]>
Commit | Line | Data |
---|---|---|
bbc27441 | 1 | /* |
b8ae064d | 2 | * Copyright (C) 1996-2023 The Squid Software Foundation and contributors |
bbc27441 AJ |
3 | * |
4 | * Squid software is distributed under GPLv2+ license and includes | |
5 | * contributions from numerous individuals and organizations. | |
6 | * Please see the COPYING and CONTRIBUTORS files for details. | |
7 | */ | |
8 | ||
582c2af2 | 9 | #include "squid.h" |
2d46f579 | 10 | |
c302ddb5 CT |
11 | #if USE_ADAPTATION |
12 | #include "acl/AdaptationService.h" | |
13 | #include "acl/AdaptationServiceData.h" | |
14 | #endif | |
6f58d7d7 | 15 | #include "acl/AllOf.h" |
75d47340 CT |
16 | #include "acl/AnnotateClient.h" |
17 | #include "acl/AnnotateTransaction.h" | |
18 | #include "acl/AnnotationData.h" | |
6f58d7d7 | 19 | #include "acl/AnyOf.h" |
32d002cb | 20 | #if USE_SQUID_EUI |
2d46f579 | 21 | #include "acl/Arp.h" |
a98c2da5 | 22 | #include "acl/Eui64.h" |
2d46f579 | 23 | #endif |
5d65362c | 24 | #if USE_OPENSSL |
8693472e CT |
25 | #include "acl/AtStep.h" |
26 | #include "acl/AtStepData.h" | |
5d65362c | 27 | #endif |
2d46f579 | 28 | #include "acl/Asn.h" |
2d46f579 | 29 | #include "acl/Checklist.h" |
88df846b | 30 | #include "acl/ConnectionsEncrypted.h" |
2d46f579 AR |
31 | #include "acl/Data.h" |
32 | #include "acl/DestinationAsn.h" | |
33 | #include "acl/DestinationDomain.h" | |
34 | #include "acl/DestinationIp.h" | |
35 | #include "acl/DomainData.h" | |
653d9927 A |
36 | #if USE_LIBNETFILTERCONNTRACK |
37 | #include "acl/ConnMark.h" | |
38 | #endif | |
2f1431ea | 39 | #if USE_AUTH |
2d46f579 | 40 | #include "acl/ExtUser.h" |
2f1431ea | 41 | #endif |
2d46f579 | 42 | #include "acl/FilledChecklist.h" |
4eac3407 | 43 | #include "acl/forward.h" |
2d46f579 | 44 | #include "acl/Gadgets.h" |
5ec4cffe EB |
45 | #include "acl/HasComponent.h" |
46 | #include "acl/HasComponentData.h" | |
bbaf2685 | 47 | #include "acl/HierCode.h" |
602d9612 | 48 | #include "acl/HierCodeData.h" |
2d46f579 AR |
49 | #include "acl/HttpHeaderData.h" |
50 | #include "acl/HttpRepHeader.h" | |
51 | #include "acl/HttpReqHeader.h" | |
52 | #include "acl/HttpStatus.h" | |
2d46f579 AR |
53 | #include "acl/IntRange.h" |
54 | #include "acl/Ip.h" | |
1e40905d AJ |
55 | #include "acl/LocalIp.h" |
56 | #include "acl/LocalPort.h" | |
2d46f579 | 57 | #include "acl/MaxConnection.h" |
2d46f579 | 58 | #include "acl/Method.h" |
602d9612 | 59 | #include "acl/MethodData.h" |
2d46f579 | 60 | #include "acl/MyPortName.h" |
39baccc8 CT |
61 | #include "acl/Note.h" |
62 | #include "acl/NoteData.h" | |
2d46f579 | 63 | #include "acl/PeerName.h" |
2d46f579 | 64 | #include "acl/Protocol.h" |
602d9612 | 65 | #include "acl/ProtocolData.h" |
cb1b906f | 66 | #include "acl/Random.h" |
2d46f579 AR |
67 | #include "acl/RegexData.h" |
68 | #include "acl/ReplyHeaderStrategy.h" | |
69 | #include "acl/ReplyMimeType.h" | |
70 | #include "acl/RequestHeaderStrategy.h" | |
71 | #include "acl/RequestMimeType.h" | |
72 | #include "acl/SourceAsn.h" | |
73 | #include "acl/SourceDomain.h" | |
74 | #include "acl/SourceIp.h" | |
3248e962 CT |
75 | #include "acl/SquidError.h" |
76 | #include "acl/SquidErrorData.h" | |
cb4f4424 | 77 | #if USE_OPENSSL |
2d46f579 | 78 | #include "acl/Certificate.h" |
602d9612 | 79 | #include "acl/CertificateData.h" |
69f69080 | 80 | #include "acl/ServerName.h" |
602d9612 A |
81 | #include "acl/SslError.h" |
82 | #include "acl/SslErrorData.h" | |
2d46f579 AR |
83 | #endif |
84 | #include "acl/Strategised.h" | |
85 | #include "acl/Strategy.h" | |
86 | #include "acl/StringData.h" | |
cb4f4424 | 87 | #if USE_OPENSSL |
00352183 AR |
88 | #include "acl/ServerCertificate.h" |
89 | #endif | |
bb5e7a79 | 90 | #include "acl/Tag.h" |
2d46f579 | 91 | #include "acl/Time.h" |
602d9612 | 92 | #include "acl/TimeData.h" |
5ceaee75 | 93 | #include "acl/TransactionInitiator.h" |
2d46f579 | 94 | #include "acl/Url.h" |
9d35fe37 | 95 | #include "acl/UrlLogin.h" |
2d46f579 AR |
96 | #include "acl/UrlPath.h" |
97 | #include "acl/UrlPort.h" | |
98 | #include "acl/UserData.h" | |
2f1431ea | 99 | #if USE_AUTH |
abca32cf | 100 | #include "auth/AclMaxUserIp.h" |
602d9612 | 101 | #include "auth/AclProxyAuth.h" |
2f1431ea | 102 | #endif |
e2b74520 | 103 | #include "base/RegexPattern.h" |
4eac3407 | 104 | #include "ExternalACL.h" |
4daaf3cb AJ |
105 | #if USE_IDENT |
106 | #include "ident/AclIdent.h" | |
107 | #endif | |
4eac3407 CT |
108 | #if SQUID_SNMP |
109 | #include "snmp_core.h" | |
2f1431ea | 110 | #endif |
5d65362c | 111 | |
4eac3407 CT |
112 | // Not in src/acl/ because some of the ACLs it registers are not in src/acl/. |
113 | void | |
114 | Acl::Init() | |
115 | { | |
116 | /* the registration order does not matter */ | |
117 | ||
118 | // The explicit return type (ACL*) for lambdas is needed because the type | |
119 | // of the return expression inside lambda is not ACL* but AclFoo* while | |
120 | // Acl::Maker is defined to return ACL*. | |
121 | ||
122 | RegisterMaker("all-of", [](TypeName)->ACL* { return new Acl::AllOf; }); // XXX: Add name parameter to ctor | |
123 | RegisterMaker("any-of", [](TypeName)->ACL* { return new Acl::AnyOf; }); // XXX: Add name parameter to ctor | |
124 | RegisterMaker("random", [](TypeName name)->ACL* { return new ACLRandom(name); }); | |
125 | RegisterMaker("time", [](TypeName name)->ACL* { return new ACLStrategised<time_t>(new ACLTimeData, new ACLTimeStrategy, name); }); | |
126 | RegisterMaker("src_as", [](TypeName name)->ACL* { return new ACLStrategised<Ip::Address>(new ACLASN, new ACLSourceASNStrategy, name); }); | |
127 | RegisterMaker("dst_as", [](TypeName name)->ACL* { return new ACLStrategised<Ip::Address>(new ACLASN, new ACLDestinationASNStrategy, name); }); | |
128 | RegisterMaker("browser", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLRegexData, new ACLRequestHeaderStrategy<Http::HdrType::USER_AGENT>, name); }); | |
129 | RegisterMaker("dstdomain", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLDomainData, new ACLDestinationDomainStrategy, name); }); | |
9e167fa2 | 130 | RegisterMaker("dstdom_regex", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLRegexData, new ACLDestinationDomainStrategy, name); }); |
4eac3407 CT |
131 | RegisterMaker("dst", [](TypeName)->ACL* { return new ACLDestinationIP; }); // XXX: Add name parameter to ctor |
132 | RegisterMaker("hier_code", [](TypeName name)->ACL* { return new ACLStrategised<hier_code>(new ACLHierCodeData, new ACLHierCodeStrategy, name); }); | |
133 | RegisterMaker("rep_header", [](TypeName name)->ACL* { return new ACLStrategised<HttpHeader*>(new ACLHTTPHeaderData, new ACLHTTPRepHeaderStrategy, name); }); | |
134 | RegisterMaker("req_header", [](TypeName name)->ACL* { return new ACLStrategised<HttpHeader*>(new ACLHTTPHeaderData, new ACLHTTPReqHeaderStrategy, name); }); | |
135 | RegisterMaker("http_status", [](TypeName name)->ACL* { return new ACLHTTPStatus(name); }); | |
136 | RegisterMaker("maxconn", [](TypeName name)->ACL* { return new ACLMaxConnection(name); }); | |
137 | RegisterMaker("method", [](TypeName name)->ACL* { return new ACLStrategised<HttpRequestMethod>(new ACLMethodData, new ACLMethodStrategy, name); }); | |
138 | RegisterMaker("localip", [](TypeName)->ACL* { return new ACLLocalIP; }); // XXX: Add name parameter to ctor | |
139 | RegisterMaker("localport", [](TypeName name)->ACL* { return new ACLStrategised<int>(new ACLIntRange, new ACLLocalPortStrategy, name); }); | |
140 | RegisterMaker("myportname", [](TypeName name)->ACL* { return new ACLStrategised<const char *>(new ACLStringData, new ACLMyPortNameStrategy, name); }); | |
141 | RegisterMaker("peername", [](TypeName name)->ACL* { return new ACLStrategised<const char *>(new ACLStringData, new ACLPeerNameStrategy, name); }); | |
142 | RegisterMaker("peername_regex", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLRegexData, new ACLPeerNameStrategy, name); }); | |
143 | RegisterMaker("proto", [](TypeName name)->ACL* { return new ACLStrategised<AnyP::ProtocolType>(new ACLProtocolData, new ACLProtocolStrategy, name); }); | |
144 | RegisterMaker("referer_regex", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLRegexData, new ACLRequestHeaderStrategy<Http::HdrType::REFERER>, name); }); | |
145 | RegisterMaker("rep_mime_type", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLRegexData, new ACLReplyHeaderStrategy<Http::HdrType::CONTENT_TYPE>, name); }); | |
146 | RegisterMaker("req_mime_type", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLRegexData, new ACLRequestHeaderStrategy<Http::HdrType::CONTENT_TYPE>, name); }); | |
147 | RegisterMaker("srcdomain", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLDomainData, new ACLSourceDomainStrategy, name); }); | |
148 | RegisterMaker("srcdom_regex", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLRegexData, new ACLSourceDomainStrategy, name); }); | |
149 | RegisterMaker("src", [](TypeName)->ACL* { return new ACLSourceIP; }); // XXX: Add name parameter to ctor | |
150 | RegisterMaker("url_regex", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLRegexData, new ACLUrlStrategy, name); }); | |
151 | RegisterMaker("urllogin", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLRegexData, new ACLUrlLoginStrategy, name); }); | |
152 | RegisterMaker("urlpath_regex", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLRegexData, new ACLUrlPathStrategy, name); }); | |
153 | RegisterMaker("port", [](TypeName name)->ACL* { return new ACLStrategised<int>(new ACLIntRange, new ACLUrlPortStrategy, name); }); | |
154 | RegisterMaker("external", [](TypeName name)->ACL* { return new ACLExternal(name); }); | |
155 | RegisterMaker("squid_error", [](TypeName name)->ACL* { return new ACLStrategised<err_type>(new ACLSquidErrorData, new ACLSquidErrorStrategy, name); }); | |
156 | RegisterMaker("connections_encrypted", [](TypeName name)->ACL* { return new Acl::ConnectionsEncrypted(name); }); | |
157 | RegisterMaker("tag", [](TypeName name)->ACL* { return new ACLStrategised<const char *>(new ACLStringData, new ACLTagStrategy, name); }); | |
158 | RegisterMaker("note", [](TypeName name)->ACL* { return new ACLStrategised<NotePairs::Entry*>(new ACLNoteData, new ACLNoteStrategy, name); }); | |
159 | RegisterMaker("annotate_client", [](TypeName name)->ACL* { return new ACLStrategised<NotePairs::Entry*>(new ACLAnnotationData, new ACLAnnotateClientStrategy, name); }); | |
160 | RegisterMaker("annotate_transaction", [](TypeName name)->ACL* { return new ACLStrategised<NotePairs::Entry*>(new ACLAnnotationData, new ACLAnnotateTransactionStrategy, name); }); | |
161 | RegisterMaker("has", [](TypeName name)->ACL* {return new ACLStrategised<ACLChecklist *>(new ACLHasComponentData, new ACLHasComponentStrategy, name); }); | |
5ceaee75 | 162 | RegisterMaker("transaction_initiator", [](TypeName name)->ACL* {return new TransactionInitiator(name);}); |
69f69080 | 163 | |
653d9927 | 164 | #if USE_LIBNETFILTERCONNTRACK |
0b139f1e AR |
165 | RegisterMaker("clientside_mark", [](TypeName)->ACL* { return new Acl::ConnMark; }); // XXX: Add name parameter to ctor |
166 | RegisterMaker("client_connection_mark", [](TypeName)->ACL* { return new Acl::ConnMark; }); // XXX: Add name parameter to ctor | |
653d9927 A |
167 | #endif |
168 | ||
4eac3407 CT |
169 | #if USE_OPENSSL |
170 | RegisterMaker("ssl_error", [](TypeName name)->ACL* { return new ACLStrategised<const Security::CertErrors *>(new ACLSslErrorData, new ACLSslErrorStrategy, name); }); | |
171 | RegisterMaker("user_cert", [](TypeName name)->ACL* { return new ACLStrategised<X509*>(new ACLCertificateData(Ssl::GetX509UserAttribute, "*"), new ACLCertificateStrategy, name); }); | |
172 | RegisterMaker("ca_cert", [](TypeName name)->ACL* { return new ACLStrategised<X509*>(new ACLCertificateData(Ssl::GetX509CAAttribute, "*"), new ACLCertificateStrategy, name); }); | |
ab04fcb3 | 173 | RegisterMaker("server_cert_fingerprint", [](TypeName name)->ACL* { return new ACLStrategised<X509*>(new ACLCertificateData(Ssl::GetX509Fingerprint, nullptr, true), new ACLServerCertificateStrategy, name); }); |
090f1d3c | 174 | RegisterMaker("at_step", [](TypeName name)->ACL* { return new ACLStrategised<XactionStep>(new ACLAtStepData, new ACLAtStepStrategy, name); }); |
4eac3407 CT |
175 | RegisterMaker("ssl::server_name", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLServerNameData, new ACLServerNameStrategy, name); }); |
176 | RegisterMaker("ssl::server_name_regex", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLRegexData, new ACLServerNameStrategy, name); }); | |
2d46f579 AR |
177 | #endif |
178 | ||
32d002cb | 179 | #if USE_SQUID_EUI |
4eac3407 CT |
180 | RegisterMaker("arp", [](TypeName name)->ACL* { return new ACLARP(name); }); |
181 | RegisterMaker("eui64", [](TypeName name)->ACL* { return new ACLEui64(name); }); | |
2d46f579 AR |
182 | #endif |
183 | ||
ee326f02 | 184 | #if USE_IDENT |
4eac3407 CT |
185 | RegisterMaker("ident", [](TypeName name)->ACL* { return new ACLIdent(new ACLUserData, name); }); |
186 | RegisterMaker("ident_regex", [](TypeName name)->ACL* { return new ACLIdent(new ACLRegexData, name); }); | |
2d46f579 AR |
187 | #endif |
188 | ||
2f1431ea | 189 | #if USE_AUTH |
4eac3407 CT |
190 | RegisterMaker("ext_user", [](TypeName name)->ACL* { return new ACLExtUser(new ACLUserData, name); }); |
191 | RegisterMaker("ext_user_regex", [](TypeName name)->ACL* { return new ACLExtUser(new ACLRegexData, name); }); | |
192 | RegisterMaker("proxy_auth", [](TypeName name)->ACL* { return new ACLProxyAuth(new ACLUserData, name); }); | |
193 | RegisterMaker("proxy_auth_regex", [](TypeName name)->ACL* { return new ACLProxyAuth(new ACLRegexData, name); }); | |
194 | RegisterMaker("max_user_ip", [](TypeName name)->ACL* { return new ACLMaxUserIP(name); }); | |
2f1431ea | 195 | #endif |
bb5e7a79 | 196 | |
c302ddb5 | 197 | #if USE_ADAPTATION |
4eac3407 | 198 | RegisterMaker("adaptation_service", [](TypeName name)->ACL* { return new ACLStrategised<const char *>(new ACLAdaptationServiceData, new ACLAdaptationServiceStrategy, name); }); |
c302ddb5 | 199 | #endif |
f53969cc | 200 | |
4eac3407 CT |
201 | #if SQUID_SNMP |
202 | RegisterMaker("snmp_community", [](TypeName name)->ACL* { return new ACLStrategised<const char *>(new ACLStringData, new ACLSNMPCommunityStrategy, name); }); | |
203 | #endif | |
204 | } | |
5ec4cffe | 205 |