]>
Commit | Line | Data |
---|---|---|
8000a965 | 1 | /* |
bbc27441 | 2 | * Copyright (C) 1996-2014 The Squid Software Foundation and contributors |
8000a965 | 3 | * |
bbc27441 AJ |
4 | * Squid software is distributed under GPLv2+ license and includes |
5 | * contributions from numerous individuals and organizations. | |
6 | * Please see the COPYING and CONTRIBUTORS files for details. | |
8000a965 | 7 | */ |
8 | ||
bbc27441 AJ |
9 | /* DEBUG: section 28 Access Control */ |
10 | ||
582c2af2 | 11 | #include "squid.h" |
4daaf3cb AJ |
12 | |
13 | #if USE_IDENT | |
14 | ||
127dce76 AR |
15 | #include "acl/FilledChecklist.h" |
16 | #include "acl/RegexData.h" | |
17 | #include "acl/UserData.h" | |
a46d2c0e | 18 | #include "client_side.h" |
f9b72e0c | 19 | #include "comm/Connection.h" |
582c2af2 | 20 | #include "globals.h" |
4daaf3cb AJ |
21 | #include "ident/AclIdent.h" |
22 | #include "ident/Ident.h" | |
8000a965 | 23 | |
8000a965 | 24 | ACLIdent::~ACLIdent() |
25 | { | |
00d77d6b | 26 | delete data; |
3841dd46 | 27 | } |
28 | ||
5dee515e | 29 | ACLIdent::ACLIdent(ACLData<char const *> *newData, char const *newType) : data (newData), type_ (newType) {} |
62e76326 | 30 | |
3841dd46 | 31 | ACLIdent::ACLIdent (ACLIdent const &old) : data (old.data->clone()), type_ (old.type_) |
62e76326 | 32 | {} |
33 | ||
3841dd46 | 34 | ACLIdent & |
35 | ACLIdent::operator= (ACLIdent const &rhs) | |
36 | { | |
37 | data = rhs.data->clone(); | |
38 | type_ = rhs.type_; | |
39 | return *this; | |
8000a965 | 40 | } |
41 | ||
42 | char const * | |
43 | ACLIdent::typeString() const | |
44 | { | |
3841dd46 | 45 | return type_; |
8000a965 | 46 | } |
47 | ||
48 | void | |
49 | ACLIdent::parse() | |
50 | { | |
1b0e74e5 | 51 | if (!data) { |
4daaf3cb | 52 | debugs(28, 3, HERE << "current is null. Creating"); |
1b0e74e5 | 53 | data = new ACLUserData; |
54 | } | |
55 | ||
8000a965 | 56 | data->parse(); |
57 | } | |
58 | ||
59 | int | |
127dce76 | 60 | ACLIdent::match(ACLChecklist *cl) |
8000a965 | 61 | { |
127dce76 | 62 | ACLFilledChecklist *checklist = Filled(cl); |
8000a965 | 63 | if (checklist->rfc931[0]) { |
62e76326 | 64 | return data->match(checklist->rfc931); |
73c36fd9 AJ |
65 | } else if (checklist->conn() != NULL && checklist->conn()->clientConnection != NULL && checklist->conn()->clientConnection->rfc931[0]) { |
66 | return data->match(checklist->conn()->clientConnection->rfc931); | |
e0f7153c | 67 | } else if (checklist->conn() != NULL && Comm::IsConnOpen(checklist->conn()->clientConnection)) { |
6f58d7d7 AR |
68 | if (checklist->goAsync(IdentLookup::Instance())) { |
69 | debugs(28, 3, "switching to ident lookup state"); | |
70 | return -1; | |
71 | } | |
72 | // else fall through to ACCESS_DUNNO failure below | |
e0f7153c AR |
73 | } else { |
74 | debugs(28, DBG_IMPORTANT, HERE << "Can't start ident lookup. No client connection" ); | |
6f58d7d7 | 75 | // fall through to ACCESS_DUNNO failure below |
8000a965 | 76 | } |
6f58d7d7 AR |
77 | |
78 | checklist->markFinished(ACCESS_DUNNO, "cannot start ident lookup"); | |
79 | return -1; | |
8000a965 | 80 | } |
81 | ||
dfad5100 | 82 | SBufList |
8000a965 | 83 | ACLIdent::dump() const |
84 | { | |
85 | return data->dump(); | |
86 | } | |
87 | ||
88 | bool | |
4b0f5de8 | 89 | ACLIdent::empty () const |
8000a965 | 90 | { |
1bebfd93 | 91 | return data->empty(); |
8000a965 | 92 | } |
3841dd46 | 93 | |
94 | ACL * | |
95 | ACLIdent::clone() const | |
96 | { | |
97 | return new ACLIdent(*this); | |
98 | } | |
99 | ||
3841dd46 | 100 | IdentLookup IdentLookup::instance_; |
101 | ||
102 | IdentLookup * | |
103 | IdentLookup::Instance() | |
104 | { | |
105 | return &instance_; | |
106 | } | |
107 | ||
108 | void | |
127dce76 | 109 | IdentLookup::checkForAsync(ACLChecklist *cl)const |
3841dd46 | 110 | { |
127dce76 | 111 | ACLFilledChecklist *checklist = Filled(cl); |
e0f7153c AR |
112 | const ConnStateData *conn = checklist->conn(); |
113 | // check that ACLIdent::match() tested this lookup precondition | |
114 | assert(conn && Comm::IsConnOpen(conn->clientConnection)); | |
c0f81932 | 115 | debugs(28, 3, HERE << "Doing ident lookup" ); |
c0f81932 | 116 | Ident::Start(checklist->conn()->clientConnection, LookupDone, checklist); |
3841dd46 | 117 | } |
118 | ||
119 | void | |
120 | IdentLookup::LookupDone(const char *ident, void *data) | |
121 | { | |
127dce76 | 122 | ACLFilledChecklist *checklist = Filled(static_cast<ACLChecklist*>(data)); |
3841dd46 | 123 | |
124 | if (ident) { | |
62e76326 | 125 | xstrncpy(checklist->rfc931, ident, USER_IDENT_SZ); |
3841dd46 | 126 | } else { |
62e76326 | 127 | xstrncpy(checklist->rfc931, dash_str, USER_IDENT_SZ); |
3841dd46 | 128 | } |
62e76326 | 129 | |
3841dd46 | 130 | /* |
131 | * Cache the ident result in the connection, to avoid redoing ident lookup | |
132 | * over and over on persistent connections | |
133 | */ | |
73c36fd9 AJ |
134 | if (checklist->conn() != NULL && checklist->conn()->clientConnection != NULL && !checklist->conn()->clientConnection->rfc931[0]) |
135 | xstrncpy(checklist->conn()->clientConnection->rfc931, checklist->rfc931, USER_IDENT_SZ); | |
62e76326 | 136 | |
6f58d7d7 | 137 | checklist->resumeNonBlockingCheck(IdentLookup::Instance()); |
3841dd46 | 138 | } |
4daaf3cb AJ |
139 | |
140 | #endif /* USE_IDENT */ | |
f53969cc | 141 |