]>
Commit | Line | Data |
---|---|---|
8000a965 | 1 | /* |
2 | * $Id$ | |
3 | * | |
4 | * DEBUG: section 28 Access Control | |
5 | * AUTHOR: Duane Wessels | |
6 | * | |
7 | * SQUID Web Proxy Cache http://www.squid-cache.org/ | |
8 | * ---------------------------------------------------------- | |
9 | * | |
10 | * Squid is the result of efforts by numerous individuals from | |
11 | * the Internet community; see the CONTRIBUTORS file for full | |
12 | * details. Many organizations have provided support for Squid's | |
13 | * development; see the SPONSORS file for full details. Squid is | |
14 | * Copyrighted (C) 2001 by the Regents of the University of | |
15 | * California; see the COPYRIGHT file for full details. Squid | |
16 | * incorporates software developed and/or copyrighted by other | |
17 | * sources; see the CREDITS file for full details. | |
18 | * | |
19 | * This program is free software; you can redistribute it and/or modify | |
20 | * it under the terms of the GNU General Public License as published by | |
21 | * the Free Software Foundation; either version 2 of the License, or | |
22 | * (at your option) any later version. | |
23 | * | |
24 | * This program is distributed in the hope that it will be useful, | |
25 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
26 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
27 | * GNU General Public License for more details. | |
28 | * | |
29 | * You should have received a copy of the GNU General Public License | |
30 | * along with this program; if not, write to the Free Software | |
31 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. | |
32 | * | |
33 | * | |
34 | * Copyright (c) 2003, Robert Collins <robertc@squid-cache.org> | |
35 | */ | |
36 | ||
37 | #include "squid.h" | |
38 | #include "ACLIdent.h" | |
39 | #include "authenticate.h" | |
40 | #include "ACLChecklist.h" | |
3841dd46 | 41 | #include "ACLRegexData.h" |
42 | #include "ACLUserData.h" | |
8000a965 | 43 | |
44 | MemPool *ACLIdent::Pool(NULL); | |
45 | void * | |
46 | ACLIdent::operator new (size_t byteCount) | |
47 | { | |
48 | /* derived classes with different sizes must implement their own new */ | |
49 | assert (byteCount == sizeof (ACLIdent)); | |
62e76326 | 50 | |
8000a965 | 51 | if (!Pool) |
62e76326 | 52 | Pool = memPoolCreate("ACLIdent", sizeof (ACLIdent)); |
53 | ||
8000a965 | 54 | return memPoolAlloc(Pool); |
55 | } | |
56 | ||
57 | void | |
58 | ACLIdent::operator delete (void *address) | |
59 | { | |
60 | memPoolFree (Pool, address); | |
61 | } | |
62 | ||
63 | void | |
64 | ACLIdent::deleteSelf() const | |
65 | { | |
66 | delete this; | |
67 | } | |
68 | ||
69 | ACLIdent::~ACLIdent() | |
70 | { | |
3841dd46 | 71 | data->deleteSelf(); |
72 | } | |
73 | ||
5dee515e | 74 | ACLIdent::ACLIdent(ACLData<char const *> *newData, char const *newType) : data (newData), type_ (newType) {} |
62e76326 | 75 | |
3841dd46 | 76 | ACLIdent::ACLIdent (ACLIdent const &old) : data (old.data->clone()), type_ (old.type_) |
62e76326 | 77 | {} |
78 | ||
3841dd46 | 79 | ACLIdent & |
80 | ACLIdent::operator= (ACLIdent const &rhs) | |
81 | { | |
82 | data = rhs.data->clone(); | |
83 | type_ = rhs.type_; | |
84 | return *this; | |
8000a965 | 85 | } |
86 | ||
87 | char const * | |
88 | ACLIdent::typeString() const | |
89 | { | |
3841dd46 | 90 | return type_; |
8000a965 | 91 | } |
92 | ||
93 | void | |
94 | ACLIdent::parse() | |
95 | { | |
96 | debug(28, 3) ("aclParseUserList: current is null. Creating\n"); | |
97 | data = new ACLUserData; | |
98 | data->parse(); | |
99 | } | |
100 | ||
101 | int | |
102 | ACLIdent::match(ACLChecklist *checklist) | |
103 | { | |
104 | if (checklist->rfc931[0]) { | |
62e76326 | 105 | return data->match(checklist->rfc931); |
8000a965 | 106 | } else { |
62e76326 | 107 | checklist->changeState(IdentLookup::Instance()); |
108 | return 0; | |
8000a965 | 109 | } |
110 | } | |
111 | ||
112 | wordlist * | |
113 | ACLIdent::dump() const | |
114 | { | |
115 | return data->dump(); | |
116 | } | |
117 | ||
118 | bool | |
119 | ACLIdent::valid () const | |
120 | { | |
121 | return data != NULL; | |
122 | } | |
3841dd46 | 123 | |
124 | ACL * | |
125 | ACLIdent::clone() const | |
126 | { | |
127 | return new ACLIdent(*this); | |
128 | } | |
129 | ||
130 | ACL::Prototype ACLIdent::UserRegistryProtoype(&ACLIdent::UserRegistryEntry_, "ident"); | |
131 | ACLIdent ACLIdent::UserRegistryEntry_(new ACLUserData, "ident"); | |
132 | ACL::Prototype ACLIdent::RegexRegistryProtoype(&ACLIdent::RegexRegistryEntry_, "ident_regex" ); | |
133 | ACLIdent ACLIdent::RegexRegistryEntry_(new ACLRegexData, "ident_regex"); | |
134 | ||
135 | IdentLookup IdentLookup::instance_; | |
136 | ||
137 | IdentLookup * | |
138 | IdentLookup::Instance() | |
139 | { | |
140 | return &instance_; | |
141 | } | |
142 | ||
143 | void | |
144 | IdentLookup::checkForAsync(ACLChecklist *checklist)const | |
145 | { | |
146 | checklist->asyncInProgress(true); | |
147 | debug(28, 3) ("IdentLookup::checkForAsync: Doing ident lookup\n"); | |
62e76326 | 148 | |
3841dd46 | 149 | if (checklist->conn() && cbdataReferenceValid(checklist->conn())) { |
62e76326 | 150 | identStart(&checklist->conn()->me, &checklist->conn()->peer, |
151 | LookupDone, checklist); | |
3841dd46 | 152 | } else { |
62e76326 | 153 | debug(28, 1) ("IdentLookup::checkForAsync: Can't start ident lookup. No client connection\n"); |
154 | checklist->currentAnswer(ACCESS_DENIED); | |
155 | checklist->markFinished(); | |
3841dd46 | 156 | } |
157 | } | |
158 | ||
159 | void | |
160 | IdentLookup::LookupDone(const char *ident, void *data) | |
161 | { | |
162 | ACLChecklist *checklist = (ACLChecklist *)data; | |
163 | assert (checklist->asyncState() == IdentLookup::Instance()); | |
164 | ||
165 | if (ident) { | |
62e76326 | 166 | xstrncpy(checklist->rfc931, ident, USER_IDENT_SZ); |
3841dd46 | 167 | } else { |
62e76326 | 168 | xstrncpy(checklist->rfc931, dash_str, USER_IDENT_SZ); |
3841dd46 | 169 | } |
62e76326 | 170 | |
3841dd46 | 171 | /* |
172 | * Cache the ident result in the connection, to avoid redoing ident lookup | |
173 | * over and over on persistent connections | |
174 | */ | |
175 | if (cbdataReferenceValid(checklist->conn()) && !checklist->conn()->rfc931[0]) | |
62e76326 | 176 | xstrncpy(checklist->conn()->rfc931, checklist->rfc931, USER_IDENT_SZ); |
177 | ||
3841dd46 | 178 | checklist->asyncInProgress(false); |
62e76326 | 179 | |
3841dd46 | 180 | checklist->changeState (ACLChecklist::NullState::Instance()); |
62e76326 | 181 | |
3841dd46 | 182 | checklist->check(); |
183 | } |