[thirdparty/squid.git] / src / acl / FilledChecklist.cc

#include "squid.h"
#include "HttpRequest.h"
#include "HttpReply.h"
#include "client_side.h"
#include "auth/UserRequest.h"
#include "auth/AclProxyAuth.h"
#include "acl/FilledChecklist.h"

CBDATA_CLASS_INIT(ACLFilledChecklist);

void
ACLFilledChecklist::checkCallback(allow_t answer)
{
    debugs(28, 5, HERE << this << " answer=" << answer);

    /* During reconfigure, we can end up not finishing call
     * sequences into the auth code */

    if (auth_user_request != NULL) {
        /* the filled_checklist lock */
        auth_user_request = NULL;
        /* it might have been connection based */
        if (conn()) {
            conn()->auth_user_request = NULL;
        }
    }

    ACLChecklist::checkCallback(answer); // may delete us
}


void *
ACLFilledChecklist::operator new (size_t size)
{
    assert (size == sizeof(ACLFilledChecklist));
    CBDATA_INIT_TYPE(ACLFilledChecklist);
    ACLFilledChecklist *result = cbdataAlloc(ACLFilledChecklist);
    return result;
}

void
ACLFilledChecklist::operator delete (void *address)
{
    ACLFilledChecklist *t = static_cast<ACLFilledChecklist *>(address);
    cbdataFree(t);
}


ACLFilledChecklist::ACLFilledChecklist() :
        dst_peer(NULL),
        dst_rdns(NULL),
        request (NULL),
        reply (NULL),
        auth_user_request (NULL),
#if SQUID_SNMP
        snmp_community(NULL),
#endif
#if USE_SSL
        ssl_error(0),
#endif
        extacl_entry (NULL),
        conn_(NULL),
        fd_(-1),
        destinationDomainChecked_(false),
        sourceDomainChecked_(false)
{
    my_addr.SetEmpty();
    src_addr.SetEmpty();
    dst_addr.SetEmpty();
    rfc931[0] = '\0';
}


ACLFilledChecklist::~ACLFilledChecklist()
{
    assert (!asyncInProgress());

    safe_free(dst_rdns); // created by xstrdup().

    if (extacl_entry)
        cbdataReferenceDone(extacl_entry);

    HTTPMSGUNLOCK(request);

    HTTPMSGUNLOCK(reply);

    cbdataReferenceDone(conn_);

    debugs(28, 4, HERE << "ACLFilledChecklist destroyed " << this);
}


ConnStateData *
ACLFilledChecklist::conn() const
{
    return  conn_;
}

void
ACLFilledChecklist::conn(ConnStateData *aConn)
{
    assert (conn() == NULL);
    conn_ = cbdataReference(aConn);
}

int
ACLFilledChecklist::fd() const
{
    return conn_ != NULL ? conn_->fd : fd_;
}

void
ACLFilledChecklist::fd(int aDescriptor)
{
    assert(!conn() || conn()->fd == aDescriptor);
    fd_ = aDescriptor;
}

bool
ACLFilledChecklist::destinationDomainChecked() const
{
    return destinationDomainChecked_;
}

void
ACLFilledChecklist::markDestinationDomainChecked()
{
    assert (!finished() && !destinationDomainChecked());
    destinationDomainChecked_ = true;
}

bool
ACLFilledChecklist::sourceDomainChecked() const
{
    return sourceDomainChecked_;
}

void
ACLFilledChecklist::markSourceDomainChecked()
{
    assert (!finished() && !sourceDomainChecked());
    sourceDomainChecked_ = true;
}

/*
 * There are two common ACLFilledChecklist lifecycles paths:
 *
 * A) Using aclCheckFast(): The caller creates an ACLFilledChecklist object
 *    on stack and calls aclCheckFast().
 *
 * B) Using aclNBCheck() and callbacks: The caller allocates an
 *    ACLFilledChecklist object (via operator new) and passes it to
 *    aclNBCheck(). Control eventually passes to ACLChecklist::checkCallback(),
 *    which will invoke the callback function as requested by the
 *    original caller of aclNBCheck().  This callback function must
 *    *not* delete the list.  After the callback function returns,
 *    checkCallback() will delete the list (i.e., self).
 */
ACLFilledChecklist::ACLFilledChecklist(const acl_access *A, HttpRequest *http_request, const char *ident):
        dst_peer(NULL),
        dst_rdns(NULL),
        request(NULL),
        reply(NULL),
        auth_user_request(NULL),
#if SQUID_SNMP
        snmp_community(NULL),
#endif
#if USE_SSL
        ssl_error(0),
#endif
        extacl_entry (NULL),
        conn_(NULL),
        fd_(-1),
        destinationDomainChecked_(false),
        sourceDomainChecked_(false)
{
    my_addr.SetEmpty();
    src_addr.SetEmpty();
    dst_addr.SetEmpty();
    rfc931[0] = '\0';

    // cbdataReferenceDone() is in either fastCheck() or the destructor
    if (A)
        accessList = cbdataReference(A);

    if (http_request != NULL) {
        request = HTTPMSGLOCK(http_request);
#if FOLLOW_X_FORWARDED_FOR
        if (Config.onoff.acl_uses_indirect_client)
            src_addr = request->indirect_client_addr;
        else
#endif /* FOLLOW_X_FORWARDED_FOR */
            src_addr = request->client_addr;
        my_addr = request->my_addr;
    }

#if USE_IDENT
    if (ident)
        xstrncpy(rfc931, ident, USER_IDENT_SZ);
#endif
}
Commit	Line	Data
351fe86d AR	1	#include "squid.h"
	2	#include "HttpRequest.h"
	3	#include "HttpReply.h"
	4	#include "client_side.h"
	5	#include "auth/UserRequest.h"
	6	#include "auth/AclProxyAuth.h"
	7	#include "acl/FilledChecklist.h"
	8
	9	CBDATA_CLASS_INIT(ACLFilledChecklist);
	10
351fe86d AR	11	void
	12	ACLFilledChecklist::checkCallback(allow_t answer)
	13	{
a1ce83aa	14	debugs(28, 5, HERE << this << " answer=" << answer);
351fe86d AR	15
	16	/* During reconfigure, we can end up not finishing call
	17	* sequences into the auth code */
	18
a33a428a	19	if (auth_user_request != NULL) {
351fe86d	20	/* the filled_checklist lock */
a33a428a	21	auth_user_request = NULL;
351fe86d	22	/* it might have been connection based */
3799d265	23	if (conn()) {
a33a428a	24	conn()->auth_user_request = NULL;
a33a428a	25	}
351fe86d AR	26	}
351fe86d AR	27
af6a12ee	28	ACLChecklist::checkCallback(answer); // may delete us
351fe86d AR	29	}
	30
	31
	32	void *
	33	ACLFilledChecklist::operator new (size_t size)
	34	{
	35	assert (size == sizeof(ACLFilledChecklist));
	36	CBDATA_INIT_TYPE(ACLFilledChecklist);
	37	ACLFilledChecklist *result = cbdataAlloc(ACLFilledChecklist);
	38	return result;
	39	}
	40
	41	void
	42	ACLFilledChecklist::operator delete (void *address)
	43	{
	44	ACLFilledChecklist t = static_cast<ACLFilledChecklist >(address);
	45	cbdataFree(t);
	46	}
	47
	48
	49	ACLFilledChecklist::ACLFilledChecklist() :
	50	dst_peer(NULL),
12ef783b	51	dst_rdns(NULL),
351fe86d AR	52	request (NULL),
	53	reply (NULL),
	54	auth_user_request (NULL),
	55	#if SQUID_SNMP
	56	snmp_community(NULL),
	57	#endif
	58	#if USE_SSL
	59	ssl_error(0),
	60	#endif
	61	extacl_entry (NULL),
	62	conn_(NULL),
	63	fd_(-1),
	64	destinationDomainChecked_(false),
	65	sourceDomainChecked_(false)
	66	{
	67	my_addr.SetEmpty();
	68	src_addr.SetEmpty();
	69	dst_addr.SetEmpty();
	70	rfc931[0] = '\0';
	71	}
	72
	73
	74	ACLFilledChecklist::~ACLFilledChecklist()
	75	{
	76	assert (!asyncInProgress());
	77
12ef783b AJ	78	safe_free(dst_rdns); // created by xstrdup().
12ef783b AJ	79
351fe86d AR	80	if (extacl_entry)
	81	cbdataReferenceDone(extacl_entry);
	82
	83	HTTPMSGUNLOCK(request);
	84
	85	HTTPMSGUNLOCK(reply);
	86
351fe86d AR	87	cbdataReferenceDone(conn_);
	88
	89	debugs(28, 4, HERE << "ACLFilledChecklist destroyed " << this);
	90	}
	91
	92
	93	ConnStateData *
	94	ACLFilledChecklist::conn() const
	95	{
	96	return conn_;
	97	}
	98
	99	void
	100	ACLFilledChecklist::conn(ConnStateData *aConn)
	101	{
	102	assert (conn() == NULL);
	103	conn_ = cbdataReference(aConn);
	104	}
	105
	106	int
	107	ACLFilledChecklist::fd() const
	108	{
	109	return conn_ != NULL ? conn_->fd : fd_;
	110	}
	111
	112	void
	113	ACLFilledChecklist::fd(int aDescriptor)
	114	{
	115	assert(!conn() \|\| conn()->fd == aDescriptor);
	116	fd_ = aDescriptor;
	117	}
	118
	119	bool
	120	ACLFilledChecklist::destinationDomainChecked() const
	121	{
	122	return destinationDomainChecked_;
	123	}
	124
	125	void
	126	ACLFilledChecklist::markDestinationDomainChecked()
	127	{
	128	assert (!finished() && !destinationDomainChecked());
	129	destinationDomainChecked_ = true;
	130	}
	131
	132	bool
	133	ACLFilledChecklist::sourceDomainChecked() const
	134	{
	135	return sourceDomainChecked_;
	136	}
	137
	138	void
	139	ACLFilledChecklist::markSourceDomainChecked()
	140	{
	141	assert (!finished() && !sourceDomainChecked());
	142	sourceDomainChecked_ = true;
	143	}
	144
	145	/*
	146	* There are two common ACLFilledChecklist lifecycles paths:
	147	*
	148	* A) Using aclCheckFast(): The caller creates an ACLFilledChecklist object
	149	* on stack and calls aclCheckFast().
	150	*
151	* B) Using aclNBCheck() and callbacks: The caller allocates an
152	* ACLFilledChecklist object (via operator new) and passes it to
153	* aclNBCheck(). Control eventually passes to ACLChecklist::checkCallback(),
154	* which will invoke the callback function as requested by the
155	* original caller of aclNBCheck(). This callback function must
156	* not delete the list. After the callback function returns,
157	* checkCallback() will delete the list (i.e., self).
158	*/
f4462b38	159	ACLFilledChecklist::ACLFilledChecklist(const acl_access A, HttpRequest http_request, const char *ident):
af6a12ee	160	dst_peer(NULL),
12ef783b	161	dst_rdns(NULL),
af6a12ee AJ	162	request(NULL),
	163	reply(NULL),
	164	auth_user_request(NULL),
351fe86d	165	#if SQUID_SNMP
af6a12ee	166	snmp_community(NULL),
351fe86d AR	167	#endif
351fe86d AR	168	#if USE_SSL
af6a12ee	169	ssl_error(0),
351fe86d	170	#endif
af6a12ee AJ	171	extacl_entry (NULL),
	172	conn_(NULL),
	173	fd_(-1),
	174	destinationDomainChecked_(false),
	175	sourceDomainChecked_(false)
351fe86d AR	176	{
	177	my_addr.SetEmpty();
	178	src_addr.SetEmpty();
	179	dst_addr.SetEmpty();
	180	rfc931[0] = '\0';
af6a12ee	181
351fe86d AR	182	// cbdataReferenceDone() is in either fastCheck() or the destructor
	183	if (A)
	184	accessList = cbdataReference(A);
	185
f4462b38 CT	186	if (http_request != NULL) {
f4462b38 CT	187	request = HTTPMSGLOCK(http_request);
351fe86d AR	188	#if FOLLOW_X_FORWARDED_FOR
	189	if (Config.onoff.acl_uses_indirect_client)
	190	src_addr = request->indirect_client_addr;
	191	else
	192	#endif /* FOLLOW_X_FORWARDED_FOR */
	193	src_addr = request->client_addr;
	194	my_addr = request->my_addr;
	195	}
	196
	197	#if USE_IDENT
	198	if (ident)
	199	xstrncpy(rfc931, ident, USER_IDENT_SZ);
	200	#endif
	201	}
	202