From: Christos Tsantilas <chtsanti@users.sourceforge.net>
Date: Tue, 17 Dec 2013 07:12:55 +0000 (-0700)
Subject: Bug 3980: FATAL ERROR due to max_user_ip -s option
X-Git-Tag: SQUID_3_5_0_1~460
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=0e1815c0db70cdb75c6b1730ccefa7b48b3e7486;p=thirdparty%2Fsquid.git

Bug 3980: FATAL ERROR due to max_user_ip -s option
---

diff --git a/src/acl/Acl.h b/src/acl/Acl.h
index dc61d568f4..9e71e397d9 100644
--- a/src/acl/Acl.h
+++ b/src/acl/Acl.h
@@ -53,6 +53,7 @@ typedef char ACLFlag;
 // ACLData Flags
 #define ACL_F_REGEX_CASE 'i'
 #define ACL_F_NO_LOOKUP 'n'
+#define ACL_F_STRICT 's'
 #define ACL_F_END '\0'
 
 /**
diff --git a/src/auth/AclMaxUserIp.cc b/src/auth/AclMaxUserIp.cc
index 0a7072dd04..e1023d91e0 100644
--- a/src/auth/AclMaxUserIp.cc
+++ b/src/auth/AclMaxUserIp.cc
@@ -13,17 +13,22 @@
 #include "Parsing.h"
 #include "wordlist.h"
 
+ACLFlag
+ACLMaxUserIP::SupportedFlags[] = {ACL_F_STRICT, ACL_F_END};
+
 ACL *
 ACLMaxUserIP::clone() const
 {
     return new ACLMaxUserIP(*this);
 }
 
-ACLMaxUserIP::ACLMaxUserIP (char const *theClass) : class_ (theClass), maximum(0)
+ACLMaxUserIP::ACLMaxUserIP (char const *theClass) : ACL(SupportedFlags), class_ (theClass), maximum(0)
 {}
 
-ACLMaxUserIP::ACLMaxUserIP (ACLMaxUserIP const & old) :class_ (old.class_), maximum (old.maximum), flags (old.flags)
-{}
+ACLMaxUserIP::ACLMaxUserIP (ACLMaxUserIP const & old) : class_ (old.class_), maximum (old.maximum)
+{
+   flags = old.flags;
+}
 
 ACLMaxUserIP::~ACLMaxUserIP()
 {}
@@ -61,15 +66,6 @@ ACLMaxUserIP::parse()
 
     debugs(28, 5, "aclParseUserMaxIP: First token is " << t);
 
-    if (strcmp("-s", t) == 0) {
-        debugs(28, 5, "aclParseUserMaxIP: Going strict");
-        flags.strict = true;
-        t = ConfigParser::strtokFile();
-    }
-
-    if (!t)
-        return;
-
     maximum = xatoi(t);
 
     debugs(28, 5, "aclParseUserMaxIP: Max IP address's " << maximum);
@@ -97,7 +93,7 @@ ACLMaxUserIP::match(Auth::UserRequest::Pointer auth_user_request, Ip::Address co
     debugs(28, DBG_IMPORTANT, "aclMatchUserMaxIP: user '" << auth_user_request->username() << "' tries to use too many IP addresses (max " << maximum << " allowed)!");
 
     /* this is a match */
-    if (flags.strict) {
+    if (flags.isSet(ACL_F_STRICT)) {
         /*
          * simply deny access - the user name is already associated with
          * the request
@@ -154,9 +150,6 @@ ACLMaxUserIP::dump() const
 
     wordlist *W = NULL;
 
-    if (flags.strict)
-        wordlistAdd(&W, "-s");
-
     char buf[128];
 
     snprintf(buf, sizeof(buf), "%lu", (unsigned long int) maximum);
diff --git a/src/auth/AclMaxUserIp.h b/src/auth/AclMaxUserIp.h
index 5d5e962b1c..13414edfe1 100644
--- a/src/auth/AclMaxUserIp.h
+++ b/src/auth/AclMaxUserIp.h
@@ -62,21 +62,16 @@ public:
 
     int getMaximum() const {return maximum;}
 
-    int getStrict() const {return flags.strict;}
+    bool getStrict() const {return flags.isSet(ACL_F_STRICT);}
 
 private:
     static Prototype RegistryProtoype;
     static ACLMaxUserIP RegistryEntry_;
+    static ACLFlag  SupportedFlags[];
 
     int match(Auth::UserRequest::Pointer, Ip::Address const &);
     char const *class_;
     int maximum;
-
-    struct Flags {
-        Flags() : strict(false) {}
-
-        bool strict;
-    } flags;
 };
 
 MEMPROXY_CLASS_INLINE(ACLMaxUserIP);
diff --git a/src/tests/testACLMaxUserIP.cc b/src/tests/testACLMaxUserIP.cc
index d112b3f5b7..ed9fe7529c 100644
--- a/src/tests/testACLMaxUserIP.cc
+++ b/src/tests/testACLMaxUserIP.cc
@@ -21,25 +21,33 @@ testACLMaxUserIP::testDefaults()
     /* 0 is not a valid maximum, so we start at 0 */
     CPPUNIT_ASSERT_EQUAL(0,anACL.getMaximum());
     /* and we have no option to turn strict OFF, so start ON. */
-    CPPUNIT_ASSERT_EQUAL(0,anACL.getStrict());
+    CPPUNIT_ASSERT_EQUAL(false,anACL.getStrict());
     /* an unparsed acl must not be valid - there is no sane default */
     CPPUNIT_ASSERT_EQUAL(false,anACL.valid());
 }
 
+ACL::Prototype ACLMaxUserIP::RegistryProtoype(&ACLMaxUserIP::RegistryEntry_, "max_user_ip");
+ACLMaxUserIP ACLMaxUserIP::RegistryEntry_("max_user_ip");
+
 void
 testACLMaxUserIP::testParseLine()
 {
     /* a config line to pass with a lead-in token to seed the parser. */
-    char * line = xstrdup("-s 1");
+    char * line = xstrdup("test max_user_ip -s 1");
     /* seed the parser */
     ConfigParser::SetCfgLine(line);
-    ACLMaxUserIP anACL("max_user_ip");
-    anACL.parse();
+    ACL *anACL = NULL;
+    ConfigParser LegacyParser;
+    ACL::ParseAclLine(LegacyParser, &anACL);
+    ACLMaxUserIP *maxUserIpACL = dynamic_cast<ACLMaxUserIP *>(anACL);
+    CPPUNIT_ASSERT(maxUserIpACL);
+
     /* we want a maximum of one, and strict to be true */
-    CPPUNIT_ASSERT_EQUAL(1,anACL.getMaximum());
-    CPPUNIT_ASSERT_EQUAL(1,anACL.getStrict());
+    CPPUNIT_ASSERT_EQUAL(1, maxUserIpACL->getMaximum());
+    CPPUNIT_ASSERT_EQUAL(true, maxUserIpACL->getStrict());
     /* the acl must be vaid */
-    CPPUNIT_ASSERT_EQUAL(true,anACL.valid());
+    CPPUNIT_ASSERT_EQUAL(true, maxUserIpACL->valid());
+    delete anACL;
     xfree(line);
 }