InnerNode::add(rule);
}
-SBufList
-Acl::Tree::treeDump(const char *prefix, const ActionToString &convert) const
-{
- SBufList text;
- Actions::const_iterator action = actions.begin();
- typedef Nodes::const_iterator NCI;
- for (NCI node = nodes.begin(); node != nodes.end(); ++node) {
-
- text.push_back(SBuf(prefix));
-
- if (action != actions.end()) {
- const char *act = convert ? convert[action->kind] :
- (*action == ACCESS_ALLOWED ? "allow" : "deny");
- text.push_back(act?SBuf(act):SBuf("???"));
- ++action;
- }
-
-#if __cplusplus >= 201103L
- text.splice(text.end(), (*node)->dump());
-#else
- // temp is needed until c++11 move constructor
- SBufList temp = (*node)->dump();
- text.splice(text.end(), temp);
-#endif
- text.push_back(SBuf("\n"));
- }
- return text;
-}
-
bool
Acl::Tree::bannedAction(ACLChecklist *checklist, Nodes::const_iterator node) const
{
public:
/// dumps <name, action, rule, new line> tuples
- /// action.kind is mapped to a string using the supplied conversion table
- typedef const char **ActionToString;
- SBufList treeDump(const char *name, const ActionToString &convert) const;
+ /// the supplied converter maps action.kind to a string
+ template <class ActionToStringConverter>
+ SBufList treeDump(const char *name, ActionToStringConverter converter) const;
/// Returns the corresponding action after a successful tree match.
allow_t winningAction() const;
Actions actions;
};
+inline const char *
+AllowOrDeny(const allow_t &action)
+{
+ return action == ACCESS_ALLOWED ? "allow" : "deny";
+}
+
+template <class ActionToStringConverter>
+inline SBufList
+Tree::treeDump(const char *prefix, ActionToStringConverter converter) const
+{
+ SBufList text;
+ Actions::const_iterator action = actions.begin();
+ typedef Nodes::const_iterator NCI;
+ for (NCI node = nodes.begin(); node != nodes.end(); ++node) {
+
+ text.push_back(SBuf(prefix));
+
+ if (action != actions.end()) {
+ static const SBuf DefaultActString("???");
+ const char *act = converter(*action);
+ text.push_back(act ? SBuf(act) : DefaultActString);
+ ++action;
+ }
+
+#if __cplusplus >= 201103L
+ text.splice(text.end(), (*node)->dump());
+#else
+ // temp is needed until c++11 move constructor
+ SBufList temp = (*node)->dump();
+ text.splice(text.end(), temp);
+#endif
+ text.push_back(SBuf("\n"));
+ }
+ return text;
+}
+
} // namespace Acl
#endif /* SQUID_ACL_TREE_H */
dump_acl_access(StoreEntry * entry, const char *name, acl_access * head)
{
if (head)
- dump_SBufList(entry, head->treeDump(name,NULL));
+ dump_SBufList(entry, head->treeDump(name, &Acl::AllowOrDeny));
}
static void
}
#endif /* USE_AUTH */
+static void
+ParseAclWithAction(acl_access **access, const allow_t &action, const char *desc, ACL *acl = nullptr)
+{
+ assert(access);
+ SBuf name;
+ if (!*access) {
+ *access = new Acl::Tree;
+ name.Printf("(%s rules)", desc);
+ (*access)->context(name.c_str(), config_input_line);
+ }
+ Acl::AndNode *rule = new Acl::AndNode;
+ name.Printf("(%s rule)", desc);
+ rule->context(name.c_str(), config_input_line);
+ acl ? rule->add(acl) : rule->lineParse();
+ (*access)->add(rule, action);
+}
+
/* TODO: just return the object, the # is irrelevant */
static int
find_fstype(char *type)
bumpCfgStyleLast = bumpCfgStyleNow;
- Acl::AndNode *rule = new Acl::AndNode;
- rule->context("(ssl_bump rule)", config_input_line);
- rule->lineParse();
// empty rule OK
-
- assert(ssl_bump);
- if (!*ssl_bump) {
- *ssl_bump = new Acl::Tree;
- (*ssl_bump)->context("(ssl_bump rules)", config_input_line);
- }
-
- (*ssl_bump)->add(rule, action);
+ ParseAclWithAction(ssl_bump, action, "ssl_bump");
}
static void dump_sslproxy_ssl_bump(StoreEntry *entry, const char *name, acl_access *ssl_bump)
{
if (ssl_bump)
- dump_SBufList(entry, ssl_bump->treeDump(name, Ssl::BumpModeStr));
+ dump_SBufList(entry, ssl_bump->treeDump(name, [](const allow_t &action) {
+ return Ssl::BumpModeStr.at(action.kind);
+ }));
}
static void free_sslproxy_ssl_bump(acl_access **ssl_bump)
if (ftpEpsvIsDeprecatedRule) {
// overwrite previous ftp_epsv lines
delete *ftp_epsv;
+ *ftp_epsv = nullptr;
+
if (ftpEpsvDeprecatedAction == allow_t(ACCESS_DENIED)) {
- Acl::AndNode *ftpEpsvRule = new Acl::AndNode;
- ftpEpsvRule->context("(ftp_epsv rule)", config_input_line);
- ACL *a = ACL::FindByName("all");
- if (!a) {
- delete ftpEpsvRule;
+ if (ACL *a = ACL::FindByName("all"))
+ ParseAclWithAction(ftp_epsv, ftpEpsvDeprecatedAction, "ftp_epsv", a);
+ else {
self_destruct();
return;
}
- ftpEpsvRule->add(a);
- *ftp_epsv = new Acl::Tree;
- (*ftp_epsv)->context("(ftp_epsv rules)", config_input_line);
- (*ftp_epsv)->add(ftpEpsvRule, ftpEpsvDeprecatedAction);
- } else
- *ftp_epsv = NULL;
+ }
FtpEspvDeprecated = true;
} else {
aclParseAccessLine(cfg_directive, LegacyParser, ftp_epsv);
static void dump_ftp_epsv(StoreEntry *entry, const char *name, acl_access *ftp_epsv)
{
if (ftp_epsv)
- dump_SBufList(entry, ftp_epsv->treeDump(name, NULL));
+ dump_SBufList(entry, ftp_epsv->treeDump(name, Acl::AllowOrDeny));
}
static void free_ftp_epsv(acl_access **ftp_epsv)
return;
}
- Acl::AndNode *rule = new Acl::AndNode;
- rule->context("(on_unsupported_protocol rule)", config_input_line);
- rule->lineParse();
// empty rule OK
-
- assert(access);
- if (!*access) {
- *access = new Acl::Tree;
- (*access)->context("(on_unsupported_protocol rules)", config_input_line);
- }
-
- (*access)->add(rule, action);
+ ParseAclWithAction(access, action, "on_unsupported_protocol");
}
static void
dump_on_unsupported_protocol(StoreEntry *entry, const char *name, acl_access *access)
{
- const char *on_error_tunnel_mode_str[] = {
+ static const std::vector<const char *> onErrorTunnelMode = {
"none",
"tunnel",
- "respond",
- NULL
+ "respond"
};
if (access) {
- SBufList lines = access->treeDump(name, on_error_tunnel_mode_str);
+ SBufList lines = access->treeDump(name, [](const allow_t &action) {
+ return onErrorTunnelMode.at(action.kind);
+ });
dump_SBufList(entry, lines);
}
}
projects / thirdparty / squid.git / commitdiff
