]>
Commit | Line | Data |
---|---|---|
8000a965 | 1 | /* |
4ac4a490 | 2 | * Copyright (C) 1996-2017 The Squid Software Foundation and contributors |
8000a965 | 3 | * |
bbc27441 AJ |
4 | * Squid software is distributed under GPLv2+ license and includes |
5 | * contributions from numerous individuals and organizations. | |
6 | * Please see the COPYING and CONTRIBUTORS files for details. | |
8000a965 | 7 | */ |
8 | ||
bbc27441 AJ |
9 | /* DEBUG: section 28 Access Control */ |
10 | ||
582c2af2 | 11 | #include "squid.h" |
4daaf3cb AJ |
12 | |
13 | #if USE_IDENT | |
14 | ||
127dce76 AR |
15 | #include "acl/FilledChecklist.h" |
16 | #include "acl/RegexData.h" | |
17 | #include "acl/UserData.h" | |
a46d2c0e | 18 | #include "client_side.h" |
f9b72e0c | 19 | #include "comm/Connection.h" |
582c2af2 | 20 | #include "globals.h" |
d3dddfb5 | 21 | #include "http/Stream.h" |
4daaf3cb AJ |
22 | #include "ident/AclIdent.h" |
23 | #include "ident/Ident.h" | |
8000a965 | 24 | |
8000a965 | 25 | ACLIdent::~ACLIdent() |
26 | { | |
00d77d6b | 27 | delete data; |
3841dd46 | 28 | } |
29 | ||
5dee515e | 30 | ACLIdent::ACLIdent(ACLData<char const *> *newData, char const *newType) : data (newData), type_ (newType) {} |
62e76326 | 31 | |
3841dd46 | 32 | ACLIdent::ACLIdent (ACLIdent const &old) : data (old.data->clone()), type_ (old.type_) |
62e76326 | 33 | {} |
34 | ||
3841dd46 | 35 | ACLIdent & |
36 | ACLIdent::operator= (ACLIdent const &rhs) | |
37 | { | |
38 | data = rhs.data->clone(); | |
39 | type_ = rhs.type_; | |
40 | return *this; | |
8000a965 | 41 | } |
42 | ||
43 | char const * | |
44 | ACLIdent::typeString() const | |
45 | { | |
3841dd46 | 46 | return type_; |
8000a965 | 47 | } |
48 | ||
49 | void | |
50 | ACLIdent::parse() | |
51 | { | |
1b0e74e5 | 52 | if (!data) { |
4daaf3cb | 53 | debugs(28, 3, HERE << "current is null. Creating"); |
1b0e74e5 | 54 | data = new ACLUserData; |
55 | } | |
56 | ||
8000a965 | 57 | data->parse(); |
58 | } | |
59 | ||
60 | int | |
127dce76 | 61 | ACLIdent::match(ACLChecklist *cl) |
8000a965 | 62 | { |
127dce76 | 63 | ACLFilledChecklist *checklist = Filled(cl); |
8000a965 | 64 | if (checklist->rfc931[0]) { |
62e76326 | 65 | return data->match(checklist->rfc931); |
73c36fd9 AJ |
66 | } else if (checklist->conn() != NULL && checklist->conn()->clientConnection != NULL && checklist->conn()->clientConnection->rfc931[0]) { |
67 | return data->match(checklist->conn()->clientConnection->rfc931); | |
e0f7153c | 68 | } else if (checklist->conn() != NULL && Comm::IsConnOpen(checklist->conn()->clientConnection)) { |
6f58d7d7 AR |
69 | if (checklist->goAsync(IdentLookup::Instance())) { |
70 | debugs(28, 3, "switching to ident lookup state"); | |
71 | return -1; | |
72 | } | |
73 | // else fall through to ACCESS_DUNNO failure below | |
e0f7153c AR |
74 | } else { |
75 | debugs(28, DBG_IMPORTANT, HERE << "Can't start ident lookup. No client connection" ); | |
6f58d7d7 | 76 | // fall through to ACCESS_DUNNO failure below |
8000a965 | 77 | } |
6f58d7d7 AR |
78 | |
79 | checklist->markFinished(ACCESS_DUNNO, "cannot start ident lookup"); | |
80 | return -1; | |
8000a965 | 81 | } |
82 | ||
dfad5100 | 83 | SBufList |
8000a965 | 84 | ACLIdent::dump() const |
85 | { | |
86 | return data->dump(); | |
87 | } | |
88 | ||
89 | bool | |
4b0f5de8 | 90 | ACLIdent::empty () const |
8000a965 | 91 | { |
1bebfd93 | 92 | return data->empty(); |
8000a965 | 93 | } |
3841dd46 | 94 | |
95 | ACL * | |
96 | ACLIdent::clone() const | |
97 | { | |
98 | return new ACLIdent(*this); | |
99 | } | |
100 | ||
3841dd46 | 101 | IdentLookup IdentLookup::instance_; |
102 | ||
103 | IdentLookup * | |
104 | IdentLookup::Instance() | |
105 | { | |
106 | return &instance_; | |
107 | } | |
108 | ||
109 | void | |
127dce76 | 110 | IdentLookup::checkForAsync(ACLChecklist *cl)const |
3841dd46 | 111 | { |
127dce76 | 112 | ACLFilledChecklist *checklist = Filled(cl); |
e0f7153c AR |
113 | const ConnStateData *conn = checklist->conn(); |
114 | // check that ACLIdent::match() tested this lookup precondition | |
115 | assert(conn && Comm::IsConnOpen(conn->clientConnection)); | |
c0f81932 | 116 | debugs(28, 3, HERE << "Doing ident lookup" ); |
c0f81932 | 117 | Ident::Start(checklist->conn()->clientConnection, LookupDone, checklist); |
3841dd46 | 118 | } |
119 | ||
120 | void | |
121 | IdentLookup::LookupDone(const char *ident, void *data) | |
122 | { | |
127dce76 | 123 | ACLFilledChecklist *checklist = Filled(static_cast<ACLChecklist*>(data)); |
3841dd46 | 124 | |
125 | if (ident) { | |
62e76326 | 126 | xstrncpy(checklist->rfc931, ident, USER_IDENT_SZ); |
3841dd46 | 127 | } else { |
62e76326 | 128 | xstrncpy(checklist->rfc931, dash_str, USER_IDENT_SZ); |
3841dd46 | 129 | } |
62e76326 | 130 | |
3841dd46 | 131 | /* |
132 | * Cache the ident result in the connection, to avoid redoing ident lookup | |
133 | * over and over on persistent connections | |
134 | */ | |
73c36fd9 AJ |
135 | if (checklist->conn() != NULL && checklist->conn()->clientConnection != NULL && !checklist->conn()->clientConnection->rfc931[0]) |
136 | xstrncpy(checklist->conn()->clientConnection->rfc931, checklist->rfc931, USER_IDENT_SZ); | |
62e76326 | 137 | |
6f58d7d7 | 138 | checklist->resumeNonBlockingCheck(IdentLookup::Instance()); |
3841dd46 | 139 | } |
4daaf3cb AJ |
140 | |
141 | #endif /* USE_IDENT */ | |
f53969cc | 142 |