From: Amos Jeffries Date: Mon, 29 Oct 2012 01:31:29 +0000 (-0600) Subject: Ported: urllogin ACL from squid 2.7 X-Git-Tag: SQUID_3_4_0_1~544 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=9d35fe37a3b72c5a28aabb82067a66f434431fdf;p=thirdparty%2Fsquid.git Ported: urllogin ACL from squid 2.7 --- diff --git a/doc/release-notes/release-3.2.sgml b/doc/release-notes/release-3.2.sgml index 95875367ad..a12767ca96 100644 --- a/doc/release-notes/release-3.2.sgml +++ b/doc/release-notes/release-3.2.sgml @@ -588,6 +588,7 @@ This section gives a thorough account of those changes in three categories:

New type random. Pseudo-randomly match requests based on a configured probability.

Renamed myip to localip. It matches the IP which the client connected to.

Renamed myport to localport. It matches the port which the client connected to. +

Ported urllogin option from Squid 2.7, to match a regex pattern on the URL login field (if any).

The localip/localport differ from earlier releases where they matched a mix of of an invalid IP and port 0, the client destination IP/port or the Squid listening IP/port. This definition is now consistent across all modes of traffic received by Squid. @@ -1030,10 +1031,6 @@ This section gives an account of those changes in three categories: Missing squid.conf options available in Squid-2.7

- acl -

urllogin option not yet ported from 2.6 -

urlgroup option not yet ported from 2.6 - broken_vary_encoding

Not yet ported from 2.6 diff --git a/doc/release-notes/release-3.3.sgml b/doc/release-notes/release-3.3.sgml index 44a9d12660..16d2698374 100644 --- a/doc/release-notes/release-3.3.sgml +++ b/doc/release-notes/release-3.3.sgml @@ -271,9 +271,6 @@ This section gives an account of those changes in three categories: Missing squid.conf options available in Squid-2.7

- acl -

urllogin option not yet ported from 2.6 - broken_vary_encoding

Not yet ported from 2.6 diff --git a/src/AclRegs.cc b/src/AclRegs.cc index 2035f9015a..d56c3c289b 100644 --- a/src/AclRegs.cc +++ b/src/AclRegs.cc @@ -63,6 +63,7 @@ #include "acl/TimeData.h" #include "acl/Time.h" #include "acl/Url.h" +#include "acl/UrlLogin.h" #include "acl/UrlPath.h" #include "acl/UrlPort.h" #include "acl/UserData.h" @@ -130,6 +131,8 @@ ACL::Prototype ACLTime::RegistryProtoype(&ACLTime::RegistryEntry_, "time"); ACLStrategised ACLTime::RegistryEntry_(new ACLTimeData, ACLTimeStrategy::Instance(), "time"); ACL::Prototype ACLUrl::RegistryProtoype(&ACLUrl::RegistryEntry_, "url_regex"); ACLStrategised ACLUrl::RegistryEntry_(new ACLRegexData, ACLUrlStrategy::Instance(), "url_regex"); +ACL::Prototype ACLUrlLogin::RegistryProtoype(&ACLUrlLogin::RegistryEntry_, "urllogin"); +ACLStrategised ACLUrlLogin::RegistryEntry_(new ACLRegexData, ACLUrlLoginStrategy::Instance(), "urllogin"); ACL::Prototype ACLUrlPath::LegacyRegistryProtoype(&ACLUrlPath::RegistryEntry_, "pattern"); ACL::Prototype ACLUrlPath::RegistryProtoype(&ACLUrlPath::RegistryEntry_, "urlpath_regex"); ACLStrategised ACLUrlPath::RegistryEntry_(new ACLRegexData, ACLUrlPathStrategy::Instance(), "urlpath_regex"); diff --git a/src/acl/Makefile.am b/src/acl/Makefile.am index 8f808fb892..d8401f71a0 100644 --- a/src/acl/Makefile.am +++ b/src/acl/Makefile.am @@ -98,6 +98,8 @@ libacls_la_SOURCES = \ Tag.h \ Url.cc \ Url.h \ + UrlLogin.cc \ + UrlLogin.h \ UrlPath.cc \ UrlPath.h \ UrlPort.cc \ diff --git a/src/acl/UrlLogin.cc b/src/acl/UrlLogin.cc new file mode 100644 index 0000000000..38624bc90e --- /dev/null +++ b/src/acl/UrlLogin.cc @@ -0,0 +1,56 @@ +/* + * DEBUG: section 28 Access Control + * AUTHOR: Duane Wessels + * + * SQUID Web Proxy Cache http://www.squid-cache.org/ + * ---------------------------------------------------------- + * + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. + * + */ + +#include "squid-old.h" +#include "acl/UrlLogin.h" +#include "acl/Checklist.h" +#include "acl/RegexData.h" +#include "HttpRequest.h" +#include "rfc1738.h" + +int +ACLUrlLoginStrategy::match (ACLData * &data, ACLFilledChecklist *checklist) +{ + char *esc_buf = xstrdup(checklist->request->login); + rfc1738_unescape(esc_buf); + int result = data->match(esc_buf); + safe_free(esc_buf); + return result; +} + +ACLUrlLoginStrategy * +ACLUrlLoginStrategy::Instance() +{ + return &Instance_; +} + +ACLUrlLoginStrategy ACLUrlLoginStrategy::Instance_; diff --git a/src/acl/UrlLogin.h b/src/acl/UrlLogin.h new file mode 100644 index 0000000000..79ea4f585a --- /dev/null +++ b/src/acl/UrlLogin.h @@ -0,0 +1,72 @@ + +/* + * $Id$ + * + * + * SQUID Web Proxy Cache http://www.squid-cache.org/ + * ---------------------------------------------------------- + * + * Squid is the result of efforts by numerous individuals from + * the Internet community; see the CONTRIBUTORS file for full + * details. Many organizations have provided support for Squid's + * development; see the SPONSORS file for full details. Squid is + * Copyrighted (C) 2001 by the Regents of the University of + * California; see the COPYRIGHT file for full details. Squid + * incorporates software developed and/or copyrighted by other + * sources; see the CREDITS file for full details. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA. + * + * + * Copyright (c) 2003, Robert Collins + */ + +#ifndef SQUID_ACLURLLOGIN_H +#define SQUID_ACLURLLOGIN_H +#include "acl/Acl.h" +#include "acl/Data.h" +#include "acl/Strategy.h" +#include "acl/Strategised.h" + +class ACLUrlLoginStrategy : public ACLStrategy +{ + +public: + virtual int match (ACLData * &, ACLFilledChecklist *); + virtual bool requiresRequest() const {return true;} + + static ACLUrlLoginStrategy *Instance(); + /* Not implemented to prevent copies of the instance. */ + /* Not private to prevent brain dead g+++ warnings about + * private constructors with no friends */ + ACLUrlLoginStrategy(ACLUrlLoginStrategy const &); + +private: + static ACLUrlLoginStrategy Instance_; + ACLUrlLoginStrategy() {} + + ACLUrlLoginStrategy&operator=(ACLUrlLoginStrategy const &); +}; + +class ACLUrlLogin +{ + +public: + static ACL::Prototype RegistryProtoype; + static ACL::Prototype LegacyRegistryProtoype; + static ACLStrategised RegistryEntry_; +}; + +#endif /* SQUID_ACLURLLOGIN_H */ diff --git a/src/cf.data.pre b/src/cf.data.pre index a28c9d153f..fc19687346 100644 --- a/src/cf.data.pre +++ b/src/cf.data.pre @@ -754,6 +754,8 @@ DOC_START acl aclname url_regex [-i] ^http:// ... # regex matching on whole URL [fast] + acl aclname urllogin [-i] [^a-zA-Z0-9] ... + # regex matching on URL login field acl aclname urlpath_regex [-i] \.gif$ ... # regex matching on URL path [fast]