src/acl/FilledChecklist.h

   1 /*
   2  * Copyright (C) 1996-2017 The Squid Software Foundation and contributors
   3  *
   4  * Squid software is distributed under GPLv2+ license and includes
   5  * contributions from numerous individuals and organizations.
   6  * Please see the COPYING and CONTRIBUTORS files for details.
   7  */
   8
   9 #ifndef SQUID_ACLFILLED_CHECKLIST_H
  10 #define SQUID_ACLFILLED_CHECKLIST_H
  11
  12 #include "AccessLogEntry.h"
  13 #include "acl/Checklist.h"
  14 #include "acl/forward.h"
  15 #include "base/CbcPointer.h"
  16 #include "err_type.h"
  17 #include "ip/Address.h"
  18 #if USE_AUTH
  19 #include "auth/UserRequest.h"
  20 #endif
  21 #include "security/CertError.h"
  22
  23 class CachePeer;
  24 class ConnStateData;
  25 class HttpRequest;
  26 class HttpReply;
  27
  28 /** \ingroup ACLAPI
  29     ACLChecklist filled with specific data, representing Squid and transaction
  30     state for access checks along with some data-specific checking methods
  31  */
  32 class ACLFilledChecklist: public ACLChecklist
  33 {
  34     CBDATA_CLASS(ACLFilledChecklist);
  35
  36 public:
  37     ACLFilledChecklist();
  38     ACLFilledChecklist(const acl_access *, HttpRequest *, const char *ident);
  39     ~ACLFilledChecklist();
  40
  41 public:
  42     /// The client connection manager
  43     ConnStateData * conn() const;
  44
  45     /// The client side fd. It uses conn() if available
  46     int fd() const;
  47
  48     /// set either conn
  49     void conn(ConnStateData *);
  50     /// set the client side FD
  51     void fd(int aDescriptor);
  52
  53     //int authenticated();
  54
  55     bool destinationDomainChecked() const;
  56     void markDestinationDomainChecked();
  57     bool sourceDomainChecked() const;
  58     void markSourceDomainChecked();
  59
  60     // ACLChecklist API
  61     virtual bool hasRequest() const { return request != NULL; }
  62     virtual bool hasReply() const { return reply != NULL; }
  63     virtual bool hasAle() const { return al != NULL; }
  64     virtual void syncAle() const;
  65
  66 public:
  67     Ip::Address src_addr;
  68     Ip::Address dst_addr;
  69     Ip::Address my_addr;
  70     SBuf dst_peer_name;
  71     char *dst_rdns;
  72
  73     HttpRequest *request;
  74     HttpReply *reply;
  75
  76     char rfc931[USER_IDENT_SZ];
  77 #if USE_AUTH
  78     Auth::UserRequest::Pointer auth_user_request;
  79 #endif
  80 #if SQUID_SNMP
  81     char *snmp_community;
  82 #endif
  83
  84     /// SSL [certificate validation] errors, in undefined order
  85     const Security::CertErrors *sslErrors;
  86     /// The peer certificate
  87     Security::CertPointer serverCert;
  88
  89     AccessLogEntry::Pointer al; ///< info for the future access.log, and external ACL
  90
  91     ExternalACLEntryPointer extacl_entry;
  92
  93     err_type requestErrorType;
  94
  95 private:
  96     ConnStateData * conn_;          /**< hack for ident and NTLM */
  97     int fd_;                        /**< may be available when conn_ is not */
  98     bool destinationDomainChecked_;
  99     bool sourceDomainChecked_;
 100     /// not implemented; will cause link failures if used
 101     ACLFilledChecklist(const ACLFilledChecklist &);
 102     /// not implemented; will cause link failures if used
 103     ACLFilledChecklist &operator=(const ACLFilledChecklist &);
 104 };
 105
 106 /// convenience and safety wrapper for dynamic_cast<ACLFilledChecklist*>
 107 inline
 108 ACLFilledChecklist *Filled(ACLChecklist *checklist)
 109 {
 110     // this should always be safe because ACLChecklist is an abstract class
 111     // and ACLFilledChecklist is its only [concrete] child
 112     return dynamic_cast<ACLFilledChecklist*>(checklist);
 113 }
 114
 115 #endif /* SQUID_ACLFILLED_CHECKLIST_H */
 116