************************************************/
173 
174 
181 extern status_t
182  agt_acm_ietf_init2 (void);
183 
184 
190 extern status_t
191  agt_acm_ietf_init1 (void);
192 
193 
199 extern void
200  agt_acm_ietf_cleanup (void);
201 
202 
211 extern boolean
212  agt_acm_ietf_rpc_allowed (xml_msg_hdr_t *msg,
213  const xmlChar *user,
214  const obj_template_t *rpcobj);
215 
216 
227 extern boolean
228  agt_acm_ietf_notif_allowed (const xmlChar *user,
229  const obj_template_t *notifobj);
230 
231 
247 extern boolean
248  agt_acm_ietf_val_write_allowed (xml_msg_hdr_t *msg,
249  const xmlChar *user,
250  val_value_t *newval,
251  val_value_t *curval,
252  op_editop_t editop);
253 
254 
263 extern boolean
264  agt_acm_ietf_val_read_allowed (xml_msg_hdr_t *msg,
265  const xmlChar *user,
266  val_value_t *val);
267 
268 
279 extern status_t
280  agt_acm_ietf_init_msg_cache (ses_cb_t *scb,
281  xml_msg_hdr_t *msg);
282 
283 
290 extern void agt_acm_ietf_clear_session_cache (ses_cb_t *scb);
291 
292 
299 extern void agt_acm_ietf_invalidate_session_cache (ses_cb_t *scb);
300 
301 
310 extern boolean agt_acm_ietf_session_cache_valid (const ses_cb_t *scb);
311 
312 
319 extern void
321 
322 
331 extern void
333 
334 
335 
343 extern void
344  agt_acm_ietf_set_datarules (val_value_t *val,
345  uint32 msgid);
346 
347 
354 extern void
355  agt_acm_ietf_clean_obj_datarule (ncx_module_t *mod);
356 
357 
361 #ifdef __cplusplus
362 } /* end extern 'C' */
363 #endif
364 
365 #endif /* _H_agt_acm_ietf */
ses.h
NETCONF Session Common definitions module.
xpath_get_resnode_obj
obj_template_t * xpath_get_resnode_obj(xpath_resnode_t *resnode)
Get the resnode object pointer from a value resnode.
Definition: xpath.c:4050
ERR_NCX_SKIPPED
@ ERR_NCX_SKIPPED
2001
Definition: status_enum.h:551
agt_acm_ietf_session_cache_valid
boolean agt_acm_ietf_session_cache_valid(const ses_cb_t *scb)
Check if a session ACM cache is valid.
Definition: agt_acm_ietf.c:5600
agt_modtags.h
YumaPro Module tags handler.
agt_set_val_defaults
status_t agt_set_val_defaults(val_value_t *val)
Check for any node-level config leafs that have a default value, and add them to the running configur...
Definition: agt_util.c:4498
xpath_free_pcb
void xpath_free_pcb(xpath_pcb_t *pcb)
Free a malloced XPath parser control block.
Definition: xpath.c:2963
dlq_insertAfter
void dlq_insertAfter(void *newP, void *nodeP)
insert the new queue entry after the current entry
Definition: dlq.c:482
agt_acm_get_log_reads
boolean agt_acm_get_log_reads(void)
Get the log_reads flag.
Definition: agt_acm.c:933
OP_EDITOP_CREATE
@ OP_EDITOP_CREATE
edit op is create
Definition: op.h:126
agt_ses.h
Server Session Management.
agt_util.h
Utility Functions for NCX Server method routines.
xpath_first_resnode_valptr
val_value_t * xpath_first_resnode_valptr(xpath_resnode_t *resnode)
Get the first result in the renodeQ from a result struct.
Definition: xpath.c:3982
OP_EDITOP_REPLACE
@ OP_EDITOP_REPLACE
edit op is replace
Definition: op.h:125
OP_EDITOP_NONE
@ OP_EDITOP_NONE
not set
Definition: op.h:123
agt_acm_ietf_init1
status_t agt_acm_ietf_init1(void)
Phase 1: Load the external data module.
Definition: agt_acm_ietf.c:4986
xml_strdup
xmlChar * xml_strdup(const xmlChar *copyFrom)
String duplicate for xmlChar.
Definition: xml_util.c:1553
xpath1_dump_result
void xpath1_dump_result(log_debug_t lvl, xpath_pcb_t *pcb, xpath_result_t *result, const char *banner)
Generate log output displaying the contents of a result.
Definition: xpath1.c:6737
ncx_valid_name2
boolean ncx_valid_name2(const xmlChar *str)
Check if an xmlChar string is a valid NCX name.
Definition: ncx.c:7637
val_get_xpathpcb
xpath_pcb_t * val_get_xpathpcb(val_value_t *val)
Get the XPath parser control block in the specified value struct.
Definition: val_util.c:4264
val_find_child
val_value_t * val_find_child(const val_value_t *parent, const xmlChar *modname, const xmlChar *childname)
Find the first instance of the specified child node.
Definition: val.c:8560
val_find_child_fast
val_value_t * val_find_child_fast(const val_value_t *parent, xmlns_id_t nsid, const xmlChar *childname)
Find the first instance of the specified child node.
Definition: val.c:8588
VAL_STRING
#define VAL_STRING(V)
Access the value as a string ONLY if typ_is_string(typdef) is true.
Definition: val.h:414
OP_INSOP_AFTER
@ OP_INSOP_AFTER
insert after foo
Definition: op.h:142
agt_add_top_node_if_missing
val_value_t * agt_add_top_node_if_missing(ncx_module_t *mod, const xmlChar *objname, boolean *added, status_t *res)
Add a top config node if it is missing.
Definition: agt_util.c:4821
OP_INSOP_BEFORE
@ OP_INSOP_BEFORE
insert before foo
Definition: op.h:141
log_error
void log_error(const char *fstr,...) __attribute__((format(printf
Generate a new LOG_DEBUG_ERROR log entry.
XML_MSG_EDIT_CONFIG_ROOT
#define XML_MSG_EDIT_CONFIG_ROOT(M)
NACM data rule support to test incoming message <config>
Definition: xml_msg.h:323
val.h
Value Node Basic Support.
agt_acm_ietf_init2
status_t agt_acm_ietf_init2(void)
Phase 2 : Initialize the external data model configuration data structures.
Definition: agt_acm_ietf.c:5105
val_next_child_same
val_value_t * val_next_child_same(val_value_t *curchild)
Get the next instance of the corresponding child node.
Definition: val.c:8456
agt_acm_get_deniedDataWrites
uint32 agt_acm_get_deniedDataWrites(void)
Get the deniedDataWrites counter.
Definition: agt_acm.c:992
ncx_use_xpath_backptrs
boolean ncx_use_xpath_backptrs(void)
Check if it is OK to use XPath back pointers or not.
Definition: ncx.c:11335
agt_acm_ietf_clear_session_cache
void agt_acm_ietf_clear_session_cache(ses_cb_t *scb)
Clear an agt_acm_cache_t struct in a session control block.
Definition: agt_acm_ietf.c:5555
obj_get_mod
ncx_module_t * obj_get_mod(obj_template_t *obj)
Get the module pointer for this object.
Definition: obj.c:12218
log_debug3
void void void void void void void void void void void log_debug3(const char *fstr,...) __attribute__((format(printf
Generate a new LOG_DEBUG_DEBUG3 log entry.
ncx_num.h
NCX Module Library Number Utility Functions.
agt_acm_get_log_writes
boolean agt_acm_get_log_writes(void)
Get the log_writes flag.
Definition: agt_acm.c:917
val_get_mod_name
const xmlChar * val_get_mod_name(const val_value_t *val)
Get the module name associated with this value node.
Definition: val.c:12223
OP_INSOP_FIRST
@ OP_INSOP_FIRST
insert first
Definition: op.h:139
agt_make_virtual_leaf
val_value_t * agt_make_virtual_leaf(obj_template_t *parentobj, const xmlChar *leafname, getcb_fn_t callbackfn, status_t *res)
make a val_value_t struct for a specified virtual leaf or leaf-list
Definition: agt_util.c:3872
agt_cb_unregister_callbacks
void agt_cb_unregister_callbacks(const xmlChar *modname, const xmlChar *defpath)
Unregister all EDIT callback functions for a specific object.
Definition: agt_cb.c:1965
obj_is_very_secure
boolean obj_is_very_secure(const obj_template_t *obj)
Check if object is tagged ncx:very-secure.
Definition: obj.c:14451
ncx_next_backptr
ncx_backptr_t * ncx_next_backptr(ncx_backptr_t *curptr)
Get next back pointer struct.
Definition: ncx.c:11545
agt_acm_ietf_clean_obj_datarule
void agt_acm_ietf_clean_obj_datarule(ncx_module_t *mod)
Check all the rule list entry and its OBJ datarule cache and clean if the modules is getting unloaded...
Definition: agt_acm_ietf.c:5754
agt_acm_ietf_val_read_allowed
boolean agt_acm_ietf_val_read_allowed(xml_msg_hdr_t *msg, const xmlChar *user, val_value_t *val)
Check if the specified user is allowed to read a value node.
Definition: agt_acm_ietf.c:5472
agt_acm_get_acmode
agt_acmode_t agt_acm_get_acmode(void)
Get the –access-control mode.
Definition: agt_acm.c:885
VAL_NAME
#define VAL_NAME(V)
Access the value name.
Definition: val.h:399
ncxconst.h
Contains NCX constants.
ncxmod.h
NCX Module Load Manager.
agt_not.h
NETCONF Notifications DM module support.
XP_SRC_YANG
@ XP_SRC_YANG
YANG must or when.
Definition: xpath.h:376
ncx_first_lmem
ncx_lmem_t * ncx_first_lmem(ncx_list_t *list)
Return the first list member.
Definition: ncx_list.c:1249
cfg_get_root
val_value_t * cfg_get_root(ncx_cfg_t cfgid)
Get the config root for the specified config.
Definition: cfg.c:3240
xpath_check_backptrs_dirty
boolean xpath_check_backptrs_dirty(xpath_pcb_t *pcb, ncx_cfg_t cfg_id)
Check the backptrs_dirty flag in the PCB.
Definition: xpath.c:4485
xml_msg_get_msgid
uint32 xml_msg_get_msgid(xml_msg_hdr_t *msg)
Get the message sequence ID in the message.
Definition: xml_msg.c:1294
agt_cb.h
NETCONF Server Data Model callback handler.
agt_acm_group_cbfn_t
status_t(* agt_acm_group_cbfn_t)(const xmlChar *username, xmlChar **retgroups)
typedef for NACM External Groups callback function
Definition: agt_acm_ietf.h:164
dlq_insertAhead
void dlq_insertAhead(void *newP, void *nodeP)
insert the new queue entry before the current entry
Definition: dlq.c:447
OP_EDITOP_MERGE
@ OP_EDITOP_MERGE
edit op is merge
Definition: op.h:124
val_find_next_child
val_value_t * val_find_next_child(const val_value_t *parent, const xmlChar *modname, const xmlChar *childname, const val_value_t *curchild)
Find the next instance of the specified child node.
Definition: val.c:8748
xpath_set_manual_clear
void xpath_set_manual_clear(xpath_pcb_t *pcb)
Set the manual clear mode flag in the PCB.
Definition: xpath.c:4543
VAL_ENUM_NAME
#define VAL_ENUM_NAME(V)
Access the enum name in the value ONLY if BCX_NT_ENUM This is the macro used to check values in SIL c...
Definition: val.h:434
log_info
void void void void void log_info(const char *fstr,...) __attribute__((format(printf
Generate a new LOG_DEBUG_INFO log entry.
xmlns_id_t
uint16 xmlns_id_t
integer handle for registered namespaces
Definition: xmlns.h:89
dlq_swap
void dlq_swap(void *new_node, void *cur_node)
remove the cur_node queue entry from its queue list and replace it with the new_node
Definition: dlq.c:562
agt_record_error
void agt_record_error(ses_cb_t *scb, xml_msg_hdr_t *msghdr, ncx_layer_t layer, status_t res, const xml_node_t *xmlnode, ncx_node_t parmtyp, const void *error_info, ncx_node_t nodetyp, void *error_path)
Generate an rpc_err_rec_t and save it in the msg.
Definition: agt_util.c:1942
agt_cbtype_name
const xmlChar * agt_cbtype_name(agt_cbtyp_t cbtyp)
Get the string for the server callback phase.
Definition: agt.c:4247
log_debug2
void void void void void void void void void log_debug2(const char *fstr,...) __attribute__((format(printf
Generate a new LOG_DEBUG_DEBUG2 log entry.
agt_val.h
NETCONF Server database callback handler.
xpath1.h
XPath 1.0 expression support.
def_reg.h
Definition Registry module.
ncx_next_lmem
ncx_lmem_t * ncx_next_lmem(ncx_lmem_t *cur)
Return the next list member.
Definition: ncx_list.c:1274
NO_ERR
@ NO_ERR
000
Definition: status_enum.h:188
xpath.h
Schema and data model Xpath search support.
SES_MY_USERNAME
#define SES_MY_USERNAME(S)
get username
Definition: ses.h:111
ncx_clean_list
void ncx_clean_list(ncx_list_t *list)
Scrub the memory of a ncx_list_t but do not delete it.
Definition: ncx_list.c:139
agt_acm_ietf_val_write_allowed
boolean agt_acm_ietf_val_write_allowed(xml_msg_hdr_t *msg, const xmlChar *user, val_value_t *newval, val_value_t *curval, op_editop_t editop)
Check if the specified user is allowed to access a value node.
Definition: agt_acm_ietf.c:5419
agt_get_key_value
val_value_t * agt_get_key_value(val_value_t *startval, val_value_t **lastkey)
Get the next expected key value in the ancestor chain.
Definition: agt_util.c:4762
val_get_nsid
xmlns_id_t val_get_nsid(const val_value_t *val)
Get the namespace ID for the specified value node.
Definition: val.c:12277
obj_is_block_user_update
boolean obj_is_block_user_update(const obj_template_t *obj)
Check if object is marked as ncx:user-write with update access disabled.
Definition: obj.c:16099
agt_acm_ietf_clean_xpath_cache
void agt_acm_ietf_clean_xpath_cache(void)
Clean any cached XPath results because the data rule results.
Definition: agt_acm_ietf.c:5621
log_debug4
void void void void void void void void void void void void void log_debug4(const char *fstr,...) __attribute__((format(printf
Generate a new LOG_DEBUG_DEBUG4 log entry.
obj_get_name
const xmlChar * obj_get_name(const obj_template_t *obj)
Get the name field for this obj.
Definition: obj.c:10511
ERR_NCX_OPERATION_FAILED
@ ERR_NCX_OPERATION_FAILED
274
Definition: status_enum.h:315
LOGDEBUG2
#define LOGDEBUG2
Check if at least log-level=debug2.
Definition: log.h:292
XPATH_NACM_GET2
#define XPATH_NACM_GET2(P)
test if the NACM GET2 mode is active in xpath_pcb_t (P)
Definition: xpath.h:304
xpath_free_result
void xpath_free_result(xpath_result_t *result)
Free a malloced XPath result struct.
Definition: xpath.c:3107
OP_EDITOP_DELETE
@ OP_EDITOP_DELETE
edit op is delete
Definition: op.h:127
dlq_createSQue
void dlq_createSQue(dlq_hdrT *queAddr)
create a static queue header
Definition: dlq.c:177
log_warn
void void void log_warn(const char *fstr,...) __attribute__((format(printf
Generate a new LOG_DEBUG_WARN log entry.
ERR_INTERNAL_VAL
@ ERR_INTERNAL_VAL
004
Definition: status_enum.h:194
dlq_remove
void dlq_remove(void *nodeP)
remove the queue entry from its queue list entry MUST have been enqueued somehow before this function...
Definition: dlq.c:519
val_child_add
status_t val_child_add(val_value_t *child, val_value_t *parent)
Add a child value node to a parent value node.
Definition: val_child.c:1542
val_util.h
Value Node Utilities.
agt_get_savedevQ
dlq_hdr_t * agt_get_savedevQ(void)
Get the agt_savedevQ pointer.
Definition: agt.c:4747
agt_acm_ietf_register_group_cbfn
void agt_acm_ietf_register_group_cbfn(agt_acm_group_cbfn_t cbfn)
Register a get-external-groups callback function.
Definition: agt_acm_ietf.c:5673
agt_sil_lib.h
Server Instrumentation Library Support.
XML_MSG_GET2CB
#define XML_MSG_GET2CB(M)
GET2 control block backptr.
Definition: xml_msg.h:273
VAL_BITS
#define VAL_BITS
Access the value as a bits value ONLY if NCX_BT_BITS.
Definition: val.h:527
agt_acm_ietf_notif_allowed
boolean agt_acm_ietf_notif_allowed(const xmlChar *user, const obj_template_t *notifobj)
Check if the specified user is allowed to receive a notification event.
Definition: agt_acm_ietf.c:5388
xpath_find_obj_in_result
boolean xpath_find_obj_in_result(xpath_result_t *result, obj_template_t *obj)
Find the object pointer in the specified result.
Definition: xpath.c:4860
AGT_CB_VALIDATE
@ AGT_CB_VALIDATE
P1: write operation validate.
Definition: agt.h:620
ERR_INTERNAL_MEM
@ ERR_INTERNAL_MEM
003
Definition: status_enum.h:193
NCX_XPATH_TYPE_NACM
@ NCX_XPATH_TYPE_NACM
NACM data rule.
Definition: ncxtypes.h:1023
val_child.h
Value Node Child Access Support.
OP_INSOP_NONE
@ OP_INSOP_NONE
not set
Definition: op.h:138
get_error_string
const char * get_error_string(status_t res)
Get the error message for a specific internal error.
Definition: status.c:239
log_debug
void void void void void void void log_debug(const char *fstr,...) __attribute__((format(printf
Generate a new LOG_DEBUG_DEBUG log entry.
xpath1_validate_expr_ex
status_t xpath1_validate_expr_ex(ncx_module_t *mod, obj_template_t *obj, xpath_pcb_t *pcb, boolean missing_is_error, boolean set_backptrs, ncx_xpath_type_t backptr_type)
Validate the previously parsed expression string.
Definition: xpath1.c:4975
AGT_ACMOD_ENFORCING
@ AGT_ACMOD_ENFORCING
full enforcement
Definition: agt.h:609
NCX_CFGID_RUNNING
@ NCX_CFGID_RUNNING
running datastore (no value for not set!)
Definition: ncxtypes.h:384
val_clear_datarule
void val_clear_datarule(val_value_t *val, const void *rule)
Clear the datarule back-ptr for this node.
Definition: val_util.c:6423
val_move_config_false
status_t val_move_config_false(val_value_t *newval, val_value_t *curval)
Move the config false data nodes.
Definition: val_util.c:6611
xml_msg_get_cfgid
ncx_cfg_t xml_msg_get_cfgid(xml_msg_hdr_t *msg, boolean *isvalid)
Set the config ID in the message.
Definition: xml_msg.c:1269
OP_EDITOP_COMMIT
@ OP_EDITOP_COMMIT
commit, internal enum
Definition: op.h:129
ncx_set_list
status_t ncx_set_list(ncx_btype_t btyp, const xmlChar *strval, ncx_list_t *list)
consume a generic string list with base type checking Parse the XML input as an NCX_BT_SLIST
Definition: ncx_list.c:751
val_cache_datarule
status_t val_cache_datarule(val_value_t *val, void *rule)
Set the data-rule back-ptr for this node.
Definition: val_util.c:6386
dlq_nextEntry
#define dlq_nextEntry(nodeP)
get the next queue entry after the current entry
Definition: dlq.h:265
agt.h
Multi-Protocol Network Management Server.
agt_acm_ietf_cleanup
void agt_acm_ietf_cleanup(void)
Cleanup the external access control module.
Definition: agt_acm_ietf.c:5142
OP_EDITOP_DELETE_ALL
@ OP_EDITOP_DELETE_ALL
delete-all, yumapro only
Definition: op.h:131
GETCB_GET_VALUE
@ GETCB_GET_VALUE
GET request.
Definition: getcb.h:247
agt_ses_invalidate_session_acm_caches
void agt_ses_invalidate_session_acm_caches(void)
Invalidate all session ACM caches so they will be rebuilt.
Definition: agt_ses.c:2224
agt_modtags_check_modtag
boolean agt_modtags_check_modtag(void *v_modtag, xmlns_id_t nsid)
Check a modtag filter for NACM.
Definition: agt_modtags.c:1005
OP_INSOP_LAST
@ OP_INSOP_LAST
insert last (default)
Definition: op.h:140
xpath_set_keep_result
void xpath_set_keep_result(xpath_pcb_t *pcb)
Set the keep-result flag in the PCB.
Definition: xpath.c:4840
ncx_get_lmem_strval
const xmlChar * ncx_get_lmem_strval(const ncx_lmem_t *lmem)
Get the string value from an lmem must be type NCX_BT_STRING.
Definition: ncx_list.c:1354
op_editop_name
const xmlChar * op_editop_name(op_editop_t ed_id)
Get the keyword for the specified op_editop_t enumeration.
Definition: op.c:106
xpath1_eval_expr2
xpath_result_t * xpath1_eval_expr2(xpath_pcb_t *pcb, val_value_t *val, val_value_t *docroot, boolean logerrors, boolean configonly, boolean force_only, status_t *res)
Evaluate an XPath expression (alt)
Definition: xpath1.c:5347
obj_match_datarule
boolean obj_match_datarule(obj_template_t *obj, void *rule)
Check if the data-rule back-ptr applies to this node.
Definition: obj.c:18042
ERR_NCX_OPERATION_NOT_SUPPORTED
@ ERR_NCX_OPERATION_NOT_SUPPORTED
273
Definition: status_enum.h:314
agt_acm_val_read_allowed
boolean agt_acm_val_read_allowed(xml_msg_hdr_t *msg, const xmlChar *user, val_value_t *val)
Check if the specified user is allowed to read a value node.
Definition: agt_acm.c:618
ncx_first_backptr
ncx_backptr_t * ncx_first_backptr(dlq_hdr_t *que)
Get first back pointer struct.
Definition: ncx.c:11513
xpath_get_next_resnode
xpath_resnode_t * xpath_get_next_resnode(xpath_resnode_t *resnode)
Get the next result in the renodeQ from a result struct.
Definition: xpath.c:3959
VAL_UINT
#define VAL_UINT(V)
Access the value as an uint32 ONLY if NCX_BT_UINT8, 16, 32.
Definition: val.h:482
agt_modtags_find_modtag
void * agt_modtags_find_modtag(const xmlChar *tagstr)
Find a modtag; return opaque pointer.
Definition: agt_modtags.c:978
obj_get_mod_name
const xmlChar * obj_get_mod_name(const obj_template_t *obj)
Get the module name for this object.
Definition: obj.c:12176
xpath_set_backptrs_dirty
void xpath_set_backptrs_dirty(xpath_pcb_t *pcb, ncx_cfg_t cfg_id, boolean dirty)
Set the backptrs_dirty flag in the PCB.
Definition: xpath.c:4439
agt_acm_session_cache_valid
boolean agt_acm_session_cache_valid(const ses_cb_t *scb)
Check if the specified session NACM cache is valid.
Definition: agt_acm.c:827
xpath_get_first_resnode
xpath_resnode_t * xpath_get_first_resnode(xpath_result_t *result)
Get the first result in the renodeQ from a result struct.
Definition: xpath.c:3931
agt_acm_ietf.h
NETCONF Server Access Control handler for IETF data model.
xpath1_res_flatten_result
status_t xpath1_res_flatten_result(xpath_pcb_t *pcb, xpath_result_t *result)
Convert any vahdr resnodes to valptr resnodes for simplified processing.
Definition: xpath1_res.c:928
agt_acm_get_deniedRpcs
uint32 agt_acm_get_deniedRpcs(void)
Get the deniedRpcs counter.
Definition: agt_acm.c:976
xml_strcmp
int xml_strcmp(const xmlChar *s1, const xmlChar *s2)
String compare for xmlChar.
Definition: xml_util.c:1746
VAL_BOOL
#define VAL_BOOL(V)
Access the value as a boolean ONLY IF btyp == NCX_BT_BOOLEAN.
Definition: val.h:405
val_get_next_child
val_value_t * val_get_next_child(const val_value_t *curchild)
Get the next child node.
Definition: val.c:8496
OP_EDITOP_LOAD
@ OP_EDITOP_LOAD
load, internal enum
Definition: op.h:128
ncxmod_load_module
status_t ncxmod_load_module(const xmlChar *modname, const xmlChar *revision, dlq_hdr_t *savedevQ, ncx_module_t **retmod)
Determine the location of the specified module and then load it into the system, if not already loade...
Definition: ncxmod.c:4342
val_set_by_default
boolean val_set_by_default(const val_value_t *val)
Check if the value was set by val_add_defaults.
Definition: val.c:12571
LOGDEBUG4
#define LOGDEBUG4
Check if at least log-level=debug4.
Definition: log.h:302
obj_clear_datarule
void obj_clear_datarule(obj_template_t *obj, const void *rule)
Clear the datarule back-ptr for this node.
Definition: obj.c:18008
obj_is_block_user_delete
boolean obj_is_block_user_delete(const obj_template_t *obj)
Check if object is marked as ncx:user-write with delete access disabled.
Definition: obj.c:16120
agt_acm_get_deniedNotifications
uint32 agt_acm_get_deniedNotifications(void)
Get the deniedNotification counter.
Definition: agt_acm.c:1008
agt_sys.h
NETCONF system.yang DM module support.
LOGDEBUG
#define LOGDEBUG
Check if at least log-level=debug.
Definition: log.h:287
agt_acm_is_superuser
boolean agt_acm_is_superuser(const xmlChar *username)
Check if the specified user name is the superuser Low-level access; no scb available.
Definition: agt_acm.c:954
ERR_NCX_FOUND_GET2
@ ERR_NCX_FOUND_GET2
2006
Definition: status_enum.h:556
val_find_next_child_fast
val_value_t * val_find_next_child_fast(const val_value_t *parent, const val_value_t *curchild)
Find the next instance of the specified child node.
Definition: val.c:8774
xpath_clone_pcb
xpath_pcb_t * xpath_clone_pcb(const xpath_pcb_t *srcpcb)
Clone an XPath PCB.
Definition: xpath.c:2822
xpath_get_resnodeQ
dlq_hdr_t * xpath_get_resnodeQ(xpath_result_t *result)
Get the renodeQ from a result struct.
Definition: xpath.c:3905
OP_EDITOP_REMOVE
@ OP_EDITOP_REMOVE
remove, base:1.1 only
Definition: op.h:130
NCX_BT_BITS
@ NCX_BT_BITS
bits
Definition: ncxtypes.h:203
NCX_NT_VAL
@ NCX_NT_VAL
val_value_t
Definition: ncxtypes.h:276
ncx_list.h
NCX Module Library List Utility Functions.
dlq_deque
void * dlq_deque(dlq_hdrT *listP)
remove the first queue node from the queue list
Definition: dlq.c:286
val_get_first_child
val_value_t * val_get_first_child(const val_value_t *parent)
Get the first child node.
Definition: val.c:8477
NCX_NT_NONE
@ NCX_NT_NONE
not set
Definition: ncxtypes.h:273
agt_record_error_obj
void agt_record_error_obj(ses_cb_t *scb, xml_msg_hdr_t *msghdr, status_t res, obj_template_t *errobj, const xmlChar *badval)
Generate an rpc_err_rec_t and save it in the msg Use the provided object for <rpc-error> fields.
Definition: agt_util.c:1981
agt_acm_ietf_invalidate_session_cache
void agt_acm_ietf_invalidate_session_cache(ses_cb_t *scb)
Invalidate an agt_acm_cache_t struct in a session control block.
Definition: agt_acm_ietf.c:5576
dlq_empty
#define dlq_empty(listP)
check if queue list is empty
Definition: dlq.h:367
agt_acm.h
NETCONF Server Access Control Entry Points.
xpath1_check_node_exists
boolean xpath1_check_node_exists(xpath_pcb_t *pcb, dlq_hdr_t *resultQ, const val_value_t *val)
Check if any ancestor-ot-self node is already in the specified Q.
Definition: xpath1.c:5867
AGT_ACMOD_NONE
@ AGT_ACMOD_NONE
not set
Definition: agt.h:608
AGT_YWSYS_MODULE
#define AGT_YWSYS_MODULE
newerr yumaworks-system module mostly replaces yuma-system
Definition: agt_sys.h:99
AGT_CB_ROLLBACK
@ AGT_CB_ROLLBACK
P3-neg: write operation rollback.
Definition: agt.h:623
ncx_get_backptr_node
void * ncx_get_backptr_node(ncx_backptr_t *backptr)
Get the back pointer node pointer.
Definition: ncx.c:11577
NCX_LAYER_CONTENT
@ NCX_LAYER_CONTENT
application layer
Definition: ncxtypes.h:347
dlq_firstEntry
#define dlq_firstEntry(listP)
get the first entry in the queue list
Definition: dlq.h:337
obj_cache_datarule
status_t obj_cache_datarule(obj_template_t *obj, void *rule)
Set the data-rule back-ptr for this node.
Definition: obj.c:17973
obj_is_secure
boolean obj_is_secure(const obj_template_t *obj)
Check if object is tagged ncx:secure.
Definition: obj.c:14438
VAL_OBJ
#define VAL_OBJ(V)
Access the object template.
Definition: val.h:381
ncx.h
YANG module utility functions.
AGT_CB_COMMIT
@ AGT_CB_COMMIT
P3-pos: write operation commit.
Definition: agt.h:622
OP_EDITOP_REMOVE_ALL
@ OP_EDITOP_REMOVE_ALL
remove-all, yumapro only
Definition: op.h:132
obj.h
Data Object Support.
cfg_get_config_id
cfg_template_t * cfg_get_config_id(ncx_cfg_t cfgid)
Get the config struct from its ID.
Definition: cfg.c:1530
obj_is_block_user_create
boolean obj_is_block_user_create(const obj_template_t *obj)
Check if object is marked as ncx:user-write with create access disabled.
Definition: obj.c:16078
AGT_ACMOD_PERMISSIVE
@ AGT_ACMOD_PERMISSIVE
permissive mode, read + exec allowed
Definition: agt.h:610
agt_acm_ietf_set_datarules
void agt_acm_ietf_set_datarules(val_value_t *val, uint32 msgid)
Check the dataruleQ in the object and all child nodes For each rule found.
Definition: agt_acm_ietf.c:5690
ncx_init_list
void ncx_init_list(ncx_list_t *list, ncx_btype_t btyp)
Initialize an allocated ncx_list_t.
Definition: ncx_list.c:113
ncx_string_in_list
boolean ncx_string_in_list(const xmlChar *str, const ncx_list_t *list)
Check if the string value is in the list List type must be string based, or an enum.
Definition: ncx_list.c:343
xpath1_res.h
XPath 1.0 expression support; result support.
dlq_enque
void dlq_enque(REG void *newP, REG dlq_hdrT *listP)
add a queue node to the end of a queue list Add newP to listP
Definition: dlq.c:246
agt_acm_ietf_rpc_allowed
boolean agt_acm_ietf_rpc_allowed(xml_msg_hdr_t *msg, const xmlChar *user, const obj_template_t *rpcobj)
Check if the specified user is allowed to invoke an RPC.
Definition: agt_acm_ietf.c:5277
VAL_STR
#define VAL_STR(V)
Access the value as a string ONLY if typ_is_string() is true.
Definition: val.h:464
AGT_ACMOD_OFF
@ AGT_ACMOD_OFF
NACM completely off.
Definition: agt.h:612
xpath_expr_has_predicates
boolean xpath_expr_has_predicates(xpath_pcb_t *pcb)
Check if any predicates parsed in the expression.
Definition: xpath.c:4897
SET_ERROR
#define SET_ERROR(E)
macro SET_ERROR
Definition: status_enum.h:103
cfg_get_config_name
const xmlChar * cfg_get_config_name(ncx_cfg_t cfgid)
Get the config name from its ID.
Definition: cfg.c:1493
agt_cb_register_callback
status_t agt_cb_register_callback(const xmlChar *modname, const xmlChar *defpath, const xmlChar *version, agt_cb_fn_t cbfn)
Register an object specific edit callback function use the same fn for all callback phases all phases...
Definition: agt_cb.c:1177
NCX_BT_STRING
@ NCX_BT_STRING
string
Definition: ncxtypes.h:217
xpath1_test_data_rule
status_t xpath1_test_data_rule(xpath_pcb_t *pcb, getcb_get2_t *get2cb, boolean *testres)
Test a NACM data rule expression against a GET2 control block.
Definition: xpath1.c:5542
xmlns.h
XML namespace support.
AGT_ACMOD_DISABLED
@ AGT_ACMOD_DISABLED
almost all access control turned off
Definition: agt.h:611
val_free_value
void val_free_value(val_value_t *val)
Scrub the memory in a val_value_t by freeing all the sub-fields and then freeing the entire struct it...
Definition: val.c:2842
obj_is_root
boolean obj_is_root(const obj_template_t *obj)
Check if object is marked as a root object.
Definition: obj.c:14152
status.h
Global error messages for status code enumerations.
obj_get_nsid
xmlns_id_t obj_get_nsid(const obj_template_t *obj)
Get the namespace ID for this object.
Definition: obj.c:12395
dlq.h
dlq provides general double-linked list and queue support:
agt_acm_ietf_init_msg_cache
status_t agt_acm_ietf_init_msg_cache(ses_cb_t *scb, xml_msg_hdr_t *msg)
Malloc and initialize an agt_acm_cache_t struct and attach it to the incoming message.
Definition: agt_acm_ietf.c:5512
LOGDEBUG3
#define LOGDEBUG3
Check if at least log-level=debug3.
Definition: log.h:297
AGT_CB_APPLY
@ AGT_CB_APPLY
P2: write operation apply.
Definition: agt.h:621
val_match_datarule
boolean val_match_datarule(const val_value_t *val, void *rule)
Check if the data-rule back-ptr applies to this node.
Definition: val_util.c:6453