src/acl/FilledChecklist.cc

   1 /*
   2  * Copyright (C) 1996-2015 The Squid Software Foundation and contributors
   3  *
   4  * Squid software is distributed under GPLv2+ license and includes
   5  * contributions from numerous individuals and organizations.
   6  * Please see the COPYING and CONTRIBUTORS files for details.
   7  */
   8
   9 #include "squid.h"
  10 #include "acl/FilledChecklist.h"
  11 #include "client_side.h"
  12 #include "comm/Connection.h"
  13 #include "comm/forward.h"
  14 #include "ExternalACLEntry.h"
  15 #include "HttpReply.h"
  16 #include "HttpRequest.h"
  17 #include "SquidConfig.h"
  18 #if USE_AUTH
  19 #include "auth/AclProxyAuth.h"
  20 #include "auth/UserRequest.h"
  21 #endif
  22
  23 CBDATA_CLASS_INIT(ACLFilledChecklist);
  24
  25 ACLFilledChecklist::ACLFilledChecklist() :
  26     dst_peer(NULL),
  27     dst_rdns(NULL),
  28     request (NULL),
  29     reply (NULL),
  30 #if USE_AUTH
  31     auth_user_request (NULL),
  32 #endif
  33 #if SQUID_SNMP
  34     snmp_community(NULL),
  35 #endif
  36 #if USE_OPENSSL
  37     sslErrors(NULL),
  38 #endif
  39     conn_(NULL),
  40     fd_(-1),
  41     destinationDomainChecked_(false),
  42     sourceDomainChecked_(false)
  43 {
  44     my_addr.setEmpty();
  45     src_addr.setEmpty();
  46     dst_addr.setEmpty();
  47     rfc931[0] = '\0';
  48 }
  49
  50 ACLFilledChecklist::~ACLFilledChecklist()
  51 {
  52     assert (!asyncInProgress());
  53
  54     safe_free(dst_rdns); // created by xstrdup().
  55
  56     HTTPMSGUNLOCK(request);
  57
  58     HTTPMSGUNLOCK(reply);
  59
  60     cbdataReferenceDone(conn_);
  61
  62 #if USE_OPENSSL
  63     cbdataReferenceDone(sslErrors);
  64 #endif
  65
  66     debugs(28, 4, HERE << "ACLFilledChecklist destroyed " << this);
  67 }
  68
  69 ConnStateData *
  70 ACLFilledChecklist::conn() const
  71 {
  72     return  conn_;
  73 }
  74
  75 void
  76 ACLFilledChecklist::conn(ConnStateData *aConn)
  77 {
  78     if (conn() == aConn)
  79         return;
  80     assert (conn() == NULL);
  81     conn_ = cbdataReference(aConn);
  82 }
  83
  84 int
  85 ACLFilledChecklist::fd() const
  86 {
  87     return (conn_ != NULL && conn_->clientConnection != NULL) ? conn_->clientConnection->fd : fd_;
  88 }
  89
  90 void
  91 ACLFilledChecklist::fd(int aDescriptor)
  92 {
  93     assert(!conn() || conn()->clientConnection == NULL || conn()->clientConnection->fd == aDescriptor);
  94     fd_ = aDescriptor;
  95 }
  96
  97 bool
  98 ACLFilledChecklist::destinationDomainChecked() const
  99 {
 100     return destinationDomainChecked_;
 101 }
 102
 103 void
 104 ACLFilledChecklist::markDestinationDomainChecked()
 105 {
 106     assert (!finished() && !destinationDomainChecked());
 107     destinationDomainChecked_ = true;
 108 }
 109
 110 bool
 111 ACLFilledChecklist::sourceDomainChecked() const
 112 {
 113     return sourceDomainChecked_;
 114 }
 115
 116 void
 117 ACLFilledChecklist::markSourceDomainChecked()
 118 {
 119     assert (!finished() && !sourceDomainChecked());
 120     sourceDomainChecked_ = true;
 121 }
 122
 123 /*
 124  * There are two common ACLFilledChecklist lifecycles paths:
 125  *
 126  * A) Using aclCheckFast(): The caller creates an ACLFilledChecklist object
 127  *    on stack and calls aclCheckFast().
 128  *
 129  * B) Using aclNBCheck() and callbacks: The caller allocates an
 130  *    ACLFilledChecklist object (via operator new) and passes it to
 131  *    aclNBCheck(). Control eventually passes to ACLChecklist::checkCallback(),
 132  *    which will invoke the callback function as requested by the
 133  *    original caller of aclNBCheck().  This callback function must
 134  *    *not* delete the list.  After the callback function returns,
 135  *    checkCallback() will delete the list (i.e., self).
 136  */
 137 ACLFilledChecklist::ACLFilledChecklist(const acl_access *A, HttpRequest *http_request, const char *ident):
 138     dst_peer(NULL),
 139     dst_rdns(NULL),
 140     request(NULL),
 141     reply(NULL),
 142 #if USE_AUTh
 143     auth_user_request(NULL),
 144 #endif
 145 #if SQUID_SNMP
 146     snmp_community(NULL),
 147 #endif
 148 #if USE_OPENSSL
 149     sslErrors(NULL),
 150 #endif
 151     conn_(NULL),
 152     fd_(-1),
 153     destinationDomainChecked_(false),
 154     sourceDomainChecked_(false)
 155 {
 156     my_addr.setEmpty();
 157     src_addr.setEmpty();
 158     dst_addr.setEmpty();
 159     rfc931[0] = '\0';
 160
 161     // cbdataReferenceDone() is in either fastCheck() or the destructor
 162     if (A)
 163         accessList = cbdataReference(A);
 164
 165     if (http_request != NULL) {
 166         request = http_request;
 167         HTTPMSGLOCK(request);
 168 #if FOLLOW_X_FORWARDED_FOR
 169         if (Config.onoff.acl_uses_indirect_client)
 170             src_addr = request->indirect_client_addr;
 171         else
 172 #endif /* FOLLOW_X_FORWARDED_FOR */
 173             src_addr = request->client_addr;
 174         my_addr = request->my_addr;
 175
 176         if (request->clientConnectionManager.valid())
 177             conn(request->clientConnectionManager.get());
 178     }
 179
 180 #if USE_IDENT
 181     if (ident)
 182         xstrncpy(rfc931, ident, USER_IDENT_SZ);
 183 #endif
 184 }
 185