[thirdparty/squid.git] / src / acl / DestinationDomain.cc

/*
 * $Id$
 *
 * DEBUG: section 28    Access Control
 * AUTHOR: Duane Wessels
 *
 * SQUID Web Proxy Cache          http://www.squid-cache.org/
 * ----------------------------------------------------------
 *
 *  Squid is the result of efforts by numerous individuals from
 *  the Internet community; see the CONTRIBUTORS file for full
 *  details.   Many organizations have provided support for Squid's
 *  development; see the SPONSORS file for full details.  Squid is
 *  Copyrighted (C) 2001 by the Regents of the University of
 *  California; see the COPYRIGHT file for full details.  Squid
 *  incorporates software developed and/or copyrighted by other
 *  sources; see the CREDITS file for full details.
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
 *
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
 *
 *
 * Copyright (c) 2003, Robert Collins <robertc@squid-cache.org>
 */

#include "squid-old.h"
#include "acl/DestinationDomain.h"
#include "acl/Checklist.h"
#include "acl/RegexData.h"
#include "acl/DomainData.h"
#include "HttpRequest.h"
#include "ipcache.h"

DestinationDomainLookup DestinationDomainLookup::instance_;

DestinationDomainLookup *
DestinationDomainLookup::Instance()
{
    return &instance_;
}

void
DestinationDomainLookup::checkForAsync(ACLChecklist *cl) const
{
    ACLFilledChecklist *checklist = Filled(cl);
    checklist->asyncInProgress(true);
    fqdncache_nbgethostbyaddr(checklist->dst_addr, LookupDone, checklist);
}

void
DestinationDomainLookup::LookupDone(const char *fqdn, const DnsLookupDetails &details, void *data)
{
    ACLFilledChecklist *checklist = Filled((ACLChecklist*)data);
    assert (checklist->asyncState() == DestinationDomainLookup::Instance());

    checklist->asyncInProgress(false);
    checklist->changeState (ACLChecklist::NullState::Instance());
    checklist->markDestinationDomainChecked();
    checklist->request->recordLookup(details);
    checklist->matchNonBlocking();
}


int
ACLDestinationDomainStrategy::match (ACLData<MatchType> * &data, ACLFilledChecklist *checklist)
{
    assert(checklist != NULL && checklist->request != NULL);

    if (data->match(checklist->request->GetHost())) {
        return 1;
    }

    /* numeric IPA? no, trust the above result. */
    if (checklist->request->GetHostIsNumeric() == 0) {
        return 0;
    }

    /* do we already have the rDNS? match on it if we do. */
    if (checklist->dst_rdns) {
        debugs(28, 3, "aclMatchAcl: '" << AclMatchedName << "' match with stored rDNS '" << checklist->dst_rdns << "' for '" << checklist->request->GetHost() << "'");
        return data->match(checklist->dst_rdns);
    }

    /* raw IP without rDNS? look it up and wait for the result */
    const ipcache_addrs *ia = ipcacheCheckNumeric(checklist->request->GetHost());
    if (!ia) {
        /* not a valid IPA */
        checklist->dst_rdns = xstrdup("invalid");
        return 0;
    }

    checklist->dst_addr = ia->in_addrs[0];
    const char *fqdn = fqdncache_gethostbyaddr(checklist->dst_addr, FQDN_LOOKUP_IF_MISS);

    if (fqdn) {
        checklist->dst_rdns = xstrdup(fqdn);
        return data->match(fqdn);
    } else if (!checklist->destinationDomainChecked()) {
        /* FIXME: Using AclMatchedName here is not OO correct. Should find a way to the current acl */
        debugs(28, 3, "aclMatchAcl: Can't yet compare '" << AclMatchedName << "' ACL for '" << checklist->request->GetHost() << "'");
        checklist->changeState(DestinationDomainLookup::Instance());
        return 0;
    }

    return data->match("none");
}

ACLDestinationDomainStrategy *
ACLDestinationDomainStrategy::Instance()
{
    return &Instance_;
}

ACLDestinationDomainStrategy ACLDestinationDomainStrategy::Instance_;
Commit	Line	Data
3841dd46	1	/*
262a0e14	2	* $Id$
3841dd46	3	*
	4	* DEBUG: section 28 Access Control
	5	* AUTHOR: Duane Wessels
	6	*
	7	* SQUID Web Proxy Cache http://www.squid-cache.org/
	8	* ----------------------------------------------------------
	9	*
	10	* Squid is the result of efforts by numerous individuals from
	11	* the Internet community; see the CONTRIBUTORS file for full
	12	* details. Many organizations have provided support for Squid's
	13	* development; see the SPONSORS file for full details. Squid is
	14	* Copyrighted (C) 2001 by the Regents of the University of
	15	* California; see the COPYRIGHT file for full details. Squid
	16	* incorporates software developed and/or copyrighted by other
	17	* sources; see the CREDITS file for full details.
	18	*
	19	* This program is free software; you can redistribute it and/or modify
	20	* it under the terms of the GNU General Public License as published by
	21	* the Free Software Foundation; either version 2 of the License, or
	22	* (at your option) any later version.
26ac0430	23	*
3841dd46	24	* This program is distributed in the hope that it will be useful,
	25	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	26	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	27	* GNU General Public License for more details.
26ac0430	28	*
3841dd46	29	* You should have received a copy of the GNU General Public License
	30	* along with this program; if not, write to the Free Software
	31	* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
	32	*
	33	*
	34	* Copyright (c) 2003, Robert Collins <robertc@squid-cache.org>
	35	*/
	36
f7f3304a	37	#include "squid-old.h"
c0941a6a AR	38	#include "acl/DestinationDomain.h"
	39	#include "acl/Checklist.h"
	40	#include "acl/RegexData.h"
	41	#include "acl/DomainData.h"
a2ac85d9	42	#include "HttpRequest.h"
714e68b7	43	#include "ipcache.h"
3841dd46	44
7660b45d	45	DestinationDomainLookup DestinationDomainLookup::instance_;
62e76326	46
7660b45d	47	DestinationDomainLookup *
7660b45d	48	DestinationDomainLookup::Instance()
3841dd46	49	{
7660b45d	50	return &instance_;
3841dd46	51	}
3841dd46	52
7660b45d	53	void
c0941a6a	54	DestinationDomainLookup::checkForAsync(ACLChecklist *cl) const
3841dd46	55	{
af6a12ee	56	ACLFilledChecklist *checklist = Filled(cl);
7660b45d	57	checklist->asyncInProgress(true);
c52f2002	58	fqdncache_nbgethostbyaddr(checklist->dst_addr, LookupDone, checklist);
3841dd46	59	}
	60
	61	void
3ff65596	62	DestinationDomainLookup::LookupDone(const char fqdn, const DnsLookupDetails &details, void data)
3841dd46	63	{
3ff65596	64	ACLFilledChecklist checklist = Filled((ACLChecklist)data);
7660b45d	65	assert (checklist->asyncState() == DestinationDomainLookup::Instance());
	66
	67	checklist->asyncInProgress(false);
	68	checklist->changeState (ACLChecklist::NullState::Instance());
3ff65596 AR	69	checklist->markDestinationDomainChecked();
3ff65596 AR	70	checklist->request->recordLookup(details);
2efeb0b7	71	checklist->matchNonBlocking();
3841dd46	72	}
3841dd46	73
7660b45d	74
3841dd46	75	int
c0941a6a	76	ACLDestinationDomainStrategy::match (ACLData<MatchType> * &data, ACLFilledChecklist *checklist)
3841dd46	77	{
58efcdd0	78	assert(checklist != NULL && checklist->request != NULL);
58efcdd0	79
12ef783b	80	if (data->match(checklist->request->GetHost())) {
7660b45d	81	return 1;
12ef783b AJ	82	}
	83
	84	/* numeric IPA? no, trust the above result. */
79c8a298	85	if (checklist->request->GetHostIsNumeric() == 0) {
12ef783b AJ	86	return 0;
	87	}
	88
	89	/* do we already have the rDNS? match on it if we do. */
	90	if (checklist->dst_rdns) {
	91	debugs(28, 3, "aclMatchAcl: '" << AclMatchedName << "' match with stored rDNS '" << checklist->dst_rdns << "' for '" << checklist->request->GetHost() << "'");
	92	return data->match(checklist->dst_rdns);
	93	}
7660b45d	94
12ef783b AJ	95	/* raw IP without rDNS? look it up and wait for the result */
	96	const ipcache_addrs *ia = ipcacheCheckNumeric(checklist->request->GetHost());
	97	if (!ia) {
	98	/* not a valid IPA */
	99	checklist->dst_rdns = xstrdup("invalid");
7660b45d	100	return 0;
12ef783b	101	}
62e76326	102
1958d180	103	checklist->dst_addr = ia->in_addrs[0];
12ef783b	104	const char *fqdn = fqdncache_gethostbyaddr(checklist->dst_addr, FQDN_LOOKUP_IF_MISS);
62e76326	105
7660b45d	106	if (fqdn) {
12ef783b	107	checklist->dst_rdns = xstrdup(fqdn);
62e76326	108	return data->match(fqdn);
7660b45d	109	} else if (!checklist->destinationDomainChecked()) {
7660b45d	110	/* FIXME: Using AclMatchedName here is not OO correct. Should find a way to the current acl */
cc192b50	111	debugs(28, 3, "aclMatchAcl: Can't yet compare '" << AclMatchedName << "' ACL for '" << checklist->request->GetHost() << "'");
62e76326	112	checklist->changeState(DestinationDomainLookup::Instance());
62e76326	113	return 0;
3841dd46	114	}
62e76326	115
3841dd46	116	return data->match("none");
	117	}
	118
7660b45d	119	ACLDestinationDomainStrategy *
7660b45d	120	ACLDestinationDomainStrategy::Instance()
3841dd46	121	{
7660b45d	122	return &Instance_;
3841dd46	123	}
3841dd46	124
7660b45d	125	ACLDestinationDomainStrategy ACLDestinationDomainStrategy::Instance_;