]>
git.ipfire.org Git - thirdparty/squid.git/blob - src/acl/external/session/ext_session_acl.cc
2 * Copyright (C) 1996-2020 The Squid Software Foundation and contributors
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
10 * ext_session_acl: Squid external acl helper for tracking sessions
12 * Copyright (C) 2006 Henrik Nordstrom <henrik@henriknordstrom.net>
14 * This program is free software; you can redistribute it and/or modify
15 * it under the terms of the GNU General Public License as published by
16 * the Free Software Foundation; either version 2 of the License, or
17 * (at your option) any later version.
19 * This program is distributed in the hope that it will be useful,
20 * but WITHOUT ANY WARRANTY; without even the implied warranty of
21 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
22 * GNU General Public License for more details.
24 * You should have received a copy of the GNU General Public License
25 * along with this program; if not, write to the Free Software
26 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
32 #include "helper/protocol_defines.h"
44 #include <sys/types.h>
53 /* At this point all Bit Types are already defined, so we must
54 protect from multiple type definition on platform where
55 __BIT_TYPES_DEFINED__ is not defined.
57 #ifndef __BIT_TYPES_DEFINED__
58 #define __BIT_TYPES_DEFINED__
61 static int session_ttl
= 3600;
62 static int fixed_timeout
= 0;
64 const char *program_name
;
68 DB_ENV
*db_env
= NULL
;
72 TDB_CONTEXT
*db
= nullptr;
73 typedef TDB_DATA DB_ENTRY
;
76 #error "Either Berkeley DB or Trivial DB must be available"
87 db_env
->close(db_env
, 0);
90 if (tdb_close(db
) != 0) {
91 fprintf(stderr
, "%s| WARNING: error closing session db '%s'\n", program_name
, db_path
);
99 static void init_db(void)
104 if (!stat(db_path
, &st_buf
)) {
105 if (S_ISDIR (st_buf
.st_mode
)) {
107 /* If directory then open database environment. This prevents sync problems
108 between different processes. Otherwise fallback to single file */
109 db_env_create(&db_env
, 0);
110 if (db_env
->open(db_env
, db_path
, DB_CREATE
| DB_INIT_MPOOL
| DB_INIT_LOCK
, 0666)) {
111 fprintf(stderr
, "FATAL: %s: Failed to open database environment in '%s'\n", program_name
, db_path
);
112 db_env
->close(db_env
, 0);
115 db_create(&db
, db_env
, 0);
117 std::string
newPath(db_path
);
118 newPath
.append("session", 7);
119 db_path
= xstrdup(newPath
.c_str());
127 if (db
->open(db
, NULL
, "session", NULL
, DB_BTREE
, DB_CREATE
, 0666)) {
128 fprintf(stderr
, "FATAL: %s: Failed to open db file '%s' in dir '%s'\n",
129 program_name
, "session", db_path
);
130 db_env
->close(db_env
, 0);
134 db_create(&db
, NULL
, 0);
135 if (db
->open(db
, NULL
, db_path
, NULL
, DB_BTREE
, DB_CREATE
, 0666)) {
140 #if _SQUID_FREEBSD_ && !defined(O_DSYNC)
141 // FreeBSD lacks O_DSYNC, O_SYNC is closest to correct behaviour
142 #define O_DSYNC O_SYNC
144 db
= tdb_open(db_path
, 0, TDB_CLEAR_IF_FIRST
, O_CREAT
|O_DSYNC
, 0666);
147 fprintf(stderr
, "FATAL: %s: Failed to open session db '%s'\n", program_name
, db_path
);
153 int session_is_active
= 0;
156 dataSize(DB_ENTRY
*data
)
166 fetchKey(/*const*/ DB_ENTRY
&key
, DB_ENTRY
*data
)
169 return (db
->get(db
, nullptr, &key
, data
, 0) == 0);
171 // NP: API says returns NULL on errors, but return is a struct type WTF??
172 *data
= tdb_fetch(db
, key
);
173 return (data
->dptr
!= nullptr);
178 deleteEntry(/*const*/ DB_ENTRY
&key
)
181 db
->del(db
, nullptr, &key
, 0);
188 copyValue(void *dst
, const DB_ENTRY
*src
, size_t sz
)
191 memcpy(dst
, src
->data
, sz
);
193 memcpy(dst
, src
->dptr
, sz
);
197 static int session_active(const char *details
, size_t len
)
202 key
.data
= (void *)details
;
208 if (fetchKey(key
, &data
)) {
210 if (dataSize(&data
) != sizeof(timestamp
)) {
211 fprintf(stderr
, "ERROR: %s: CORRUPTED DATABASE (%s)\n", program_name
, details
);
215 copyValue(×tamp
, &data
, sizeof(timestamp
));
216 if (timestamp
+ session_ttl
>= time(NULL
))
223 session_login(/*const*/ char *details
, size_t len
)
227 time_t now
= time(0);
229 key
.data
= static_cast<decltype(key
.data
)>(details
);
232 data
.size
= sizeof(now
);
233 db
->put(db
, NULL
, &key
, &data
, 0);
235 key
.dptr
= reinterpret_cast<decltype(key
.dptr
)>(details
);
237 data
.dptr
= reinterpret_cast<decltype(data
.dptr
)>(&now
);
238 data
.dsize
= sizeof(now
);
239 tdb_store(db
, key
, data
, 0);
244 session_logout(/*const*/ char *details
, size_t len
)
248 key
.data
= static_cast<decltype(key
.data
)>(details
);
251 key
.dptr
= reinterpret_cast<decltype(key
.dptr
)>(details
);
257 static void usage(void)
259 fprintf(stderr
, "Usage: %s [-t|-T session_timeout] [-b dbpath] [-a]\n", program_name
);
260 fprintf(stderr
, " -t sessiontimeout Idle timeout after which sessions will be forgotten (user activity will reset)\n");
261 fprintf(stderr
, " -T sessiontimeout Fixed timeout after which sessions will be forgotten (regardless of user activity)\n");
262 fprintf(stderr
, " -b dbpath Path where persistent session database will be kept\n");
263 fprintf(stderr
, " -a Active mode requiring LOGIN argument to start a session\n");
265 int main(int argc
, char **argv
)
267 char request
[HELPER_INPUT_BUFFER
];
269 int default_action
= 1;
271 program_name
= argv
[0];
273 while ((opt
= getopt(argc
, argv
, "t:T:b:a?")) != -1) {
278 session_ttl
= strtol(optarg
, NULL
, 0);
281 db_path
= xstrdup(optarg
);
293 setbuf(stdout
, NULL
);
297 while (fgets(request
, HELPER_INPUT_BUFFER
, stdin
)) {
299 const char *channel_id
= strtok(request
, " ");
300 char *detail
= strtok(NULL
, "\n");
301 if (detail
== NULL
) {
302 // Only 1 parameter supplied. We are expecting at least 2 (including the channel ID)
303 fprintf(stderr
, "FATAL: %s is concurrent and requires the concurrency option to be specified.\n", program_name
);
307 char *lastdetail
= strrchr(detail
, ' ');
308 size_t detail_len
= strlen(detail
);
310 if (strcmp(lastdetail
, " LOGIN") == 0) {
312 detail_len
= (size_t)(lastdetail
-detail
);
314 } else if (strcmp(lastdetail
, " LOGOUT") == 0) {
316 detail_len
= (size_t)(lastdetail
-detail
);
318 } else if (!default_action
&& strcmp(lastdetail
, " -") == 0) {
319 // no action; LOGIN/LOGOUT not supplied
320 // but truncate the '-' %DATA value given by Squid-4 and later
321 detail_len
= (size_t)(lastdetail
-detail
);
326 session_logout(detail
, detail_len
);
327 printf("%s OK message=\"Bye\"\n", channel_id
);
328 } else if (action
== 1) {
329 session_login(detail
, detail_len
);
330 printf("%s OK message=\"Welcome\"\n", channel_id
);
331 } else if (session_active(detail
, detail_len
)) {
332 if (fixed_timeout
== 0) {
333 session_login(detail
, detail_len
);
335 printf("%s OK\n", channel_id
);
336 } else if (default_action
== 1) {
337 session_login(detail
, detail_len
);
338 printf("%s ERR message=\"Welcome\"\n", channel_id
);
340 printf("%s ERR message=\"No session available\"\n", channel_id
);