]>
Commit | Line | Data |
---|---|---|
f88bb09c | 1 | |
2 | #include "squid.h" | |
3 | ||
4 | static void clientRedirectDone _PARAMS((void *data, char *result)); | |
5 | ||
6 | static int clientLookupDstIPDone(fd, hp, data) | |
7 | int fd; | |
8 | struct hostent *hp; | |
9 | void *data; | |
10 | { | |
11 | icpStateData *icpState = data; | |
12 | debug(33, 5, "clientLookupDstIPDone: FD %d, '%s'\n", | |
13 | fd, | |
14 | icpState->url); | |
665d36de | 15 | icpState->aclChecklist->state[ACL_DST_IP] = ACL_LOOKUP_DONE; |
16 | if (hp) { | |
f88bb09c | 17 | xmemcpy(&icpState->aclChecklist->dst_addr.s_addr, |
18 | *(hp->h_addr_list), | |
19 | hp->h_length); | |
20 | debug(33, 5, "clientLookupDstIPDone: %s is %s\n", | |
21 | icpState->request->host, | |
22 | inet_ntoa(icpState->aclChecklist->dst_addr)); | |
23 | } | |
24 | clientAccessCheck(icpState, icpState->aclHandler); | |
25 | return 1; | |
26 | } | |
27 | ||
28 | static void clientLookupSrcFQDNDone(fd, fqdn, data) | |
29 | int fd; | |
30 | char *fqdn; | |
31 | void *data; | |
32 | { | |
33 | icpStateData *icpState = data; | |
34 | debug(33, 5, "clientLookupSrcFQDNDone: FD %d, '%s', FQDN %s\n", | |
35 | fd, | |
36 | icpState->url, | |
37 | fqdn ? fqdn : "NULL"); | |
665d36de | 38 | icpState->aclChecklist->state[ACL_SRC_DOMAIN] = ACL_LOOKUP_DONE; |
f88bb09c | 39 | clientAccessCheck(icpState, icpState->aclHandler); |
40 | } | |
41 | ||
42 | static void clientLookupIdentDone(data) | |
43 | void *data; | |
44 | { | |
45 | } | |
46 | ||
47 | void clientAccessCheck(icpState, handler) | |
48 | icpStateData *icpState; | |
49 | void (*handler) _PARAMS((icpStateData *, int)); | |
50 | { | |
51 | int answer = 1; | |
52 | request_t *r = icpState->request; | |
53 | aclCheck_t *ch = NULL; | |
54 | if (icpState->aclChecklist == NULL) { | |
55 | icpState->aclChecklist = xcalloc(1, sizeof(aclCheck_t)); | |
56 | icpState->aclChecklist->src_addr = icpState->peer.sin_addr; | |
57 | icpState->aclChecklist->request = requestLink(icpState->request); | |
58 | } | |
59 | ch = icpState->aclChecklist; | |
60 | icpState->aclHandler = handler; | |
b6f794d6 | 61 | if (httpd_accel_mode && !Config.Accel.withProxy && r->protocol != PROTO_CACHEOBJ) { |
f88bb09c | 62 | /* this cache is an httpd accelerator ONLY */ |
63 | if (!BIT_TEST(icpState->flags, REQ_ACCEL)) | |
64 | answer = 0; | |
65 | } else { | |
66 | answer = aclCheck(HTTPAccessList, ch); | |
665d36de | 67 | if (ch->state[ACL_DST_IP] == ACL_LOOKUP_NEED) { |
38c0402e | 68 | ch->state[ACL_DST_IP] = ACL_LOOKUP_PENDING; /* first */ |
665d36de | 69 | ipcache_nbgethostbyname(icpState->request->host, |
70 | icpState->fd, | |
71 | clientLookupDstIPDone, | |
72 | icpState); | |
38c0402e | 73 | return; |
665d36de | 74 | } else if (ch->state[ACL_SRC_DOMAIN] == ACL_LOOKUP_NEED) { |
38c0402e | 75 | ch->state[ACL_SRC_DOMAIN] = ACL_LOOKUP_PENDING; /* first */ |
665d36de | 76 | fqdncache_nbgethostbyaddr(icpState->peer.sin_addr, |
77 | icpState->fd, | |
78 | clientLookupSrcFQDNDone, | |
79 | icpState); | |
38c0402e | 80 | return; |
f88bb09c | 81 | } |
82 | } | |
83 | requestUnlink(icpState->aclChecklist->request); | |
84 | safe_free(icpState->aclChecklist); | |
85 | icpState->aclHandler = NULL; | |
86 | (*handler) (icpState, answer); | |
87 | } | |
88 | ||
89 | void clientAccessCheckDone(icpState, answer) | |
90 | icpStateData *icpState; | |
91 | int answer; | |
92 | { | |
93 | int fd = icpState->fd; | |
94 | char *buf = NULL; | |
95 | debug(33, 5, "clientAccessCheckDone: '%s' answer=%d\n", icpState->url, answer); | |
96 | if (answer) { | |
97 | urlCanonical(icpState->request, icpState->url); | |
c0cdaf99 | 98 | redirectStart(fd, icpState, clientRedirectDone, icpState); |
f88bb09c | 99 | } else { |
100 | debug(33, 5, "Access Denied: %s\n", icpState->url); | |
101 | buf = access_denied_msg(icpState->http_code = 400, | |
102 | icpState->method, | |
103 | icpState->url, | |
104 | fd_table[fd].ipaddr); | |
105 | icpSendERROR(fd, LOG_TCP_DENIED, buf, icpState, 403); | |
106 | } | |
107 | } | |
108 | ||
109 | static void clientRedirectDone(data, result) | |
110 | void *data; | |
111 | char *result; | |
112 | { | |
113 | icpStateData *icpState = data; | |
114 | int fd = icpState->fd; | |
c0cdaf99 | 115 | request_t *new_request = NULL; |
f88bb09c | 116 | debug(33, 5, "clientRedirectDone: '%s' result=%s\n", icpState->url, |
117 | result ? result : "NULL"); | |
c0cdaf99 | 118 | if (result) |
119 | new_request = urlParse(icpState->request->method, result); | |
120 | if (new_request) { | |
f88bb09c | 121 | safe_free(icpState->url); |
122 | icpState->url = xstrdup(result); | |
c0cdaf99 | 123 | requestUnlink(icpState->request); |
124 | icpState->request = requestLink(new_request); | |
f88bb09c | 125 | urlCanonical(icpState->request, icpState->url); |
126 | } | |
127 | icpParseRequestHeaders(icpState); | |
128 | fd_note(fd, icpState->url); | |
129 | comm_set_select_handler(fd, | |
130 | COMM_SELECT_READ, | |
131 | (PF) icpDetectClientClose, | |
132 | (void *) icpState); | |
133 | icp_hit_or_miss(fd, icpState); | |
134 | } |