From: Christos Tsantilas Date: Thu, 19 Dec 2013 09:04:49 +0000 (-0700) Subject: Bug 3980: FATAL ERROR due to max_user_ip -s option X-Git-Tag: SQUID_3_4_2~7 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=e8847f560cdf30bbd3fcccc61f1b748b93453486;p=thirdparty%2Fsquid.git Bug 3980: FATAL ERROR due to max_user_ip -s option NP: unit test for -s option temporarily removed and replaced with manual testing due to 3.4 series parser flags handlign being done at the ACL module level instead of ACl test. --- diff --git a/src/acl/Acl.h b/src/acl/Acl.h index 94c317c588..c593434883 100644 --- a/src/acl/Acl.h +++ b/src/acl/Acl.h @@ -53,6 +53,7 @@ typedef char ACLFlag; // ACLData Flags #define ACL_F_REGEX_CASE 'i' #define ACL_F_NO_LOOKUP 'n' +#define ACL_F_STRICT 's' #define ACL_F_END '\0' /** diff --git a/src/auth/AclMaxUserIp.cc b/src/auth/AclMaxUserIp.cc index 1b197c0e1c..cd4ec1f3ec 100644 --- a/src/auth/AclMaxUserIp.cc +++ b/src/auth/AclMaxUserIp.cc @@ -13,17 +13,22 @@ #include "ConfigParser.h" #include "Parsing.h" +ACLFlag +ACLMaxUserIP::SupportedFlags[] = {ACL_F_STRICT, ACL_F_END}; + ACL * ACLMaxUserIP::clone() const { return new ACLMaxUserIP(*this); } -ACLMaxUserIP::ACLMaxUserIP (char const *theClass) : class_ (theClass), maximum(0) +ACLMaxUserIP::ACLMaxUserIP (char const *theClass) : ACL(SupportedFlags), class_ (theClass), maximum(0) {} -ACLMaxUserIP::ACLMaxUserIP (ACLMaxUserIP const & old) :class_ (old.class_), maximum (old.maximum), flags (old.flags) -{} +ACLMaxUserIP::ACLMaxUserIP (ACLMaxUserIP const & old) : class_ (old.class_), maximum (old.maximum) +{ + flags = old.flags; +} ACLMaxUserIP::~ACLMaxUserIP() {} @@ -61,15 +66,6 @@ ACLMaxUserIP::parse() debugs(28, 5, "aclParseUserMaxIP: First token is " << t); - if (strcmp("-s", t) == 0) { - debugs(28, 5, "aclParseUserMaxIP: Going strict"); - flags.strict = true; - t = ConfigParser::strtokFile(); - } - - if (!t) - return; - maximum = xatoi(t); debugs(28, 5, "aclParseUserMaxIP: Max IP address's " << maximum); @@ -97,7 +93,7 @@ ACLMaxUserIP::match(Auth::UserRequest::Pointer auth_user_request, Ip::Address co debugs(28, DBG_IMPORTANT, "aclMatchUserMaxIP: user '" << auth_user_request->username() << "' tries to use too many IP addresses (max " << maximum << " allowed)!"); /* this is a match */ - if (flags.strict) { + if (flags.isSet(ACL_F_STRICT)) { /* * simply deny access - the user name is already associated with * the request @@ -154,9 +150,6 @@ ACLMaxUserIP::dump() const wordlist *W = NULL; - if (flags.strict) - wordlistAdd(&W, "-s"); - char buf[128]; snprintf(buf, sizeof(buf), "%lu", (unsigned long int) maximum); diff --git a/src/auth/AclMaxUserIp.h b/src/auth/AclMaxUserIp.h index 5d5e962b1c..13414edfe1 100644 --- a/src/auth/AclMaxUserIp.h +++ b/src/auth/AclMaxUserIp.h @@ -62,21 +62,16 @@ public: int getMaximum() const {return maximum;} - int getStrict() const {return flags.strict;} + bool getStrict() const {return flags.isSet(ACL_F_STRICT);} private: static Prototype RegistryProtoype; static ACLMaxUserIP RegistryEntry_; + static ACLFlag SupportedFlags[]; int match(Auth::UserRequest::Pointer, Ip::Address const &); char const *class_; int maximum; - - struct Flags { - Flags() : strict(false) {} - - bool strict; - } flags; }; MEMPROXY_CLASS_INLINE(ACLMaxUserIP); diff --git a/src/tests/testACLMaxUserIP.cc b/src/tests/testACLMaxUserIP.cc index db34cad0e3..0aeae566f6 100644 --- a/src/tests/testACLMaxUserIP.cc +++ b/src/tests/testACLMaxUserIP.cc @@ -6,6 +6,7 @@ #include "testACLMaxUserIP.h" #include "auth/AclMaxUserIp.h" +#include "ConfigParser.h" #if HAVE_STDEXCEPT #include @@ -29,14 +30,13 @@ void testACLMaxUserIP::testParseLine() { /* a config line to pass with a lead-in token to seed the parser. */ - char * line = xstrdup("token -s 1"); + char * line = xstrdup("max_user_ip 1"); /* seed the parser */ strtok(line, w_space); ACLMaxUserIP anACL("max_user_ip"); anACL.parse(); - /* we want a maximum of one, and strict to be true */ + /* we want a maximum of one */ CPPUNIT_ASSERT(anACL.getMaximum() == 1); - CPPUNIT_ASSERT(anACL.getStrict() == true); /* the acl must be vaid */ CPPUNIT_ASSERT(anACL.valid()); xfree(line);