])
if test $use_ident = 1; then
AC_DEFINE(USE_IDENT, 1,[Compile in support for Ident (RFC 931) lookups? Enabled by default.])
- AM_CONDITIONAL(ENABLE_IDENT, true)
else
AC_DEFINE(USE_IDENT, 0)
- AM_CONDITIONAL(ENABLE_IDENT, false)
fi
AM_CONDITIONAL(USE_DNSSERVER, false)
src/adaptation/ecap/Makefile \
src/esi/Makefile \
src/icmp/Makefile \
+ src/ident/Makefile \
src/ip/Makefile \
contrib/Makefile \
snmplib/Makefile \
#include "acl/HttpRepHeader.h"
#include "acl/HttpReqHeader.h"
#include "acl/HttpStatus.h"
-#if USE_IDENT
-#include "acl/AclIdent.h"
-#endif
#include "acl/IntRange.h"
#include "acl/Ip.h"
#include "acl/MaxConnection.h"
#include "acl/UserData.h"
#include "auth/AclProxyAuth.h"
#include "auth/AclMaxUserIp.h"
+#if USE_IDENT
+#include "ident/AclIdent.h"
+#endif
ACL::Prototype ACLBrowser::RegistryProtoype(&ACLBrowser::RegistryEntry_, "browser");
LoadableModules.h \
LoadableModules.cc
-SUBDIRS = base acl fs repl auth ip icmp
+SUBDIRS = base acl fs repl auth ip icmp ident
if USE_ADAPTATION
SUBDIRS += adaptation
AIOPS_SOURCE = DiskIO/DiskThreads/aiops.cc
endif
-IDENT_ALL_SOURCE = ident.cc ident.h
-if ENABLE_IDENT
-IDENT_SOURCE = $(IDENT_ALL_SOURCE)
-else
-IDENT_SOURCE =
-endif
-
EXTRA_LIBRARIES = libAIO.a libBlocking.a libDiskDaemon.a libDiskThreads.a
noinst_LIBRARIES = @DISK_LIBS@
noinst_LTLIBRARIES = libsquid.la
COMMON_LIBS = \
libsquid.la \
auth/libacls.la \
+ ident/libident.la \
acl/libacls.la \
acl/libstate.la \
auth/libauth.la \
htcp.h \
ipc.cc \
ipc_win32.cc \
- $(IDENT_ALL_SOURCE) \
ProfStats.cc \
LeakFinder.cc \
LeakFinder.h \
ICP.h \
icp_v2.cc \
icp_v3.cc \
- $(IDENT_SOURCE) \
int.cc \
internal.cc \
$(IPC_SOURCE) \
HttpStatusLine.cc \
icp_v2.cc \
icp_v3.cc \
- $(IDENT_SOURCE) \
$(IPC_SOURCE) \
ipcache.cc \
int.cc \
HttpStatusLine.cc \
icp_v2.cc \
icp_v3.cc \
- $(IDENT_SOURCE) \
$(IPC_SOURCE) \
ipcache.cc \
int.cc \
HttpStatusLine.cc \
icp_v2.cc \
icp_v3.cc \
- $(IDENT_SOURCE) \
$(IPC_SOURCE) \
ipcache.cc \
int.cc \
HttpStatusLine.cc \
icp_v2.cc \
icp_v3.cc \
- $(IDENT_SOURCE) \
int.cc \
internal.cc \
$(IPC_SOURCE) \
HttpStatusLine.cc \
icp_v2.cc \
icp_v3.cc \
- $(IDENT_SOURCE) \
$(IPC_SOURCE) \
ipcache.cc \
int.cc \
HttpStatusLine.cc \
icp_v2.cc \
icp_v3.cc \
- $(IDENT_SOURCE) \
$(IPC_SOURCE) \
ipcache.cc \
int.cc \
endif
EXTRA_libacls_la_SOURCES += $(ARP_ACLS)
-
-
-IDENT_ACLS = Ident.cc AclIdent.h
-
-if ENABLE_IDENT
-libacls_la_SOURCES += $(IDENT_ACLS)
-endif
-
-EXTRA_libacls_la_SOURCES += $(IDENT_ACLS)
-
-
#include "Parsing.h"
#include "MemBuf.h"
#include "wordlist.h"
+#include "ident/Config.h"
#include "ip/IpIntercept.h"
#if HAVE_GLOB_H
IFDEF: USE_IDENT
DEFAULT: none
DEFAULT_IF_NONE: deny all
-LOC: Config.accessList.identLookup
+LOC: Ident::TheConfig.identLookup
DOC_START
A list of ACL elements which, if matched, cause an ident
(RFC 931) lookup to be performed for this request. For
To enable ident lookups for specific client addresses, you
can follow this example:
- acl ident_aware_hosts src 198.168.1.0/255.255.255.0
+ acl ident_aware_hosts src 198.168.1.0/24
ident_lookup_access allow ident_aware_hosts
ident_lookup_access deny all
- Only src type ACL checks are fully supported. A src_domain
+ Only src type ACL checks are fully supported. A srcdomain
ACL might work at times, but it will not always provide
the correct result.
DOC_END
NAME: ident_timeout
TYPE: time_t
IFDEF: USE_IDENT
-LOC: Config.Timeout.ident
+LOC: Ident::TheConfig.timeout
DEFAULT: 10 seconds
DOC_START
Maximum time to wait for IDENT lookups to complete.
#include "HttpHdrContRange.h"
#include "HttpReply.h"
#include "HttpRequest.h"
-#include "ident.h"
+#include "ident/Config.h"
+#include "ident/Ident.h"
#include "ip/IpIntercept.h"
#include "MemObject.h"
#include "fde.h"
ConnStateData *conn = (ConnStateData *)data;
xstrncpy(conn->rfc931, ident ? ident : dash_str, USER_IDENT_SZ);
}
-
#endif
void
commSetTimeout(newfd, Config.Timeout.read, timeoutCall);
#if USE_IDENT
-
- if (Config.accessList.identLookup) {
- ACLFilledChecklist identChecklist(Config.accessList.identLookup, NULL, NULL);
+ if (Ident::TheConfig.identLookup) {
+ ACLFilledChecklist identChecklist(Ident::TheConfig.identLookup, NULL, NULL);
identChecklist.src_addr = details->peer;
identChecklist.my_addr = details->me;
if (identChecklist.fastCheck())
- identStart(details->me, details->peer, clientIdentDone, connState);
+ Ident::Start(details->me, details->peer, clientIdentDone, connState);
}
#endif
commSetTimeout(newfd, Config.Timeout.request, timeoutCall);
#if USE_IDENT
-
- if (Config.accessList.identLookup) {
- ACLFilledChecklist identChecklist(Config.accessList.identLookup, NULL, NULL);
+ if (Ident::TheConfig.identLookup) {
+ ACLFilledChecklist identChecklist(Ident::TheConfig.identLookup, NULL, NULL);
identChecklist.src_addr = details->peer;
identChecklist.my_addr = details->me;
if (identChecklist.fastCheck())
- identStart(details->me, details->peer, clientIdentDone, connState);
+ Ident::Start(details->me, details->peer, clientIdentDone, connState);
}
#endif
#include "acl/FilledChecklist.h"
#include "acl/Acl.h"
#if USE_IDENT
-#include "acl/AclIdent.h"
+#include "ident/AclIdent.h"
#endif
#include "client_side.h"
#include "HttpRequest.h"
+++ /dev/null
-/*
- * $Id$
- */
-#ifndef SQUID_IDENT_H
-#define SQUID_IDENT_H
-
-/*
- \defgroup IdentAPI Ident Lookup API
- \ingroup SquidComponents
- *
- */
-
-#include "config.h"
-
-#if USE_IDENT
-
-#include "cbdata.h"
-
-class IpAddress;
-
-/// \ingroup IdentAPI
-SQUIDCEXTERN void identStart(IpAddress &me, IpAddress &my_peer, IDCB * callback, void *cbdata);
-
-/// \ingroup IdentAPI
-SQUIDCEXTERN void identInit(void);
-
-#endif /* USE_IDENT */
-#endif /* SQUID_IDENT_H */
* Copyright (c) 2003, Robert Collins <robertc@squid-cache.org>
*/
-#include "squid.h"
-#include "acl/AclIdent.h"
+#include "config.h"
+
+#if USE_IDENT
+
#include "acl/FilledChecklist.h"
#include "acl/RegexData.h"
#include "acl/UserData.h"
#include "client_side.h"
-#include "ident.h"
+#include "ident/AclIdent.h"
+#include "ident/Ident.h"
ACLIdent::~ACLIdent()
{
ACLIdent::parse()
{
if (!data) {
- debugs(28, 3, "aclParseUserList: current is null. Creating");
+ debugs(28, 3, HERE << "current is null. Creating");
data = new ACLUserData;
}
} else if (checklist->conn() != NULL && checklist->conn()->rfc931[0]) {
return data->match(checklist->conn()->rfc931);
} else {
- debugs(28, 3, "ACLIdent::match() - switching to ident lookup state");
+ debugs(28, 3, HERE << "switching to ident lookup state");
checklist->changeState(IdentLookup::Instance());
return 0;
}
{
ACLFilledChecklist *checklist = Filled(cl);
if (checklist->conn() != NULL) {
- debugs(28, 3, "IdentLookup::checkForAsync: Doing ident lookup" );
+ debugs(28, 3, HERE << "Doing ident lookup" );
checklist->asyncInProgress(true);
- identStart(checklist->conn()->me, checklist->conn()->peer,
- LookupDone, checklist);
+ Ident::Start(checklist->conn()->me, checklist->conn()->peer, LookupDone, checklist);
} else {
- debugs(28, 1, "IdentLookup::checkForAsync: Can't start ident lookup. No client connection" );
+ debugs(28, DBG_IMPORTANT, "IdentLookup::checkForAsync: Can't start ident lookup. No client connection" );
checklist->currentAnswer(ACCESS_DENIED);
checklist->markFinished();
}
IdentLookup::LookupDone(const char *ident, void *data)
{
ACLFilledChecklist *checklist = Filled(static_cast<ACLChecklist*>(data));
- assert (checklist->asyncState() == IdentLookup::Instance());
+ assert(checklist->asyncState() == IdentLookup::Instance());
if (ident) {
xstrncpy(checklist->rfc931, ident, USER_IDENT_SZ);
xstrncpy(checklist->conn()->rfc931, checklist->rfc931, USER_IDENT_SZ);
checklist->asyncInProgress(false);
-
- checklist->changeState (ACLChecklist::NullState::Instance());
-
+ checklist->changeState(ACLChecklist::NullState::Instance());
checklist->check();
}
+
+#endif /* USE_IDENT */
* Copyright (c) 2003, Robert Collins <robertc@squid-cache.org>
*/
-#ifndef SQUID_ACLIDENT_H
-#define SQUID_ACLIDENT_H
+#ifndef SQUID_IDENT_ACLIDENT_H
+#define SQUID_IDENT_ACLIDENT_H
+
+#include "config.h"
+
+#if USE_IDENT
#include "acl/Checklist.h"
MEMPROXY_CLASS_INLINE(ACLIdent);
-#endif /* SQUID_ACLIDENT_H */
+#endif /* USE_IDENT */
+#endif /* SQUID_IDENT_ACLIDENT_H */
--- /dev/null
+#ifndef SQUID_IDENT_CONFIG_H
+#define SQUID_IDENT_CONFIG_H
+
+#include "config.h"
+
+#if USE_IDENT
+
+#include "acl/Acl.h"
+
+namespace Ident {
+
+class IdentConfig {
+public:
+ acl_access *identLookup;
+ time_t timeout;
+};
+
+extern IdentConfig TheConfig;
+
+}; // namespace Ident
+
+#endif /* USE_IDENT */
+#endif /* SQUID_IDENT_CONFIG_H */
*/
#include "squid.h"
-#include "ident.h"
+
+#if USE_IDENT
+
#include "comm.h"
+#include "ident/Config.h"
+#include "ident/Ident.h"
#include "MemBuf.h"
+namespace Ident {
+
#define IDENT_PORT 113
#define IDENT_KEY_SZ 50
char buf[4096];
} IdentStateData;
-static IOCB identReadReply;
-static PF identClose;
-static PF identTimeout;
-static CNCB identConnectDone;
+// TODO: make these all a series of Async jobs. They are self-contained callbacks now.
+static IOCB ReadReply;
+static PF Close;
+static PF Timeout;
+static CNCB ConnectDone;
static hash_table *ident_hash = NULL;
-static void identClientAdd(IdentStateData *, IDCB *, void *);
+static void ClientAdd(IdentStateData * state, IDCB * callback, void *callback_data);
+static void identCallback(IdentStateData * state, char *result);
+
+}; // namespace Ident
+
+Ident::IdentConfig Ident::TheConfig;
/**** PRIVATE FUNCTIONS ****/
static void
-identCallback(IdentStateData * state, char *result)
+Ident::identCallback(IdentStateData * state, char *result)
{
IdentClient *client;
}
static void
-identClose(int fdnotused, void *data)
+Ident::Close(int fdnotused, void *data)
{
IdentStateData *state = (IdentStateData *)data;
identCallback(state, NULL);
}
static void
-identTimeout(int fd, void *data)
+Ident::Timeout(int fd, void *data)
{
IdentStateData *state = (IdentStateData *)data;
debugs(30, 3, "identTimeout: FD " << fd << ", " << state->my_peer);
}
static void
-identConnectDone(int fd, comm_err_t status, int xerrno, void *data)
+Ident::ConnectDone(int fd, comm_err_t status, int xerrno, void *data)
{
IdentStateData *state = (IdentStateData *)data;
IdentClient *c;
state->my_peer.GetPort(),
state->me.GetPort());
comm_write_mbuf(fd, &mb, NULL, state);
- comm_read(fd, state->buf, BUFSIZ, identReadReply, state);
- commSetTimeout(fd, Config.Timeout.ident, identTimeout, state);
+ comm_read(fd, state->buf, BUFSIZ, Ident::ReadReply, state);
+ commSetTimeout(fd, Ident::TheConfig.timeout, Ident::Timeout, state);
}
static void
-identReadReply(int fd, char *buf, size_t len, comm_err_t flag, int xerrno, void *data)
+Ident::ReadReply(int fd, char *buf, size_t len, comm_err_t flag, int xerrno, void *data)
{
IdentStateData *state = (IdentStateData *)data;
char *ident = NULL;
if (strstr(buf, "USERID")) {
if ((ident = strrchr(buf, ':'))) {
while (xisspace(*++ident));
- identCallback(state, ident);
+ Ident::identCallback(state, ident);
}
}
comm_close(fd);
}
-
static void
-identClientAdd(IdentStateData * state, IDCB * callback, void *callback_data)
+Ident::ClientAdd(IdentStateData * state, IDCB * callback, void *callback_data)
{
IdentClient *c = (IdentClient *)xcalloc(1, sizeof(*c));
IdentClient **C;
* start a TCP connection to the peer host on port 113
*/
void
-identStart(IpAddress &me, IpAddress &my_peer, IDCB * callback, void *data)
+Ident::Start(IpAddress &me, IpAddress &my_peer, IDCB * callback, void *data)
{
IdentStateData *state;
int fd;
my_peer.ToURL(key2, IDENT_KEY_SZ);
snprintf(key, IDENT_KEY_SZ, "%s,%s", key1, key2);
+ if (!ident_hash) {
+ Init();
+ }
if ((state = (IdentStateData *)hash_lookup(ident_hash, key)) != NULL) {
- identClientAdd(state, callback, data);
+ ClientAdd(state, callback, data);
return;
}
state->fd = fd;
state->me = me;
state->my_peer = my_peer;
- identClientAdd(state, callback, data);
+ ClientAdd(state, callback, data);
hash_join(ident_hash, &state->hash);
- comm_add_close_handler(fd,
- identClose,
- state);
- commSetTimeout(fd, Config.Timeout.ident, identTimeout, state);
- commConnectStart(fd,
- state->my_peer.NtoA(ntoabuf,MAX_IPSTRLEN),
- IDENT_PORT,
- identConnectDone,
- state);
+ comm_add_close_handler(fd, Ident::Close, state);
+ commSetTimeout(fd, Ident::TheConfig.timeout, Ident::Timeout, state);
+ state->my_peer.NtoA(ntoabuf,MAX_IPSTRLEN);
+ commConnectStart(fd, ntoabuf, IDENT_PORT, Ident::ConnectDone, state);
}
void
-identInit(void)
+Ident::Init(void)
{
+ if(ident_hash) {
+ debugs(30, DBG_CRITICAL, "WARNING: Ident already initialized.");
+ return;
+ }
+
ident_hash = hash_create((HASHCMP *) strcmp,
hashPrime(Squid_MaxFD / 8),
hash4);
}
+
+#endif /* USE_IDENT */
--- /dev/null
+/*
+ * $Id$
+ */
+#ifndef SQUID_IDENT_H
+#define SQUID_IDENT_H
+
+/**
+ \defgroup IdentAPI Ident Lookup API
+ \ingroup SquidComponents
+ */
+
+#include "config.h"
+
+#if USE_IDENT
+
+#include "cbdata.h"
+
+class IpAddress;
+
+namespace Ident {
+
+/**
+ \ingroup IdentAPI
+ *
+ * Open a connection and request IDENT information from a peer machine.
+ * Callack will be called whan the lookup is completed.
+ * Self-registers with a global ident lookup manager,
+ * will call Ident::Init() itself if the manager has not been initialized already.
+ */
+void Start(IpAddress &me, IpAddress &my_peer, IDCB * callback, void *cbdata);
+
+/**
+ \ingroup IdentAPI
+ *
+ * Initialize IDENT lookup manager.
+ * Currently a hash list of open ident requests.
+ * \bug Will leak the hash list if called twice.
+ */
+void Init(void);
+
+}
+
+#endif /* USE_IDENT */
+#endif /* SQUID_IDENT_H */
--- /dev/null
+include $(top_srcdir)/src/Common.am
+include $(top_srcdir)/src/TestHeaders.am
+
+noinst_LTLIBRARIES = libident.la
+
+libident_la_SOURCES = \
+ AclIdent.h \
+ AclIdent.cc \
+ Config.h \
+ Ident.cc \
+ Ident.h
#include "ExternalACL.h"
#include "Store.h"
#include "ICP.h"
-#include "ident.h"
+#include "ident/Ident.h"
#include "HttpReply.h"
#include "pconn.h"
#include "Mem.h"
accessLogInit();
#if USE_IDENT
-
- identInit();
-
+ Ident::Init();
#endif
+
#ifdef SQUID_SNMP
snmpInit();
int icp_query_max; /* msec */
int icp_query_min; /* msec */
int mcast_icp_query; /* msec */
-#if USE_IDENT
- time_t ident;
-#endif
#if !USE_DNSSERVERS
time_t idns_retransmit;
#if HTTP_VIOLATIONS
acl_access *brokenPosts;
#endif
-#if USE_IDENT
-
- acl_access *identLookup;
-#endif
-
acl_access *redirector;
acl_access *reply;
acl_address *outgoing_address;
projects / thirdparty / squid.git / commitdiff
