src/ident/AclIdent.cc

   1 /*
   2  * $Id$
   3  *
   4  * DEBUG: section 28    Access Control
   5  * AUTHOR: Duane Wessels
   6  *
   7  * SQUID Web Proxy Cache          http://www.squid-cache.org/
   8  * ----------------------------------------------------------
   9  *
  10  *  Squid is the result of efforts by numerous individuals from
  11  *  the Internet community; see the CONTRIBUTORS file for full
  12  *  details.   Many organizations have provided support for Squid's
  13  *  development; see the SPONSORS file for full details.  Squid is
  14  *  Copyrighted (C) 2001 by the Regents of the University of
  15  *  California; see the COPYRIGHT file for full details.  Squid
  16  *  incorporates software developed and/or copyrighted by other
  17  *  sources; see the CREDITS file for full details.
  18  *
  19  *  This program is free software; you can redistribute it and/or modify
  20  *  it under the terms of the GNU General Public License as published by
  21  *  the Free Software Foundation; either version 2 of the License, or
  22  *  (at your option) any later version.
  23  *
  24  *  This program is distributed in the hope that it will be useful,
  25  *  but WITHOUT ANY WARRANTY; without even the implied warranty of
  26  *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  27  *  GNU General Public License for more details.
  28  *
  29  *  You should have received a copy of the GNU General Public License
  30  *  along with this program; if not, write to the Free Software
  31  *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
  32  *
  33  *
  34  * Copyright (c) 2003, Robert Collins <robertc@squid-cache.org>
  35  */
  36
  37 #include "squid.h"
  38
  39 #if USE_IDENT
  40
  41 #include "acl/FilledChecklist.h"
  42 #include "acl/RegexData.h"
  43 #include "acl/UserData.h"
  44 #include "client_side.h"
  45 #include "comm/Connection.h"
  46 #include "ident/AclIdent.h"
  47 #include "ident/Ident.h"
  48
  49 ACLIdent::~ACLIdent()
  50 {
  51     delete data;
  52 }
  53
  54 ACLIdent::ACLIdent(ACLData<char const *> *newData, char const *newType) : data (newData), type_ (newType) {}
  55
  56 ACLIdent::ACLIdent (ACLIdent const &old) : data (old.data->clone()), type_ (old.type_)
  57 {}
  58
  59 ACLIdent &
  60 ACLIdent::operator= (ACLIdent const &rhs)
  61 {
  62     data = rhs.data->clone();
  63     type_ = rhs.type_;
  64     return *this;
  65 }
  66
  67 char const *
  68 ACLIdent::typeString() const
  69 {
  70     return type_;
  71 }
  72
  73 void
  74 ACLIdent::parse()
  75 {
  76     if (!data) {
  77         debugs(28, 3, HERE << "current is null. Creating");
  78         data = new ACLUserData;
  79     }
  80
  81     data->parse();
  82 }
  83
  84 int
  85 ACLIdent::match(ACLChecklist *cl)
  86 {
  87     ACLFilledChecklist *checklist = Filled(cl);
  88     if (checklist->rfc931[0]) {
  89         return data->match(checklist->rfc931);
  90     } else if (checklist->conn() != NULL && checklist->conn()->rfc931[0]) {
  91         return data->match(checklist->conn()->rfc931);
  92     } else {
  93         debugs(28, 3, HERE << "switching to ident lookup state");
  94         checklist->changeState(IdentLookup::Instance());
  95         return 0;
  96     }
  97 }
  98
  99 wordlist *
 100 ACLIdent::dump() const
 101 {
 102     return data->dump();
 103 }
 104
 105 bool
 106 ACLIdent::empty () const
 107 {
 108     return data->empty();
 109 }
 110
 111 ACL *
 112 ACLIdent::clone() const
 113 {
 114     return new ACLIdent(*this);
 115 }
 116
 117
 118 IdentLookup IdentLookup::instance_;
 119
 120 IdentLookup *
 121 IdentLookup::Instance()
 122 {
 123     return &instance_;
 124 }
 125
 126 void
 127 IdentLookup::checkForAsync(ACLChecklist *cl)const
 128 {
 129     ACLFilledChecklist *checklist = Filled(cl);
 130     if (checklist->conn() != NULL) {
 131         debugs(28, 3, HERE << "Doing ident lookup" );
 132         checklist->asyncInProgress(true);
 133         // TODO: store a Comm::Connection in either checklist or ConnStateData one day.
 134         Comm::Connection cc; // IDENT will clone it's own copy for alterations.
 135         cc.local = checklist->conn()->me;
 136         cc.remote = checklist->conn()->peer;
 137         Ident::Start(&cc, LookupDone, checklist);
 138     } else {
 139         debugs(28, DBG_IMPORTANT, "IdentLookup::checkForAsync: Can't start ident lookup. No client connection" );
 140         checklist->currentAnswer(ACCESS_DENIED);
 141         checklist->markFinished();
 142     }
 143 }
 144
 145 void
 146 IdentLookup::LookupDone(const char *ident, void *data)
 147 {
 148     ACLFilledChecklist *checklist = Filled(static_cast<ACLChecklist*>(data));
 149     assert(checklist->asyncState() == IdentLookup::Instance());
 150
 151     if (ident) {
 152         xstrncpy(checklist->rfc931, ident, USER_IDENT_SZ);
 153     } else {
 154         xstrncpy(checklist->rfc931, dash_str, USER_IDENT_SZ);
 155     }
 156
 157     /*
 158      * Cache the ident result in the connection, to avoid redoing ident lookup
 159      * over and over on persistent connections
 160      */
 161     if (checklist->conn() != NULL && !checklist->conn()->rfc931[0])
 162         xstrncpy(checklist->conn()->rfc931, checklist->rfc931, USER_IDENT_SZ);
 163
 164     checklist->asyncInProgress(false);
 165     checklist->changeState(ACLChecklist::NullState::Instance());
 166     checklist->check();
 167 }
 168
 169 #endif /* USE_IDENT */