/**
* If going forward allow reading from the one with UID one lower.
* If going backward allow reading from the one with UID one higher.
*/
static qeo_policy_perm_t reader_on_policy_update(const qeo_state_change_reader_t *reader,
const qeo_policy_identity_t *identity,
uintptr_t userdata)
{
log_self("reader policy update for %" PRIx64 ": %" PRIx64, _self, qeo_policy_identity_get_uid(identity));
return on_policy_update(identity, &_rd_policy_updates, false);
}
/**
* If going forward allow writing to the one with UID one higher.
* If going backward allow writing to the one with UID one lower..
*/
static qeo_policy_perm_t writer_on_policy_update(const qeo_state_writer_t *writer,
const qeo_policy_identity_t *identity,
uintptr_t userdata)
{
log_self("writer policy update for %" PRIx64 ": %" PRIx64, _self, qeo_policy_identity_get_uid(identity));
return on_policy_update(identity, &_wr_policy_updates, true);
}
static qeo_policy_perm_t on_policy_update(const qeo_policy_identity_t *identity,
uintptr_t userdata)
{
qeo_policy_perm_t perm = QEO_POLICY_ALLOW;
if (_is_first) {
_uid_num = 0;
}
_is_first = false;
if (NULL != identity) {
int64_t uid = qeo_policy_identity_get_uid(identity);
/* only send to single peer? */
if (_single_peer && (uid != _single_uid)) {
perm = QEO_POLICY_DENY;
}
if (_uid_num >= MAX_UID) {
fprintf(stderr, "max number of users reached\n");
}
else {
/* Save UID to list of known UIDs */
_uid[_uid_num] = uid;
_uid_num++;
}
}
else {
_is_first = true;
}
return perm;
}
static qeo_policy_perm_t on_policy_update(const qeo_policy_identity_t *identity,
int *policy_updates,
bool reverse)
{
qeo_policy_perm_t perm = QEO_POLICY_DENY;
if (NULL == identity) {
/* end-of-update */
sem_post(&_pol_sync);
}
else {
int64_t uid = qeo_policy_identity_get_uid(identity);
perm = get_perm(uid, reverse);
(*policy_updates)++;
}
return perm;
}
