/*
- * $Id: cache_cf.cc,v 1.174 1997/02/24 20:22:08 wessels Exp $
+ * $Id: cache_cf.cc,v 1.175 1997/02/26 20:49:06 wessels Exp $
*
* DEBUG: section 3 Configuration File Parsing
* AUTHOR: Harvest Derived
static char fatal_str[BUFSIZ];
static char *safe_xstrdup _PARAMS((const char *p));
-static int ip_acl_match _PARAMS((struct in_addr, const ip_acl *));
-static void addToIPACL _PARAMS((ip_acl **, const char *, ip_access_type));
static void parseOnOff _PARAMS((int *));
static void parseIntegerValue _PARAMS((int *));
static void parseString _PARAMS((char **));
static void parseHostDomainTypeLine _PARAMS((void));
static void parseHttpPortLine _PARAMS((void));
static void parseHttpdAccelLine _PARAMS((void));
-static void parseIPLine _PARAMS((ip_acl ** list));
static void parseIcpPortLine _PARAMS((void));
-static void parseLocalDomainFile _PARAMS((const char *fname));
-static void parseLocalDomainLine _PARAMS((void));
static void parseMcastGroupLine _PARAMS((void));
static void parseMemLine _PARAMS((void));
static void parseMgrLine _PARAMS((void));
static void parseVisibleHostnameLine _PARAMS((void));
static void parseWAISRelayLine _PARAMS((void));
static void parseMinutesLine _PARAMS((int *));
-static void ip_acl_destroy _PARAMS((ip_acl **));
static void parseCachemgrPasswd _PARAMS((void));
static void parsePathname _PARAMS((char **));
static void parseProxyLine _PARAMS((peer **));
fatal(fatal_str);
}
-static int
-ip_acl_match(struct in_addr c, const ip_acl * a)
-{
- static struct in_addr h;
-
- h.s_addr = c.s_addr & a->mask.s_addr;
- if (h.s_addr == a->addr.s_addr)
- return 1;
- else
- return 0;
-}
-
-static void
-ip_acl_destroy(ip_acl ** a)
-{
- ip_acl *b;
- ip_acl *n;
- for (b = *a; b; b = n) {
- n = b->next;
- safe_free(b);
- }
- *a = NULL;
-}
-
-ip_access_type
-ip_access_check(struct in_addr address, const ip_acl * list)
-{
- static int init = 0;
- static struct in_addr localhost;
- const ip_acl *p = NULL;
- struct in_addr naddr; /* network byte-order IP addr */
-
- if (!list)
- return IP_ALLOW;
-
- if (!init) {
- memset((char *) &localhost, '\0', sizeof(struct in_addr));
- localhost.s_addr = inet_addr("127.0.0.1");
- init = 1;
- }
- naddr.s_addr = address.s_addr;
- if (naddr.s_addr == localhost.s_addr)
- return IP_ALLOW;
-
- debug(3, 5, "ip_access_check: using %s\n", inet_ntoa(naddr));
-
- for (p = list; p; p = p->next) {
- if (ip_acl_match(naddr, p))
- return p->access;
- }
- return IP_ALLOW;
-}
-
-
-static void
-addToIPACL(ip_acl ** list, const char *ip_str, ip_access_type access)
-{
- ip_acl *p, *q;
- int a1, a2, a3, a4;
- int m1, m2, m3, m4;
- struct in_addr lmask;
- int inv = 0;
- int c;
-
- if (!ip_str) {
- return;
- }
- if (!(*list)) {
- /* empty list */
- *list = xcalloc(1, sizeof(ip_acl));
- (*list)->next = NULL;
- q = *list;
- } else {
- /* find end of list */
- p = *list;
- while (p->next)
- p = p->next;
- q = xcalloc(1, sizeof(ip_acl));
- q->next = NULL;
- p->next = q;
- }
-
- /* decode ip address */
- if (*ip_str == '!') {
- ip_str++;
- inv = 1;
- }
- if (!strcasecmp(ip_str, "all")) {
- a1 = a2 = a3 = a4 = 0;
- lmask.s_addr = 0;
- } else {
- a1 = a2 = a3 = a4 = 0;
- c = sscanf(ip_str, "%d.%d.%d.%d/%d.%d.%d.%d", &a1, &a2, &a3, &a4,
- &m1, &m2, &m3, &m4);
-
- switch (c) {
- case 4:
- if (a1 == 0 && a2 == 0 && a3 == 0 && a4 == 0) /* world */
- lmask.s_addr = 0x00000000ul;
- else if (a2 == 0 && a3 == 0 && a4 == 0) /* class A */
- lmask.s_addr = htonl(0xff000000ul);
- else if (a3 == 0 && a4 == 0) /* class B */
- lmask.s_addr = htonl(0xffff0000ul);
- else if (a4 == 0) /* class C */
- lmask.s_addr = htonl(0xffffff00ul);
- else
- lmask.s_addr = 0xfffffffful;
- break;
-
- case 5:
- if (m1 < 0 || m1 > 32) {
- debug(3, 0, "addToIPACL: Ignoring invalid IP acl line '%s'\n",
- ip_str);
- return;
- }
- lmask.s_addr = m1 ? htonl(0xfffffffful << (32 - m1)) : 0;
- break;
-
- case 8:
- lmask.s_addr = htonl(m1 * 0x1000000 + m2 * 0x10000 + m3 * 0x100 + m4);
- break;
-
- default:
- debug(3, 0, "addToIPACL: Ignoring invalid IP acl line '%s'\n",
- ip_str);
- return;
- }
- }
-
- q->access = inv ? (access == IP_ALLOW ? IP_DENY : IP_ALLOW) : access;
- q->addr.s_addr = htonl(a1 * 0x1000000 + a2 * 0x10000 + a3 * 0x100 + a4);
- q->mask.s_addr = lmask.s_addr;
-}
-
void
wordlistDestroy(wordlist ** list)
{
Config.Wais.relayPort = (u_short) i;
}
-static void
-parseIPLine(ip_acl ** list)
-{
- char *token;
- while ((token = strtok(NULL, w_space))) {
- addToIPACL(list, token, IP_DENY);
- }
-}
-
static void
parseWordlist(wordlist ** list)
{
self_destruct();
}
-static void
-parseLocalDomainFile(const char *fname)
-{
- LOCAL_ARRAY(char, tmp_line, BUFSIZ);
- FILE *fp = NULL;
- char *t = NULL;
- if ((fp = fopen(fname, "r")) == NULL) {
- debug(50, 1, "parseLocalDomainFile: %s: %s\n", fname, xstrerror());
- return;
- }
- memset(tmp_line, '\0', BUFSIZ);
- while (fgets(tmp_line, BUFSIZ, fp)) {
- if (tmp_line[0] == '#')
- continue;
- if (tmp_line[0] == '\0')
- continue;
- if (tmp_line[0] == '\n')
- continue;
- for (t = strtok(tmp_line, w_space); t; t = strtok(NULL, w_space)) {
- debug(3, 1, "parseLocalDomainFileLine: adding %s\n", t);
- wordlistAdd(&Config.local_domain_list, t);
- }
- }
- fclose(fp);
-}
-
-static void
-parseLocalDomainLine(void)
-{
- char *token = NULL;
- struct stat sb;
- while ((token = strtok(NULL, w_space))) {
- if (stat(token, &sb) < 0) {
- wordlistAdd(&Config.local_domain_list, token);
- } else {
- parseLocalDomainFile(token);
- }
- }
-}
-
static void
parseMcastGroupLine(void)
{
configFreeMemory();
configSetFactoryDefaults();
aclDestroyAcls();
- aclDestroyDenyInfoList(&DenyInfoList);
- aclDestroyAccessList(&HTTPAccessList);
- aclDestroyAccessList(&MISSAccessList);
- aclDestroyAccessList(&ICPAccessList);
-#if DELAY_HACK
- aclDestroyAccessList(&DelayAccessList);
-#endif
+ aclDestroyDenyInfoList(&Config.denyInfoList);
+ aclDestroyAccessList(&Config.accessList.HTTP);
+ aclDestroyAccessList(&Config.accessList.ICP);
+ aclDestroyAccessList(&Config.accessList.MISS);
+ aclDestroyAccessList(&Config.accessList.NeverDirect);
+ aclDestroyAccessList(&Config.accessList.AlwaysDirect);
aclDestroyRegexList(Config.cache_stop_relist);
Config.cache_stop_relist = NULL;
aclParseAclLine();
else if (!strcmp(token, "deny_info"))
- aclParseDenyInfoLine(&DenyInfoList);
+ aclParseDenyInfoLine(&Config.denyInfoList);
else if (!strcmp(token, "http_access"))
- aclParseAccessLine(&HTTPAccessList);
-
- else if (!strcmp(token, "miss_access"))
- aclParseAccessLine(&MISSAccessList);
-
+ aclParseAccessLine(&Config.accessList.HTTP);
else if (!strcmp(token, "icp_access"))
- aclParseAccessLine(&ICPAccessList);
+ aclParseAccessLine(&Config.accessList.ICP);
+ else if (!strcmp(token, "miss_access"))
+ aclParseAccessLine(&Config.accessList.MISS);
+ else if (!strcmp(token, "never_direct"))
+ aclParseAccessLine(&Config.accessList.NeverDirect);
+ else if (!strcmp(token, "always_direct"))
+ aclParseAccessLine(&Config.accessList.AlwaysDirect);
else if (!strcmp(token, "hierarchy_stoplist"))
parseWordlist(&Config.hierarchy_stoplist);
else if (!strcmp(token, "cache_stoplist_pattern/i"))
aclParseRegexList(&Config.cache_stop_relist, 1);
-#if DELAY_HACK
- else if (!strcmp(token, "delay_access"))
- aclParseAccessLine(&DelayAccessList);
-#endif
-
else if (!strcmp(token, "refresh_pattern"))
parseRefreshPattern(0);
else if (!strcmp(token, "refresh_pattern/i"))
#if LOG_FULL_HEADERS
else if (!strcmp(token, "log_mime_hdrs"))
parseOnOff(&Config.logMimeHdrs);
-
#endif /* LOG_FULL_HEADERS */
+
else if (!strcmp(token, "ident_lookup"))
parseOnOff(&Config.identLookup);
else if (!strcmp(token, "wais_relay"))
parseWAISRelayLine();
- else if (!strcmp(token, "local_ip"))
- parseIPLine(&Config.local_ip_list);
-
- else if (!strcmp(token, "firewall_ip"))
- parseIPLine(&Config.firewall_ip_list);
-
- else if (!strcmp(token, "local_domain"))
- parseLocalDomainLine();
-
else if (!strcmp(token, "mcast_groups"))
parseMcastGroupLine();
else if (!strcmp(token, "icp_port") || !strcmp(token, "udp_port"))
parseIcpPortLine();
- else if (!strcmp(token, "inside_firewall"))
- parseWordlist(&Config.inside_firewall_list);
-
else if (!strcmp(token, "dns_testnames"))
parseWordlist(&Config.dns_testname_list);
peerDestroy(Config.passProxy);
wordlistDestroy(&Config.cache_dirs);
wordlistDestroy(&Config.hierarchy_stoplist);
- wordlistDestroy(&Config.local_domain_list);
wordlistDestroy(&Config.mcast_group_list);
- wordlistDestroy(&Config.inside_firewall_list);
wordlistDestroy(&Config.dns_testname_list);
wordlistDestroy(&Config.cache_stoplist);
- ip_acl_destroy(&Config.local_ip_list);
- ip_acl_destroy(&Config.firewall_ip_list);
objcachePasswdDestroy(&Config.passwd_list);
refreshFreeMemory();
}
/*
- * $Id: peer_select.cc,v 1.2 1997/02/26 19:46:19 wessels Exp $
+ * $Id: peer_select.cc,v 1.3 1997/02/26 20:49:12 wessels Exp $
*
* DEBUG: section 44 Peer Selection Algorithm
* AUTHOR: Duane Wessels
#include "squid.h"
-#define OUTSIDE_FIREWALL 0
-#define INSIDE_FIREWALL 1
-#define NO_FIREWALL 2
-
-/* for debugging */
-static char *firewall_desc_str[] =
-{
- "OUTSIDE_FIREWALL",
- "INSIDE_FIREWALL",
- "NO_FIREWALL"
-};
-
-int
-matchIpList(const ipcache_addrs * ia, ip_acl * ip_list)
-{
- int i;
- if (ip_list == NULL)
- return 0;
- for (i = 0; i < ia->count; i++) {
- if (ip_access_check(ia->in_addrs[i], ip_list) == IP_DENY)
- return 1;
- }
- return 0;
-}
-
-static int
-matchLocalDomain(const char *host)
-{
- const wordlist *s = NULL;
- for (s = Config.local_domain_list; s; s = s->next) {
- if (matchDomainName(s->key, host))
- return 1;
- }
- return 0;
-}
+static struct {
+ int timeouts;
+} PeerStats;
int
peerSelectDirect(request_t * request)
{
+ int answer;
+ aclCheck_t ch;
const ipcache_addrs *ia = ipcache_gethostbyname(request->host, 0);
- if (ia && matchIpList(ia, Config.firewall_ip_list))
- return DIRECT_MAYBE; /* or DIRECT_YES */
- if (!matchInsideFirewall(request->host))
+ memset(&ch, '\0', sizeof(aclCheck_t));
+ ch.request = requestLink(request);
+ ch.dst_addr = ia->in_addrs[ia->cur];
+ ch.src_addr = request->client_addr;
+ answer = aclCheck(Config.accessList.NeverDirect, &ch);
+ requestUnlink(ch.request);
+ if (answer)
return DIRECT_NO;
- if (ia && matchIpList(ia, Config.local_ip_list))
- return DIRECT_YES;
- if (matchLocalDomain(request->host))
+ answer = aclCheck(Config.accessList.AlwaysDirect, &ch);
+ if (answer)
return DIRECT_YES;
if (ia == NULL)
return DIRECT_NO;
entry->ping_status = PING_WAITING;
commSetSelect(fd,
COMM_SELECT_TIMEOUT,
- (PF) getFromDefaultSource,
+ peerPingTimeout,
(void *) entry,
Config.neighborTimeout);
return;
}
}
-/*
- * return 0 if the host is outside the firewall (no domains matched), and
- * return 1 if the host is inside the firewall or no domains at all.
- */
-int
-matchInsideFirewall(const char *host)
+void
+peerPingTimeout(int fd, void *data)
{
- const wordlist *s = Config.inside_firewall_list;
- const char *key = NULL;
- int result = NO_FIREWALL;
- struct in_addr addr;
- if (!s && !Config.firewall_ip_list)
- /* no firewall goop, all hosts are "inside" the firewall */
- return NO_FIREWALL;
- for (; s; s = s->next) {
- key = s->key;
- if (!strcasecmp(key, "none"))
- /* no domains are inside the firewall, all domains are outside */
- return OUTSIDE_FIREWALL;
- if (*key == '!') {
- key++;
- result = OUTSIDE_FIREWALL;
- } else {
- result = INSIDE_FIREWALL;
- }
- if (matchDomainName(key, host))
- return result;
- }
- /* Check for dotted-quads */
- if (Config.firewall_ip_list) {
- if ((addr.s_addr = inet_addr(host)) != inaddr_none) {
- if (ip_access_check(addr, Config.firewall_ip_list) == IP_DENY)
- return INSIDE_FIREWALL;
- }
- }
- /* all through the list and no domains matched, this host must
- * not be inside the firewall, it must be outside */
- return OUTSIDE_FIREWALL;
+ StoreEntry *entry = data;
+ debug(44,3,"peerPingTimeout: '%s'\n", entry->url);
+ PeerStats.timeouts++;
+ peerSelect(fd, entry->mem_obj->request, entry);
+}
+
+void
+peerSelectInit(void)
+{
+ memset(&PeerStats, '\0', sizeof(PeerStats));
}
projects / thirdparty / squid.git / commitdiff
