]>
Commit | Line | Data |
---|---|---|
3841dd46 | 1 | /* |
262a0e14 | 2 | * $Id$ |
3841dd46 | 3 | * |
4 | * DEBUG: section 28 Access Control | |
5 | * AUTHOR: Duane Wessels | |
6 | * | |
7 | * SQUID Web Proxy Cache http://www.squid-cache.org/ | |
8 | * ---------------------------------------------------------- | |
9 | * | |
10 | * Squid is the result of efforts by numerous individuals from | |
11 | * the Internet community; see the CONTRIBUTORS file for full | |
12 | * details. Many organizations have provided support for Squid's | |
13 | * development; see the SPONSORS file for full details. Squid is | |
14 | * Copyrighted (C) 2001 by the Regents of the University of | |
15 | * California; see the COPYRIGHT file for full details. Squid | |
16 | * incorporates software developed and/or copyrighted by other | |
17 | * sources; see the CREDITS file for full details. | |
18 | * | |
19 | * This program is free software; you can redistribute it and/or modify | |
20 | * it under the terms of the GNU General Public License as published by | |
21 | * the Free Software Foundation; either version 2 of the License, or | |
22 | * (at your option) any later version. | |
26ac0430 | 23 | * |
3841dd46 | 24 | * This program is distributed in the hope that it will be useful, |
25 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
26 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
27 | * GNU General Public License for more details. | |
26ac0430 | 28 | * |
3841dd46 | 29 | * You should have received a copy of the GNU General Public License |
30 | * along with this program; if not, write to the Free Software | |
31 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. | |
32 | * | |
33 | * | |
34 | * Copyright (c) 2003, Robert Collins <robertc@squid-cache.org> | |
35 | */ | |
36 | ||
582c2af2 | 37 | #include "squid.h" |
c0941a6a AR |
38 | #include "acl/DestinationDomain.h" |
39 | #include "acl/Checklist.h" | |
40 | #include "acl/RegexData.h" | |
41 | #include "acl/DomainData.h" | |
a2ac85d9 | 42 | #include "HttpRequest.h" |
714e68b7 | 43 | #include "ipcache.h" |
582c2af2 | 44 | #include "protos.h" |
3841dd46 | 45 | |
7660b45d | 46 | DestinationDomainLookup DestinationDomainLookup::instance_; |
62e76326 | 47 | |
7660b45d | 48 | DestinationDomainLookup * |
49 | DestinationDomainLookup::Instance() | |
3841dd46 | 50 | { |
7660b45d | 51 | return &instance_; |
3841dd46 | 52 | } |
53 | ||
7660b45d | 54 | void |
c0941a6a | 55 | DestinationDomainLookup::checkForAsync(ACLChecklist *cl) const |
3841dd46 | 56 | { |
af6a12ee | 57 | ACLFilledChecklist *checklist = Filled(cl); |
7660b45d | 58 | checklist->asyncInProgress(true); |
c52f2002 | 59 | fqdncache_nbgethostbyaddr(checklist->dst_addr, LookupDone, checklist); |
3841dd46 | 60 | } |
61 | ||
62 | void | |
3ff65596 | 63 | DestinationDomainLookup::LookupDone(const char *fqdn, const DnsLookupDetails &details, void *data) |
3841dd46 | 64 | { |
3ff65596 | 65 | ACLFilledChecklist *checklist = Filled((ACLChecklist*)data); |
7660b45d | 66 | assert (checklist->asyncState() == DestinationDomainLookup::Instance()); |
67 | ||
68 | checklist->asyncInProgress(false); | |
69 | checklist->changeState (ACLChecklist::NullState::Instance()); | |
3ff65596 AR |
70 | checklist->markDestinationDomainChecked(); |
71 | checklist->request->recordLookup(details); | |
2efeb0b7 | 72 | checklist->matchNonBlocking(); |
3841dd46 | 73 | } |
74 | ||
75 | int | |
c0941a6a | 76 | ACLDestinationDomainStrategy::match (ACLData<MatchType> * &data, ACLFilledChecklist *checklist) |
3841dd46 | 77 | { |
58efcdd0 | 78 | assert(checklist != NULL && checklist->request != NULL); |
79 | ||
12ef783b | 80 | if (data->match(checklist->request->GetHost())) { |
7660b45d | 81 | return 1; |
12ef783b AJ |
82 | } |
83 | ||
84 | /* numeric IPA? no, trust the above result. */ | |
79c8a298 | 85 | if (checklist->request->GetHostIsNumeric() == 0) { |
12ef783b AJ |
86 | return 0; |
87 | } | |
88 | ||
89 | /* do we already have the rDNS? match on it if we do. */ | |
90 | if (checklist->dst_rdns) { | |
91 | debugs(28, 3, "aclMatchAcl: '" << AclMatchedName << "' match with stored rDNS '" << checklist->dst_rdns << "' for '" << checklist->request->GetHost() << "'"); | |
92 | return data->match(checklist->dst_rdns); | |
93 | } | |
7660b45d | 94 | |
12ef783b AJ |
95 | /* raw IP without rDNS? look it up and wait for the result */ |
96 | const ipcache_addrs *ia = ipcacheCheckNumeric(checklist->request->GetHost()); | |
97 | if (!ia) { | |
98 | /* not a valid IPA */ | |
99 | checklist->dst_rdns = xstrdup("invalid"); | |
7660b45d | 100 | return 0; |
12ef783b | 101 | } |
62e76326 | 102 | |
1958d180 | 103 | checklist->dst_addr = ia->in_addrs[0]; |
12ef783b | 104 | const char *fqdn = fqdncache_gethostbyaddr(checklist->dst_addr, FQDN_LOOKUP_IF_MISS); |
62e76326 | 105 | |
7660b45d | 106 | if (fqdn) { |
12ef783b | 107 | checklist->dst_rdns = xstrdup(fqdn); |
62e76326 | 108 | return data->match(fqdn); |
7660b45d | 109 | } else if (!checklist->destinationDomainChecked()) { |
110 | /* FIXME: Using AclMatchedName here is not OO correct. Should find a way to the current acl */ | |
cc192b50 | 111 | debugs(28, 3, "aclMatchAcl: Can't yet compare '" << AclMatchedName << "' ACL for '" << checklist->request->GetHost() << "'"); |
62e76326 | 112 | checklist->changeState(DestinationDomainLookup::Instance()); |
113 | return 0; | |
3841dd46 | 114 | } |
62e76326 | 115 | |
3841dd46 | 116 | return data->match("none"); |
117 | } | |
118 | ||
7660b45d | 119 | ACLDestinationDomainStrategy * |
120 | ACLDestinationDomainStrategy::Instance() | |
3841dd46 | 121 | { |
7660b45d | 122 | return &Instance_; |
3841dd46 | 123 | } |
124 | ||
7660b45d | 125 | ACLDestinationDomainStrategy ACLDestinationDomainStrategy::Instance_; |