#include "squid.h"
#include "DelayId.h"
#include "client_side_request.h"
-#include "ACLChecklist.h"
+#include "acl/FilledChecklist.h"
#include "DelayPools.h"
#include "DelayPool.h"
#include "HttpRequest.h"
continue;
}
- ACLChecklist ch;
+ ACLFilledChecklist ch(DelayPools::delay_data[pool].access, r, NULL);
#if FOLLOW_X_FORWARDED_FOR
if (Config.onoff.delay_pool_uses_indirect_client)
ch.src_addr = r->indirect_client_addr;
if (http->getConn() != NULL)
ch.conn(http->getConn());
- ch.request = HTTPMSGLOCK(r);
-
- ch.accessList = cbdataReference(DelayPools::delay_data[pool].access);
-
- /* cbdataReferenceDone() happens in either fastCheck() or ~ACLCheckList */
-
if (DelayPools::delay_data[pool].theComposite().getRaw() && ch.fastCheck()) {
DelayId result (pool + 1);
#include "squid.h"
#include "HttpHeader.h"
#include "HttpHdrContRange.h"
-#include "ACLChecklist.h"
+#include "acl/FilledChecklist.h"
#include "MemBuf.h"
static void httpHeaderPutStrvf(HttpHeader * hdr, http_hdr_type id, const char *fmt, va_list vargs);
/* check with anonymizer tables */
header_mangler *hm;
- ACLChecklist *checklist;
assert(e);
if (ROR_REQUEST == req_or_rep) {
return 1;
}
- checklist = aclChecklistCreate(hm->access_list, request, NULL);
+ ACLFilledChecklist checklist(hm->access_list, request, NULL);
- if (checklist->fastCheck()) {
+ if (checklist.fastCheck()) {
/* aclCheckFast returns true for allow. */
retval = 1;
} else if (NULL == hm->replacement) {
retval = 1;
}
- delete checklist;
return retval;
}
#include "HttpReply.h"
#include "HttpHdrContRange.h"
#include "HttpHdrSc.h"
-#include "ACLChecklist.h"
+#include "acl/FilledChecklist.h"
#include "HttpRequest.h"
#include "MemBuf.h"
return;
bodySizeMax = -1;
- ACLChecklist ch;
+ ACLFilledChecklist ch(NULL, &request, NULL);
ch.src_addr = request.client_addr;
ch.my_addr = request.my_addr;
ch.reply = HTTPMSGLOCK(this); // XXX: this lock makes method non-const
- ch.request = HTTPMSGLOCK(&request);
for (acl_size_t *l = Config.ReplyBodySize; l; l = l -> next) {
/* if there is no ACL list or if the ACLs listed match use this size value */
if (!l->aclList || ch.matchAclListFast(l->aclList)) {
#endif
#endif
-#include "ACLARP.h"
+#include "acl/Arp.h"
+#include "acl/FilledChecklist.h"
#include "wordlist.h"
#if !USE_ARP_ACL
}
int
-ACLARP::match(ACLChecklist *checklist)
+ACLARP::match(ACLChecklist *cl)
{
+ ACLFilledChecklist *checklist = Filled(cl);
+
/* IPv6 does not do ARP */
if (!checklist->src_addr.IsIPv4()) {
debugs(14, 3, "ACLARP::match: IPv4 Required for ARP Lookups. Skipping " << checklist->src_addr );
*/
#include "squid.h"
-#include "ACLDestinationDomain.h"
-#include "ACLChecklist.h"
-#include "ACLRegexData.h"
-#include "ACLDomainData.h"
+#include "acl/DestinationDomain.h"
+#include "acl/Checklist.h"
+#include "acl/RegexData.h"
+#include "acl/DomainData.h"
#include "HttpRequest.h"
DestinationDomainLookup DestinationDomainLookup::instance_;
}
void
-DestinationDomainLookup::checkForAsync(ACLChecklist *checklist) const
+DestinationDomainLookup::checkForAsync(ACLChecklist *cl) const
{
+ ACLFilledChecklist *checklist = Filled(cl);
checklist->asyncInProgress(true);
fqdncache_nbgethostbyaddr(checklist->dst_addr, LookupDone, checklist);
}
checklist->asyncInProgress(false);
checklist->changeState (ACLChecklist::NullState::Instance());
- checklist->markDestinationDomainChecked();
+ Filled(checklist)->markDestinationDomainChecked();
checklist->check();
}
ACLStrategised<char const *> ACLDestinationDomain::RegexRegistryEntry_(new ACLRegexData,ACLDestinationDomainStrategy::Instance() ,"dstdom_regex");
int
-ACLDestinationDomainStrategy::match (ACLData<MatchType> * &data, ACLChecklist *checklist)
+ACLDestinationDomainStrategy::match (ACLData<MatchType> * &data, ACLFilledChecklist *checklist)
{
assert(checklist != NULL && checklist->request != NULL);
*/
#include "squid.h"
-#include "ACLDestinationIP.h"
-#include "ACLChecklist.h"
+#include "acl/DestinationIp.h"
+#include "acl/FilledChecklist.h"
#include "HttpRequest.h"
char const *
}
int
-ACLDestinationIP::match(ACLChecklist *checklist)
+ACLDestinationIP::match(ACLChecklist *cl)
{
+ ACLFilledChecklist *checklist = Filled(cl);
const ipcache_addrs *ia = ipcache_gethostbyname(checklist->request->GetHost(), IP_LOOKUP_IF_MISS);
if (ia) {
}
void
-DestinationIPLookup::checkForAsync(ACLChecklist *checklist)const
+DestinationIPLookup::checkForAsync(ACLChecklist *cl)const
{
+ ACLFilledChecklist *checklist = Filled(cl);
checklist->asyncInProgress(true);
ipcache_nbgethostbyname(checklist->request->GetHost(), LookupDone, checklist);
}
{
ACLChecklist *checklist = (ACLChecklist *)data;
assert (checklist->asyncState() == DestinationIPLookup::Instance());
- checklist->request->flags.destinationIPLookupCompleted();
+ Filled(checklist)->request->flags.destinationIPLookupCompleted();
checklist->asyncInProgress(false);
checklist->changeState (ACLChecklist::NullState::Instance());
checklist->check();
#endif
#include "squid.h"
-#include "ACLHTTPStatus.h"
+#include "acl/HttpStatus.h"
+#include "acl/FilledChecklist.h"
#include "HttpReply.h"
#include "wordlist.h"
int
ACLHTTPStatus::match(ACLChecklist *checklist)
{
- return aclMatchHTTPStatus(&data, checklist->reply->sline.status);
+ return aclMatchHTTPStatus(&data, Filled(checklist)->reply->sline.status);
}
int
*/
#include "squid.h"
-#include "ACLMaxConnection.h"
+#include "acl/FilledChecklist.h"
+#include "acl/MaxConnection.h"
#include "wordlist.h"
ACL::Prototype ACLMaxConnection::RegistryProtoype(&ACLMaxConnection::RegistryEntry_, "maxconn");
int
ACLMaxConnection::match(ACLChecklist *checklist)
{
- return (clientdbEstablished(checklist->src_addr, 0) > limit ? 1 : 0);
+ return clientdbEstablished(Filled(checklist)->src_addr, 0) > limit ? 1 : 0;
}
wordlist *
*/
#include "squid.h"
-#include "ACLMyIP.h"
-#include "ACLChecklist.h"
+#include "acl/MyIp.h"
+#include "acl/FilledChecklist.h"
char const *
ACLMyIP::typeString() const
int
ACLMyIP::match(ACLChecklist *checklist)
{
- return ACLIP::match (checklist->my_addr);
+ return ACLIP::match (Filled(checklist)->my_addr);
}
ACL::Prototype ACLMyIP::RegistryProtoype(&ACLMyIP::RegistryEntry(), "myip");
*/
#include "squid.h"
-#include "ACLSourceDomain.h"
-#include "ACLChecklist.h"
-#include "ACLRegexData.h"
-#include "ACLDomainData.h"
+#include "acl/SourceDomain.h"
+#include "acl/Checklist.h"
+#include "acl/RegexData.h"
+#include "acl/DomainData.h"
SourceDomainLookup SourceDomainLookup::instance_;
SourceDomainLookup::checkForAsync(ACLChecklist *checklist) const
{
checklist->asyncInProgress(true);
- fqdncache_nbgethostbyaddr(checklist->src_addr, LookupDone, checklist);
+ fqdncache_nbgethostbyaddr(Filled(checklist)->src_addr, LookupDone, checklist);
}
void
checklist->asyncInProgress(false);
checklist->changeState (ACLChecklist::NullState::Instance());
- checklist->markSourceDomainChecked();
+ Filled(checklist)->markSourceDomainChecked();
checklist->check();
}
ACLStrategised<char const *> ACLSourceDomain::RegexRegistryEntry_(new ACLRegexData,ACLSourceDomainStrategy::Instance() ,"srcdom_regex");
int
-ACLSourceDomainStrategy::match (ACLData<MatchType> * &data, ACLChecklist *checklist)
+ACLSourceDomainStrategy::match (ACLData<MatchType> * &data, ACLFilledChecklist *checklist)
{
const char *fqdn = NULL;
fqdn = fqdncache_gethostbyaddr(checklist->src_addr, FQDN_LOOKUP_IF_MISS);
*/
#include "squid.h"
-#include "ACLSourceIP.h"
-#include "ACLChecklist.h"
+#include "acl/SourceIp.h"
+#include "acl/FilledChecklist.h"
char const *
ACLSourceIP::typeString() const
int
ACLSourceIP::match(ACLChecklist *checklist)
{
- return ACLIP::match(checklist->src_addr);
+ return ACLIP::match(Filled(checklist)->src_addr);
}
ACL::Prototype ACLSourceIP::RegistryProtoype(&ACLSourceIP::RegistryEntry_, "src");
*/
#include "squid.h"
-#include "ACLStrategised.h"
-#include "authenticate.h"
-#include "ACLChecklist.h"
-#include "ACLRegexData.h"
-#include "ACLDomainData.h"
+#include "acl/Strategised.h"
/*
* moved template instantiation into ACLStrategized.cc
/* explicit template instantiation required for some systems */
-/* ACLHTTPRepHeader + ACLHTTPReqHeader */
+/* XXX: move to ACLHTTPRepHeader or ACLHTTPReqHeader */
template class ACLStrategised<HttpHeader*>;
/* ACLMyPortName + ACLMyPeerName + ACLBrowser */
#ifndef SQUID_ACLSTRATEGISED_H
#define SQUID_ACLSTRATEGISED_H
-#include "ACL.h"
-#include "ACLData.h"
-#include "ACLStrategy.h"
+#include "acl/Acl.h"
+#include "acl/Data.h"
+#include "acl/Strategy.h"
+#include "acl/FilledChecklist.h"
template <class M>
template <class MatchType>
int
-ACLStrategised<MatchType>::match(ACLChecklist *checklist)
+ACLStrategised<MatchType>::match(ACLChecklist *cl)
{
+ ACLFilledChecklist *checklist = dynamic_cast<ACLFilledChecklist*>(cl);
+ assert(checklist);
return matcher->match(data, checklist);
}
#ifndef SQUID_ACLSTRATEGY_H
#define SQUID_ACLSTRATEGY_H
-#include "ACL.h"
-#include "ACLData.h"
-/* Perhaps this should live in ACL? */
+#include "acl/Data.h"
+
+class ACLFilledChecklist;
template<class M>
public:
typedef M MatchType;
- virtual int match (ACLData<M> * &, ACLChecklist *) = 0;
+ virtual int match (ACLData<M> * &, ACLFilledChecklist *) = 0;
virtual bool requiresRequest() const {return false;}
virtual bool requiresReply() const {return false;}
#ifndef SQUID_ACLTIME_H
#define SQUID_ACLTIME_H
-#include "ACL.h"
-#include "ACLData.h"
-#include "ACLChecklist.h"
-#include "ACLStrategised.h"
+#include "acl/Acl.h"
+#include "acl/Data.h"
+#include "acl/Strategised.h"
+
+class ACLChecklist; // XXX: we do not need it
class ACLTimeStrategy : public ACLStrategy<time_t>
{
public:
- virtual int match (ACLData<MatchType> * &, ACLChecklist *);
+ virtual int match (ACLData<MatchType> * &, ACLFilledChecklist *);
static ACLTimeStrategy *Instance();
/* Not implemented to prevent copies of the instance. */
/* Not private to prevent brain dead g+++ warnings about
*/
#include "squid.h"
-#include "ACLMaxUserIP.h"
+#include "acl/FilledChecklist.h"
+#include "auth/Acl.h"
+#include "auth/AclMaxUserIp.h"
#include "auth/UserRequest.h"
-#include "authenticate.h"
#include "wordlist.h"
#include "ConfigParser.h"
}
int
-ACLMaxUserIP::match(ACLChecklist *checklist)
+ACLMaxUserIP::match(ACLChecklist *cl)
{
+ ACLFilledChecklist *checklist = Filled(cl);
int ti;
- if ((ti = checklist->authenticated()) != 1)
+ if ((ti = AuthenticateAcl(checklist)) != 1)
return ti;
ti = match(checklist->auth_user_request, checklist->src_addr);
#ifndef SQUID_ACLMAXUSERIP_H
#define SQUID_ACLMAXUSERIP_H
-#include "ACL.h"
-#include "ACLChecklist.h"
+#include "acl/Acl.h"
+#include "acl/Checklist.h"
+
+class AuthUserRequest;
/// \ingroup ACLAPI
class ACLMaxUserIP : public ACL
*/
#include "squid.h"
-#include "ACLProxyAuth.h"
-#include "authenticate.h"
-#include "ACLChecklist.h"
-#include "ACLUserData.h"
-#include "ACLRegexData.h"
+#include "auth/AclProxyAuth.h"
+#include "auth/Gadgets.h"
+#include "acl/FilledChecklist.h"
+#include "acl/UserData.h"
+#include "acl/RegexData.h"
#include "client_side.h"
#include "HttpRequest.h"
+#include "auth/Acl.h"
#include "auth/User.h"
#include "auth/UserRequest.h"
{
int ti;
- if ((ti = checklist->authenticated()) != 1)
+ if ((ti = AuthenticateAcl(checklist)) != 1)
return ti;
ti = matchProxyAuth(checklist);
}
void
-ProxyAuthLookup::checkForAsync(ACLChecklist *checklist)const
+ProxyAuthLookup::checkForAsync(ACLChecklist *cl)const
{
+ ACLFilledChecklist *checklist = Filled(cl);
+
checklist->asyncInProgress(true);
debugs(28, 3, "ACLChecklist::checkForAsync: checking password via authenticator");
void
ProxyAuthLookup::LookupDone(void *data, char *result)
{
- ACLChecklist *checklist = (ACLChecklist *)data;
+ ACLFilledChecklist *checklist = Filled(static_cast<ACLChecklist*>(data));
+
assert (checklist->asyncState() == ProxyAuthLookup::Instance());
if (result != NULL)
}
int
-ACLProxyAuth::matchForCache(ACLChecklist *checklist)
+ACLProxyAuth::matchForCache(ACLChecklist *cl)
{
+ ACLFilledChecklist *checklist = Filled(cl);
assert (checklist->auth_user_request);
return data->match(checklist->auth_user_request->username());
}
* 1 : Authorisation OK. (Matched)
*/
int
-ACLProxyAuth::matchProxyAuth(ACLChecklist *checklist)
+ACLProxyAuth::matchProxyAuth(ACLChecklist *cl)
{
+ ACLFilledChecklist *checklist = Filled(cl);
checkAuthForCaching(checklist);
/* check to see if we have matched the user-acl before */
int result = cacheMatchAcl(&checklist->auth_user_request->user()->
{
/* for completeness */
/* consistent parameters ? */
- assert(authenticateUserAuthenticated(checklist->auth_user_request));
+ assert(authenticateUserAuthenticated(Filled(checklist)->auth_user_request));
/* this check completed */
}
#include "MemObject.h"
#include "fde.h"
#include "client_side_request.h"
-#include "ACLChecklist.h"
+#include "acl/FilledChecklist.h"
#include "ConnectionDetail.h"
#include "client_side_reply.h"
#include "ClientRequestContext.h"
#endif
- ACLChecklist *checklist = clientAclChecklistCreate(Config.accessList.log, this);
+ ACLFilledChecklist *checklist = clientAclChecklistCreate(Config.accessList.log, this);
if (al.reply)
checklist->reply = HTTPMSGLOCK(al.reply);
#if USE_IDENT
if (Config.accessList.identLookup) {
- ACLChecklist identChecklist;
+ ACLFilledChecklist identChecklist(Config.accessList.identLookup, NULL, NULL);
identChecklist.src_addr = details->peer;
identChecklist.my_addr = details->me;
- identChecklist.accessList = cbdataReference(Config.accessList.identLookup);
-
- /* cbdataReferenceDone() happens in either fastCheck() or ~ACLCheckList */
if (identChecklist.fastCheck())
identStart(details->me, details->peer, clientIdentDone, connState);
}
#if USE_IDENT
if (Config.accessList.identLookup) {
- ACLChecklist identChecklist;
+ ACLFilledChecklist identChecklist(Config.accessList.identLookup, NULL, NULL);
identChecklist.src_addr = details->peer;
identChecklist.my_addr = details->me;
- identChecklist.accessList = cbdataReference(Config.accessList.identLookup);
-
- /* cbdataReferenceDone() happens in either fastCheck() or ~ACLCheckList */
if (identChecklist.fastCheck())
identStart(details->me, details->peer, clientIdentDone, connState);
}
}
}
-ACLChecklist *
+ACLFilledChecklist *
clientAclChecklistCreate(const acl_access * acl, ClientHttpRequest * http)
{
- ACLChecklist *ch;
ConnStateData * conn = http->getConn();
- ch = aclChecklistCreate(acl, http->request, cbdataReferenceValid(conn) && conn != NULL ? conn->rfc931 : dash_str);
+ ACLFilledChecklist *ch = new ACLFilledChecklist(acl, http->request,
+ cbdataReferenceValid(conn) && conn != NULL ? conn->rfc931 : dash_str);
/*
* hack for ident ACL. It needs to get full addresses, and a place to store
*/
if (conn != NULL)
- ch->conn(conn); /* unreferenced in acl.cc */
+ ch->conn(conn); /* unreferenced in FilledCheckList.cc */
return ch;
}
#include "auth/UserRequest.h"
#include "HttpRequest.h"
#include "ProtoPort.h"
-#include "ACLChecklist.h"
-#include "ACL.h"
+#include "acl/FilledChecklist.h"
+#include "acl/Gadgets.h"
#include "client_side.h"
#include "client_side_reply.h"
#include "Store.h"
debugs(85, 5, HERE << "SslBump possible, checking ACL");
- ACLChecklist check;
+ ACLFilledChecklist check(Config.accessList.ssl_bump, request, NULL);
check.src_addr = request->client_addr;
check.my_addr = request->my_addr;
- check.request = HTTPMSGLOCK(request);
- check.accessList = cbdataReference(Config.accessList.ssl_bump);
- /* cbdataReferenceDone() happens in either fastCheck() or ~ACLCheckList */
return check.fastCheck() == 1;
}
if (!calloutContext->clientside_tos_done) {
calloutContext->clientside_tos_done = true;
if (getConn() != NULL) {
- ACLChecklist ch;
+ ACLFilledChecklist ch(NULL, request, NULL);
ch.src_addr = request->client_addr;
ch.my_addr = request->my_addr;
- ch.request = HTTPMSGLOCK(request);
int tos = aclMapTOS(Config.accessList.clientside_tos, &ch);
if (tos)
comm_set_tos(getConn()->fd, tos);
/* client http based routines */
SQUIDCEXTERN char *clientConstructTraceEcho(ClientHttpRequest *);
-SQUIDCEXTERN ACLChecklist *clientAclChecklistCreate(const acl_access * acl,ClientHttpRequest * http);
+
+class ACLFilledChecklist;
+SQUIDCEXTERN ACLFilledChecklist *clientAclChecklistCreate(const acl_access * acl,ClientHttpRequest * http);
SQUIDCEXTERN int clientHttpRequestStatus(int fd, ClientHttpRequest const *http);
SQUIDCEXTERN void clientAccessCheck(ClientHttpRequest *);
#include "SquidTime.h"
#include "Store.h"
#include "fde.h"
-#include "ACLChecklist.h"
-#include "ACL.h"
+#include "acl/FilledChecklist.h"
+#include "acl/Acl.h"
#if USE_IDENT
-#include "ACLIdent.h"
+#include "acl/Ident.h"
#endif
#include "client_side.h"
#include "HttpRequest.h"
#include "HttpReply.h"
-#include "authenticate.h"
+#include "auth/Acl.h"
+#include "auth/Gadgets.h"
#include "helper.h"
#include "MemBuf.h"
#include "URLScheme.h"
typedef struct _external_acl_format external_acl_format;
-static char *makeExternalAclKey(ACLChecklist * ch, external_acl_data * acl_data);
+static char *makeExternalAclKey(ACLFilledChecklist * ch, external_acl_data * acl_data);
static void external_acl_cache_delete(external_acl * def, external_acl_entry * entry);
static int external_acl_entry_expired(external_acl * def, external_acl_entry * entry);
static int external_acl_grace_expired(external_acl * def, external_acl_entry * entry);
}
static int
-aclMatchExternal(external_acl_data *acl, ACLChecklist * ch);
-static int
-aclMatchExternal(external_acl_data *acl, ACLChecklist * ch)
+aclMatchExternal(external_acl_data *acl, ACLFilledChecklist *ch)
{
int result;
external_acl_entry *entry;
int ti;
/* Make sure the user is authenticated */
- if ((ti = ch->authenticated()) != 1) {
+ if ((ti = AuthenticateAcl(ch)) != 1) {
debugs(82, 2, "aclMatchExternal: " << acl->def->name << " user not authenticated (" << ti << ")");
return ti;
}
int
ACLExternal::match(ACLChecklist *checklist)
{
- return aclMatchExternal (data, checklist);
+ return aclMatchExternal (data, Filled(checklist));
}
wordlist *
}
static char *
-makeExternalAclKey(ACLChecklist * ch, external_acl_data * acl_data)
+makeExternalAclKey(ACLFilledChecklist * ch, external_acl_data * acl_data)
{
static MemBuf mb;
char buf[256];
}
void
-ACLExternal::ExternalAclLookup(ACLChecklist * ch, ACLExternal * me, EAH * callback, void *callback_data)
+ACLExternal::ExternalAclLookup(ACLChecklist *checklist, ACLExternal * me, EAH * callback, void *callback_data)
{
MemBuf buf;
external_acl_data *acl = me->data;
externalAclState *oldstate = NULL;
bool graceful = 0;
+ ACLFilledChecklist *ch = Filled(checklist);
if (acl->def->require_auth) {
int ti;
/* Make sure the user is authenticated */
- if ((ti = ch->authenticated()) != 1) {
+ if ((ti = AuthenticateAcl(ch)) != 1) {
debugs(82, 1, "externalAclLookup: " << acl->def->name <<
" user authentication failure (" << ti << ", ch=" << ch << ")");
callback(callback_data, NULL);
void
ExternalACLLookup::LookupDone(void *data, void *result)
{
- ACLChecklist *checklist = (ACLChecklist *)data;
+ ACLFilledChecklist *checklist = Filled(static_cast<ACLChecklist*>(data));
checklist->extacl_entry = cbdataReference((external_acl_entry *)result);
checklist->asyncInProgress(false);
checklist->changeState (ACLChecklist::NullState::Instance());
#include "squid.h"
#include "forward.h"
-#include "ACLChecklist.h"
-#include "ACL.h"
+#include "acl/FilledChecklist.h"
+#include "acl/Gadgets.h"
#include "CacheManager.h"
#include "event.h"
#include "errorpage.h"
/**
* Check if this host is allowed to fetch MISSES from us (miss_access)
*/
- ACLChecklist ch;
+ ACLFilledChecklist ch(Config.accessList.miss, request, NULL);
ch.src_addr = request->client_addr;
ch.my_addr = request->my_addr;
- ch.request = HTTPMSGLOCK(request);
- ch.accessList = cbdataReference(Config.accessList.miss);
- /* cbdataReferenceDone() happens in either fastCheck() or ~ACLCheckList */
int answer = ch.fastCheck();
if (answer == 0) {
// Create the ACL check list now, while we have access to more info.
// The list is used in ssl_verify_cb() and is freed in ssl_free().
if (acl_access *acl = Config.ssl_client.cert_error) {
- ACLChecklist *check = aclChecklistCreate(acl, request, dash_str);
+ ACLFilledChecklist *check = new ACLFilledChecklist(acl, request, dash_str);
check->fd(fd);
SSL_set_ex_data(ssl, ssl_ex_index_cert_error_check, check);
}
IpAddress
getOutgoingAddr(HttpRequest * request, struct peer *dst_peer)
{
- ACLChecklist ch;
-
if (request && request->flags.spoof_client_ip)
return request->client_addr;
return IpAddress(); // anything will do.
}
+ ACLFilledChecklist ch(NULL, request, NULL);
ch.dst_peer = dst_peer;
if (request) {
ch.src_addr = request->client_addr;
ch.my_addr = request->my_addr;
- ch.request = HTTPMSGLOCK(request);
}
return aclMapAddr(Config.accessList.outgoing_address, &ch);
unsigned long
getOutgoingTOS(HttpRequest * request)
{
- ACLChecklist ch;
+ ACLFilledChecklist ch(NULL, request, NULL);
if (request) {
ch.src_addr = request->client_addr;
ch.my_addr = request->my_addr;
- ch.request = HTTPMSGLOCK(request);
}
return aclMapTOS(Config.accessList.outgoing_tos, &ch);
#include "squid.h"
#include "htcp.h"
-#include "ACLChecklist.h"
-#include "ACL.h"
+#include "acl/FilledChecklist.h"
+#include "acl/Acl.h"
#include "SquidTime.h"
#include "Store.h"
#include "StoreClient.h"
if (!acl)
return 0;
- ACLChecklist checklist;
+ ACLFilledChecklist checklist(acl, s->request, NULL);
checklist.src_addr = from;
checklist.my_addr.SetNoAddr();
- checklist.request = HTTPMSGLOCK(s->request);
- checklist.accessList = cbdataReference(acl);
- /* cbdataReferenceDone() happens in either fastCheck() or ~ACLCheckList */
int result = checklist.fastCheck();
return result;
}
#include "HttpHdrContRange.h"
#include "HttpHdrSc.h"
#include "HttpHdrScTarget.h"
-#include "ACLChecklist.h"
+#include "acl/FilledChecklist.h"
#include "fde.h"
#if DELAY_POOLS
#include "DelayPools.h"
debugs(11,5, HERE << "doneSendingRequestBody: FD " << fd);
#if HTTP_VIOLATIONS
- ACLChecklist ch;
- ch.request = HTTPMSGLOCK(request);
-
if (Config.accessList.brokenPosts) {
- ch.accessList = cbdataReference(Config.accessList.brokenPosts);
- /* cbdataReferenceDone() happens in either fastCheck() or ~ACLCheckList */
-
+ ACLFilledChecklist ch(Config.accessList.brokenPosts, request, NULL);
if (!ch.fastCheck()) {
debugs(11, 5, "doneSendingRequestBody: didn't match brokenPosts");
CommIoCbParams io(NULL);
#include "comm.h"
#include "ICP.h"
#include "HttpRequest.h"
-#include "ACLChecklist.h"
-#include "ACL.h"
+#include "acl/FilledChecklist.h"
+#include "acl/Acl.h"
#include "AccessLogEntry.h"
#include "wordlist.h"
#include "SquidTime.h"
if (!Config.accessList.icp)
return 0;
- ACLChecklist checklist;
+ ACLFilledChecklist checklist(Config.accessList.icp, icp_request, NULL);
checklist.src_addr = from;
checklist.my_addr.SetNoAddr();
- checklist.request = HTTPMSGLOCK(icp_request);
- checklist.accessList = cbdataReference(Config.accessList.icp);
- /* cbdataReferenceDone() happens in either fastCheck() or ~ACLCheckList */
int result = checklist.fastCheck();
return result;
}
#include "squid.h"
#include "ProtoPort.h"
-#include "ACLChecklist.h"
+#include "acl/FilledChecklist.h"
#include "event.h"
#include "CacheManager.h"
#include "htcp.h"
if (p->access == NULL)
return do_ping;
- ACLChecklist checklist;
-
+ ACLFilledChecklist checklist(p->access, request, NULL);
checklist.src_addr = request->client_addr;
-
checklist.my_addr = request->my_addr;
- checklist.request = HTTPMSGLOCK(request);
-
- checklist.accessList = cbdataReference(p->access);
-
- /* cbdataReferenceDone() happens in either fastCheck() or ~ACLCheckList */
-
#if 0 && USE_IDENT
/*
* this is currently broken because 'request->user_ident' has been
#include "squid.h"
#include "comm.h"
#include "cache_snmp.h"
-#include "ACLChecklist.h"
+#include "acl/FilledChecklist.h"
#include "ip/IpAddress.h"
#define SNMP_REQUEST_SIZE 4096
/* Check if we have explicit permission to access SNMP data.
* default (set above) is to deny all */
if (Community && Config.accessList.snmp) {
- ACLChecklist checklist;
- checklist.accessList = cbdataReference(Config.accessList.snmp);
+ ACLFilledChecklist checklist(Config.accessList.snmp, NULL, NULL);
checklist.src_addr = rq->from;
checklist.snmp_community = (char *) Community;
- /* cbdataReferenceDone() happens in either fastCheck() or ~ACLCheckList */
allow = checklist.fastCheck();
}
}
/* SNMP checklists */
-#include "ACLStrategy.h"
-#include "ACLStrategised.h"
-#include "ACLStringData.h"
+#include "acl/Strategy.h"
+#include "acl/Strategised.h"
+#include "acl/StringData.h"
class ACLSNMPCommunityStrategy : public ACLStrategy<char const *>
{
public:
- virtual int match (ACLData<MatchType> * &, ACLChecklist *);
+ virtual int match (ACLData<MatchType> * &, ACLFilledChecklist *);
static ACLSNMPCommunityStrategy *Instance();
/* Not implemented to prevent copies of the instance. */
/* Not private to prevent brain dead g+++ warnings about
ACLStrategised<char const *> ACLSNMPCommunity::RegistryEntry_(new ACLStringData, ACLSNMPCommunityStrategy::Instance(), "snmp_community");
int
-ACLSNMPCommunityStrategy::match (ACLData<MatchType> * &data, ACLChecklist *checklist)
+ACLSNMPCommunityStrategy::match (ACLData<MatchType> * &data, ACLFilledChecklist *checklist)
{
return data->match (checklist->snmp_community);
}
#if USE_SSL
#include "fde.h"
-#include "ACLChecklist.h"
+#include "acl/FilledChecklist.h"
/**
\defgroup ServerProtocolSSLInternal Server-Side SSL Internals
debugs(83, 2, "SQUID_X509_V_ERR_DOMAIN_MISMATCH: Certificate " << buffer << " does not match domainname " << server);
ok = 0;
if (check)
- check->ssl_error = SQUID_X509_V_ERR_DOMAIN_MISMATCH;
+ Filled(check)->ssl_error = SQUID_X509_V_ERR_DOMAIN_MISMATCH;
}
}
} else {
}
if (check)
- check->ssl_error = ctx->error;
+ Filled(check)->ssl_error = ctx->error;
}
if (!ok && check) {
#include "fde.h"
#include "comm.h"
#include "client_side_request.h"
-#include "ACLChecklist.h"
+#include "acl/FilledChecklist.h"
#if DELAY_POOLS
#include "DelayId.h"
#endif
* Check if this host is allowed to fetch MISSES from us (miss_access)
* default is to allow.
*/
- ACLChecklist ch;
+ ACLFilledChecklist ch(Config.accessList.miss, request, NULL);
ch.src_addr = request->client_addr;
ch.my_addr = request->my_addr;
- ch.request = HTTPMSGLOCK(request);
- ch.accessList = cbdataReference(Config.accessList.miss);
- /* cbdataReferenceDone() happens in either fastCheck() or ~ACLCheckList */
answer = ch.fastCheck();
if (answer == 0) {
projects / thirdparty / squid.git / commitdiff
