[thirdparty/squid.git] / src / ACLCertificateData.cc

/*
 * $Id$
 *
 * DEBUG: section 28    Access Control
 * AUTHOR: Duane Wessels
 *
 * SQUID Web Proxy Cache          http://www.squid-cache.org/
 * ----------------------------------------------------------
 *
 *  Squid is the result of efforts by numerous individuals from
 *  the Internet community; see the CONTRIBUTORS file for full
 *  details.   Many organizations have provided support for Squid's
 *  development; see the SPONSORS file for full details.  Squid is
 *  Copyrighted (C) 2001 by the Regents of the University of
 *  California; see the COPYRIGHT file for full details.  Squid
 *  incorporates software developed and/or copyrighted by other
 *  sources; see the CREDITS file for full details.
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
 *
 *
 * Copyright (c) 2003, Robert Collins <robertc@squid-cache.org>
 */

#include "squid.h"
#include "ACLCertificateData.h"
#include "authenticate.h"
#include "ACLChecklist.h"
#include "wordlist.h"

ACLCertificateData::ACLCertificateData(SSLGETATTRIBUTE *sslStrategy) : attribute (NULL), values (), sslAttributeCall (sslStrategy)
{}

ACLCertificateData::ACLCertificateData(ACLCertificateData const &old) : attribute (NULL), values (old.values), sslAttributeCall (old.sslAttributeCall)
{
    if (old.attribute)
        attribute = xstrdup (old.attribute);
}

template<class T>
inline void
xRefFree(T &thing)
{
    xfree (thing);
}

ACLCertificateData::~ACLCertificateData()
{
    safe_free (attribute);
}

template<class T>
inline int
splaystrcmp (T&l, T&r)
{
    return strcmp ((char *)l,(char *)r);
}

bool
ACLCertificateData::match(SSL *ssl)
{
    if (!ssl)
        return 0;

    char const *value = sslAttributeCall(ssl, attribute);

    if (value == NULL)
        return 0;

    return values.match(value);
}

static void
aclDumpAttributeListWalkee(char * const & node_data, void *outlist)
{
    /* outlist is really a wordlist ** */
    wordlistAdd((wordlist **)outlist, node_data);
}

wordlist *
ACLCertificateData::dump()
{
    wordlist *wl = NULL;
    wordlistAdd(&wl, attribute);
    /* damn this is VERY inefficient for long ACL lists... filling
     * a wordlist this way costs Sum(1,N) iterations. For instance
     * a 1000-elements list will be filled in 499500 iterations.
     */
    /* XXX FIXME: don't break abstraction */
    values.values->walk(aclDumpAttributeListWalkee, &wl);
    return wl;
}

void
ACLCertificateData::parse()
{
    char *newAttribute = strtokFile();

    if (!newAttribute)
        self_destruct();

    /* an acl must use consistent attributes in all config lines */
    if (attribute) {
        if (strcasecmp(newAttribute, attribute) != 0)
            self_destruct();
    } else
        attribute = xstrdup(newAttribute);

    values.parse();
}

bool
ACLCertificateData::empty() const
{
    return values.empty();
}

ACLData<SSL *> *
ACLCertificateData::clone() const
{
    /* Splay trees don't clone yet. */
    return new ACLCertificateData(*this);
}
Commit	Line	Data
3841dd46	1	/*
262a0e14	2	* $Id$
3841dd46	3	*
	4	* DEBUG: section 28 Access Control
	5	* AUTHOR: Duane Wessels
	6	*
	7	* SQUID Web Proxy Cache http://www.squid-cache.org/
	8	* ----------------------------------------------------------
	9	*
	10	* Squid is the result of efforts by numerous individuals from
	11	* the Internet community; see the CONTRIBUTORS file for full
	12	* details. Many organizations have provided support for Squid's
	13	* development; see the SPONSORS file for full details. Squid is
	14	* Copyrighted (C) 2001 by the Regents of the University of
	15	* California; see the COPYRIGHT file for full details. Squid
	16	* incorporates software developed and/or copyrighted by other
	17	* sources; see the CREDITS file for full details.
	18	*
	19	* This program is free software; you can redistribute it and/or modify
	20	* it under the terms of the GNU General Public License as published by
	21	* the Free Software Foundation; either version 2 of the License, or
	22	* (at your option) any later version.
26ac0430	23	*
3841dd46	24	* This program is distributed in the hope that it will be useful,
	25	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	26	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	27	* GNU General Public License for more details.
26ac0430	28	*
3841dd46	29	* You should have received a copy of the GNU General Public License
	30	* along with this program; if not, write to the Free Software
	31	* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
	32	*
	33	*
	34	* Copyright (c) 2003, Robert Collins <robertc@squid-cache.org>
	35	*/
	36
	37	#include "squid.h"
	38	#include "ACLCertificateData.h"
	39	#include "authenticate.h"
	40	#include "ACLChecklist.h"
836007fe	41	#include "wordlist.h"
3841dd46	42
48071869	43	ACLCertificateData::ACLCertificateData(SSLGETATTRIBUTE *sslStrategy) : attribute (NULL), values (), sslAttributeCall (sslStrategy)
62e76326	44	{}
3841dd46	45
48071869	46	ACLCertificateData::ACLCertificateData(ACLCertificateData const &old) : attribute (NULL), values (old.values), sslAttributeCall (old.sslAttributeCall)
5dee515e	47	{
5dee515e	48	if (old.attribute)
62e76326	49	attribute = xstrdup (old.attribute);
5dee515e	50	}
5dee515e	51
3841dd46	52	template<class T>
	53	inline void
	54	xRefFree(T &thing)
	55	{
	56	xfree (thing);
	57	}
	58
	59	ACLCertificateData::~ACLCertificateData()
	60	{
5dee515e	61	safe_free (attribute);
3841dd46	62	}
	63
	64	template<class T>
	65	inline int
	66	splaystrcmp (T&l, T&r)
	67	{
	68	return strcmp ((char )l,(char )r);
	69	}
	70
3841dd46	71	bool
5dee515e	72	ACLCertificateData::match(SSL *ssl)
3841dd46	73	{
5dee515e	74	if (!ssl)
62e76326	75	return 0;
62e76326	76
5dee515e	77	char const *value = sslAttributeCall(ssl, attribute);
62e76326	78
5dee515e	79	if (value == NULL)
62e76326	80	return 0;
62e76326	81
48071869	82	return values.match(value);
3841dd46	83	}
	84
	85	static void
5dee515e	86	aclDumpAttributeListWalkee(char * const & node_data, void *outlist)
3841dd46	87	{
3841dd46	88	/* outlist is really a wordlist ** */
5dee515e	89	wordlistAdd((wordlist **)outlist, node_data);
3841dd46	90	}
	91
	92	wordlist *
	93	ACLCertificateData::dump()
	94	{
	95	wordlist *wl = NULL;
5dee515e	96	wordlistAdd(&wl, attribute);
3841dd46	97	/* damn this is VERY inefficient for long ACL lists... filling
	98	* a wordlist this way costs Sum(1,N) iterations. For instance
	99	* a 1000-elements list will be filled in 499500 iterations.
	100	*/
48071869	101	/* XXX FIXME: don't break abstraction */
48071869	102	values.values->walk(aclDumpAttributeListWalkee, &wl);
3841dd46	103	return wl;
	104	}
	105
	106	void
	107	ACLCertificateData::parse()
	108	{
5dee515e	109	char *newAttribute = strtokFile();
62e76326	110
5dee515e	111	if (!newAttribute)
62e76326	112	self_destruct();
62e76326	113
5dee515e	114	/* an acl must use consistent attributes in all config lines */
5dee515e	115	if (attribute) {
62e76326	116	if (strcasecmp(newAttribute, attribute) != 0)
62e76326	117	self_destruct();
5dee515e	118	} else
62e76326	119	attribute = xstrdup(newAttribute);
62e76326	120
48071869	121	values.parse();
3841dd46	122	}
3841dd46	123
65092baf	124	bool
	125	ACLCertificateData::empty() const
	126	{
	127	return values.empty();
	128	}
3841dd46	129
5dee515e	130	ACLData<SSL >
3841dd46	131	ACLCertificateData::clone() const
	132	{
	133	/* Splay trees don't clone yet. */
5dee515e	134	return new ACLCertificateData(*this);
3841dd46	135	}