]>
Commit | Line | Data |
---|---|---|
00634927 | 1 | /* |
bf95c10a | 2 | * Copyright (C) 1996-2022 The Squid Software Foundation and contributors |
00634927 | 3 | * |
bbc27441 AJ |
4 | * Squid software is distributed under GPLv2+ license and includes |
5 | * contributions from numerous individuals and organizations. | |
6 | * Please see the COPYING and CONTRIBUTORS files for details. | |
00634927 | 7 | */ |
8 | ||
bbc27441 AJ |
9 | /* DEBUG: section 28 Access Control */ |
10 | ||
582c2af2 | 11 | #include "squid.h" |
3ad63615 | 12 | #include "acl/Acl.h" |
602d9612 A |
13 | #include "acl/Checklist.h" |
14 | #include "acl/HttpHeaderData.h" | |
3ad63615 | 15 | #include "acl/RegexData.h" |
e2b74520 | 16 | #include "base/RegexPattern.h" |
aa3b39af | 17 | #include "cache_cf.h" |
00634927 | 18 | #include "ConfigParser.h" |
675b8408 | 19 | #include "debug/Stream.h" |
a5bac1d2 | 20 | #include "HttpHeaderTools.h" |
65e41a45 | 21 | #include "sbuf/SBuf.h" |
ac38abee | 22 | #include "sbuf/StringConvert.h" |
00634927 | 23 | |
7df0bfd7 | 24 | /* Construct an ACLHTTPHeaderData that uses an ACLRegex rule with the value of the |
25 | * selected header from a given request. | |
26 | * | |
26ac0430 | 27 | * TODO: This can be generalised by making the type of the regex_rule into a |
7df0bfd7 | 28 | * template parameter - so that we can use different rules types in future. |
29 | */ | |
789217a2 | 30 | ACLHTTPHeaderData::ACLHTTPHeaderData() : hdrId(Http::HdrType::BAD_HDR), regex_rule(new ACLRegexData) |
7df0bfd7 | 31 | {} |
00634927 | 32 | |
33 | ACLHTTPHeaderData::~ACLHTTPHeaderData() | |
34 | { | |
7df0bfd7 | 35 | delete regex_rule; |
00634927 | 36 | } |
37 | ||
38 | bool | |
39 | ACLHTTPHeaderData::match(HttpHeader* hdr) | |
40 | { | |
aee3523a | 41 | if (hdr == nullptr) |
00634927 | 42 | return false; |
43 | ||
5b4117d8 | 44 | debugs(28, 3, "aclHeaderData::match: checking '" << hdrName << "'"); |
00634927 | 45 | |
b2c44718 | 46 | String value; |
789217a2 | 47 | if (hdrId != Http::HdrType::BAD_HDR) { |
b2c44718 AR |
48 | if (!hdr->has(hdrId)) |
49 | return false; | |
50 | value = hdr->getStrOrList(hdrId); | |
51 | } else { | |
f29d429e | 52 | if (!hdr->hasNamed(hdrName, &value)) |
b2c44718 AR |
53 | return false; |
54 | } | |
00634927 | 55 | |
a32d75e7 | 56 | auto cvalue = StringToSBuf(value); |
b38b26cb | 57 | return regex_rule->match(cvalue.c_str()); |
00634927 | 58 | } |
59 | ||
8966008b | 60 | SBufList |
4f8ca96e | 61 | ACLHTTPHeaderData::dump() const |
00634927 | 62 | { |
8966008b FC |
63 | SBufList sl; |
64 | sl.push_back(SBuf(hdrName)); | |
524f5ff6 | 65 | sl.splice(sl.end(), regex_rule->dump()); |
8966008b | 66 | return sl; |
00634927 | 67 | } |
68 | ||
8d76389c EB |
69 | const Acl::Options & |
70 | ACLHTTPHeaderData::lineOptions() | |
71 | { | |
72 | return regex_rule->lineOptions(); | |
73 | } | |
74 | ||
00634927 | 75 | void |
76 | ACLHTTPHeaderData::parse() | |
77 | { | |
16c5ad96 | 78 | char* t = ConfigParser::strtokFile(); |
a0b240cd AJ |
79 | if (!t) { |
80 | debugs(28, DBG_CRITICAL, "ERROR: " << cfg_filename << " line " << config_lineno << ": " << config_input_line); | |
81 | debugs(28, DBG_CRITICAL, "ERROR: Missing header name in ACL"); | |
82 | return; | |
83 | } | |
84 | ||
85 | if (hdrName.isEmpty()) { | |
86 | hdrName = t; | |
87 | hdrId = Http::HeaderLookupTable.lookup(hdrName).id; | |
88 | } else if (hdrName.caseCmp(t) != 0) { | |
89 | debugs(28, DBG_CRITICAL, "ERROR: " << cfg_filename << " line " << config_lineno << ": " << config_input_line); | |
90 | debugs(28, DBG_CRITICAL, "ERROR: ACL cannot match both " << hdrName << " and " << t << " headers. Use 'anyof' ACL instead."); | |
91 | return; | |
92 | } | |
93 | ||
7df0bfd7 | 94 | regex_rule->parse(); |
00634927 | 95 | } |
96 | ||
97 | bool | |
98 | ACLHTTPHeaderData::empty() const | |
99 | { | |
81ab22b6 | 100 | return (hdrId == Http::HdrType::BAD_HDR && hdrName.isEmpty()) || regex_rule->empty(); |
00634927 | 101 | } |
102 |