]> git.ipfire.org Git - thirdparty/squid.git/blob - src/acl/Acl.h
projects / thirdparty / squid.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Allow for custom keywords in ACL lists (in addition to allow/deny).
[thirdparty/squid.git] / src / acl / Acl.h
1 /*
2 * $Id$
3 *
4 *
5 * SQUID Web Proxy Cache http://www.squid-cache.org/
6 * ----------------------------------------------------------
7 *
8 * Squid is the result of efforts by numerous individuals from
9 * the Internet community; see the CONTRIBUTORS file for full
10 * details. Many organizations have provided support for Squid's
11 * development; see the SPONSORS file for full details. Squid is
12 * Copyrighted (C) 2001 by the Regents of the University of
13 * California; see the COPYRIGHT file for full details. Squid
14 * incorporates software developed and/or copyrighted by other
15 * sources; see the CREDITS file for full details.
16 *
17 * This program is free software; you can redistribute it and/or modify
18 * it under the terms of the GNU General Public License as published by
19 * the Free Software Foundation; either version 2 of the License, or
20 * (at your option) any later version.
21 *
22 * This program is distributed in the hope that it will be useful,
23 * but WITHOUT ANY WARRANTY; without even the implied warranty of
24 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
25 * GNU General Public License for more details.
26 *
27 * You should have received a copy of the GNU General Public License
28 * along with this program; if not, write to the Free Software
29 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
30 *
31 *
32 * Copyright (c) 2003, Robert Collins <robertc@squid-cache.org>
33 */
34
35 #ifndef SQUID_ACL_H
36 #define SQUID_ACL_H
37
38 #include "Array.h"
39 #include "cbdata.h"
40 #include "dlink.h"
41
42 #if HAVE_OSTREAM
43 #include <ostream>
44 #endif
45
46 class ConfigParser;
47 class ACLChecklist;
48
49 /// \ingroup ACLAPI
50 class ACL
51 {
52
53 public:
54 void *operator new(size_t);
55 void operator delete(void *);
56
57 static ACL *Factory (char const *);
58 static void ParseAclLine(ConfigParser &parser, ACL ** head);
59 static void Initialize();
60 static ACL* FindByName(const char *name);
61
62 ACL();
63 virtual ~ACL();
64 virtual ACL *clone()const = 0;
65 virtual void parse() = 0;
66 virtual char const *typeString() const = 0;
67 virtual bool isProxyAuth() const;
68 virtual bool requiresRequest() const;
69 virtual bool requiresReply() const;
70 virtual int match(ACLChecklist * checklist) = 0;
71 virtual wordlist *dump() const = 0;
72 virtual bool empty () const = 0;
73 virtual bool valid () const;
74 int checklistMatches(ACLChecklist *);
75
76 int cacheMatchAcl(dlink_list * cache, ACLChecklist *);
77 virtual int matchForCache(ACLChecklist *checklist);
78
79 virtual void prepareForUse() {}
80
81 char name[ACL_NAME_SZ];
82 char *cfgline;
83 ACL *next;
84
85 public:
86
87 class Prototype
88 {
89
90 public:
91 Prototype ();
92 Prototype (ACL const *, char const *);
93 ~Prototype();
94 static bool Registered(char const *);
95 static ACL *Factory (char const *);
96
97 private:
98 ACL const*prototype;
99 char const *typeString;
100
101 private:
102 static Vector<Prototype const *> * Registry;
103 static void *Initialized;
104 typedef Vector<Prototype const*>::iterator iterator;
105 typedef Vector<Prototype const*>::const_iterator const_iterator;
106 void registerMe();
107 };
108 };
109
110 /// \ingroup ACLAPI
111 typedef enum {
112 // Authorization ACL result states
113 ACCESS_DENIED,
114 ACCESS_ALLOWED,
115 ACCESS_DUNNO,
116
117 // Authentication ACL result states
118 ACCESS_AUTH_REQUIRED, // Missing Credentials
119 ACCESS_AUTH_EXPIRED_OK, // Expired now. Were Okay.
120 ACCESS_AUTH_EXPIRED_BAD // Expired now. Were Failed.
121 } aclMatchCode;
122
123 /// \ingroup ACLAPI
124 /// ACL check answer; TODO: Rename to Acl::Answer
125 class allow_t {
126 public:
127 // not explicit: allow "aclMatchCode to allow_t" conversions (for now)
128 allow_t(const aclMatchCode aCode): code(aCode), kind(0) {}
129
130 allow_t(): code(ACCESS_DUNNO), kind(0) {}
131
132 bool operator ==(const aclMatchCode aCode) const {
133 return code == aCode;
134 }
135
136 bool operator !=(const aclMatchCode aCode) const {
137 return !(*this == aCode);
138 }
139
140 operator aclMatchCode() const {
141 return code;
142 }
143
144 aclMatchCode code; ///< ACCESS_* code
145 int kind; ///< which custom access list verb matched
146 };
147
148
149 inline std::ostream &
150 operator <<(std::ostream &o, const allow_t a)
151 {
152 switch (a) {
153 case ACCESS_DENIED:
154 o << "DENIED";
155 break;
156 case ACCESS_ALLOWED:
157 o << "ALLOWED";
158 break;
159 case ACCESS_DUNNO:
160 o << "DUNNO";
161 break;
162 case ACCESS_AUTH_REQUIRED:
163 o << "AUTH_REQUIRED";
164 break;
165 case ACCESS_AUTH_EXPIRED_OK:
166 o << "AUTH_EXPIRED_OK";
167 break;
168 case ACCESS_AUTH_EXPIRED_BAD:
169 o << "AUTH_EXPIRED_BAD";
170 break;
171 }
172 return o;
173 }
174
175 /// \ingroup ACLAPI
176 class acl_access
177 {
178
179 public:
180 void *operator new(size_t);
181 void operator delete(void *);
182 allow_t allow;
183 ACLList *aclList;
184 char *cfgline;
185 acl_access *next;
186
187 private:
188 CBDATA_CLASS(acl_access);
189 };
190
191 /// \ingroup ACLAPI
192 class ACLList
193 {
194
195 public:
196 MEMPROXY_CLASS(ACLList);
197
198 ACLList();
199 void negated(bool isNegated);
200 bool matches (ACLChecklist *)const;
201 int op;
202 ACL *_acl;
203 ACLList *next;
204 };
205
206 MEMPROXY_CLASS_INLINE(ACLList);
207
208 /// \ingroup ACLAPI
209 class acl_proxy_auth_match_cache
210 {
211
212 public:
213 MEMPROXY_CLASS(acl_proxy_auth_match_cache);
214 dlink_node link;
215 int matchrv;
216 void *acl_data;
217 };
218
219 MEMPROXY_CLASS_INLINE(acl_proxy_auth_match_cache);
220
221
222 /// \ingroup ACLAPI
223 extern const char *AclMatchedName; /* NULL */
224
225 #endif /* SQUID_ACL_H */
Mirror of https://github.com/squid-cache/squid.git