[thirdparty/squid.git] / src / ACLIdent.cc

/*
 * $Id$
 *
 * DEBUG: section 28    Access Control
 * AUTHOR: Duane Wessels
 *
 * SQUID Web Proxy Cache          http://www.squid-cache.org/
 * ----------------------------------------------------------
 *
 *  Squid is the result of efforts by numerous individuals from
 *  the Internet community; see the CONTRIBUTORS file for full
 *  details.   Many organizations have provided support for Squid's
 *  development; see the SPONSORS file for full details.  Squid is
 *  Copyrighted (C) 2001 by the Regents of the University of
 *  California; see the COPYRIGHT file for full details.  Squid
 *  incorporates software developed and/or copyrighted by other
 *  sources; see the CREDITS file for full details.
 *
 *  This program is free software; you can redistribute it and/or modify
 *  it under the terms of the GNU General Public License as published by
 *  the Free Software Foundation; either version 2 of the License, or
 *  (at your option) any later version.
 *  
 *  This program is distributed in the hope that it will be useful,
 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 *  GNU General Public License for more details.
 *  
 *  You should have received a copy of the GNU General Public License
 *  along with this program; if not, write to the Free Software
 *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
 *
 *
 * Copyright (c) 2003, Robert Collins <robertc@squid-cache.org>
 */

#include "squid.h"
#include "ACLIdent.h"
#include "authenticate.h"
#include "ACLChecklist.h"
#include "ACLRegexData.h"
#include "ACLUserData.h"

MemPool *ACLIdent::Pool(NULL);
void *
ACLIdent::operator new (size_t byteCount)
{
    /* derived classes with different sizes must implement their own new */
    assert (byteCount == sizeof (ACLIdent));

    if (!Pool)
        Pool = memPoolCreate("ACLIdent", sizeof (ACLIdent));

    return memPoolAlloc(Pool);
}

void
ACLIdent::operator delete (void *address)
{
    memPoolFree (Pool, address);
}

void
ACLIdent::deleteSelf() const
{
    delete this;
}

ACLIdent::~ACLIdent()
{
    data->deleteSelf();
}

ACLIdent::ACLIdent(ACLData<char const *> *newData, char const *newType) : data (newData), type_ (newType) {}

ACLIdent::ACLIdent (ACLIdent const &old) : data (old.data->clone()), type_ (old.type_)
{}

ACLIdent &
ACLIdent::operator= (ACLIdent const &rhs)
{
    data = rhs.data->clone();
    type_ = rhs.type_;
    return *this;
}

char const *
ACLIdent::typeString() const
{
    return type_;
}

void
ACLIdent::parse()
{
    debug(28, 3) ("aclParseUserList: current is null. Creating\n");
    data = new ACLUserData;
    data->parse();
}

int
ACLIdent::match(ACLChecklist *checklist)
{
    if (checklist->rfc931[0]) {
        return data->match(checklist->rfc931);
    } else {
        checklist->changeState(IdentLookup::Instance());
        return 0;
    }
}

wordlist *
ACLIdent::dump() const
{
    return data->dump();
}

bool
ACLIdent::valid () const
{
    return data != NULL;
}

ACL *
ACLIdent::clone() const
{
    return new ACLIdent(*this);
}

ACL::Prototype ACLIdent::UserRegistryProtoype(&ACLIdent::UserRegistryEntry_, "ident");
ACLIdent ACLIdent::UserRegistryEntry_(new ACLUserData, "ident");
ACL::Prototype ACLIdent::RegexRegistryProtoype(&ACLIdent::RegexRegistryEntry_, "ident_regex" );
ACLIdent ACLIdent::RegexRegistryEntry_(new ACLRegexData, "ident_regex");

IdentLookup IdentLookup::instance_;

IdentLookup *
IdentLookup::Instance()
{
    return &instance_;
}

void
IdentLookup::checkForAsync(ACLChecklist *checklist)const
{
    checklist->asyncInProgress(true);
    debug(28, 3) ("IdentLookup::checkForAsync: Doing ident lookup\n");

    if (checklist->conn() && cbdataReferenceValid(checklist->conn())) {
        identStart(&checklist->conn()->me, &checklist->conn()->peer,
                   LookupDone, checklist);
    } else {
        debug(28, 1) ("IdentLookup::checkForAsync: Can't start ident lookup. No client connection\n");
        checklist->currentAnswer(ACCESS_DENIED);
        checklist->markFinished();
    }
}

void
IdentLookup::LookupDone(const char *ident, void *data)
{
    ACLChecklist *checklist = (ACLChecklist *)data;
    assert (checklist->asyncState() == IdentLookup::Instance());

    if (ident) {
        xstrncpy(checklist->rfc931, ident, USER_IDENT_SZ);
    } else {
        xstrncpy(checklist->rfc931, dash_str, USER_IDENT_SZ);
    }

    /*
     * Cache the ident result in the connection, to avoid redoing ident lookup
     * over and over on persistent connections
     */
    if (cbdataReferenceValid(checklist->conn()) && !checklist->conn()->rfc931[0])
        xstrncpy(checklist->conn()->rfc931, checklist->rfc931, USER_IDENT_SZ);

    checklist->asyncInProgress(false);

    checklist->changeState (ACLChecklist::NullState::Instance());

    checklist->check();
}
Commit	Line	Data
8000a965	1	/*
	2	* $Id$
	3	*
	4	* DEBUG: section 28 Access Control
	5	* AUTHOR: Duane Wessels
	6	*
	7	* SQUID Web Proxy Cache http://www.squid-cache.org/
	8	* ----------------------------------------------------------
	9	*
	10	* Squid is the result of efforts by numerous individuals from
	11	* the Internet community; see the CONTRIBUTORS file for full
	12	* details. Many organizations have provided support for Squid's
	13	* development; see the SPONSORS file for full details. Squid is
	14	* Copyrighted (C) 2001 by the Regents of the University of
	15	* California; see the COPYRIGHT file for full details. Squid
	16	* incorporates software developed and/or copyrighted by other
	17	* sources; see the CREDITS file for full details.
	18	*
	19	* This program is free software; you can redistribute it and/or modify
	20	* it under the terms of the GNU General Public License as published by
	21	* the Free Software Foundation; either version 2 of the License, or
	22	* (at your option) any later version.
	23	*
	24	* This program is distributed in the hope that it will be useful,
	25	* but WITHOUT ANY WARRANTY; without even the implied warranty of
	26	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	27	* GNU General Public License for more details.
	28	*
	29	* You should have received a copy of the GNU General Public License
	30	* along with this program; if not, write to the Free Software
	31	* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
	32	*
	33	*
	34	* Copyright (c) 2003, Robert Collins <robertc@squid-cache.org>
	35	*/
	36
	37	#include "squid.h"
	38	#include "ACLIdent.h"
	39	#include "authenticate.h"
	40	#include "ACLChecklist.h"
3841dd46	41	#include "ACLRegexData.h"
3841dd46	42	#include "ACLUserData.h"
8000a965	43
	44	MemPool *ACLIdent::Pool(NULL);
	45	void *
	46	ACLIdent::operator new (size_t byteCount)
	47	{
	48	/* derived classes with different sizes must implement their own new */
	49	assert (byteCount == sizeof (ACLIdent));
62e76326	50
8000a965	51	if (!Pool)
62e76326	52	Pool = memPoolCreate("ACLIdent", sizeof (ACLIdent));
62e76326	53
8000a965	54	return memPoolAlloc(Pool);
	55	}
	56
	57	void
	58	ACLIdent::operator delete (void *address)
	59	{
	60	memPoolFree (Pool, address);
	61	}
	62
	63	void
	64	ACLIdent::deleteSelf() const
	65	{
	66	delete this;
	67	}
	68
	69	ACLIdent::~ACLIdent()
	70	{
3841dd46	71	data->deleteSelf();
	72	}
	73
5dee515e	74	ACLIdent::ACLIdent(ACLData<char const > newData, char const *newType) : data (newData), type_ (newType) {}
62e76326	75
3841dd46	76	ACLIdent::ACLIdent (ACLIdent const &old) : data (old.data->clone()), type_ (old.type_)
62e76326	77	{}
62e76326	78
3841dd46	79	ACLIdent &
	80	ACLIdent::operator= (ACLIdent const &rhs)
	81	{
	82	data = rhs.data->clone();
	83	type_ = rhs.type_;
	84	return *this;
8000a965	85	}
	86
	87	char const *
	88	ACLIdent::typeString() const
	89	{
3841dd46	90	return type_;
8000a965	91	}
	92
	93	void
	94	ACLIdent::parse()
	95	{
	96	debug(28, 3) ("aclParseUserList: current is null. Creating\n");
	97	data = new ACLUserData;
	98	data->parse();
	99	}
	100
	101	int
	102	ACLIdent::match(ACLChecklist *checklist)
	103	{
	104	if (checklist->rfc931[0]) {
62e76326	105	return data->match(checklist->rfc931);
8000a965	106	} else {
62e76326	107	checklist->changeState(IdentLookup::Instance());
62e76326	108	return 0;
8000a965	109	}
	110	}
	111
	112	wordlist *
	113	ACLIdent::dump() const
	114	{
	115	return data->dump();
	116	}
	117
	118	bool
	119	ACLIdent::valid () const
	120	{
	121	return data != NULL;
	122	}
3841dd46	123
	124	ACL *
	125	ACLIdent::clone() const
	126	{
	127	return new ACLIdent(*this);
	128	}
	129
	130	ACL::Prototype ACLIdent::UserRegistryProtoype(&ACLIdent::UserRegistryEntry_, "ident");
	131	ACLIdent ACLIdent::UserRegistryEntry_(new ACLUserData, "ident");
	132	ACL::Prototype ACLIdent::RegexRegistryProtoype(&ACLIdent::RegexRegistryEntry_, "ident_regex" );
	133	ACLIdent ACLIdent::RegexRegistryEntry_(new ACLRegexData, "ident_regex");
	134
	135	IdentLookup IdentLookup::instance_;
	136
	137	IdentLookup *
	138	IdentLookup::Instance()
	139	{
	140	return &instance_;
	141	}
	142
	143	void
	144	IdentLookup::checkForAsync(ACLChecklist *checklist)const
	145	{
	146	checklist->asyncInProgress(true);
	147	debug(28, 3) ("IdentLookup::checkForAsync: Doing ident lookup\n");
62e76326	148
3841dd46	149	if (checklist->conn() && cbdataReferenceValid(checklist->conn())) {
62e76326	150	identStart(&checklist->conn()->me, &checklist->conn()->peer,
62e76326	151	LookupDone, checklist);
3841dd46	152	} else {
62e76326	153	debug(28, 1) ("IdentLookup::checkForAsync: Can't start ident lookup. No client connection\n");
	154	checklist->currentAnswer(ACCESS_DENIED);
	155	checklist->markFinished();
3841dd46	156	}
	157	}
	158
	159	void
	160	IdentLookup::LookupDone(const char ident, void data)
	161	{
	162	ACLChecklist checklist = (ACLChecklist )data;
	163	assert (checklist->asyncState() == IdentLookup::Instance());
	164
	165	if (ident) {
62e76326	166	xstrncpy(checklist->rfc931, ident, USER_IDENT_SZ);
3841dd46	167	} else {
62e76326	168	xstrncpy(checklist->rfc931, dash_str, USER_IDENT_SZ);
3841dd46	169	}
62e76326	170
3841dd46	171	/*
	172	* Cache the ident result in the connection, to avoid redoing ident lookup
	173	* over and over on persistent connections
	174	*/
	175	if (cbdataReferenceValid(checklist->conn()) && !checklist->conn()->rfc931[0])
62e76326	176	xstrncpy(checklist->conn()->rfc931, checklist->rfc931, USER_IDENT_SZ);
62e76326	177
3841dd46	178	checklist->asyncInProgress(false);
62e76326	179
3841dd46	180	checklist->changeState (ACLChecklist::NullState::Instance());
62e76326	181
3841dd46	182	checklist->check();
3841dd46	183	}