+/*
+ * Copyright (C) 1996-2021 The Squid Software Foundation and contributors
+ *
+ * Squid software is distributed under GPLv2+ license and includes
+ * contributions from numerous individuals and organizations.
+ * Please see the COPYING and CONTRIBUTORS files for details.
+ */
+
/*
* DEBUG: section 28 Access Control
- * AUTHOR: Duane Wessels
*
* This file contains ACL routines that are not part of the
* ACL class, nor any other class yet, and that need to be
* factored into appropriate places. They are here to reduce
* unneeded dependencies between the ACL class and the rest
* of squid.
- *
- * SQUID Web Proxy Cache http://www.squid-cache.org/
- * ----------------------------------------------------------
- *
- * Squid is the result of efforts by numerous individuals from
- * the Internet community; see the CONTRIBUTORS file for full
- * details. Many organizations have provided support for Squid's
- * development; see the SPONSORS file for full details. Squid is
- * Copyrighted (C) 2001 by the Regents of the University of
- * California; see the COPYRIGHT file for full details. Squid
- * incorporates software developed and/or copyrighted by other
- * sources; see the CREDITS file for full details.
- *
- * This program is free software; you can redistribute it and/or modify
- * it under the terms of the GNU General Public License as published by
- * the Free Software Foundation; either version 2 of the License, or
- * (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU General Public License for more details.
- *
- * You should have received a copy of the GNU General Public License
- * along with this program; if not, write to the Free Software
- * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
- *
*/
#include "squid.h"
#include "acl/Acl.h"
#include "acl/AclDenyInfoList.h"
-#include "acl/AclNameList.h"
#include "acl/Checklist.h"
#include "acl/Gadgets.h"
#include "acl/Strategised.h"
#include "errorpage.h"
#include "globals.h"
#include "HttpRequest.h"
-#include "Mem.h"
+#include "src/sbuf/Stream.h"
#include <set>
#include <algorithm>
debugs(28, 8, HERE << "got called for " << name);
for (A = *head; A; A = A->next) {
- AclNameList *L = NULL;
-
if (!redirect_allowed && strchr(A->err_page_name, ':') ) {
debugs(28, 8, HERE << "Skip '" << A->err_page_name << "' 30x redirects not allowed as response here.");
continue;
}
- for (L = A->acl_list; L; L = L->next) {
- if (!strcmp(name, L->name)) {
- debugs(28, 8, HERE << "match on " << name);
+ for (const auto &aclName: A->acl_list) {
+ if (aclName.cmp(name) == 0) {
+ debugs(28, 8, "match on " << name);
return A->err_page_id;
}
-
}
}
aclParseDenyInfoLine(AclDenyInfoList ** head)
{
char *t = NULL;
- AclDenyInfoList *A = NULL;
- AclDenyInfoList *B = NULL;
- AclDenyInfoList **T = NULL;
- AclNameList *L = NULL;
- AclNameList **Tail = NULL;
+ AclDenyInfoList *B;
+ AclDenyInfoList **T;
/* first expect a page name */
return;
}
- A = (AclDenyInfoList *)memAllocate(MEM_ACL_DENY_INFO_LIST);
- A->err_page_id = errorReservePageId(t);
- A->err_page_name = xstrdup(t);
- A->next = (AclDenyInfoList *) NULL;
- /* next expect a list of ACL names */
- Tail = &A->acl_list;
+ const auto A = new AclDenyInfoList(t, ConfigParser::CurrentLocation());
+ /* next expect a list of ACL names */
while ((t = ConfigParser::NextToken())) {
- L = (AclNameList *)memAllocate(MEM_ACL_NAME_LIST);
- xstrncpy(L->name, t, ACL_NAME_SZ-1);
- *Tail = L;
- Tail = &L->next;
+ A->acl_list.emplace_back(t);
}
- if (A->acl_list == NULL) {
+ if (A->acl_list.empty()) {
debugs(28, DBG_CRITICAL, "aclParseDenyInfoLine: " << cfg_filename << " line " << config_lineno << ": " << config_input_line);
debugs(28, DBG_CRITICAL, "aclParseDenyInfoLine: deny_info line contains no ACL's, skipping");
- memFree(A, MEM_ACL_DENY_INFO_LIST);
+ delete A;
return;
}
for (B = *head, T = head; B; T = &B->next, B = B->next)
- ; /* find the tail */
+ ; /* find the tail */
*T = A;
}
return;
}
- allow_t action = ACCESS_DUNNO;
+ auto action = Acl::Answer(ACCESS_DUNNO);
if (!strcmp(t, "allow"))
- action = ACCESS_ALLOWED;
+ action = Acl::Answer(ACCESS_ALLOWED);
else if (!strcmp(t, "deny"))
- action = ACCESS_DENIED;
+ action = Acl::Answer(ACCESS_DENIED);
else {
debugs(28, DBG_CRITICAL, "aclParseAccessLine: " << cfg_filename << " line " << config_lineno << ": " << config_input_line);
debugs(28, DBG_CRITICAL, "aclParseAccessLine: expecting 'allow' or 'deny', got '" << t << "'.");
const int ruleId = ((treep && *treep) ? (*treep)->childrenCount() : 0) + 1;
MemBuf ctxBuf;
ctxBuf.init();
- ctxBuf.Printf("%s#%d", directive, ruleId);
+ ctxBuf.appendf("%s#%d", directive, ruleId);
ctxBuf.terminate();
Acl::AndNode *rule = new Acl::AndNode;
void
aclParseAclList(ConfigParser &, Acl::Tree **treep, const char *label)
{
- // accomodate callers unable to convert their ACL list context to string
+ // accommodate callers unable to convert their ACL list context to string
if (!label)
label = "...";
MemBuf ctxLine;
ctxLine.init();
- ctxLine.Printf("(%s %s line)", cfg_directive, label);
+ ctxLine.appendf("(%s %s line)", cfg_directive, label);
ctxLine.terminate();
Acl::AndNode *rule = new Acl::AndNode;
MemBuf ctxTree;
ctxTree.init();
- ctxTree.Printf("%s %s", cfg_directive, label);
+ ctxTree.appendf("%s %s", cfg_directive, label);
ctxTree.terminate();
// We want a cbdata-protected Tree (despite giving it only one child node).
{
AclDenyInfoList *a = NULL;
AclDenyInfoList *a_next = NULL;
- AclNameList *l = NULL;
- AclNameList *l_next = NULL;
debugs(28, 8, "aclDestroyDenyInfoList: invoked");
for (a = *list; a; a = a_next) {
- for (l = a->acl_list; l; l = l_next) {
- l_next = l->next;
- safe_free(l);
- }
-
a_next = a->next;
- xfree(a->err_page_name);
- memFree(a, MEM_ACL_DENY_INFO_LIST);
+ delete a;
}
*list = NULL;
}
+