src/acl/CertificateData.h

   1 /*
   2  *
   3  * SQUID Web Proxy Cache          http://www.squid-cache.org/
   4  * ----------------------------------------------------------
   5  *
   6  *  Squid is the result of efforts by numerous individuals from
   7  *  the Internet community; see the CONTRIBUTORS file for full
   8  *  details.   Many organizations have provided support for Squid's
   9  *  development; see the SPONSORS file for full details.  Squid is
  10  *  Copyrighted (C) 2001 by the Regents of the University of
  11  *  California; see the COPYRIGHT file for full details.  Squid
  12  *  incorporates software developed and/or copyrighted by other
  13  *  sources; see the CREDITS file for full details.
  14  *
  15  *  This program is free software; you can redistribute it and/or modify
  16  *  it under the terms of the GNU General Public License as published by
  17  *  the Free Software Foundation; either version 2 of the License, or
  18  *  (at your option) any later version.
  19  *
  20  *  This program is distributed in the hope that it will be useful,
  21  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  22  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  23  *  GNU General Public License for more details.
  24  *
  25  *  You should have received a copy of the GNU General Public License
  26  *  along with this program; if not, write to the Free Software
  27  *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
  28  *
  29  *
  30  * Copyright (c) 2003, Robert Collins <robertc@squid-cache.org>
  31  */
  32
  33 #ifndef SQUID_ACLCERTIFICATEDATA_H
  34 #define SQUID_ACLCERTIFICATEDATA_H
  35
  36 #include "acl/Acl.h"
  37 #include "acl/Data.h"
  38 #include "acl/StringData.h"
  39 #include "splay.h"
  40 #include "ssl/support.h"
  41 #include <string>
  42 #include <list>
  43
  44 /// \ingroup ACLAPI
  45 class ACLCertificateData : public ACLData<X509 *>
  46 {
  47
  48 public:
  49     MEMPROXY_CLASS(ACLCertificateData);
  50
  51     ACLCertificateData(Ssl::GETX509ATTRIBUTE *, const char *attributes, bool optionalAttr = false);
  52     ACLCertificateData(ACLCertificateData const &);
  53     ACLCertificateData &operator= (ACLCertificateData const &);
  54     virtual ~ACLCertificateData();
  55     bool match(X509 *);
  56     wordlist *dump();
  57     void parse();
  58     bool empty() const;
  59     virtual ACLData<X509 *> *clone() const;
  60
  61     /// A '|'-delimited list of valid ACL attributes.
  62     /// A "*" item means that any attribute is acceptable.
  63     /// Assumed to be a const-string and is never duped/freed.
  64     /// Nil unless ACL form is: acl Name type attribute value1 ...
  65     const char *validAttributesStr;
  66     /// Parsed list of valid attribute names
  67     std::list<std::string> validAttributes;
  68     /// True if the attribute is optional (-xxx options)
  69     bool attributeIsOptional;
  70     char *attribute;
  71     ACLStringData values;
  72
  73 private:
  74     /// The callback used to retrieve the data from X509 cert
  75     Ssl::GETX509ATTRIBUTE *sslAttributeCall;
  76 };
  77
  78 MEMPROXY_CLASS_INLINE(ACLCertificateData);
  79
  80 #endif /* SQUID_ACLCERTIFICATEDATA_H */