]>
Commit | Line | Data |
---|---|---|
8000a965 | 1 | /* |
8000a965 | 2 | * DEBUG: section 28 Access Control |
3 | * AUTHOR: Duane Wessels | |
4 | * | |
5 | * SQUID Web Proxy Cache http://www.squid-cache.org/ | |
6 | * ---------------------------------------------------------- | |
7 | * | |
8 | * Squid is the result of efforts by numerous individuals from | |
9 | * the Internet community; see the CONTRIBUTORS file for full | |
10 | * details. Many organizations have provided support for Squid's | |
11 | * development; see the SPONSORS file for full details. Squid is | |
12 | * Copyrighted (C) 2001 by the Regents of the University of | |
13 | * California; see the COPYRIGHT file for full details. Squid | |
14 | * incorporates software developed and/or copyrighted by other | |
15 | * sources; see the CREDITS file for full details. | |
16 | * | |
17 | * This program is free software; you can redistribute it and/or modify | |
18 | * it under the terms of the GNU General Public License as published by | |
19 | * the Free Software Foundation; either version 2 of the License, or | |
20 | * (at your option) any later version. | |
26ac0430 | 21 | * |
8000a965 | 22 | * This program is distributed in the hope that it will be useful, |
23 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
24 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
25 | * GNU General Public License for more details. | |
26ac0430 | 26 | * |
8000a965 | 27 | * You should have received a copy of the GNU General Public License |
28 | * along with this program; if not, write to the Free Software | |
29 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. | |
30 | * | |
31 | * | |
32 | * Copyright (c) 2003, Robert Collins <robertc@squid-cache.org> | |
33 | */ | |
34 | ||
582c2af2 | 35 | #include "squid.h" |
3ad63615 AR |
36 | #include "acl/UserData.h" |
37 | #include "acl/Checklist.h" | |
582c2af2 | 38 | #include "Debug.h" |
d295d770 | 39 | #include "wordlist.h" |
40 | #include "ConfigParser.h" | |
8000a965 | 41 | |
8000a965 | 42 | template<class T> |
43 | inline void | |
44 | xRefFree(T &thing) | |
45 | { | |
46 | xfree (thing); | |
47 | } | |
48 | ||
49 | ACLUserData::~ACLUserData() | |
50 | { | |
51 | if (names) | |
62e76326 | 52 | names->destroy(xRefFree); |
53 | } | |
8000a965 | 54 | |
079b4b63 | 55 | static int |
56 | splaystrcasecmp (char * const &l, char * const &r) | |
8000a965 | 57 | { |
58 | return strcasecmp ((char *)l,(char *)r); | |
59 | } | |
60 | ||
079b4b63 | 61 | static int |
62 | splaystrcmp (char * const &l, char * const &r) | |
8000a965 | 63 | { |
64 | return strcmp ((char *)l,(char *)r); | |
65 | } | |
66 | ||
67 | bool | |
68 | ACLUserData::match(char const *user) | |
69 | { | |
70 | SplayNode<char *> *Top = names; | |
71 | ||
bf8fe701 | 72 | debugs(28, 7, "aclMatchUser: user is " << user << ", case_insensitive is " << flags.case_insensitive); |
73 | debugs(28, 8, "Top is " << Top << ", Top->data is " << ((char *) (Top != NULL ? (Top)->data : "Unavailable"))); | |
8000a965 | 74 | |
72aa8f18 | 75 | if (user == NULL || strcmp(user, "-") == 0) |
62e76326 | 76 | return 0; |
8000a965 | 77 | |
78 | if (flags.required) { | |
bf8fe701 | 79 | debugs(28, 7, "aclMatchUser: user REQUIRED and auth-info present."); |
62e76326 | 80 | return 1; |
8000a965 | 81 | } |
62e76326 | 82 | |
8000a965 | 83 | if (flags.case_insensitive) |
62e76326 | 84 | Top = Top->splay((char *)user, splaystrcasecmp); |
8000a965 | 85 | else |
62e76326 | 86 | Top = Top->splay((char *)user, splaystrcmp); |
87 | ||
8000a965 | 88 | /* Top=splay_splay(user,Top,(splayNode::SPLAYCMP *)dumping_strcmp); */ |
bf8fe701 | 89 | debugs(28, 7, "aclMatchUser: returning " << !splayLastResult << ",Top is " << |
90 | Top << ", Top->data is " << ((char *) (Top ? Top->data : "Unavailable"))); | |
62e76326 | 91 | |
8000a965 | 92 | names = Top; |
62e76326 | 93 | |
8000a965 | 94 | return !splayLastResult; |
95 | } | |
96 | ||
97 | static void | |
98 | aclDumpUserListWalkee(char * const & node_data, void *outlist) | |
99 | { | |
100 | /* outlist is really a wordlist ** */ | |
101 | wordlistAdd((wordlist **)outlist, (char const *)node_data); | |
102 | } | |
103 | ||
104 | wordlist * | |
105 | ACLUserData::dump() | |
106 | { | |
107 | wordlist *wl = NULL; | |
62e76326 | 108 | |
8000a965 | 109 | if (flags.case_insensitive) |
62e76326 | 110 | wordlistAdd(&wl, "-i"); |
111 | ||
8000a965 | 112 | /* damn this is VERY inefficient for long ACL lists... filling |
113 | * a wordlist this way costs Sum(1,N) iterations. For instance | |
114 | * a 1000-elements list will be filled in 499500 iterations. | |
115 | */ | |
116 | if (flags.required) | |
62e76326 | 117 | wordlistAdd(&wl, "REQUIRED"); |
8000a965 | 118 | else if (names) |
62e76326 | 119 | names->walk(aclDumpUserListWalkee, &wl); |
120 | ||
8000a965 | 121 | return wl; |
122 | } | |
123 | ||
124 | void | |
125 | ACLUserData::parse() | |
126 | { | |
bf8fe701 | 127 | debugs(28, 2, "aclParseUserList: parsing user list"); |
8000a965 | 128 | char *t = NULL; |
62e76326 | 129 | |
d295d770 | 130 | if ((t = ConfigParser::strtokFile())) { |
bf8fe701 | 131 | debugs(28, 5, "aclParseUserList: First token is " << t); |
62e76326 | 132 | |
133 | if (strcmp("-i", t) == 0) { | |
bf8fe701 | 134 | debugs(28, 5, "aclParseUserList: Going case-insensitive"); |
62e76326 | 135 | flags.case_insensitive = 1; |
136 | } else if (strcmp("REQUIRED", t) == 0) { | |
bf8fe701 | 137 | debugs(28, 5, "aclParseUserList: REQUIRED-type enabled"); |
62e76326 | 138 | flags.required = 1; |
139 | } else { | |
140 | if (flags.case_insensitive) | |
141 | Tolower(t); | |
142 | ||
143 | names = names->insert(xstrdup(t), splaystrcmp); | |
144 | } | |
8000a965 | 145 | } |
62e76326 | 146 | |
bf8fe701 | 147 | debugs(28, 3, "aclParseUserList: Case-insensitive-switch is " << flags.case_insensitive); |
8000a965 | 148 | /* we might inherit from a previous declaration */ |
149 | ||
bf8fe701 | 150 | debugs(28, 4, "aclParseUserList: parsing user list"); |
62e76326 | 151 | |
d295d770 | 152 | while ((t = ConfigParser::strtokFile())) { |
bf8fe701 | 153 | debugs(28, 6, "aclParseUserList: Got token: " << t); |
62e76326 | 154 | |
155 | if (flags.case_insensitive) | |
156 | Tolower(t); | |
157 | ||
158 | names = names->insert(xstrdup(t), splaystrcmp); | |
8000a965 | 159 | } |
160 | } | |
225b7b10 | 161 | |
65092baf | 162 | bool |
163 | ACLUserData::empty() const | |
164 | { | |
290eb6b9 | 165 | return names->empty() && !flags.required; |
65092baf | 166 | } |
167 | ||
5dee515e | 168 | ACLData<char const *> * |
225b7b10 | 169 | ACLUserData::clone() const |
170 | { | |
171 | /* Splay trees don't clone yet. */ | |
172 | assert (!names); | |
173 | return new ACLUserData; | |
174 | } |