src/ident/AclIdent.cc

   1 /*
   2  * DEBUG: section 28    Access Control
   3  * AUTHOR: Duane Wessels
   4  *
   5  * SQUID Web Proxy Cache          http://www.squid-cache.org/
   6  * ----------------------------------------------------------
   7  *
   8  *  Squid is the result of efforts by numerous individuals from
   9  *  the Internet community; see the CONTRIBUTORS file for full
  10  *  details.   Many organizations have provided support for Squid's
  11  *  development; see the SPONSORS file for full details.  Squid is
  12  *  Copyrighted (C) 2001 by the Regents of the University of
  13  *  California; see the COPYRIGHT file for full details.  Squid
  14  *  incorporates software developed and/or copyrighted by other
  15  *  sources; see the CREDITS file for full details.
  16  *
  17  *  This program is free software; you can redistribute it and/or modify
  18  *  it under the terms of the GNU General Public License as published by
  19  *  the Free Software Foundation; either version 2 of the License, or
  20  *  (at your option) any later version.
  21  *
  22  *  This program is distributed in the hope that it will be useful,
  23  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  24  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  25  *  GNU General Public License for more details.
  26  *
  27  *  You should have received a copy of the GNU General Public License
  28  *  along with this program; if not, write to the Free Software
  29  *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
  30  *
  31  *
  32  * Copyright (c) 2003, Robert Collins <robertc@squid-cache.org>
  33  */
  34
  35 #include "squid.h"
  36
  37 #if USE_IDENT
  38
  39 #include "acl/FilledChecklist.h"
  40 #include "acl/RegexData.h"
  41 #include "acl/UserData.h"
  42 #include "client_side.h"
  43 #include "comm/Connection.h"
  44 #include "globals.h"
  45 #include "ident/AclIdent.h"
  46 #include "ident/Ident.h"
  47
  48 ACLIdent::~ACLIdent()
  49 {
  50     delete data;
  51 }
  52
  53 ACLIdent::ACLIdent(ACLData<char const *> *newData, char const *newType) : data (newData), type_ (newType) {}
  54
  55 ACLIdent::ACLIdent (ACLIdent const &old) : data (old.data->clone()), type_ (old.type_)
  56 {}
  57
  58 ACLIdent &
  59 ACLIdent::operator= (ACLIdent const &rhs)
  60 {
  61     data = rhs.data->clone();
  62     type_ = rhs.type_;
  63     return *this;
  64 }
  65
  66 char const *
  67 ACLIdent::typeString() const
  68 {
  69     return type_;
  70 }
  71
  72 void
  73 ACLIdent::parse()
  74 {
  75     if (!data) {
  76         debugs(28, 3, HERE << "current is null. Creating");
  77         data = new ACLUserData;
  78     }
  79
  80     data->parse();
  81 }
  82
  83 int
  84 ACLIdent::match(ACLChecklist *cl)
  85 {
  86     ACLFilledChecklist *checklist = Filled(cl);
  87     if (checklist->rfc931[0]) {
  88         return data->match(checklist->rfc931);
  89     } else if (checklist->conn() != NULL && checklist->conn()->clientConnection != NULL && checklist->conn()->clientConnection->rfc931[0]) {
  90         return data->match(checklist->conn()->clientConnection->rfc931);
  91     } else if (checklist->conn() != NULL && Comm::IsConnOpen(checklist->conn()->clientConnection)) {
  92         if (checklist->goAsync(IdentLookup::Instance())) {
  93             debugs(28, 3, "switching to ident lookup state");
  94             return -1;
  95         }
  96         // else fall through to ACCESS_DUNNO failure below
  97     } else {
  98         debugs(28, DBG_IMPORTANT, HERE << "Can't start ident lookup. No client connection" );
  99         // fall through to ACCESS_DUNNO failure below
 100     }
 101
 102     checklist->markFinished(ACCESS_DUNNO, "cannot start ident lookup");
 103     return -1;
 104 }
 105
 106 SBufList
 107 ACLIdent::dump() const
 108 {
 109     return data->dump();
 110 }
 111
 112 bool
 113 ACLIdent::empty () const
 114 {
 115     return data->empty();
 116 }
 117
 118 ACL *
 119 ACLIdent::clone() const
 120 {
 121     return new ACLIdent(*this);
 122 }
 123
 124 IdentLookup IdentLookup::instance_;
 125
 126 IdentLookup *
 127 IdentLookup::Instance()
 128 {
 129     return &instance_;
 130 }
 131
 132 void
 133 IdentLookup::checkForAsync(ACLChecklist *cl)const
 134 {
 135     ACLFilledChecklist *checklist = Filled(cl);
 136     const ConnStateData *conn = checklist->conn();
 137     // check that ACLIdent::match() tested this lookup precondition
 138     assert(conn && Comm::IsConnOpen(conn->clientConnection));
 139     debugs(28, 3, HERE << "Doing ident lookup" );
 140     Ident::Start(checklist->conn()->clientConnection, LookupDone, checklist);
 141 }
 142
 143 void
 144 IdentLookup::LookupDone(const char *ident, void *data)
 145 {
 146     ACLFilledChecklist *checklist = Filled(static_cast<ACLChecklist*>(data));
 147
 148     if (ident) {
 149         xstrncpy(checklist->rfc931, ident, USER_IDENT_SZ);
 150     } else {
 151         xstrncpy(checklist->rfc931, dash_str, USER_IDENT_SZ);
 152     }
 153
 154     /*
 155      * Cache the ident result in the connection, to avoid redoing ident lookup
 156      * over and over on persistent connections
 157      */
 158     if (checklist->conn() != NULL && checklist->conn()->clientConnection != NULL && !checklist->conn()->clientConnection->rfc931[0])
 159         xstrncpy(checklist->conn()->clientConnection->rfc931, checklist->rfc931, USER_IDENT_SZ);
 160
 161     checklist->resumeNonBlockingCheck(IdentLookup::Instance());
 162 }
 163
 164 #endif /* USE_IDENT */