From: Francesco Chemolli <5175948+kinkie@users.noreply.github.com> Date: Thu, 11 Jan 2024 17:02:06 +0000 (+0000) Subject: Rename class ACL to Acl::Node (#1631) X-Git-Tag: SQUID_7_0_1~239 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=922513e523c79adac4cea278cce40f254d334808;p=thirdparty%2Fsquid.git Rename class ACL to Acl::Node (#1631) There is a name clash between Squid's ACL and MS Windows' ACL (http://tinyurl.com/ns-winnt-acl). --- diff --git a/src/AclRegs.cc b/src/AclRegs.cc index 58fab91815..72e6b152e8 100644 --- a/src/AclRegs.cc +++ b/src/AclRegs.cc @@ -59,6 +59,7 @@ #include "acl/MethodData.h" #include "acl/MyPortName.h" #include "acl/Note.h" +#include "acl/Node.h" #include "acl/NoteData.h" #include "acl/PeerName.h" #include "acl/Protocol.h" @@ -118,7 +119,7 @@ namespace Acl template class FinalizedParameterizedNode: public Parent { - MEMPROXY_CLASS(Acl::FinalizedParameterizedNode); + MEMPROXY_CLASS(FinalizedParameterizedNode); public: using Parameters = typename Parent::Parameters; @@ -192,105 +193,105 @@ Acl::Init() { /* the registration order does not matter */ - // The explicit return type (ACL*) for lambdas is needed because the type - // of the return expression inside lambda is not ACL* but AclFoo* while - // Acl::Maker is defined to return ACL*. - - RegisterMaker("all-of", [](TypeName)->ACL* { return new Acl::AllOf; }); // XXX: Add name parameter to ctor - RegisterMaker("any-of", [](TypeName)->ACL* { return new Acl::AnyOf; }); // XXX: Add name parameter to ctor - RegisterMaker("random", [](TypeName name)->ACL* { return new ACLRandom(name); }); - RegisterMaker("time", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLTimeData); }); - RegisterMaker("src_as", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLASN); }); - RegisterMaker("dst_as", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLASN); }); - RegisterMaker("browser", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode >(name, new ACLRegexData); }); - - RegisterMaker("dstdomain", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLDomainData); }); - RegisterMaker("dstdom_regex", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLRegexData); }); - Acl::FinalizedParameterizedNode::PreferAllocatorLabelPrefix("dstdomain+"); - - RegisterMaker("dst", [](TypeName)->ACL* { return new ACLDestinationIP; }); // XXX: Add name parameter to ctor - RegisterMaker("hier_code", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLHierCodeData); }); - RegisterMaker("rep_header", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLHTTPHeaderData); }); - RegisterMaker("req_header", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLHTTPHeaderData); }); - RegisterMaker("http_status", [](TypeName name)->ACL* { return new ACLHTTPStatus(name); }); - RegisterMaker("maxconn", [](TypeName name)->ACL* { return new ACLMaxConnection(name); }); - RegisterMaker("method", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLMethodData); }); - RegisterMaker("localip", [](TypeName)->ACL* { return new ACLLocalIP; }); // XXX: Add name parameter to ctor - RegisterMaker("localport", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLIntRange); }); - RegisterMaker("myportname", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLStringData); }); - - RegisterMaker("peername", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLStringData); }); - RegisterMaker("peername_regex", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLRegexData); }); - Acl::FinalizedParameterizedNode::PreferAllocatorLabelPrefix("peername+"); - - RegisterMaker("proto", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLProtocolData); }); - RegisterMaker("referer_regex", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode >(name, new ACLRegexData); }); - RegisterMaker("rep_mime_type", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode >(name, new ACLRegexData); }); - RegisterMaker("req_mime_type", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode >(name, new ACLRegexData); }); - - RegisterMaker("srcdomain", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLDomainData); }); - RegisterMaker("srcdom_regex", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLRegexData); }); - Acl::FinalizedParameterizedNode::PreferAllocatorLabelPrefix("srcdomain+"); - - RegisterMaker("src", [](TypeName)->ACL* { return new ACLSourceIP; }); // XXX: Add name parameter to ctor - RegisterMaker("url_regex", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLRegexData); }); - RegisterMaker("urllogin", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLRegexData); }); - RegisterMaker("urlpath_regex", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLRegexData); }); - RegisterMaker("port", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLIntRange); }); - RegisterMaker("external", [](TypeName name)->ACL* { return new ACLExternal(name); }); - RegisterMaker("squid_error", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLSquidErrorData); }); - RegisterMaker("connections_encrypted", [](TypeName name)->ACL* { return new Acl::ConnectionsEncrypted(name); }); - RegisterMaker("tag", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLStringData); }); - RegisterMaker("note", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLNoteData); }); - RegisterMaker("annotate_client", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLAnnotationData); }); - RegisterMaker("annotate_transaction", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLAnnotationData); }); - RegisterMaker("has", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLHasComponentData); }); - RegisterMaker("transaction_initiator", [](TypeName name)->ACL* {return new TransactionInitiator(name);}); + // The explicit return type (Acl::Node*) for lambdas is needed because the type + // of the return expression inside lambda is not Node* but AclFoo* while + // Maker is defined to return Node*. + + RegisterMaker("all-of", [](TypeName)->Node* { return new AllOf; }); // XXX: Add name parameter to ctor + RegisterMaker("any-of", [](TypeName)->Node* { return new AnyOf; }); // XXX: Add name parameter to ctor + RegisterMaker("random", [](TypeName name)->Node* { return new ACLRandom(name); }); + RegisterMaker("time", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLTimeData); }); + RegisterMaker("src_as", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLASN); }); + RegisterMaker("dst_as", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLASN); }); + RegisterMaker("browser", [](TypeName name)->Node* { return new FinalizedParameterizedNode >(name, new ACLRegexData); }); + + RegisterMaker("dstdomain", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLDomainData); }); + RegisterMaker("dstdom_regex", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLRegexData); }); + FinalizedParameterizedNode::PreferAllocatorLabelPrefix("dstdomain+"); + + RegisterMaker("dst", [](TypeName)->Node* { return new ACLDestinationIP; }); // XXX: Add name parameter to ctor + RegisterMaker("hier_code", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLHierCodeData); }); + RegisterMaker("rep_header", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLHTTPHeaderData); }); + RegisterMaker("req_header", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLHTTPHeaderData); }); + RegisterMaker("http_status", [](TypeName name)->Node* { return new ACLHTTPStatus(name); }); + RegisterMaker("maxconn", [](TypeName name)->Node* { return new ACLMaxConnection(name); }); + RegisterMaker("method", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLMethodData); }); + RegisterMaker("localip", [](TypeName)->Node* { return new ACLLocalIP; }); // XXX: Add name parameter to ctor + RegisterMaker("localport", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLIntRange); }); + RegisterMaker("myportname", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLStringData); }); + + RegisterMaker("peername", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLStringData); }); + RegisterMaker("peername_regex", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLRegexData); }); + FinalizedParameterizedNode::PreferAllocatorLabelPrefix("peername+"); + + RegisterMaker("proto", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLProtocolData); }); + RegisterMaker("referer_regex", [](TypeName name)->Node* { return new FinalizedParameterizedNode >(name, new ACLRegexData); }); + RegisterMaker("rep_mime_type", [](TypeName name)->Node* { return new FinalizedParameterizedNode >(name, new ACLRegexData); }); + RegisterMaker("req_mime_type", [](TypeName name)->Node* { return new FinalizedParameterizedNode >(name, new ACLRegexData); }); + + RegisterMaker("srcdomain", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLDomainData); }); + RegisterMaker("srcdom_regex", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLRegexData); }); + FinalizedParameterizedNode::PreferAllocatorLabelPrefix("srcdomain+"); + + RegisterMaker("src", [](TypeName)->Node* { return new ACLSourceIP; }); // XXX: Add name parameter to ctor + RegisterMaker("url_regex", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLRegexData); }); + RegisterMaker("urllogin", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLRegexData); }); + RegisterMaker("urlpath_regex", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLRegexData); }); + RegisterMaker("port", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLIntRange); }); + RegisterMaker("external", [](TypeName name)->Node* { return new ACLExternal(name); }); + RegisterMaker("squid_error", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLSquidErrorData); }); + RegisterMaker("connections_encrypted", [](TypeName name)->Node* { return new ConnectionsEncrypted(name); }); + RegisterMaker("tag", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLStringData); }); + RegisterMaker("note", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLNoteData); }); + RegisterMaker("annotate_client", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLAnnotationData); }); + RegisterMaker("annotate_transaction", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLAnnotationData); }); + RegisterMaker("has", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLHasComponentData); }); + RegisterMaker("transaction_initiator", [](TypeName name)->Node* {return new TransactionInitiator(name);}); #if USE_LIBNETFILTERCONNTRACK - RegisterMaker("clientside_mark", [](TypeName)->ACL* { return new Acl::ConnMark; }); // XXX: Add name parameter to ctor - RegisterMaker("client_connection_mark", [](TypeName)->ACL* { return new Acl::ConnMark; }); // XXX: Add name parameter to ctor + RegisterMaker("clientside_mark", [](TypeName)->Node* { return new ConnMark; }); // XXX: Add name parameter to ctor + RegisterMaker("client_connection_mark", [](TypeName)->Node* { return new ConnMark; }); // XXX: Add name parameter to ctor #endif #if USE_OPENSSL - RegisterMaker("ssl_error", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLSslErrorData); }); + RegisterMaker("ssl_error", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLSslErrorData); }); - RegisterMaker("user_cert", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLCertificateData(Ssl::GetX509UserAttribute, "*")); }); - RegisterMaker("ca_cert", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLCertificateData(Ssl::GetX509CAAttribute, "*")); }); - Acl::FinalizedParameterizedNode::PreferAllocatorLabelPrefix("user_cert+"); + RegisterMaker("user_cert", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLCertificateData(Ssl::GetX509UserAttribute, "*")); }); + RegisterMaker("ca_cert", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLCertificateData(Ssl::GetX509CAAttribute, "*")); }); + FinalizedParameterizedNode::PreferAllocatorLabelPrefix("user_cert+"); - RegisterMaker("server_cert_fingerprint", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLCertificateData(Ssl::GetX509Fingerprint, nullptr, true)); }); - RegisterMaker("at_step", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLAtStepData); }); + RegisterMaker("server_cert_fingerprint", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLCertificateData(Ssl::GetX509Fingerprint, nullptr, true)); }); + RegisterMaker("at_step", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLAtStepData); }); - RegisterMaker("ssl::server_name", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLServerNameData); }); - RegisterMaker("ssl::server_name_regex", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLRegexData); }); - Acl::FinalizedParameterizedNode::PreferAllocatorLabelPrefix("ssl::server_name+"); + RegisterMaker("ssl::server_name", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLServerNameData); }); + RegisterMaker("ssl::server_name_regex", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLRegexData); }); + FinalizedParameterizedNode::PreferAllocatorLabelPrefix("ssl::server_name+"); #endif #if USE_SQUID_EUI - RegisterMaker("arp", [](TypeName name)->ACL* { return new ACLARP(name); }); - RegisterMaker("eui64", [](TypeName name)->ACL* { return new ACLEui64(name); }); + RegisterMaker("arp", [](TypeName name)->Node* { return new ACLARP(name); }); + RegisterMaker("eui64", [](TypeName name)->Node* { return new ACLEui64(name); }); #endif #if USE_IDENT - RegisterMaker("ident", [](TypeName name)->ACL* { return new ACLIdent(new ACLUserData, name); }); - RegisterMaker("ident_regex", [](TypeName name)->ACL* { return new ACLIdent(new ACLRegexData, name); }); + RegisterMaker("ident", [](TypeName name)->Node* { return new ACLIdent(new ACLUserData, name); }); + RegisterMaker("ident_regex", [](TypeName name)->Node* { return new ACLIdent(new ACLRegexData, name); }); #endif #if USE_AUTH - RegisterMaker("ext_user", [](TypeName name)->ACL* { return new ACLExtUser(new ACLUserData, name); }); - RegisterMaker("ext_user_regex", [](TypeName name)->ACL* { return new ACLExtUser(new ACLRegexData, name); }); - RegisterMaker("proxy_auth", [](TypeName name)->ACL* { return new ACLProxyAuth(new ACLUserData, name); }); - RegisterMaker("proxy_auth_regex", [](TypeName name)->ACL* { return new ACLProxyAuth(new ACLRegexData, name); }); - RegisterMaker("max_user_ip", [](TypeName name)->ACL* { return new ACLMaxUserIP(name); }); + RegisterMaker("ext_user", [](TypeName name)->Node* { return new ACLExtUser(new ACLUserData, name); }); + RegisterMaker("ext_user_regex", [](TypeName name)->Node* { return new ACLExtUser(new ACLRegexData, name); }); + RegisterMaker("proxy_auth", [](TypeName name)->Node* { return new ACLProxyAuth(new ACLUserData, name); }); + RegisterMaker("proxy_auth_regex", [](TypeName name)->Node* { return new ACLProxyAuth(new ACLRegexData, name); }); + RegisterMaker("max_user_ip", [](TypeName name)->Node* { return new ACLMaxUserIP(name); }); #endif #if USE_ADAPTATION - RegisterMaker("adaptation_service", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLAdaptationServiceData); }); + RegisterMaker("adaptation_service", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLAdaptationServiceData); }); #endif #if SQUID_SNMP - RegisterMaker("snmp_community", [](TypeName name)->ACL* { return new Acl::FinalizedParameterizedNode(name, new ACLStringData); }); + RegisterMaker("snmp_community", [](TypeName name)->Node* { return new FinalizedParameterizedNode(name, new ACLStringData); }); #endif } diff --git a/src/ExternalACL.h b/src/ExternalACL.h index 0ce7461562..98a38a50bc 100644 --- a/src/ExternalACL.h +++ b/src/ExternalACL.h @@ -17,7 +17,7 @@ class external_acl; class external_acl_data; class StoreEntry; -class ACLExternal : public ACL +class ACLExternal : public Acl::Node { MEMPROXY_CLASS(ACLExternal); @@ -40,7 +40,7 @@ public: bool empty () const override; private: - static void StartLookup(ACLFilledChecklist &, const ACL &); + static void StartLookup(ACLFilledChecklist &, const Acl::Node &); static void LookupDone(void *data, const ExternalACLEntryPointer &); void startLookup(ACLFilledChecklist *, external_acl_data *, bool inBackground) const; Acl::Answer aclMatchExternal(external_acl_data *, ACLFilledChecklist *) const; diff --git a/src/SquidConfig.h b/src/SquidConfig.h index a065d1cd44..3a8649acfe 100644 --- a/src/SquidConfig.h +++ b/src/SquidConfig.h @@ -353,7 +353,7 @@ public: std::chrono::nanoseconds paranoid_hit_validation; - class ACL *aclList; + class Acl::Node *aclList; struct { acl_access *http; diff --git a/src/acl/Acl.cc b/src/acl/Acl.cc index 489eab53b8..8cc5c5b394 100644 --- a/src/acl/Acl.cc +++ b/src/acl/Acl.cc @@ -31,16 +31,16 @@ const char *AclMatchedName = nullptr; namespace Acl { -/// ACL type name comparison functor +/// Acl::Node type name comparison functor class TypeNameCmp { public: bool operator()(TypeName a, TypeName b) const { return strcmp(a, b) < 0; } }; -/// ACL makers indexed by ACL type name +/// Acl::Node makers indexed by Node type name typedef std::map Makers; -/// registered ACL Makers +/// registered Acl::Node Makers static Makers & TheMakers() { @@ -48,9 +48,9 @@ TheMakers() return Registry; } -/// creates an ACL object of the named (and already registered) ACL child type +/// creates an Acl::Node object of the named (and already registered) Node child type static -ACL * +Acl::Node * Make(TypeName typeName) { const auto pos = TheMakers().find(typeName); @@ -60,7 +60,7 @@ Make(TypeName typeName) assert(false); // not reached } - ACL *result = (pos->second)(pos->first); + auto *result = (pos->second)(pos->first); debugs(28, 4, typeName << '=' << result); assert(result); return result; @@ -103,34 +103,32 @@ Acl::SetKey(SBuf &keyStorage, const char *keyParameterName, const char *newKey) } void * -ACL::operator new (size_t) +Acl::Node::operator new (size_t) { - fatal ("unusable ACL::new"); + fatal ("unusable Acl::Node::new"); return (void *)1; } -void -ACL::operator delete (void *) +void Acl::Node::operator delete(void *) { - fatal ("unusable ACL::delete"); + fatal ("unusable Acl::Node::delete"); } -ACL * -ACL::FindByName(const char *name) +Acl::Node * +Acl::Node::FindByName(const char *name) { - ACL *a; - debugs(28, 9, "ACL::FindByName '" << name << "'"); + debugs(28, 9, "name=" << name); - for (a = Config.aclList; a; a = a->next) + for (auto *a = Config.aclList; a; a = a->next) if (!strcasecmp(a->name, name)) return a; - debugs(28, 9, "ACL::FindByName found no match"); + debugs(28, 9, "found no match"); return nullptr; } -ACL::ACL() : +Acl::Node::Node() : cfgline(nullptr), next(nullptr), registered(false) @@ -138,13 +136,14 @@ ACL::ACL() : *name = 0; } -bool ACL::valid () const +bool +Acl::Node::valid() const { return true; } bool -ACL::matches(ACLChecklist *checklist) const +Acl::Node::matches(ACLChecklist *checklist) const { debugs(28, 5, "checking " << name); @@ -169,7 +168,7 @@ ACL::matches(ACLChecklist *checklist) const checklist->verifyAle(); // have to cast because old match() API is missing const - result = const_cast(this)->match(checklist); + result = const_cast(this)->match(checklist); } const char *extra = checklist->asyncInProgress() ? " async" : ""; @@ -178,7 +177,7 @@ ACL::matches(ACLChecklist *checklist) const } void -ACL::context(const char *aName, const char *aCfgLine) +Acl::Node::context(const char *aName, const char *aCfgLine) { name[0] = '\0'; if (aName) @@ -189,11 +188,11 @@ ACL::context(const char *aName, const char *aCfgLine) } void -ACL::ParseAclLine(ConfigParser &parser, ACL ** head) +Acl::Node::ParseAclLine(ConfigParser &parser, Node ** head) { /* we're already using strtok() to grok the line */ char *t = nullptr; - ACL *A = nullptr; + Node *A = nullptr; LOCAL_ARRAY(char, aclname, ACL_NAME_SZ); int new_acl = 0; @@ -307,13 +306,13 @@ ACL::ParseAclLine(ConfigParser &parser, ACL ** head) } bool -ACL::isProxyAuth() const +Acl::Node::isProxyAuth() const { return false; } void -ACL::parseFlags() +Acl::Node::parseFlags() { Acl::Options allOptions = options(); for (const auto lineOption: lineOptions()) { @@ -324,7 +323,7 @@ ACL::parseFlags() } void -ACL::dumpWhole(const char * const directiveName, std::ostream &os) +Acl::Node::dumpWhole(const char * const directiveName, std::ostream &os) { // XXX: No lineOptions() call here because we do not remember ACL "line" // boundaries and associated "line" options; we cannot report them. @@ -336,7 +335,7 @@ ACL::dumpWhole(const char * const directiveName, std::ostream &os) /* ACL result caching routines */ int -ACL::matchForCache(ACLChecklist *) +Acl::Node::matchForCache(ACLChecklist *) { /* This is a fatal to ensure that cacheMatchAcl calls are _only_ * made for supported acl types */ @@ -354,7 +353,7 @@ ACL::matchForCache(ACLChecklist *) * TODO: does a dlink_list perform well enough? Kinkie */ int -ACL::cacheMatchAcl(dlink_list * cache, ACLChecklist *checklist) +Acl::Node::cacheMatchAcl(dlink_list * cache, ACLChecklist *checklist) { acl_proxy_auth_match_cache *auth_match; dlink_node *link; @@ -364,7 +363,7 @@ ACL::cacheMatchAcl(dlink_list * cache, ACLChecklist *checklist) auth_match = (acl_proxy_auth_match_cache *)link->data; if (auth_match->acl_data == this) { - debugs(28, 4, "ACL::cacheMatchAcl: cache hit on acl '" << name << "' (" << this << ")"); + debugs(28, 4, "cache hit on acl '" << name << "' (" << this << ")"); return auth_match->matchrv; } @@ -373,7 +372,7 @@ ACL::cacheMatchAcl(dlink_list * cache, ACLChecklist *checklist) auth_match = new acl_proxy_auth_match_cache(matchForCache(checklist), this); dlinkAddTail(auth_match, &auth_match->link, cache); - debugs(28, 4, "ACL::cacheMatchAcl: miss for '" << name << "'. Adding result " << auth_match->matchrv); + debugs(28, 4, "miss for acl '" << name << "'. Adding result " << auth_match->matchrv); return auth_match->matchrv; } @@ -396,19 +395,19 @@ aclCacheMatchFlush(dlink_list * cache) } bool -ACL::requiresAle() const +Acl::Node::requiresAle() const { return false; } bool -ACL::requiresReply() const +Acl::Node::requiresReply() const { return false; } bool -ACL::requiresRequest() const +Acl::Node::requiresRequest() const { return false; } @@ -417,7 +416,7 @@ ACL::requiresRequest() const /* Destroy functions */ /*********************/ -ACL::~ACL() +Acl::Node::~Node() { debugs(28, 3, "freeing ACL " << name); safe_free(cfgline); @@ -425,10 +424,10 @@ ACL::~ACL() } void -ACL::Initialize() +Acl::Node::Initialize() { - ACL *a = Config.aclList; - debugs(53, 3, "ACL::Initialize"); + auto *a = Config.aclList; + debugs(53, 3, "Acl::Node::Initialize"); while (a) { a->prepareForUse(); diff --git a/src/acl/Acl.h b/src/acl/Acl.h index 11b59f0b97..aef6ce1b5f 100644 --- a/src/acl/Acl.h +++ b/src/acl/Acl.h @@ -10,8 +10,6 @@ #define SQUID_ACL_H #include "acl/forward.h" -#include "acl/Options.h" -#include "cbdata.h" #include "defines.h" #include "dlink.h" #include "sbuf/forward.h" @@ -19,15 +17,13 @@ #include #include -class ConfigParser; - namespace Acl { /// the ACL type name known to admins -typedef const char *TypeName; -/// a "factory" function for making ACL objects (of some ACL child type) -typedef ACL *(*Maker)(TypeName typeName); -/// use the given ACL Maker for all ACLs of the named type +using TypeName = const char *; +/// a "factory" function for making Acl::Node objects (of some Node child type) +using Maker = Node *(*)(TypeName typeName); +/// use the given Acl::Node Maker for all ACLs of the named type void RegisterMaker(TypeName typeName, Maker maker); /// Validate and store the ACL key parameter for ACL types @@ -36,82 +32,7 @@ void RegisterMaker(TypeName typeName, Maker maker); /// Key comparison is case-insensitive. void SetKey(SBuf &keyStorage, const char *keyParameterName, const char *newKey); -} // namespace Acl - -/// A configurable condition. A node in the ACL expression tree. -/// Can evaluate itself in FilledChecklist context. -/// Does not change during evaluation. -/// \ingroup ACLAPI -class ACL -{ - -public: - void *operator new(size_t); - void operator delete(void *); - - static void ParseAclLine(ConfigParser &parser, ACL ** head); - static void Initialize(); - static ACL *FindByName(const char *name); - - ACL(); - ACL(ACL &&) = delete; // no copying of any kind - virtual ~ACL(); - - /// sets user-specified ACL name and squid.conf context - void context(const char *name, const char *configuration); - - /// Orchestrates matching checklist against the ACL using match(), - /// after checking preconditions and while providing debugging. - /// \return true if and only if there was a successful match. - /// Updates the checklist state on match, async, and failure. - bool matches(ACLChecklist *checklist) const; - - /// configures ACL options, throwing on configuration errors - void parseFlags(); - - /// parses node representation in squid.conf; dies on failures - virtual void parse() = 0; - virtual char const *typeString() const = 0; - virtual bool isProxyAuth() const; - virtual SBufList dump() const = 0; - virtual bool empty() const = 0; - virtual bool valid() const; - - int cacheMatchAcl(dlink_list * cache, ACLChecklist *); - virtual int matchForCache(ACLChecklist *checklist); - - virtual void prepareForUse() {} - - // TODO: Find a way to make options() and this method constant - /// Prints aggregated "acl" (or similar) directive configuration, including - /// the given directive name, ACL name, ACL type, and ACL parameters. The - /// printed parameters are collected from all same-name "acl" directives. - void dumpWhole(const char *directiveName, std::ostream &); - - char name[ACL_NAME_SZ]; - char *cfgline; - ACL *next; // XXX: remove or at least use refcounting - bool registered; ///< added to the global list of ACLs via aclRegister() - -private: - /// Matches the actual data in checklist against this ACL. - virtual int match(ACLChecklist *checklist) = 0; // XXX: missing const - - /// whether our (i.e. shallow) match() requires checklist to have a AccessLogEntry - virtual bool requiresAle() const; - /// whether our (i.e. shallow) match() requires checklist to have a request - virtual bool requiresRequest() const; - /// whether our (i.e. shallow) match() requires checklist to have a reply - virtual bool requiresReply() const; - - // TODO: Rename to globalOptions(); these are not the only supported options - /// \returns (linked) 'global' Options supported by this ACL - virtual const Acl::Options &options() { return Acl::NoOptions(); } - - /// \returns (linked) "line" Options supported by this ACL - /// \see ACL::options() - virtual const Acl::Options &lineOptions() { return Acl::NoOptions(); } -}; +} // namespace Acl /// \ingroup ACLAPI typedef enum { @@ -120,12 +41,12 @@ typedef enum { ACCESS_ALLOWED, ACCESS_DUNNO, - // Authentication ACL result states + // Authentication Acl::Node result states ACCESS_AUTH_REQUIRED, // Missing Credentials } aclMatchCode; /// \ingroup ACLAPI -/// ACL check answer +/// Acl::Node check answer namespace Acl { class Answer @@ -216,7 +137,7 @@ public: }; /// \ingroup ACLAPI -/// XXX: find a way to remove or at least use a refcounted ACL pointer +/// XXX: find a way to remove or at least use a refcounted Acl::Node pointer extern const char *AclMatchedName; /* NULL */ #endif /* SQUID_ACL_H */ diff --git a/src/acl/AdaptationService.h b/src/acl/AdaptationService.h index 92e7416c2b..fcccb3cd04 100644 --- a/src/acl/AdaptationService.h +++ b/src/acl/AdaptationService.h @@ -19,7 +19,7 @@ namespace Acl class AdaptationServiceCheck: public ParameterizedNode< ACLData > { public: - /* ACL API */ + /* Acl::Node API */ int match(ACLChecklist *) override; }; diff --git a/src/acl/Address.h b/src/acl/Address.h index 0b085926df..5206c6b3d4 100644 --- a/src/acl/Address.h +++ b/src/acl/Address.h @@ -10,6 +10,7 @@ #define _SQUID_SRC_ACL_ADDRESS_H #include "acl/Acl.h" +#include "cbdata.h" #include "ip/Address.h" namespace Acl diff --git a/src/acl/AllOf.cc b/src/acl/AllOf.cc index 03365c4908..b9e92b50e2 100644 --- a/src/acl/AllOf.cc +++ b/src/acl/AllOf.cc @@ -47,7 +47,7 @@ void Acl::AllOf::parse() { Acl::InnerNode *whole = nullptr; - ACL *oldNode = empty() ? nullptr : nodes.front(); + Acl::Node *oldNode = empty() ? nullptr : nodes.front(); // optimization: this logic reduces subtree hight (number of tree levels) if (Acl::OrNode *oldWhole = dynamic_cast(oldNode)) { diff --git a/src/acl/AllOf.h b/src/acl/AllOf.h index 5eea089912..84ac37cc4a 100644 --- a/src/acl/AllOf.h +++ b/src/acl/AllOf.h @@ -22,7 +22,7 @@ class AllOf: public Acl::InnerNode MEMPROXY_CLASS(AllOf); public: - /* ACL API */ + /* Acl::Node API */ char const *typeString() const override; void parse() override; SBufList dump() const override; diff --git a/src/acl/AnnotateClient.h b/src/acl/AnnotateClient.h index ce714970c4..0639219407 100644 --- a/src/acl/AnnotateClient.h +++ b/src/acl/AnnotateClient.h @@ -18,7 +18,7 @@ namespace Acl class AnnotateClientCheck: public Acl::AnnotationCheck { public: - /* ACL API */ + /* Acl::Node API */ int match(ACLChecklist *) override; bool requiresRequest() const override { return true; } }; diff --git a/src/acl/AnnotateTransaction.h b/src/acl/AnnotateTransaction.h index 147fcec75b..09dff766fa 100644 --- a/src/acl/AnnotateTransaction.h +++ b/src/acl/AnnotateTransaction.h @@ -18,7 +18,7 @@ namespace Acl class AnnotateTransactionCheck: public Acl::AnnotationCheck { public: - /* ACL API */ + /* Acl::Node API */ int match(ACLChecklist *) override; bool requiresRequest() const override { return true; } }; diff --git a/src/acl/AnyOf.h b/src/acl/AnyOf.h index 91822e0792..dd1d61e699 100644 --- a/src/acl/AnyOf.h +++ b/src/acl/AnyOf.h @@ -20,7 +20,7 @@ class AnyOf: public Acl::OrNode MEMPROXY_CLASS(AnyOf); public: - /* ACL API */ + /* Acl::Node API */ char const *typeString() const override; void parse() override; }; diff --git a/src/acl/Arp.h b/src/acl/Arp.h index a37415635f..b826e27782 100644 --- a/src/acl/Arp.h +++ b/src/acl/Arp.h @@ -9,13 +9,13 @@ #ifndef SQUID_ACLARP_H #define SQUID_ACLARP_H -#include "acl/Acl.h" +#include "acl/Node.h" #include "eui/Eui48.h" #include /// \ingroup ACLAPI -class ACLARP : public ACL +class ACLARP : public Acl::Node { MEMPROXY_CLASS(ACLARP); diff --git a/src/acl/Asn.cc b/src/acl/Asn.cc index 499ce4f1f8..5cc427870a 100644 --- a/src/acl/Asn.cc +++ b/src/acl/Asn.cc @@ -116,7 +116,7 @@ static int printRadixNode(struct squid_radix_node *rn, void *sentry); } #endif -void asnAclInitialize(ACL * acls); +void asnAclInitialize(Acl::Node * acls); static void destroyRadixNodeInfo(as_info *); diff --git a/src/acl/AtStep.h b/src/acl/AtStep.h index 6c315da64e..0424f4230b 100644 --- a/src/acl/AtStep.h +++ b/src/acl/AtStep.h @@ -20,7 +20,7 @@ namespace Acl class AtStepCheck: public ParameterizedNode< ACLData > { public: - /* ACL API */ + /* Acl::Node API */ int match(ACLChecklist *) override; }; diff --git a/src/acl/BoolOps.cc b/src/acl/BoolOps.cc index 659d9b4fcd..e117965422 100644 --- a/src/acl/BoolOps.cc +++ b/src/acl/BoolOps.cc @@ -14,7 +14,7 @@ /* Acl::NotNode */ -Acl::NotNode::NotNode(ACL *acl) +Acl::NotNode::NotNode(Acl::Node *acl) { assert(acl); Must(strlen(acl->name) <= sizeof(name)-2); diff --git a/src/acl/BoolOps.h b/src/acl/BoolOps.h index 8455214b02..d96a07604f 100644 --- a/src/acl/BoolOps.h +++ b/src/acl/BoolOps.h @@ -24,10 +24,10 @@ class NotNode: public InnerNode MEMPROXY_CLASS(NotNode); public: - explicit NotNode(ACL *acl); + explicit NotNode(Acl::Node *acl); private: - /* ACL API */ + /* Acl::Node API */ char const *typeString() const override; void parse() override; SBufList dump() const override; @@ -64,7 +64,7 @@ public: /// on its action virtual bool bannedAction(ACLChecklist *, Nodes::const_iterator) const; - /* ACL API */ + /* Acl::Node API */ char const *typeString() const override; void parse() override; diff --git a/src/acl/Certificate.h b/src/acl/Certificate.h index 5d0f546354..08f36cd120 100644 --- a/src/acl/Certificate.h +++ b/src/acl/Certificate.h @@ -21,7 +21,7 @@ namespace Acl class ClientCertificateCheck: public ParameterizedNode< ACLData > { public: - /* ACL API */ + /* Acl::Node API */ int match(ACLChecklist *) override; }; diff --git a/src/acl/Checklist.cc b/src/acl/Checklist.cc index 813e863c01..3e697881f6 100644 --- a/src/acl/Checklist.cc +++ b/src/acl/Checklist.cc @@ -79,7 +79,7 @@ ACLChecklist::preCheck(const char *what) } bool -ACLChecklist::matchChild(const Acl::InnerNode *current, Acl::Nodes::const_iterator pos, const ACL *child) +ACLChecklist::matchChild(const Acl::InnerNode *current, Acl::Nodes::const_iterator pos, const Acl::Node *child) { assert(current && child); @@ -112,7 +112,7 @@ ACLChecklist::matchChild(const Acl::InnerNode *current, Acl::Nodes::const_iterat } bool -ACLChecklist::goAsync(AsyncStarter starter, const ACL &acl) +ACLChecklist::goAsync(AsyncStarter starter, const Acl::Node &acl) { assert(!asyncInProgress()); assert(matchLoc_.parent); @@ -207,7 +207,7 @@ ACLChecklist::nonBlockingCheck(ACLCB * callback_, void *callback_data_) callback_data = cbdataReference(callback_data_); asyncCaller_ = true; - /** The ACL List should NEVER be NULL when calling this method. + /** The ACL list should NEVER be NULL when calling this method. * Always caller should check for NULL and handle appropriate to its needs first. * We cannot select a sensible default for all callers here. */ if (accessList == nullptr) { diff --git a/src/acl/Checklist.h b/src/acl/Checklist.h index ae0096cc0b..a5f5bbe2fb 100644 --- a/src/acl/Checklist.h +++ b/src/acl/Checklist.h @@ -9,7 +9,9 @@ #ifndef SQUID_ACLCHECKLIST_H #define SQUID_ACLCHECKLIST_H +#include "acl/Acl.h" #include "acl/InnerNode.h" +#include "cbdata.h" #include #include @@ -29,7 +31,7 @@ class ACLChecklist public: /// a function that initiates asynchronous ACL checks; see goAsync() - using AsyncStarter = void (ACLFilledChecklist &, const ACL &); + using AsyncStarter = void (ACLFilledChecklist &, const Acl::Node &); public: ACLChecklist(); @@ -104,11 +106,11 @@ public: /// If slow lookups are allowed, switches into "async in progress" state. /// Otherwise, returns false; the caller is expected to handle the failure. - bool goAsync(AsyncStarter, const ACL &); + bool goAsync(AsyncStarter, const Acl::Node &); /// Matches (or resumes matching of) a child node while maintaning /// resumption breadcrumbs if a [grand]child node goes async. - bool matchChild(const Acl::InnerNode *parent, Acl::Nodes::const_iterator pos, const ACL *child); + bool matchChild(const Acl::InnerNode *parent, Acl::Nodes::const_iterator pos, const Acl::Node *child); /// Whether we should continue to match tree nodes or stop/pause. bool keepMatching() const { return !finished() && !asyncInProgress(); } @@ -167,7 +169,7 @@ public: void resumeNonBlockingCheck(); private: /* internal methods */ - /// Position of a child node within an ACL tree. + /// Position of a child node within an Acl::Node tree. class Breadcrumb { public: diff --git a/src/acl/ConnMark.h b/src/acl/ConnMark.h index 10e56f6b36..b7c43e329a 100644 --- a/src/acl/ConnMark.h +++ b/src/acl/ConnMark.h @@ -9,7 +9,7 @@ #ifndef SQUID_ACLCONNMARK_H #define SQUID_ACLCONNMARK_H -#include "acl/Acl.h" +#include "acl/Node.h" #include "ip/forward.h" #include "ip/NfMarkConfig.h" #include "parser/Tokenizer.h" @@ -18,12 +18,12 @@ namespace Acl { -class ConnMark : public ACL +class ConnMark : public Acl::Node { MEMPROXY_CLASS(ConnMark); public: - /* ACL API */ + /* Acl::Node API */ char const *typeString() const override; void parse() override; int match(ACLChecklist *checklist) override; diff --git a/src/acl/ConnectionsEncrypted.h b/src/acl/ConnectionsEncrypted.h index 82cb890954..320e405665 100644 --- a/src/acl/ConnectionsEncrypted.h +++ b/src/acl/ConnectionsEncrypted.h @@ -15,7 +15,7 @@ namespace Acl { -class ConnectionsEncrypted : public ACL +class ConnectionsEncrypted : public Acl::Node { MEMPROXY_CLASS(ConnectionsEncrypted); diff --git a/src/acl/DestinationAsn.h b/src/acl/DestinationAsn.h index 7955a8ff96..3269bbdac9 100644 --- a/src/acl/DestinationAsn.h +++ b/src/acl/DestinationAsn.h @@ -20,7 +20,7 @@ namespace Acl class DestinationAsnCheck: public ParameterizedNode< ACLData > { public: - /* ACL API */ + /* Acl::Node API */ int match(ACLChecklist *) override; bool requiresRequest() const override {return true;} }; diff --git a/src/acl/DestinationDomain.cc b/src/acl/DestinationDomain.cc index 2b86a21e47..eca1e9a010 100644 --- a/src/acl/DestinationDomain.cc +++ b/src/acl/DestinationDomain.cc @@ -19,7 +19,7 @@ static void LookupDone(const char *, const Dns::LookupDetails &, void *data); static void -StartLookup(ACLFilledChecklist &cl, const ACL &) +StartLookup(ACLFilledChecklist &cl, const Acl::Node &) { fqdncache_nbgethostbyaddr(cl.dst_addr, LookupDone, &cl); } diff --git a/src/acl/DestinationDomain.h b/src/acl/DestinationDomain.h index 9143bc7a6c..99fe8790b4 100644 --- a/src/acl/DestinationDomain.h +++ b/src/acl/DestinationDomain.h @@ -21,7 +21,7 @@ namespace Acl class DestinationDomainCheck: public ParameterizedNode< ACLData > { public: - /* ACL API */ + /* Acl::Node API */ int match(ACLChecklist *) override; bool requiresRequest() const override {return true;} const Acl::Options &options() override; diff --git a/src/acl/DestinationIp.cc b/src/acl/DestinationIp.cc index 6d285ca070..6df902eae1 100644 --- a/src/acl/DestinationIp.cc +++ b/src/acl/DestinationIp.cc @@ -85,7 +85,7 @@ ACLDestinationIP::match(ACLChecklist *cl) } void -ACLDestinationIP::StartLookup(ACLFilledChecklist &cl, const ACL &) +ACLDestinationIP::StartLookup(ACLFilledChecklist &cl, const Acl::Node &) { ipcache_nbgethostbyname(cl.request->url.host(), LookupDone, &cl); } diff --git a/src/acl/DestinationIp.h b/src/acl/DestinationIp.h index 4282852e47..d3cde0b560 100644 --- a/src/acl/DestinationIp.h +++ b/src/acl/DestinationIp.h @@ -18,7 +18,7 @@ class ACLDestinationIP : public ACLIP MEMPROXY_CLASS(ACLDestinationIP); public: - static void StartLookup(ACLFilledChecklist &, const ACL &); + static void StartLookup(ACLFilledChecklist &, const Acl::Node &); char const *typeString() const override; const Acl::Options &options() override; diff --git a/src/acl/Eui64.h b/src/acl/Eui64.h index 10c9786291..a72879e064 100644 --- a/src/acl/Eui64.h +++ b/src/acl/Eui64.h @@ -9,12 +9,12 @@ #ifndef SQUID_ACLEUI64_H #define SQUID_ACLEUI64_H -#include "acl/Acl.h" +#include "acl/Node.h" #include "eui/Eui64.h" #include -class ACLEui64 : public ACL +class ACLEui64 : public Acl::Node { MEMPROXY_CLASS(ACLEui64); diff --git a/src/acl/ExtUser.h b/src/acl/ExtUser.h index 358e431cc2..4a90109a4b 100644 --- a/src/acl/ExtUser.h +++ b/src/acl/ExtUser.h @@ -15,7 +15,7 @@ #include "acl/Checklist.h" #include "acl/Data.h" -class ACLExtUser : public ACL +class ACLExtUser : public Acl::Node { MEMPROXY_CLASS(ACLExtUser); @@ -23,7 +23,7 @@ public: ACLExtUser(ACLData *newData, char const *); ~ACLExtUser() override; - /* ACL API */ + /* Acl::Node API */ char const *typeString() const override; void parse() override; int match(ACLChecklist *checklist) override; @@ -31,7 +31,7 @@ public: bool empty () const override; private: - /* ACL API */ + /* Acl::Node API */ const Acl::Options &lineOptions() override; ACLData *data; diff --git a/src/acl/FilledChecklist.h b/src/acl/FilledChecklist.h index 83ab54832e..c97c3c7b9b 100644 --- a/src/acl/FilledChecklist.h +++ b/src/acl/FilledChecklist.h @@ -10,6 +10,7 @@ #define SQUID_ACLFILLED_CHECKLIST_H #include "AccessLogEntry.h" +#include "acl/Acl.h" #include "acl/Checklist.h" #include "acl/forward.h" #include "base/CbcPointer.h" diff --git a/src/acl/Gadgets.cc b/src/acl/Gadgets.cc index fd65b519fa..fa886af756 100644 --- a/src/acl/Gadgets.cc +++ b/src/acl/Gadgets.cc @@ -10,9 +10,9 @@ * DEBUG: section 28 Access Control * * This file contains ACL routines that are not part of the - * ACL class, nor any other class yet, and that need to be + * Acl::Node class, nor any other class yet, and that need to be * factored into appropriate places. They are here to reduce - * unneeded dependencies between the ACL class and the rest + * unneeded dependencies between the Acl::Node class and the rest * of squid. */ @@ -30,7 +30,7 @@ #include #include -typedef std::set AclSet; +using AclSet = std::set; /// Accumulates all ACLs to facilitate their clean deletion despite reuse. static AclSet *RegisteredAcls; // TODO: Remove when ACLs are refcounted @@ -76,9 +76,7 @@ aclIsProxyAuth(const char *name) debugs(28, 5, "aclIsProxyAuth: called for " << name); - ACL *a; - - if ((a = ACL::FindByName(name))) { + if (const auto *a = Acl::Node::FindByName(name)) { debugs(28, 5, "aclIsProxyAuth: returning " << a->isProxyAuth()); return a->isProxyAuth(); } @@ -218,7 +216,7 @@ aclParseAclList(ConfigParser &, Acl::Tree **treep, const char *label) } void -aclRegister(ACL *acl) +aclRegister(Acl::Node *acl) { if (!acl->registered) { if (!RegisteredAcls) @@ -231,7 +229,7 @@ aclRegister(ACL *acl) /// remove registered acl from the centralized deletion set static void -aclDeregister(ACL *acl) +aclDeregister(Acl::Node *acl) { if (acl->registered) { if (RegisteredAcls) @@ -246,16 +244,16 @@ aclDeregister(ACL *acl) /// called to delete ALL Acls. void -aclDestroyAcls(ACL ** head) +aclDestroyAcls(Acl::Node ** head) { *head = nullptr; // Config.aclList if (AclSet *acls = RegisteredAcls) { debugs(28, 8, "deleting all " << acls->size() << " ACLs"); while (!acls->empty()) { - ACL *acl = *acls->begin(); - // We use centralized deletion (this function) so ~ACL should not + auto *acl = *acls->begin(); + // We use centralized deletion (this function) so ~Acl::Node should not // delete other ACLs, but we still deregister first to prevent any - // accesses to the being-deleted ACL via RegisteredAcls. + // accesses to the being-deleted Acl::Node via RegisteredAcls. assert(acl->registered); // make sure we are making progress aclDeregister(acl); delete acl; diff --git a/src/acl/Gadgets.h b/src/acl/Gadgets.h index ca1cb86957..a607f29e48 100644 --- a/src/acl/Gadgets.h +++ b/src/acl/Gadgets.h @@ -19,13 +19,13 @@ class dlink_list; class StoreEntry; class wordlist; -/// Register an ACL object for future deletion. Repeated registrations are OK. +/// Register an Acl::Node object for future deletion. Repeated registrations are OK. /// \ingroup ACLAPI -void aclRegister(ACL *acl); +void aclRegister(Acl::Node *acl); /// \ingroup ACLAPI void aclDestroyAccessList(acl_access **list); /// \ingroup ACLAPI -void aclDestroyAcls(ACL **); +void aclDestroyAcls(Acl::Node **); /// \ingroup ACLAPI void aclDestroyAclList(ACLList **); /// Parses a single line of a "action followed by acls" directive (e.g., http_access). @@ -54,7 +54,7 @@ void aclParseDenyInfoLine(AclDenyInfoList **); /// \ingroup ACLAPI void aclDestroyDenyInfoList(AclDenyInfoList **); /// \ingroup ACLAPI -wordlist *aclDumpGeneric(const ACL *); +wordlist *aclDumpGeneric(const Acl::Node *); /// \ingroup ACLAPI void aclCacheMatchFlush(dlink_list * cache); /// \ingroup ACLAPI diff --git a/src/acl/HasComponent.h b/src/acl/HasComponent.h index 9c26689db1..faa7826a25 100644 --- a/src/acl/HasComponent.h +++ b/src/acl/HasComponent.h @@ -19,7 +19,7 @@ namespace Acl class HasComponentCheck: public ParameterizedNode< ACLData > { public: - /* ACL API */ + /* Acl::Node API */ int match(ACLChecklist *) override; }; diff --git a/src/acl/HierCode.h b/src/acl/HierCode.h index 24bf04f12b..b3fe15d6de 100644 --- a/src/acl/HierCode.h +++ b/src/acl/HierCode.h @@ -20,7 +20,7 @@ namespace Acl class HierCodeCheck: public ParameterizedNode< ACLData > { public: - /* ACL API */ + /* Acl::Node API */ int match(ACLChecklist *) override; bool requiresRequest() const override {return true;} }; diff --git a/src/acl/HttpRepHeader.h b/src/acl/HttpRepHeader.h index e1f43610c7..8cfc9835af 100644 --- a/src/acl/HttpRepHeader.h +++ b/src/acl/HttpRepHeader.h @@ -20,7 +20,7 @@ namespace Acl class HttpRepHeaderCheck: public ParameterizedNode< ACLData > { public: - /* ACL API */ + /* Acl::Node API */ int match(ACLChecklist *) override; bool requiresReply() const override { return true; } }; diff --git a/src/acl/HttpReqHeader.h b/src/acl/HttpReqHeader.h index 0e1e78b6e8..d134a386d1 100644 --- a/src/acl/HttpReqHeader.h +++ b/src/acl/HttpReqHeader.h @@ -20,7 +20,7 @@ namespace Acl class HttpReqHeaderCheck: public ParameterizedNode< ACLData > { public: - /* ACL API */ + /* Acl::Node API */ int match(ACLChecklist *) override; bool requiresRequest() const override { return true; } }; diff --git a/src/acl/HttpStatus.h b/src/acl/HttpStatus.h index 86d1952a93..9b877aa299 100644 --- a/src/acl/HttpStatus.h +++ b/src/acl/HttpStatus.h @@ -22,7 +22,7 @@ struct acl_httpstatus_data { }; /// \ingroup ACLAPI -class ACLHTTPStatus : public ACL +class ACLHTTPStatus : public Acl::Node { MEMPROXY_CLASS(ACLHTTPStatus); diff --git a/src/acl/InnerNode.cc b/src/acl/InnerNode.cc index 64568cd2cb..585c9e6247 100644 --- a/src/acl/InnerNode.cc +++ b/src/acl/InnerNode.cc @@ -33,7 +33,7 @@ Acl::InnerNode::empty() const } void -Acl::InnerNode::add(ACL *node) +Acl::InnerNode::add(Acl::Node *node) { assert(node != nullptr); nodes.push_back(node); @@ -57,7 +57,7 @@ Acl::InnerNode::lineParse() ++t; debugs(28, 3, "looking for ACL " << t); - ACL *a = ACL::FindByName(t); + auto *a = Acl::Node::FindByName(t); if (a == nullptr) { debugs(28, DBG_CRITICAL, "ERROR: ACL not found: " << t); diff --git a/src/acl/InnerNode.h b/src/acl/InnerNode.h index 2b381124d2..f264a4f1b0 100644 --- a/src/acl/InnerNode.h +++ b/src/acl/InnerNode.h @@ -9,16 +9,16 @@ #ifndef SQUID_ACL_INNER_NODE_H #define SQUID_ACL_INNER_NODE_H -#include "acl/Acl.h" +#include "acl/Node.h" #include namespace Acl { -typedef std::vector Nodes; ///< a collection of nodes +using Nodes = std::vector; ///< a collection of nodes -/// An intermediate ACL tree node. Manages a collection of child tree nodes. -class InnerNode: public ACL +/// An intermediate Acl::Node tree node. Manages a collection of child tree nodes. +class InnerNode: public Acl::Node { public: // No ~InnerNode() to delete children. They are aclRegister()ed instead. @@ -29,7 +29,7 @@ public: /// the number of children nodes Nodes::size_type childrenCount() const { return nodes.size(); } - /* ACL API */ + /* Acl::Node API */ void prepareForUse() override; bool empty() const override; SBufList dump() const override; @@ -39,18 +39,18 @@ public: size_t lineParse(); /// appends the node to the collection and takes control over it - void add(ACL *node); + void add(Acl::Node *node); protected: /// checks whether the nodes match, starting with the given one /// kids determine what a match means for their type of intermediate nodes virtual int doMatch(ACLChecklist *checklist, Nodes::const_iterator start) const = 0; - /* ACL API */ + /* Acl::Node API */ int match(ACLChecklist *checklist) override; // XXX: use refcounting instead of raw pointers - std::vector nodes; ///< children nodes of this intermediate node + Nodes nodes; ///< children nodes of this intermediate node }; } // namespace Acl diff --git a/src/acl/Ip.h b/src/acl/Ip.h index 3356402c94..aa280cdfc2 100644 --- a/src/acl/Ip.h +++ b/src/acl/Ip.h @@ -9,8 +9,8 @@ #ifndef SQUID_ACLIP_H #define SQUID_ACLIP_H -#include "acl/Acl.h" #include "acl/Data.h" +#include "acl/Node.h" #include "ip/Address.h" #include "splay.h" @@ -46,7 +46,7 @@ private: static bool DecodeMask(const char *asc, Ip::Address &mask, int string_format_type); }; -class ACLIP : public ACL +class ACLIP : public Acl::Node { public: void *operator new(size_t); diff --git a/src/acl/LocalPort.h b/src/acl/LocalPort.h index 1ca6f5d58b..9b41316f73 100644 --- a/src/acl/LocalPort.h +++ b/src/acl/LocalPort.h @@ -19,7 +19,7 @@ namespace Acl class LocalPortCheck: public ParameterizedNode< ACLData > { public: - /* ACL API */ + /* Acl::Node API */ int match(ACLChecklist *) override; }; diff --git a/src/acl/Makefile.am b/src/acl/Makefile.am index 4dd16ce4da..819ae0d3ec 100644 --- a/src/acl/Makefile.am +++ b/src/acl/Makefile.am @@ -22,6 +22,7 @@ libapi_la_SOURCES = \ ChecklistFiller.h \ InnerNode.cc \ InnerNode.h \ + Node.h \ Options.cc \ Options.h \ SplayInserter.h \ diff --git a/src/acl/MaxConnection.h b/src/acl/MaxConnection.h index 121c6bb9c7..711505addf 100644 --- a/src/acl/MaxConnection.h +++ b/src/acl/MaxConnection.h @@ -9,10 +9,10 @@ #ifndef SQUID_ACLMAXCONNECTION_H #define SQUID_ACLMAXCONNECTION_H -#include "acl/Acl.h" +#include "acl/Node.h" /// \ingroup ACLAPI -class ACLMaxConnection : public ACL +class ACLMaxConnection : public Acl::Node { MEMPROXY_CLASS(ACLMaxConnection); diff --git a/src/acl/Method.h b/src/acl/Method.h index 96231db574..f70d1a5617 100644 --- a/src/acl/Method.h +++ b/src/acl/Method.h @@ -20,7 +20,7 @@ namespace Acl class MethodCheck: public ParameterizedNode< ACLData > { public: - /* ACL API */ + /* Acl::Node API */ int match(ACLChecklist *) override; bool requiresRequest() const override {return true;} }; diff --git a/src/acl/MyPortName.h b/src/acl/MyPortName.h index 62a57f762b..d26c72ba73 100644 --- a/src/acl/MyPortName.h +++ b/src/acl/MyPortName.h @@ -19,7 +19,7 @@ namespace Acl class MyPortNameCheck: public ParameterizedNode< ACLData > { public: - /* ACL API */ + /* Acl::Node API */ int match(ACLChecklist *) override; }; diff --git a/src/acl/Node.h b/src/acl/Node.h new file mode 100644 index 0000000000..224a81e868 --- /dev/null +++ b/src/acl/Node.h @@ -0,0 +1,97 @@ +/* + * Copyright (C) 1996-2023 The Squid Software Foundation and contributors + * + * Squid software is distributed under GPLv2+ license and includes + * contributions from numerous individuals and organizations. + * Please see the COPYING and CONTRIBUTORS files for details. + */ + +#ifndef SQUID_SRC_ACL_NODE_H +#define SQUID_SRC_ACL_NODE_H + +#include "acl/forward.h" +#include "acl/Options.h" +#include "dlink.h" + +class ConfigParser; + +namespace Acl { + +/// A configurable condition. A node in the ACL expression tree. +/// Can evaluate itself in FilledChecklist context. +/// Does not change during evaluation. +/// \ingroup ACLAPI +class Node +{ + +public: + void *operator new(size_t); + void operator delete(void *); + + static void ParseAclLine(ConfigParser &parser, Acl::Node **head); + static void Initialize(); + static Acl::Node *FindByName(const char *name); + + Node(); + Node(Node &&) = delete; // no copying of any kind + virtual ~Node(); + + /// sets user-specified ACL name and squid.conf context + void context(const char *name, const char *configuration); + + /// Orchestrates matching checklist against the Acl::Node using match(), + /// after checking preconditions and while providing debugging. + /// \return true if and only if there was a successful match. + /// Updates the checklist state on match, async, and failure. + bool matches(ACLChecklist *checklist) const; + + /// configures Acl::Node options, throwing on configuration errors + void parseFlags(); + + /// parses node representation in squid.conf; dies on failures + virtual void parse() = 0; + virtual char const *typeString() const = 0; + virtual bool isProxyAuth() const; + virtual SBufList dump() const = 0; + virtual bool empty() const = 0; + virtual bool valid() const; + + int cacheMatchAcl(dlink_list *cache, ACLChecklist *); + virtual int matchForCache(ACLChecklist *checklist); + + virtual void prepareForUse() {} + + // TODO: Find a way to make options() and this method constant + /// Prints aggregated "acl" (or similar) directive configuration, including + /// the given directive name, ACL name, ACL type, and ACL parameters. The + /// printed parameters are collected from all same-name "acl" directives. + void dumpWhole(const char *directiveName, std::ostream &); + + char name[ACL_NAME_SZ]; + char *cfgline; + Acl::Node *next; // XXX: remove or at least use refcounting + bool registered; ///< added to the global list of ACLs via aclRegister() + +private: + /// Matches the actual data in checklist against this Acl::Node. + virtual int match(ACLChecklist *checklist) = 0; // XXX: missing const + + /// whether our (i.e. shallow) match() requires checklist to have a AccessLogEntry + virtual bool requiresAle() const; + /// whether our (i.e. shallow) match() requires checklist to have a request + virtual bool requiresRequest() const; + /// whether our (i.e. shallow) match() requires checklist to have a reply + virtual bool requiresReply() const; + + // TODO: Rename to globalOptions(); these are not the only supported options + /// \returns (linked) 'global' Options supported by this Acl::Node + virtual const Acl::Options &options() { return Acl::NoOptions(); } + + /// \returns (linked) "line" Options supported by this Acl::Node + /// \see Acl::Node::options() + virtual const Acl::Options &lineOptions() { return Acl::NoOptions(); } +}; + +} // namespace Acl + +#endif /* SQUID_SRC_ACL_NODE_H */ diff --git a/src/acl/Note.h b/src/acl/Note.h index 0cf32a0512..f99b655739 100644 --- a/src/acl/Note.h +++ b/src/acl/Note.h @@ -31,7 +31,7 @@ public: class NoteCheck: public Acl::AnnotationCheck { public: - /* ACL API */ + /* Acl::Node API */ int match(ACLChecklist *) override; bool requiresRequest() const override { return true; } diff --git a/src/acl/Options.h b/src/acl/Options.h index a6139be636..b4865e865d 100644 --- a/src/acl/Options.h +++ b/src/acl/Options.h @@ -15,7 +15,7 @@ #include #include -// After line continuation is handled by the preprocessor, an ACL object +// After line continuation is handled by the preprocessor, an Acl::Node object // configuration can be visualized as a sequence of same-name "acl ..." lines: // // L1: acl exampleA typeT parameter1 -i parameter2 parameter3 @@ -27,7 +27,7 @@ // // * Global (e.g., "-n"): Applies to all parameters regardless of where the // option was discovered/parsed (e.g., "-n" on L3 affects parameter2 on L1). -// Declared by ACL class kids (or equivalent) via ACL::options(). +// Declared by Acl::Node class kids (or equivalent) via Acl::Node::options(). // // * Line (e.g., "-i"): Applies to the yet unparsed ACL parameters of the // current "acl ..." line (e.g., "-i" on L1 has no effect on parameter4 on L2) diff --git a/src/acl/ParameterizedNode.h b/src/acl/ParameterizedNode.h index a36c75129e..0a0f9d5696 100644 --- a/src/acl/ParameterizedNode.h +++ b/src/acl/ParameterizedNode.h @@ -9,7 +9,7 @@ #ifndef SQUID_SRC_ACL_PARAMETERIZEDNODE_H #define SQUID_SRC_ACL_PARAMETERIZEDNODE_H -#include "acl/Acl.h" +#include "acl/Node.h" #include "base/Assure.h" #include @@ -20,7 +20,7 @@ namespace Acl /// An ACL that manages squid.conf-configured ACL parameters using a given class /// P. That P class must support the ACLData<> or equivalent API. template -class ParameterizedNode: public ACL +class ParameterizedNode: public Acl::Node { public: using Parameters = P; @@ -31,7 +31,7 @@ public: ~ParameterizedNode() override = default; protected: - /* ACL API */ + /* Acl::Node API */ void parse() override { Assure(data); data->parse(); } void prepareForUse() override { data->prepareForUse(); } SBufList dump() const override { return data->dump(); } @@ -39,7 +39,7 @@ protected: const Acl::Options &lineOptions() override { return data->lineOptions(); } /// Points to items this ACL is configured to match. A derived class ensures - /// that this pointer is never nil after the ACL object construction ends. + /// that this pointer is never nil after object construction ends. std::unique_ptr data; }; diff --git a/src/acl/PeerName.h b/src/acl/PeerName.h index d65e294c8e..2df3e4be05 100644 --- a/src/acl/PeerName.h +++ b/src/acl/PeerName.h @@ -19,7 +19,7 @@ namespace Acl class PeerNameCheck: public ParameterizedNode< ACLData > { public: - /* ACL API */ + /* Acl::Node API */ int match(ACLChecklist *) override; }; diff --git a/src/acl/Protocol.h b/src/acl/Protocol.h index 2517cdc6e1..101af5b80e 100644 --- a/src/acl/Protocol.h +++ b/src/acl/Protocol.h @@ -20,7 +20,7 @@ namespace Acl class ProtocolCheck: public ParameterizedNode< ACLData > { public: - /* ACL API */ + /* Acl::Node API */ int match(ACLChecklist *) override; bool requiresRequest() const override {return true;} }; diff --git a/src/acl/Random.h b/src/acl/Random.h index 98d6654620..20b0a37ebf 100644 --- a/src/acl/Random.h +++ b/src/acl/Random.h @@ -9,9 +9,9 @@ #ifndef SQUID_ACL_RANDOM_H #define SQUID_ACL_RANDOM_H -#include "acl/Acl.h" +#include "acl/Node.h" -class ACLRandom : public ACL +class ACLRandom : public Acl::Node { MEMPROXY_CLASS(ACLRandom); diff --git a/src/acl/ReplyHeaderStrategy.h b/src/acl/ReplyHeaderStrategy.h index da0b202572..7b29d0ac3a 100644 --- a/src/acl/ReplyHeaderStrategy.h +++ b/src/acl/ReplyHeaderStrategy.h @@ -23,7 +23,7 @@ template class ReplyHeaderCheck: public ParameterizedNode< ACLData > { public: - /* ACL API */ + /* Acl::Node API */ int match(ACLChecklist *) override; bool requiresReply() const override {return true;} }; diff --git a/src/acl/RequestHeaderStrategy.h b/src/acl/RequestHeaderStrategy.h index 44c20b8b07..8ca3c042aa 100644 --- a/src/acl/RequestHeaderStrategy.h +++ b/src/acl/RequestHeaderStrategy.h @@ -22,7 +22,7 @@ template class RequestHeaderCheck: public ParameterizedNode< ACLData > { public: - /* ACL API */ + /* Acl::Node API */ int match(ACLChecklist *) override; bool requiresRequest() const override {return true;} }; diff --git a/src/acl/ServerCertificate.h b/src/acl/ServerCertificate.h index 9c195aed23..94532b0ee5 100644 --- a/src/acl/ServerCertificate.h +++ b/src/acl/ServerCertificate.h @@ -21,7 +21,7 @@ namespace Acl class ServerCertificateCheck: public ParameterizedNode< ACLData > { public: - /* ACL API */ + /* Acl::Node API */ int match(ACLChecklist *) override; }; diff --git a/src/acl/ServerName.h b/src/acl/ServerName.h index a804b2fbea..f6240e261a 100644 --- a/src/acl/ServerName.h +++ b/src/acl/ServerName.h @@ -26,7 +26,7 @@ namespace Acl class ServerNameCheck: public ParameterizedNode< ACLData > { public: - /* ACL API */ + /* Acl::Node API */ int match(ACLChecklist *) override; bool requiresRequest() const override {return true;} const Acl::Options &options() override; diff --git a/src/acl/SourceAsn.h b/src/acl/SourceAsn.h index 70029b7203..64adc0b8b7 100644 --- a/src/acl/SourceAsn.h +++ b/src/acl/SourceAsn.h @@ -20,7 +20,7 @@ namespace Acl class SourceAsnCheck: public ParameterizedNode< ACLData > { public: - /* ACL API */ + /* Acl::Node API */ int match(ACLChecklist *) override; }; diff --git a/src/acl/SourceDomain.cc b/src/acl/SourceDomain.cc index 2922b7d392..f3267f15bb 100644 --- a/src/acl/SourceDomain.cc +++ b/src/acl/SourceDomain.cc @@ -20,7 +20,7 @@ static void LookupDone(const char *, const Dns::LookupDetails &, void *data); static void -StartLookup(ACLFilledChecklist &checklist, const ACL &) +StartLookup(ACLFilledChecklist &checklist, const Acl::Node &) { fqdncache_nbgethostbyaddr(checklist.src_addr, LookupDone, &checklist); } diff --git a/src/acl/SourceDomain.h b/src/acl/SourceDomain.h index 9e7acc4572..54f1ba7b83 100644 --- a/src/acl/SourceDomain.h +++ b/src/acl/SourceDomain.h @@ -21,7 +21,7 @@ namespace Acl class SourceDomainCheck: public ParameterizedNode< ACLData > { public: - /* ACL API */ + /* Acl::Node API */ int match(ACLChecklist *) override; }; diff --git a/src/acl/SquidError.h b/src/acl/SquidError.h index b9185b6d23..9c4fd9b94f 100644 --- a/src/acl/SquidError.h +++ b/src/acl/SquidError.h @@ -20,7 +20,7 @@ namespace Acl class SquidErrorCheck: public ParameterizedNode< ACLData > { public: - /* ACL API */ + /* Acl::Node API */ int match(ACLChecklist *) override; }; diff --git a/src/acl/SslError.h b/src/acl/SslError.h index c1747e27cd..ba2b589273 100644 --- a/src/acl/SslError.h +++ b/src/acl/SslError.h @@ -20,7 +20,7 @@ namespace Acl class CertificateErrorCheck: public ParameterizedNode< ACLData > { public: - /* ACL API */ + /* Acl::Node API */ int match(ACLChecklist *) override; }; diff --git a/src/acl/Tag.h b/src/acl/Tag.h index 3541b96dd6..9b6464fc93 100644 --- a/src/acl/Tag.h +++ b/src/acl/Tag.h @@ -19,7 +19,7 @@ namespace Acl class TagCheck: public ParameterizedNode< ACLData > { public: - /* ACL API */ + /* Acl::Node API */ int match(ACLChecklist *) override; }; diff --git a/src/acl/Time.h b/src/acl/Time.h index 30d1f5a9f5..b0def4cf50 100644 --- a/src/acl/Time.h +++ b/src/acl/Time.h @@ -20,7 +20,7 @@ namespace Acl class CurrentTimeCheck: public ParameterizedNode { public: - /* ACL API */ + /* Acl::Node API */ int match(ACLChecklist *) override; }; diff --git a/src/acl/TransactionInitiator.h b/src/acl/TransactionInitiator.h index 5b573b27b9..eb2729d987 100644 --- a/src/acl/TransactionInitiator.h +++ b/src/acl/TransactionInitiator.h @@ -17,7 +17,7 @@ namespace Acl { /// transaction_initiator ACL -class TransactionInitiator : public ACL +class TransactionInitiator : public Acl::Node { MEMPROXY_CLASS(TransactionInitiator); diff --git a/src/acl/Tree.cc b/src/acl/Tree.cc index 104fb4e661..1ecf291e46 100644 --- a/src/acl/Tree.cc +++ b/src/acl/Tree.cc @@ -41,7 +41,7 @@ Acl::Tree::actionAt(const Nodes::size_type pos) const } void -Acl::Tree::add(ACL *rule, const Acl::Answer &action) +Acl::Tree::add(Acl::Node *rule, const Acl::Answer &action) { // either all rules have actions or none assert(nodes.size() == actions.size()); @@ -50,7 +50,7 @@ Acl::Tree::add(ACL *rule, const Acl::Answer &action) } void -Acl::Tree::add(ACL *rule) +Acl::Tree::add(Acl::Node *rule) { // either all rules have actions or none assert(actions.empty()); diff --git a/src/acl/Tree.h b/src/acl/Tree.h index df144dad2d..8e1f76b5e6 100644 --- a/src/acl/Tree.h +++ b/src/acl/Tree.h @@ -9,7 +9,9 @@ #ifndef SQUID_ACL_TREE_H #define SQUID_ACL_TREE_H +#include "acl/Acl.h" #include "acl/BoolOps.h" +#include "cbdata.h" #include "sbuf/List.h" namespace Acl @@ -36,8 +38,8 @@ public: Answer lastAction() const; /// appends and takes control over the rule with a given action - void add(ACL *rule, const Answer &action); - void add(ACL *rule); ///< same as InnerNode::add() + void add(Acl::Node *rule, const Answer &action); + void add(Acl::Node *rule); ///< same as InnerNode::add() protected: /// Acl::OrNode API diff --git a/src/acl/Url.h b/src/acl/Url.h index 20d81b5137..7a57364cb2 100644 --- a/src/acl/Url.h +++ b/src/acl/Url.h @@ -19,7 +19,7 @@ namespace Acl class UrlCheck: public ParameterizedNode< ACLData > { public: - /* ACL API */ + /* Acl::Node API */ int match(ACLChecklist *) override; bool requiresRequest() const override {return true;} }; diff --git a/src/acl/UrlLogin.h b/src/acl/UrlLogin.h index 7c579e9c71..171ba9d62c 100644 --- a/src/acl/UrlLogin.h +++ b/src/acl/UrlLogin.h @@ -19,7 +19,7 @@ namespace Acl class UrlLoginCheck: public ParameterizedNode< ACLData > { public: - /* ACL API */ + /* Acl::Node API */ int match(ACLChecklist *) override; bool requiresRequest() const override {return true;} }; diff --git a/src/acl/UrlPath.h b/src/acl/UrlPath.h index 0ead4e6764..82fe4754e4 100644 --- a/src/acl/UrlPath.h +++ b/src/acl/UrlPath.h @@ -19,7 +19,7 @@ namespace Acl class UrlPathCheck: public ParameterizedNode< ACLData > { public: - /* ACL API */ + /* Acl::Node API */ int match(ACLChecklist *) override; bool requiresRequest() const override {return true;} }; diff --git a/src/acl/UrlPort.h b/src/acl/UrlPort.h index 83389bbbc0..c08cf72641 100644 --- a/src/acl/UrlPort.h +++ b/src/acl/UrlPort.h @@ -19,7 +19,7 @@ namespace Acl class UrlPortCheck: public ParameterizedNode< ACLData > { public: - /* ACL API */ + /* Acl::Node API */ int match(ACLChecklist *) override; bool requiresRequest() const override {return true;} }; diff --git a/src/acl/forward.h b/src/acl/forward.h index f6ccdd990f..74d457ceb9 100644 --- a/src/acl/forward.h +++ b/src/acl/forward.h @@ -11,7 +11,6 @@ #include "base/RefCount.h" -class ACL; class ACLChecklist; class ACLFilledChecklist; class ACLList; @@ -22,6 +21,7 @@ class AclSizeLimit; namespace Acl { +class Node; class Address; class AndNode; class Answer; diff --git a/src/auth/Acl.cc b/src/auth/Acl.cc index 19847aae89..cb3e6600dc 100644 --- a/src/auth/Acl.cc +++ b/src/auth/Acl.cc @@ -25,7 +25,7 @@ * \retval ACCESS_ALLOWED user authenticated and authorized */ Acl::Answer -AuthenticateAcl(ACLChecklist *ch, const ACL &acl) +AuthenticateAcl(ACLChecklist *ch, const Acl::Node &acl) { ACLFilledChecklist *checklist = Filled(ch); const auto request = checklist->request; diff --git a/src/auth/Acl.h b/src/auth/Acl.h index dd8c4a71ac..756c4a4350 100644 --- a/src/auth/Acl.h +++ b/src/auth/Acl.h @@ -19,7 +19,7 @@ class ACLChecklist; /// \ingroup AuthAPI -Acl::Answer AuthenticateAcl(ACLChecklist *, const ACL &); +Acl::Answer AuthenticateAcl(ACLChecklist *, const Acl::Node &); #endif /* USE_AUTH */ #endif /* SQUID_AUTH_ACL_H */ diff --git a/src/auth/AclMaxUserIp.h b/src/auth/AclMaxUserIp.h index f6493b7f94..fe8df9695a 100644 --- a/src/auth/AclMaxUserIp.h +++ b/src/auth/AclMaxUserIp.h @@ -11,10 +11,10 @@ #if USE_AUTH -#include "acl/Acl.h" +#include "acl/Node.h" #include "auth/UserRequest.h" -class ACLMaxUserIP : public ACL +class ACLMaxUserIP : public Acl::Node { MEMPROXY_CLASS(ACLMaxUserIP); diff --git a/src/auth/AclProxyAuth.cc b/src/auth/AclProxyAuth.cc index e346852772..1a8bff7e77 100644 --- a/src/auth/AclProxyAuth.cc +++ b/src/auth/AclProxyAuth.cc @@ -103,7 +103,7 @@ ACLProxyAuth::valid() const } void -ACLProxyAuth::StartLookup(ACLFilledChecklist &cl, const ACL &) +ACLProxyAuth::StartLookup(ACLFilledChecklist &cl, const Acl::Node &) { debugs(28, 3, "checking password via authenticator"); diff --git a/src/auth/AclProxyAuth.h b/src/auth/AclProxyAuth.h index 66c7d3dd36..b1c96ab89a 100644 --- a/src/auth/AclProxyAuth.h +++ b/src/auth/AclProxyAuth.h @@ -15,17 +15,17 @@ #include "acl/Checklist.h" #include "acl/Data.h" -class ACLProxyAuth : public ACL +class ACLProxyAuth : public Acl::Node { MEMPROXY_CLASS(ACLProxyAuth); public: - static void StartLookup(ACLFilledChecklist &, const ACL &); + static void StartLookup(ACLFilledChecklist &, const Acl::Node &); ~ACLProxyAuth() override; ACLProxyAuth(ACLData *, char const *); - /* ACL API */ + /* Acl::Node API */ char const *typeString() const override; void parse() override; bool isProxyAuth() const override {return true;} @@ -39,7 +39,7 @@ public: private: static void LookupDone(void *data); - /* ACL API */ + /* Acl::Node API */ const Acl::Options &lineOptions() override; int matchProxyAuth(ACLChecklist *); diff --git a/src/cache_cf.cc b/src/cache_cf.cc index bd092e09cf..c32900cd80 100644 --- a/src/cache_cf.cc +++ b/src/cache_cf.cc @@ -15,6 +15,7 @@ #include "acl/Address.h" #include "acl/Gadgets.h" #include "acl/MethodData.h" +#include "acl/Node.h" #include "acl/Tree.h" #include "anyp/PortCfg.h" #include "anyp/UriScheme.h" @@ -255,7 +256,7 @@ static void free_configuration_includes_quoted_values(bool *recognizeQuotedValue static void parse_on_unsupported_protocol(acl_access **access); static void dump_on_unsupported_protocol(StoreEntry *entry, const char *name, acl_access *access); static void free_on_unsupported_protocol(acl_access **access); -static void ParseAclWithAction(acl_access **access, const Acl::Answer &action, const char *desc, ACL *acl = nullptr); +static void ParseAclWithAction(acl_access **access, const Acl::Answer &action, const char *desc, Acl::Node *acl = nullptr); static void parse_http_upgrade_request_protocols(HttpUpgradeProtocolAccess **protoGuards); static void dump_http_upgrade_request_protocols(StoreEntry *entry, const char *name, HttpUpgradeProtocolAccess *protoGuards); static void free_http_upgrade_request_protocols(HttpUpgradeProtocolAccess **protoGuards); @@ -1491,7 +1492,7 @@ free_SBufList(SBufList *list) } static void -dump_acl(StoreEntry * entry, const char *name, ACL * ae) +dump_acl(StoreEntry * entry, const char *name, Acl::Node * ae) { PackableStream os(*entry); while (ae != nullptr) { @@ -1502,13 +1503,13 @@ dump_acl(StoreEntry * entry, const char *name, ACL * ae) } static void -parse_acl(ACL ** ae) +parse_acl(Acl::Node ** ae) { - ACL::ParseAclLine(LegacyParser, ae); + Acl::Node::ParseAclLine(LegacyParser, ae); } static void -free_acl(ACL ** ae) +free_acl(Acl::Node ** ae) { aclDestroyAcls(ae); } @@ -2024,7 +2025,7 @@ dump_AuthSchemes(StoreEntry *entry, const char *name, acl_access *authSchemes) #endif /* USE_AUTH */ static void -ParseAclWithAction(acl_access **access, const Acl::Answer &action, const char *desc, ACL *acl) +ParseAclWithAction(acl_access **access, const Acl::Answer &action, const char *desc, Acl::Node *acl) { assert(access); SBuf name; @@ -4724,7 +4725,7 @@ static void parse_ftp_epsv(acl_access **ftp_epsv) *ftp_epsv = nullptr; if (ftpEpsvDeprecatedAction == Acl::Answer(ACCESS_DENIED)) { - if (ACL *a = ACL::FindByName("all")) + if (auto *a = Acl::Node::FindByName("all")) ParseAclWithAction(ftp_epsv, ftpEpsvDeprecatedAction, "ftp_epsv", a); else { self_destruct(); diff --git a/src/external_acl.cc b/src/external_acl.cc index ed7025b3e2..7238adbc8d 100644 --- a/src/external_acl.cc +++ b/src/external_acl.cc @@ -1014,7 +1014,7 @@ externalAclHandleReply(void *data, const Helper::Reply &reply) /// Asks the helper (if needed) or returns the [cached] result (otherwise). /// Does not support "background" lookups. See also: ACLExternal::Start(). void -ACLExternal::StartLookup(ACLFilledChecklist &checklist, const ACL &acl) +ACLExternal::StartLookup(ACLFilledChecklist &checklist, const Acl::Node &acl) { const auto &me = dynamic_cast(acl); me.startLookup(&checklist, me.data, false); diff --git a/src/ident/AclIdent.cc b/src/ident/AclIdent.cc index d2c43dc18a..b8bd57a6f0 100644 --- a/src/ident/AclIdent.cc +++ b/src/ident/AclIdent.cc @@ -88,7 +88,7 @@ ACLIdent::empty () const } void -ACLIdent::StartLookup(ACLFilledChecklist &cl, const ACL &) +ACLIdent::StartLookup(ACLFilledChecklist &cl, const Acl::Node &) { const ConnStateData *conn = cl.conn(); // check that ACLIdent::match() tested this lookup precondition diff --git a/src/ident/AclIdent.h b/src/ident/AclIdent.h index 82cedb417c..129f5b6bcc 100644 --- a/src/ident/AclIdent.h +++ b/src/ident/AclIdent.h @@ -16,17 +16,17 @@ #include "acl/Data.h" /// \ingroup ACLAPI -class ACLIdent : public ACL +class ACLIdent : public Acl::Node { MEMPROXY_CLASS(ACLIdent); public: - static void StartLookup(ACLFilledChecklist &, const ACL &); + static void StartLookup(ACLFilledChecklist &, const Acl::Node &); ACLIdent(ACLData *newData, char const *); ~ACLIdent() override; - /* ACL API */ + /* Acl::Node API */ char const *typeString() const override; void parse() override; bool isProxyAuth() const override {return true;} @@ -37,7 +37,7 @@ public: private: static void LookupDone(const char *ident, void *data); - /* ACL API */ + /* Acl::Node API */ const Acl::Options &lineOptions() override; ACLData *data; diff --git a/src/ip/QosConfig.h b/src/ip/QosConfig.h index 37f6eff68a..630439dfa3 100644 --- a/src/ip/QosConfig.h +++ b/src/ip/QosConfig.h @@ -28,7 +28,7 @@ class fde; -// TODO: move to new ACL framework +// TODO: move to new Acl::Node framework class acl_tos { CBDATA_CLASS(acl_tos); @@ -42,7 +42,7 @@ public: tos_t tos; }; -// TODO: move to new ACL framework +// TODO: move to new Acl::Node framework class acl_nfmark { CBDATA_CLASS(acl_nfmark); diff --git a/src/main.cc b/src/main.cc index ca1877707f..ee0d187522 100644 --- a/src/main.cc +++ b/src/main.cc @@ -806,7 +806,7 @@ serverConnectionsOpen(void) icmpEngine.Open(); netdbInit(); asnInit(); - ACL::Initialize(); + Acl::Node::Initialize(); peerSelectInit(); carpInit(); diff --git a/src/snmp_core.h b/src/snmp_core.h index 5b0f1e8474..dbfc94c021 100644 --- a/src/snmp_core.h +++ b/src/snmp_core.h @@ -61,7 +61,7 @@ namespace Acl class SnmpCommunityCheck: public ParameterizedNode< ACLData > { public: - /* ACL API */ + /* Acl::Node API */ int match(ACLChecklist *) override; }; diff --git a/src/tests/stub_libauth_acls.cc b/src/tests/stub_libauth_acls.cc index 67262f0b41..007b46b8b4 100644 --- a/src/tests/stub_libauth_acls.cc +++ b/src/tests/stub_libauth_acls.cc @@ -15,7 +15,7 @@ #include "acl/Acl.h" /* for Acl::Answer */ #include "auth/Acl.h" -Acl::Answer AuthenticateAcl(ACLChecklist *, const ACL &) STUB_RETVAL(ACCESS_DENIED) +Acl::Answer AuthenticateAcl(ACLChecklist *, const Acl::Node &) STUB_RETVAL(ACCESS_DENIED) #include "auth/AclMaxUserIp.h" ACLMaxUserIP::ACLMaxUserIP (char const *) STUB diff --git a/src/tests/testACLMaxUserIP.cc b/src/tests/testACLMaxUserIP.cc index 8878a9ee0f..fea6a8492b 100644 --- a/src/tests/testACLMaxUserIP.cc +++ b/src/tests/testACLMaxUserIP.cc @@ -64,7 +64,7 @@ public: void MyTestProgram::startup() { - Acl::RegisterMaker("max_user_ip", [](Acl::TypeName name)->ACL* { return new ACLMaxUserIP(name); }); + Acl::RegisterMaker("max_user_ip", [](Acl::TypeName name)->Acl::Node* { return new ACLMaxUserIP(name); }); } void @@ -74,9 +74,9 @@ TestACLMaxUserIP::testParseLine() char * line = xstrdup("test max_user_ip -s 1"); /* seed the parser */ ConfigParser::SetCfgLine(line); - ACL *anACL = nullptr; + Acl::Node *anACL = nullptr; ConfigParser LegacyParser; - ACL::ParseAclLine(LegacyParser, &anACL); + Acl::Node::ParseAclLine(LegacyParser, &anACL); ACLMaxUserIP *maxUserIpACL = dynamic_cast(anACL); CPPUNIT_ASSERT(maxUserIpACL); if (maxUserIpACL) {