/*
- * $Id: acl.cc,v 1.24 1996/07/23 02:39:49 wessels Exp $
+ * $Id: acl.cc,v 1.25 1996/07/23 04:07:48 wessels Exp $
*
* DEBUG: section 28 Access Control
* AUTHOR: Duane Wessels
return aclMatchIp(acl->data, checklist->src_addr);
/* NOTREACHED */
case ACL_DST_IP:
- if ((hp = ipcache_gethostbyname(r->host, IP_LOOKUP_IF_MISS)) == NULL) {
- /* if lookup previously failed, s_addr == INADDR_NONE */
- if (checklist->dst_addr.s_addr != INADDR_ANY)
- return aclMatchIp(acl->data, checklist->dst_addr);
+ hp = ipcache_gethostbyname(r->host, IP_LOOKUP_IF_MISS);
+ if (hp) {
+ for (k = 0; *(hp->h_addr_list + k); k++) {
+ xmemcpy(&checklist->dst_addr.s_addr,
+ *(hp->h_addr_list + k),
+ hp->h_length);
+ if (aclMatchIp(acl->data, checklist->dst_addr))
+ return 1;
+ }
+ return 0;
+ } else if (checklist->state[ACL_DST_IP] == ACL_LOOKUP_NONE) {
debug(28, 3, "aclMatchAcl: Can't yet compare '%s' ACL for '%s'\n",
acl->name, r->host);
- checklist->need |= (1 << ACL_DST_IP);
+ checklist->state[ACL_DST_IP] = ACL_LOOKUP_NEED;
return 0;
+ } else {
+ return aclMatchIp(acl->data, no_addr);
}
- for (k = 0; *(hp->h_addr_list + k); k++) {
- xmemcpy(&checklist->dst_addr.s_addr,
- *(hp->h_addr_list + k),
- hp->h_length);
- if (aclMatchIp(acl->data, checklist->dst_addr))
- return 1;
- }
- return 0;
/* NOTREACHED */
case ACL_DST_DOMAIN:
return aclMatchDomainList(acl->data, r->host);
/* NOTREACHED */
case ACL_SRC_DOMAIN:
fqdn = fqdncache_gethostbyaddr(checklist->src_addr, FQDN_LOOKUP_IF_MISS);
- if (fqdn == NULL) {
+ if (fqdn) {
+ return aclMatchDomainList(acl->data, fqdn);
+ } else if (checklist->state[ACL_SRC_DOMAIN] == ACL_LOOKUP_NONE) {
debug(28, 3, "aclMatchAcl: Can't yet compare '%s' ACL for '%s'\n",
acl->name, inet_ntoa(checklist->src_addr));
- checklist->need |= (1 << ACL_SRC_DOMAIN);
+ checklist->state[ACL_SRC_DOMAIN] = ACL_LOOKUP_NEED;
return 0;
+ } else {
+ return aclMatchDomainList(acl->data, "NONE");
}
- return aclMatchDomainList(acl->data, fqdn);
/* NOTREACHED */
case ACL_TIME:
return aclMatchTime(acl->data, squid_curtime);
debug(33, 5, "clientLookupDstIPDone: FD %d, '%s'\n",
fd,
icpState->url);
- icpState->aclChecklist->need &= ~(1 << ACL_DST_IP);
- icpState->aclChecklist->pend &= ~(1 << ACL_DST_IP);
- if (hp == NULL) {
- debug(33, 5, "clientLookupDstIPDone: Unknown host %s\n",
- icpState->request->host);
- icpState->aclChecklist->dst_addr.s_addr = INADDR_NONE;
- } else {
+ icpState->aclChecklist->state[ACL_DST_IP] = ACL_LOOKUP_DONE;
+ if (hp) {
xmemcpy(&icpState->aclChecklist->dst_addr.s_addr,
*(hp->h_addr_list),
hp->h_length);
fd,
icpState->url,
fqdn ? fqdn : "NULL");
- icpState->aclChecklist->need &= ~(1 << ACL_SRC_DOMAIN);
- icpState->aclChecklist->pend &= ~(1 << ACL_SRC_DOMAIN);
+ icpState->aclChecklist->state[ACL_SRC_DOMAIN] = ACL_LOOKUP_DONE;
clientAccessCheck(icpState, icpState->aclHandler);
}
int answer = 1;
request_t *r = icpState->request;
aclCheck_t *ch = NULL;
+ acl_lookup_state i;
if (icpState->aclChecklist == NULL) {
icpState->aclChecklist = xcalloc(1, sizeof(aclCheck_t));
icpState->aclChecklist->src_addr = icpState->peer.sin_addr;
}
ch = icpState->aclChecklist;
icpState->aclHandler = handler;
- if (ch->pend) {
- debug(33, 1, "clientAccessCheck: ACL's still pending: %x\n",
- ch->pend);
- return;
- }
if (httpd_accel_mode && !getAccelWithProxy() && r->protocol != PROTO_CACHEOBJ) {
/* this cache is an httpd accelerator ONLY */
if (!BIT_TEST(icpState->flags, REQ_ACCEL))
answer = 0;
} else {
answer = aclCheck(HTTPAccessList, ch);
- if (ch->need) {
- if (ch->need & (1 << ACL_DST_IP)) {
- ipcache_nbgethostbyname(icpState->request->host,
- icpState->fd,
- clientLookupDstIPDone,
- icpState);
- ch->pend |= (1 << ACL_DST_IP);
- } else if (ch->need & (1 << ACL_SRC_DOMAIN)) {
- fqdncache_nbgethostbyaddr(icpState->peer.sin_addr,
- icpState->fd,
- clientLookupSrcFQDNDone,
- icpState);
- ch->pend |= (1 << ACL_SRC_DOMAIN);
- }
- return;
+ if (ch->state[ACL_DST_IP] == ACL_LOOKUP_NEED) {
+ ipcache_nbgethostbyname(icpState->request->host,
+ icpState->fd,
+ clientLookupDstIPDone,
+ icpState);
+ ch->state[ACL_DST_IP] = ACL_LOOKUP_PENDING;
+ } else if (ch->state[ACL_SRC_DOMAIN] == ACL_LOOKUP_NEED) {
+ fqdncache_nbgethostbyaddr(icpState->peer.sin_addr,
+ icpState->fd,
+ clientLookupSrcFQDNDone,
+ icpState);
+ ch->state[ACL_SRC_DOMAIN] = ACL_LOOKUP_PENDING;
}
}
+ for (i = ACL_NONE + 1; i < ACL_ENUM_MAX; i++)
+ if (ch->state[i] == ACL_LOOKUP_PENDING)
+ return;
requestUnlink(icpState->aclChecklist->request);
safe_free(icpState->aclChecklist);
icpState->aclHandler = NULL;
projects / thirdparty / squid.git / commitdiff
