]>
Commit | Line | Data |
---|---|---|
22f3fd98 | 1 | |
2 | /* | |
262a0e14 | 3 | * $Id$ |
22f3fd98 | 4 | * |
5 | * DEBUG: section 16 Cache Manager Objects | |
6 | * AUTHOR: Duane Wessels | |
7 | * | |
2b6662ba | 8 | * SQUID Web Proxy Cache http://www.squid-cache.org/ |
e25c139f | 9 | * ---------------------------------------------------------- |
22f3fd98 | 10 | * |
2b6662ba | 11 | * Squid is the result of efforts by numerous individuals from |
12 | * the Internet community; see the CONTRIBUTORS file for full | |
13 | * details. Many organizations have provided support for Squid's | |
14 | * development; see the SPONSORS file for full details. Squid is | |
15 | * Copyrighted (C) 2001 by the Regents of the University of | |
16 | * California; see the COPYRIGHT file for full details. Squid | |
17 | * incorporates software developed and/or copyrighted by other | |
18 | * sources; see the CREDITS file for full details. | |
22f3fd98 | 19 | * |
20 | * This program is free software; you can redistribute it and/or modify | |
21 | * it under the terms of the GNU General Public License as published by | |
22 | * the Free Software Foundation; either version 2 of the License, or | |
23 | * (at your option) any later version. | |
26ac0430 | 24 | * |
22f3fd98 | 25 | * This program is distributed in the hope that it will be useful, |
26 | * but WITHOUT ANY WARRANTY; without even the implied warranty of | |
27 | * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | |
28 | * GNU General Public License for more details. | |
26ac0430 | 29 | * |
22f3fd98 | 30 | * You should have received a copy of the GNU General Public License |
31 | * along with this program; if not, write to the Free Software | |
cbdec147 | 32 | * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. |
e25c139f | 33 | * |
22f3fd98 | 34 | */ |
35 | ||
5c336a3b | 36 | #include "config.h" |
8822ebee | 37 | #include "base/TextException.h" |
62ee09ca | 38 | #include "CacheManager.h" |
5c336a3b | 39 | #include "comm/Connection.h" |
8822ebee | 40 | #include "Debug.h" |
aa839030 | 41 | #include "errorpage.h" |
8822ebee | 42 | #include "fde.h" |
528b2c61 | 43 | #include "HttpReply.h" |
44 | #include "HttpRequest.h" | |
8822ebee AR |
45 | #include "mgr/ActionCreator.h" |
46 | #include "mgr/Action.h" | |
47 | #include "mgr/ActionProfile.h" | |
48 | #include "mgr/BasicActions.h" | |
49 | #include "mgr/Command.h" | |
50 | #include "mgr/Forwarder.h" | |
51 | #include "mgr/FunAction.h" | |
b8151fa1 | 52 | #include "mgr/QueryParams.h" |
8822ebee | 53 | #include "protos.h" /* rotate_logs() */ |
985c86bc | 54 | #include "SquidTime.h" |
8822ebee | 55 | #include "Store.h" |
d295d770 | 56 | #include "wordlist.h" |
8822ebee | 57 | #include <algorithm> |
22f3fd98 | 58 | |
74990ce1 | 59 | |
63be0a78 | 60 | /// \ingroup CacheManagerInternal |
22f3fd98 | 61 | #define MGR_PASSWD_SZ 128 |
62 | ||
8822ebee AR |
63 | /// creates Action using supplied Action::Create method and command |
64 | class ClassActionCreator: public Mgr::ActionCreator | |
65 | { | |
66 | public: | |
67 | typedef Mgr::Action::Pointer Handler(const Mgr::Command::Pointer &cmd); | |
c83f0bd5 | 68 | |
8822ebee AR |
69 | public: |
70 | ClassActionCreator(Handler *aHandler): handler(aHandler) {} | |
71 | ||
d9fc6862 | 72 | virtual Mgr::Action::Pointer create(const Mgr::Command::Pointer &cmd) const { |
8822ebee AR |
73 | return handler(cmd); |
74 | } | |
75 | ||
76 | private: | |
77 | Handler *handler; | |
78 | }; | |
79 | ||
80 | ||
81 | /// Registers new profiles, ignoring attempts to register a duplicate | |
82 | void | |
83 | CacheManager::registerProfile(const Mgr::ActionProfile::Pointer &profile) | |
62ee09ca | 84 | { |
8822ebee | 85 | Must(profile != NULL); |
ef890f9d | 86 | if (std::find(menu_.begin(), menu_.end(), profile) == menu_.end()) { |
8822ebee AR |
87 | menu_.push_back(profile); |
88 | debugs(16, 3, HERE << "registered profile: " << *profile); | |
89 | } else { | |
90 | debugs(16, 2, HERE << "skipped duplicate profile: " << *profile); | |
91 | } | |
62ee09ca | 92 | } |
22f3fd98 | 93 | |
50847dca AJ |
94 | /** |
95 | \ingroup CacheManagerAPI | |
96 | * Registers a C-style action, which is implemented as a pointer to a function | |
97 | * taking as argument a pointer to a StoreEntry and returning void. | |
98 | * Implemented via CacheManagerActionLegacy. | |
99 | */ | |
22f3fd98 | 100 | void |
8822ebee | 101 | CacheManager::registerProfile(char const * action, char const * desc, OBJH * handler, int pw_req_flag, int atomic) |
22f3fd98 | 102 | { |
8822ebee AR |
103 | debugs(16, 3, HERE << "registering legacy " << action); |
104 | const Mgr::ActionProfile::Pointer profile = new Mgr::ActionProfile(action, | |
d9fc6862 | 105 | desc, pw_req_flag, atomic, new Mgr::FunActionCreator(handler)); |
8822ebee | 106 | registerProfile(profile); |
1d8395bd | 107 | } |
62e76326 | 108 | |
d154d3ec | 109 | /** |
e0d28505 | 110 | * \ingroup CacheManagerAPI |
a750e510 | 111 | * Registers a C++-style action, via a pointer to a subclass of |
d154d3ec FC |
112 | * a CacheManagerAction object, whose run() method will be invoked when |
113 | * CacheManager identifies that the user has requested the action. | |
114 | */ | |
1d8395bd | 115 | void |
8822ebee | 116 | CacheManager::registerProfile(char const * action, char const * desc, |
d9fc6862 A |
117 | ClassActionCreator::Handler *handler, |
118 | int pw_req_flag, int atomic) | |
1d8395bd | 119 | { |
8822ebee | 120 | const Mgr::ActionProfile::Pointer profile = new Mgr::ActionProfile(action, |
d9fc6862 | 121 | desc, pw_req_flag, atomic, new ClassActionCreator(handler)); |
8822ebee | 122 | registerProfile(profile); |
62ee09ca | 123 | } |
124 | ||
d154d3ec FC |
125 | /** |
126 | \ingroup CacheManagerInternal | |
127 | * Locates an action in the actions registry ActionsList. | |
128 | \retval NULL if Action not found | |
129 | \retval CacheManagerAction* if the action was found | |
130 | */ | |
8822ebee AR |
131 | Mgr::ActionProfile::Pointer |
132 | CacheManager::findAction(char const * action) const | |
22f3fd98 | 133 | { |
8822ebee AR |
134 | Must(action != NULL); |
135 | Menu::const_iterator a; | |
03c4599f K |
136 | |
137 | debugs(16, 5, "CacheManager::findAction: looking for action " << action); | |
8822ebee AR |
138 | for (a = menu_.begin(); a != menu_.end(); ++a) { |
139 | if (0 == strcmp((*a)->name, action)) { | |
03c4599f K |
140 | debugs(16, 6, " found"); |
141 | return *a; | |
142 | } | |
22f3fd98 | 143 | } |
62e76326 | 144 | |
03c4599f | 145 | debugs(16, 6, "Action not found."); |
8822ebee AR |
146 | return Mgr::ActionProfilePointer(); |
147 | } | |
148 | ||
149 | Mgr::Action::Pointer | |
150 | CacheManager::createNamedAction(const char *actionName) | |
151 | { | |
152 | Must(actionName); | |
153 | ||
154 | Mgr::Command::Pointer cmd = new Mgr::Command; | |
155 | cmd->profile = findAction(actionName); | |
156 | cmd->params.actionName = actionName; | |
157 | ||
158 | Must(cmd->profile != NULL); | |
159 | return cmd->profile->creator->create(cmd); | |
160 | } | |
161 | ||
162 | Mgr::Action::Pointer | |
163 | CacheManager::createRequestedAction(const Mgr::ActionParams ¶ms) | |
164 | { | |
165 | Mgr::Command::Pointer cmd = new Mgr::Command; | |
166 | cmd->params = params; | |
167 | cmd->profile = findAction(params.actionName.termedBuf()); | |
168 | Must(cmd->profile != NULL); | |
169 | return cmd->profile->creator->create(cmd); | |
22f3fd98 | 170 | } |
171 | ||
832c08ab FC |
172 | /** |
173 | \ingroup CacheManagerInternal | |
174 | * define whether the URL is a cache-manager URL and parse the action | |
175 | * requested by the user. Checks via CacheManager::ActionProtection() that the | |
176 | * item is accessible by the user. | |
177 | \retval CacheManager::cachemgrStateData state object for the following handling | |
178 | \retval NULL if the action can't be found or can't be accessed by the user | |
179 | */ | |
8822ebee | 180 | Mgr::Command::Pointer |
c83f0bd5 | 181 | CacheManager::ParseUrl(const char *url) |
22f3fd98 | 182 | { |
183 | int t; | |
184 | LOCAL_ARRAY(char, host, MAX_URL); | |
185 | LOCAL_ARRAY(char, request, MAX_URL); | |
186 | LOCAL_ARRAY(char, password, MAX_URL); | |
b8151fa1 CT |
187 | LOCAL_ARRAY(char, params, MAX_URL); |
188 | host[0] = 0; | |
189 | request[0] = 0; | |
190 | password[0] = 0; | |
191 | params[0] = 0; | |
192 | int pos = -1; | |
193 | int len = strlen(url); | |
194 | Must(len > 0); | |
195 | t = sscanf(url, "cache_object://%[^/]/%[^@?]%n@%[^?]?%s", host, request, &pos, password, params); | |
e37bd29b AJ |
196 | if (t < 1) { |
197 | t = sscanf(url, "http://%[^/]/squid-internal-mgr/%[^?]%n?%s", host, request, &pos, params); | |
198 | } | |
199 | if (t < 1) { | |
200 | t = sscanf(url, "https://%[^/]/squid-internal-mgr/%[^?]%n?%s", host, request, &pos, params); | |
201 | } | |
202 | debugs(16, 3, HERE << "HTTPS: t=" << t << ", host='" << host << "', request='" << request << "', pos=" << pos << | |
203 | ", password='" << password << "', params='" << params << "'"); | |
b8151fa1 | 204 | |
9d5e94f5 | 205 | if (pos >0 && url[pos] == '?') { |
b8151fa1 CT |
206 | ++pos; |
207 | if (pos < len) | |
208 | xstrncpy(params, url + pos, sizeof(params)); | |
209 | } | |
62e76326 | 210 | |
8822ebee | 211 | if (t < 2) |
62e76326 | 212 | xstrncpy(request, "menu", MAX_URL); |
8822ebee | 213 | |
cd377065 | 214 | #ifdef _SQUID_OS2_ |
8822ebee | 215 | if (t == 2 && request[0] == '\0') { |
62e76326 | 216 | /* |
217 | * emx's sscanf insists of returning 2 because it sets request | |
218 | * to null | |
219 | */ | |
62e76326 | 220 | xstrncpy(request, "menu", MAX_URL); |
8822ebee | 221 | } |
cd377065 | 222 | #endif |
62e76326 | 223 | |
8822ebee AR |
224 | Mgr::ActionProfile::Pointer profile = findAction(request); |
225 | if (!profile) { | |
3e1da049 | 226 | debugs(16, DBG_IMPORTANT, "CacheManager::ParseUrl: action '" << request << "' not found"); |
62e76326 | 227 | return NULL; |
22f3fd98 | 228 | } |
62e76326 | 229 | |
8822ebee AR |
230 | const char *prot = ActionProtection(profile); |
231 | if (!strcmp(prot, "disabled") || !strcmp(prot, "hidden")) { | |
232 | debugs(16, DBG_IMPORTANT, "CacheManager::ParseUrl: action '" << request << "' is " << prot); | |
233 | return NULL; | |
234 | } | |
62e76326 | 235 | |
8822ebee | 236 | Mgr::Command::Pointer cmd = new Mgr::Command; |
b8151fa1 CT |
237 | if (!Mgr::QueryParams::Parse(params, cmd->params.queryParams)) |
238 | return NULL; | |
8822ebee AR |
239 | cmd->profile = profile; |
240 | cmd->params.httpUri = url; | |
241 | cmd->params.userName = String(); | |
b8151fa1 | 242 | cmd->params.password = password; |
8822ebee AR |
243 | cmd->params.actionName = request; |
244 | return cmd; | |
22f3fd98 | 245 | } |
246 | ||
63be0a78 | 247 | /// \ingroup CacheManagerInternal |
832c08ab FC |
248 | /* |
249 | \ingroup CacheManagerInternal | |
250 | * Decodes the headers needed to perform user authentication and fills | |
251 | * the details into the cachemgrStateData argument | |
252 | */ | |
c83f0bd5 | 253 | void |
8822ebee | 254 | CacheManager::ParseHeaders(const HttpRequest * request, Mgr::ActionParams ¶ms) |
63259c34 | 255 | { |
8822ebee AR |
256 | assert(request); |
257 | ||
258 | params.httpMethod = request->method.id(); | |
259 | params.httpFlags = request->flags; | |
260 | ||
9da6b594 AJ |
261 | #if HAVE_AUTH_MODULE_BASIC |
262 | // TODO: use the authentication system decode to retrieve these details properly. | |
263 | ||
264 | /* base 64 _decoded_ user:passwd pair */ | |
265 | const char *basic_cookie = request->header.getAuth(HDR_AUTHORIZATION, "Basic"); | |
62e76326 | 266 | |
99edd1c3 | 267 | if (!basic_cookie) |
62e76326 | 268 | return; |
269 | ||
9da6b594 | 270 | const char *passwd_del; |
63259c34 | 271 | if (!(passwd_del = strchr(basic_cookie, ':'))) { |
3e1da049 | 272 | debugs(16, DBG_IMPORTANT, "CacheManager::ParseHeaders: unknown basic_cookie format '" << basic_cookie << "'"); |
62e76326 | 273 | return; |
63259c34 | 274 | } |
62e76326 | 275 | |
63259c34 | 276 | /* found user:password pair, reset old values */ |
8822ebee AR |
277 | params.userName.limitInit(basic_cookie, passwd_del - basic_cookie); |
278 | params.password = passwd_del + 1; | |
62e76326 | 279 | |
9da6b594 | 280 | /* warning: this prints decoded password which maybe not be what you want to do @?@ @?@ */ |
8822ebee | 281 | debugs(16, 9, "CacheManager::ParseHeaders: got user: '" << |
d9fc6862 | 282 | params.userName << "' passwd: '" << params.password << "'"); |
9da6b594 | 283 | #endif |
63259c34 | 284 | } |
285 | ||
63be0a78 | 286 | /** |
287 | \ingroup CacheManagerInternal | |
288 | * | |
289 | \retval 0 if mgr->password is good or "none" | |
290 | \retval 1 if mgr->password is "disable" | |
291 | \retval !0 if mgr->password does not match configured password | |
22f3fd98 | 292 | */ |
c83f0bd5 | 293 | int |
8822ebee | 294 | CacheManager::CheckPassword(const Mgr::Command &cmd) |
22f3fd98 | 295 | { |
8822ebee AR |
296 | assert(cmd.profile != NULL); |
297 | const char *action = cmd.profile->name; | |
298 | char *pwd = PasswdGet(Config.passwd_list, action); | |
03c4599f | 299 | |
8822ebee | 300 | debugs(16, 4, "CacheManager::CheckPassword for action " << action); |
62e76326 | 301 | |
22f3fd98 | 302 | if (pwd == NULL) |
8822ebee | 303 | return cmd.profile->isPwReq; |
62e76326 | 304 | |
22f3fd98 | 305 | if (strcmp(pwd, "disable") == 0) |
62e76326 | 306 | return 1; |
307 | ||
22f3fd98 | 308 | if (strcmp(pwd, "none") == 0) |
62e76326 | 309 | return 0; |
310 | ||
8822ebee | 311 | if (!cmd.params.password.size()) |
62e76326 | 312 | return 1; |
313 | ||
8822ebee | 314 | return cmd.params.password != pwd; |
22f3fd98 | 315 | } |
316 | ||
832c08ab FC |
317 | /** |
318 | \ingroup CacheManagerAPI | |
319 | * Main entry point in the Cache Manager's activity. Gets called as part | |
320 | * of the forward chain if the right URL is detected there. Initiates | |
321 | * all needed internal work and renders the response. | |
322 | */ | |
22f3fd98 | 323 | void |
5c336a3b | 324 | CacheManager::Start(const Comm::ConnectionPointer &client, HttpRequest * request, StoreEntry * entry) |
22f3fd98 | 325 | { |
22f3fd98 | 326 | ErrorState *err = NULL; |
832c08ab | 327 | debugs(16, 3, "CacheManager::Start: '" << entry->url() << "'" ); |
62e76326 | 328 | |
8822ebee AR |
329 | Mgr::Command::Pointer cmd = ParseUrl(entry->url()); |
330 | if (!cmd) { | |
2cc81f1f | 331 | err = errorCon(ERR_INVALID_URL, HTTP_NOT_FOUND, request); |
3900307b | 332 | err->url = xstrdup(entry->url()); |
62e76326 | 333 | errorAppendEntry(entry, err); |
334 | entry->expires = squid_curtime; | |
335 | return; | |
22f3fd98 | 336 | } |
62e76326 | 337 | |
8822ebee | 338 | const char *actionName = cmd->profile->name; |
34266cde | 339 | |
22f3fd98 | 340 | entry->expires = squid_curtime; |
34266cde | 341 | |
a750e510 | 342 | debugs(16, 5, "CacheManager: " << client << " requesting '" << actionName << "'"); |
34266cde | 343 | |
63259c34 | 344 | /* get additional info from request headers */ |
8822ebee AR |
345 | ParseHeaders(request, cmd->params); |
346 | ||
347 | const char *userName = cmd->params.userName.size() ? | |
d9fc6862 | 348 | cmd->params.userName.termedBuf() : "unknown"; |
34266cde | 349 | |
22f3fd98 | 350 | /* Check password */ |
62e76326 | 351 | |
8822ebee | 352 | if (CheckPassword(*cmd) != 0) { |
62e76326 | 353 | /* build error message */ |
076df709 | 354 | ErrorState *errState; |
62e76326 | 355 | HttpReply *rep; |
076df709 | 356 | errState = errorCon(ERR_CACHE_MGR_ACCESS_DENIED, HTTP_UNAUTHORIZED, request); |
62e76326 | 357 | /* warn if user specified incorrect password */ |
358 | ||
8822ebee | 359 | if (cmd->params.password.size()) { |
26ac0430 | 360 | debugs(16, DBG_IMPORTANT, "CacheManager: " << |
8822ebee | 361 | userName << "@" << |
5c336a3b | 362 | client << ": incorrect password for '" << |
8822ebee AR |
363 | actionName << "'" ); |
364 | } else { | |
26ac0430 | 365 | debugs(16, DBG_IMPORTANT, "CacheManager: " << |
8822ebee | 366 | userName << "@" << |
5c336a3b | 367 | client << ": password needed for '" << |
8822ebee AR |
368 | actionName << "'" ); |
369 | } | |
62e76326 | 370 | |
076df709 | 371 | rep = errState->BuildHttpReply(); |
62e76326 | 372 | |
076df709 | 373 | errorStateFree(errState); |
62e76326 | 374 | |
9da6b594 | 375 | #if HAVE_AUTH_MODULE_BASIC |
62e76326 | 376 | /* |
8822ebee AR |
377 | * add Authenticate header using action name as a realm because |
378 | * password depends on the action | |
62e76326 | 379 | */ |
8822ebee | 380 | rep->header.putAuth("Basic", actionName); |
9da6b594 | 381 | #endif |
62e76326 | 382 | |
383 | /* store the reply */ | |
db237875 | 384 | entry->replaceHttpReply(rep); |
62e76326 | 385 | |
386 | entry->expires = squid_curtime; | |
387 | ||
388 | entry->complete(); | |
389 | ||
62e76326 | 390 | return; |
22f3fd98 | 391 | } |
62e76326 | 392 | |
0be039f4 | 393 | debugs(16, 2, "CacheManager: " << |
8822ebee | 394 | userName << "@" << |
5c336a3b | 395 | client << " requesting '" << |
8822ebee | 396 | actionName << "'" ); |
62e76326 | 397 | |
8822ebee | 398 | if (UsingSmp() && IamWorkerProcess()) { |
1b76e6c1 | 399 | // is client the right connection to pass here? |
25b481e6 | 400 | AsyncJob::Start(new Mgr::Forwarder(client, cmd->params, request, entry)); |
8822ebee | 401 | return; |
cb69b4c7 | 402 | } |
62e76326 | 403 | |
8822ebee AR |
404 | Mgr::Action::Pointer action = cmd->profile->creator->create(cmd); |
405 | Must(action != NULL); | |
406 | action->run(entry, true); | |
22f3fd98 | 407 | } |
408 | ||
832c08ab FC |
409 | /* |
410 | \ingroup CacheManagerInternal | |
411 | * Renders the protection level text for an action. | |
412 | * Also doubles as a check for the protection level. | |
832c08ab | 413 | */ |
c83f0bd5 | 414 | const char * |
8822ebee | 415 | CacheManager::ActionProtection(const Mgr::ActionProfile::Pointer &profile) |
7395afb8 | 416 | { |
8822ebee AR |
417 | assert(profile != NULL); |
418 | const char *pwd = PasswdGet(Config.passwd_list, profile->name); | |
62e76326 | 419 | |
7395afb8 | 420 | if (!pwd) |
8822ebee | 421 | return profile->isPwReq ? "hidden" : "public"; |
62e76326 | 422 | |
7395afb8 | 423 | if (!strcmp(pwd, "disable")) |
62e76326 | 424 | return "disabled"; |
425 | ||
7395afb8 | 426 | if (strcmp(pwd, "none") == 0) |
62e76326 | 427 | return "public"; |
428 | ||
7395afb8 | 429 | return "protected"; |
430 | } | |
431 | ||
832c08ab FC |
432 | /* |
433 | \ingroup CacheManagerInternal | |
434 | * gets from the global Config the password the user would need to supply | |
435 | * for the action she queried | |
436 | */ | |
c83f0bd5 K |
437 | char * |
438 | CacheManager::PasswdGet(cachemgr_passwd * a, const char *action) | |
22f3fd98 | 439 | { |
440 | wordlist *w; | |
62e76326 | 441 | |
22f3fd98 | 442 | while (a != NULL) { |
62e76326 | 443 | for (w = a->actions; w != NULL; w = w->next) { |
444 | if (0 == strcmp(w->key, action)) | |
445 | return a->passwd; | |
446 | ||
447 | if (0 == strcmp(w->key, "all")) | |
448 | return a->passwd; | |
449 | } | |
450 | ||
451 | a = a->next; | |
22f3fd98 | 452 | } |
62e76326 | 453 | |
22f3fd98 | 454 | return NULL; |
455 | } | |
c83f0bd5 K |
456 | |
457 | CacheManager* CacheManager::instance=0; | |
458 | ||
832c08ab FC |
459 | /** |
460 | \ingroup CacheManagerAPI | |
461 | * Singleton accessor method. | |
462 | */ | |
c83f0bd5 | 463 | CacheManager* |
26ac0430 AJ |
464 | CacheManager::GetInstance() |
465 | { | |
466 | if (instance == 0) { | |
467 | debugs(16, 6, "CacheManager::GetInstance: starting cachemanager up"); | |
468 | instance = new CacheManager; | |
8822ebee | 469 | Mgr::RegisterBasics(); |
26ac0430 AJ |
470 | } |
471 | return instance; | |
c83f0bd5 | 472 | } |