]>
Commit | Line | Data |
---|---|---|
8000a965 | 1 | /* |
2 | * $Id$ | |
3 | * | |
4 | * DEBUG: section 28 Access Control | |
5 | * AUTHOR: Duane Wessels | |
6 | * | |
7 | * SQUID Web Proxy Cache http://www.squid-cache.org/ | |
8 | * ---------------------------------------------------------- | |
9 | * | |
10 | * Squid is the result of efforts by numerous individuals from | |
11 | * the Internet community; see the CONTRIBUTORS file for full | |
12 | * details. Many organizations have provided support for Squid's | |
13 | * development; see the SPONSORS file for full details. Squid is | |
14 | * Copyrighted (C) 2001 by the Regents of the University of | |
15 | * California; see the COPYRIGHT file for full details. Squid | |
16 | * incorporates software developed and/or copyrighted by other | |
17 | * sources; see the CREDITS file for full details. | |
18 | * | |
19 | * This program is free software; you can redistribute it and/or modify | |
20 | * it under the terms of the GNU General Public License as published by | |
21 | * the Free Software Foundation; either version 2 of the License, or | |
22 | * (at your option) any later version. | |
23 | * | |
24 | * This program is distributed in the hope that it will be useful, | |
25 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
26 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
27 | * GNU General Public License for more details. | |
28 | * | |
29 | * You should have received a copy of the GNU General Public License | |
30 | * along with this program; if not, write to the Free Software | |
31 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. | |
32 | * | |
33 | * | |
34 | * Copyright (c) 2003, Robert Collins <robertc@squid-cache.org> | |
35 | */ | |
36 | ||
37 | #include "squid.h" | |
38 | #include "ACLIdent.h" | |
39 | #include "authenticate.h" | |
40 | #include "ACLChecklist.h" | |
3841dd46 | 41 | #include "ACLRegexData.h" |
42 | #include "ACLUserData.h" | |
8000a965 | 43 | |
44 | MemPool *ACLIdent::Pool(NULL); | |
45 | void * | |
46 | ACLIdent::operator new (size_t byteCount) | |
47 | { | |
48 | /* derived classes with different sizes must implement their own new */ | |
49 | assert (byteCount == sizeof (ACLIdent)); | |
50 | if (!Pool) | |
51 | Pool = memPoolCreate("ACLIdent", sizeof (ACLIdent)); | |
52 | return memPoolAlloc(Pool); | |
53 | } | |
54 | ||
55 | void | |
56 | ACLIdent::operator delete (void *address) | |
57 | { | |
58 | memPoolFree (Pool, address); | |
59 | } | |
60 | ||
61 | void | |
62 | ACLIdent::deleteSelf() const | |
63 | { | |
64 | delete this; | |
65 | } | |
66 | ||
67 | ACLIdent::~ACLIdent() | |
68 | { | |
3841dd46 | 69 | data->deleteSelf(); |
70 | } | |
71 | ||
5dee515e | 72 | ACLIdent::ACLIdent(ACLData<char const *> *newData, char const *newType) : data (newData), type_ (newType) {} |
3841dd46 | 73 | ACLIdent::ACLIdent (ACLIdent const &old) : data (old.data->clone()), type_ (old.type_) |
74 | { | |
75 | } | |
76 | ACLIdent & | |
77 | ACLIdent::operator= (ACLIdent const &rhs) | |
78 | { | |
79 | data = rhs.data->clone(); | |
80 | type_ = rhs.type_; | |
81 | return *this; | |
8000a965 | 82 | } |
83 | ||
84 | char const * | |
85 | ACLIdent::typeString() const | |
86 | { | |
3841dd46 | 87 | return type_; |
8000a965 | 88 | } |
89 | ||
90 | void | |
91 | ACLIdent::parse() | |
92 | { | |
93 | debug(28, 3) ("aclParseUserList: current is null. Creating\n"); | |
94 | data = new ACLUserData; | |
95 | data->parse(); | |
96 | } | |
97 | ||
98 | int | |
99 | ACLIdent::match(ACLChecklist *checklist) | |
100 | { | |
101 | if (checklist->rfc931[0]) { | |
102 | return data->match(checklist->rfc931); | |
103 | } else { | |
3841dd46 | 104 | checklist->changeState(IdentLookup::Instance()); |
8000a965 | 105 | return 0; |
106 | } | |
107 | } | |
108 | ||
109 | wordlist * | |
110 | ACLIdent::dump() const | |
111 | { | |
112 | return data->dump(); | |
113 | } | |
114 | ||
115 | bool | |
116 | ACLIdent::valid () const | |
117 | { | |
118 | return data != NULL; | |
119 | } | |
3841dd46 | 120 | |
121 | ACL * | |
122 | ACLIdent::clone() const | |
123 | { | |
124 | return new ACLIdent(*this); | |
125 | } | |
126 | ||
127 | ACL::Prototype ACLIdent::UserRegistryProtoype(&ACLIdent::UserRegistryEntry_, "ident"); | |
128 | ACLIdent ACLIdent::UserRegistryEntry_(new ACLUserData, "ident"); | |
129 | ACL::Prototype ACLIdent::RegexRegistryProtoype(&ACLIdent::RegexRegistryEntry_, "ident_regex" ); | |
130 | ACLIdent ACLIdent::RegexRegistryEntry_(new ACLRegexData, "ident_regex"); | |
131 | ||
132 | IdentLookup IdentLookup::instance_; | |
133 | ||
134 | IdentLookup * | |
135 | IdentLookup::Instance() | |
136 | { | |
137 | return &instance_; | |
138 | } | |
139 | ||
140 | void | |
141 | IdentLookup::checkForAsync(ACLChecklist *checklist)const | |
142 | { | |
143 | checklist->asyncInProgress(true); | |
144 | debug(28, 3) ("IdentLookup::checkForAsync: Doing ident lookup\n"); | |
145 | if (checklist->conn() && cbdataReferenceValid(checklist->conn())) { | |
146 | identStart(&checklist->conn()->me, &checklist->conn()->peer, | |
147 | LookupDone, checklist); | |
148 | } else { | |
149 | debug(28, 1) ("IdentLookup::checkForAsync: Can't start ident lookup. No client connection\n"); | |
150 | checklist->currentAnswer(ACCESS_DENIED); | |
151 | checklist->markFinished(); | |
152 | } | |
153 | } | |
154 | ||
155 | void | |
156 | IdentLookup::LookupDone(const char *ident, void *data) | |
157 | { | |
158 | ACLChecklist *checklist = (ACLChecklist *)data; | |
159 | assert (checklist->asyncState() == IdentLookup::Instance()); | |
160 | ||
161 | if (ident) { | |
162 | xstrncpy(checklist->rfc931, ident, USER_IDENT_SZ); | |
163 | } else { | |
164 | xstrncpy(checklist->rfc931, dash_str, USER_IDENT_SZ); | |
165 | } | |
166 | /* | |
167 | * Cache the ident result in the connection, to avoid redoing ident lookup | |
168 | * over and over on persistent connections | |
169 | */ | |
170 | if (cbdataReferenceValid(checklist->conn()) && !checklist->conn()->rfc931[0]) | |
171 | xstrncpy(checklist->conn()->rfc931, checklist->rfc931, USER_IDENT_SZ); | |
172 | checklist->asyncInProgress(false); | |
173 | checklist->changeState (ACLChecklist::NullState::Instance()); | |
174 | checklist->check(); | |
175 | } |