]>
Commit | Line | Data |
---|---|---|
bbc27441 | 1 | /* |
4ac4a490 | 2 | * Copyright (C) 1996-2017 The Squid Software Foundation and contributors |
bbc27441 AJ |
3 | * |
4 | * Squid software is distributed under GPLv2+ license and includes | |
5 | * contributions from numerous individuals and organizations. | |
6 | * Please see the COPYING and CONTRIBUTORS files for details. | |
7 | */ | |
8 | ||
351fe86d AR |
9 | #ifndef SQUID_ACLFILLED_CHECKLIST_H |
10 | #define SQUID_ACLFILLED_CHECKLIST_H | |
11 | ||
d4806c91 | 12 | #include "AccessLogEntry.h" |
351fe86d | 13 | #include "acl/Checklist.h" |
6f58d7d7 | 14 | #include "acl/forward.h" |
abdd93d0 | 15 | #include "base/CbcPointer.h" |
3248e962 | 16 | #include "err_type.h" |
d9c7489e | 17 | #include "ip/Address.h" |
2f1431ea | 18 | #if USE_AUTH |
a33a428a | 19 | #include "auth/UserRequest.h" |
2f1431ea | 20 | #endif |
92e3827b | 21 | #include "security/CertError.h" |
351fe86d | 22 | |
a011edee | 23 | class CachePeer; |
351fe86d | 24 | class ConnStateData; |
582c2af2 | 25 | class HttpRequest; |
71b673d4 | 26 | class HttpReply; |
351fe86d AR |
27 | |
28 | /** \ingroup ACLAPI | |
29 | ACLChecklist filled with specific data, representing Squid and transaction | |
5c2f68b7 AJ |
30 | state for access checks along with some data-specific checking methods |
31 | */ | |
351fe86d AR |
32 | class ACLFilledChecklist: public ACLChecklist |
33 | { | |
5c2f68b7 AJ |
34 | CBDATA_CLASS(ACLFilledChecklist); |
35 | ||
351fe86d | 36 | public: |
351fe86d | 37 | ACLFilledChecklist(); |
af6a12ee | 38 | ACLFilledChecklist(const acl_access *, HttpRequest *, const char *ident); |
351fe86d AR |
39 | ~ACLFilledChecklist(); |
40 | ||
41 | public: | |
233ead05 | 42 | /// The client connection manager |
351fe86d AR |
43 | ConnStateData * conn() const; |
44 | ||
233ead05 | 45 | /// The client side fd. It uses conn() if available |
351fe86d AR |
46 | int fd() const; |
47 | ||
48 | /// set either conn | |
49 | void conn(ConnStateData *); | |
233ead05 | 50 | /// set the client side FD |
351fe86d AR |
51 | void fd(int aDescriptor); |
52 | ||
53 | //int authenticated(); | |
54 | ||
55 | bool destinationDomainChecked() const; | |
56 | void markDestinationDomainChecked(); | |
57 | bool sourceDomainChecked() const; | |
58 | void markSourceDomainChecked(); | |
59 | ||
60 | // ACLChecklist API | |
61 | virtual bool hasRequest() const { return request != NULL; } | |
62 | virtual bool hasReply() const { return reply != NULL; } | |
4ff6370b | 63 | virtual bool hasAle() const { return al != NULL; } |
fbbea662 | 64 | virtual void syncAle() const; |
351fe86d AR |
65 | |
66 | public: | |
b7ac5457 AJ |
67 | Ip::Address src_addr; |
68 | Ip::Address dst_addr; | |
69 | Ip::Address my_addr; | |
1b091aec | 70 | SBuf dst_peer_name; |
12ef783b | 71 | char *dst_rdns; |
351fe86d AR |
72 | |
73 | HttpRequest *request; | |
74 | HttpReply *reply; | |
75 | ||
76 | char rfc931[USER_IDENT_SZ]; | |
2f1431ea | 77 | #if USE_AUTH |
c7baff40 | 78 | Auth::UserRequest::Pointer auth_user_request; |
2f1431ea | 79 | #endif |
351fe86d AR |
80 | #if SQUID_SNMP |
81 | char *snmp_community; | |
82 | #endif | |
83 | ||
23bb0ebf | 84 | /// SSL [certificate validation] errors, in undefined order |
92e3827b | 85 | const Security::CertErrors *sslErrors; |
00352183 | 86 | /// The peer certificate |
f97700a0 | 87 | Security::CertPointer serverCert; |
351fe86d | 88 | |
4e56d7f6 | 89 | AccessLogEntry::Pointer al; ///< info for the future access.log, and external ACL |
d4806c91 | 90 | |
abdd93d0 | 91 | ExternalACLEntryPointer extacl_entry; |
351fe86d | 92 | |
3248e962 CT |
93 | err_type requestErrorType; |
94 | ||
351fe86d | 95 | private: |
351fe86d AR |
96 | ConnStateData * conn_; /**< hack for ident and NTLM */ |
97 | int fd_; /**< may be available when conn_ is not */ | |
98 | bool destinationDomainChecked_; | |
99 | bool sourceDomainChecked_; | |
351fe86d AR |
100 | /// not implemented; will cause link failures if used |
101 | ACLFilledChecklist(const ACLFilledChecklist &); | |
102 | /// not implemented; will cause link failures if used | |
103 | ACLFilledChecklist &operator=(const ACLFilledChecklist &); | |
104 | }; | |
105 | ||
106 | /// convenience and safety wrapper for dynamic_cast<ACLFilledChecklist*> | |
107 | inline | |
108 | ACLFilledChecklist *Filled(ACLChecklist *checklist) | |
109 | { | |
110 | // this should always be safe because ACLChecklist is an abstract class | |
111 | // and ACLFilledChecklist is its only [concrete] child | |
112 | return dynamic_cast<ACLFilledChecklist*>(checklist); | |
113 | } | |
114 | ||
115 | #endif /* SQUID_ACLFILLED_CHECKLIST_H */ | |
f53969cc | 116 |