src/ident/AclIdent.cc

   1 /*
   2  * $Id$
   3  *
   4  * DEBUG: section 28    Access Control
   5  * AUTHOR: Duane Wessels
   6  *
   7  * SQUID Web Proxy Cache          http://www.squid-cache.org/
   8  * ----------------------------------------------------------
   9  *
  10  *  Squid is the result of efforts by numerous individuals from
  11  *  the Internet community; see the CONTRIBUTORS file for full
  12  *  details.   Many organizations have provided support for Squid's
  13  *  development; see the SPONSORS file for full details.  Squid is
  14  *  Copyrighted (C) 2001 by the Regents of the University of
  15  *  California; see the COPYRIGHT file for full details.  Squid
  16  *  incorporates software developed and/or copyrighted by other
  17  *  sources; see the CREDITS file for full details.
  18  *
  19  *  This program is free software; you can redistribute it and/or modify
  20  *  it under the terms of the GNU General Public License as published by
  21  *  the Free Software Foundation; either version 2 of the License, or
  22  *  (at your option) any later version.
  23  *
  24  *  This program is distributed in the hope that it will be useful,
  25  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  26  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  27  *  GNU General Public License for more details.
  28  *
  29  *  You should have received a copy of the GNU General Public License
  30  *  along with this program; if not, write to the Free Software
  31  *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
  32  *
  33  *
  34  * Copyright (c) 2003, Robert Collins <robertc@squid-cache.org>
  35  */
  36
  37 #include "config.h"
  38
  39 #if USE_IDENT
  40
  41 #include "acl/FilledChecklist.h"
  42 #include "acl/RegexData.h"
  43 #include "acl/UserData.h"
  44 #include "client_side.h"
  45 #include "ident/AclIdent.h"
  46 #include "ident/Ident.h"
  47
  48 ACLIdent::~ACLIdent()
  49 {
  50     delete data;
  51 }
  52
  53 ACLIdent::ACLIdent(ACLData<char const *> *newData, char const *newType) : data (newData), type_ (newType) {}
  54
  55 ACLIdent::ACLIdent (ACLIdent const &old) : data (old.data->clone()), type_ (old.type_)
  56 {}
  57
  58 ACLIdent &
  59 ACLIdent::operator= (ACLIdent const &rhs)
  60 {
  61     data = rhs.data->clone();
  62     type_ = rhs.type_;
  63     return *this;
  64 }
  65
  66 char const *
  67 ACLIdent::typeString() const
  68 {
  69     return type_;
  70 }
  71
  72 void
  73 ACLIdent::parse()
  74 {
  75     if (!data) {
  76         debugs(28, 3, HERE << "current is null. Creating");
  77         data = new ACLUserData;
  78     }
  79
  80     data->parse();
  81 }
  82
  83 int
  84 ACLIdent::match(ACLChecklist *cl)
  85 {
  86     ACLFilledChecklist *checklist = Filled(cl);
  87     if (checklist->rfc931[0]) {
  88         return data->match(checklist->rfc931);
  89     } else if (checklist->conn() != NULL && checklist->conn()->rfc931[0]) {
  90         return data->match(checklist->conn()->rfc931);
  91     } else {
  92         debugs(28, 3, HERE << "switching to ident lookup state");
  93         checklist->changeState(IdentLookup::Instance());
  94         return 0;
  95     }
  96 }
  97
  98 wordlist *
  99 ACLIdent::dump() const
 100 {
 101     return data->dump();
 102 }
 103
 104 bool
 105 ACLIdent::empty () const
 106 {
 107     return data->empty();
 108 }
 109
 110 ACL *
 111 ACLIdent::clone() const
 112 {
 113     return new ACLIdent(*this);
 114 }
 115
 116
 117 IdentLookup IdentLookup::instance_;
 118
 119 IdentLookup *
 120 IdentLookup::Instance()
 121 {
 122     return &instance_;
 123 }
 124
 125 void
 126 IdentLookup::checkForAsync(ACLChecklist *cl)const
 127 {
 128     ACLFilledChecklist *checklist = Filled(cl);
 129     if (checklist->conn() != NULL) {
 130         debugs(28, 3, HERE << "Doing ident lookup" );
 131         checklist->asyncInProgress(true);
 132         Ident::Start(checklist->conn()->me, checklist->conn()->peer, LookupDone, checklist);
 133     } else {
 134         debugs(28, DBG_IMPORTANT, "IdentLookup::checkForAsync: Can't start ident lookup. No client connection" );
 135         checklist->currentAnswer(ACCESS_DENIED);
 136         checklist->markFinished();
 137     }
 138 }
 139
 140 void
 141 IdentLookup::LookupDone(const char *ident, void *data)
 142 {
 143     ACLFilledChecklist *checklist = Filled(static_cast<ACLChecklist*>(data));
 144     assert(checklist->asyncState() == IdentLookup::Instance());
 145
 146     if (ident) {
 147         xstrncpy(checklist->rfc931, ident, USER_IDENT_SZ);
 148     } else {
 149         xstrncpy(checklist->rfc931, dash_str, USER_IDENT_SZ);
 150     }
 151
 152     /*
 153      * Cache the ident result in the connection, to avoid redoing ident lookup
 154      * over and over on persistent connections
 155      */
 156     if (checklist->conn() != NULL && !checklist->conn()->rfc931[0])
 157         xstrncpy(checklist->conn()->rfc931, checklist->rfc931, USER_IDENT_SZ);
 158
 159     checklist->asyncInProgress(false);
 160     checklist->changeState(ACLChecklist::NullState::Instance());
 161     checklist->check();
 162 }
 163
 164 #endif /* USE_IDENT */