/*
- * $Id: ACL.h,v 1.4 2003/02/13 08:07:46 robertc Exp $
+ * $Id: ACL.h,v 1.5 2003/02/16 02:23:18 robertc Exp $
*
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
#ifndef SQUID_ACL_H
#define SQUID_ACL_H
-#include "splay.h"
#include "Array.h"
-/* As ACL's get refactored, these probably need better homes */
-
-#if USE_SSL
-class acl_cert_data {
- public:
- void *operator new(size_t);
- void operator delete(void *);
- virtual void deleteSelf() const;
- SplayNode<char*> *values;
- char *attribute;
- private:
- static MemPool *Pool;
-};
-#endif
-
/* acl.c */
SQUIDCEXTERN int aclMatchAclList(const acl_list * list, ACLChecklist * checklist);
SQUIDCEXTERN void aclDestroyAccessList(acl_access **list);
SQUIDCEXTERN int aclPurgeMethodInUse(acl_access *);
SQUIDCEXTERN void aclCacheMatchFlush(dlink_list * cache);
extern void dump_acl_access(StoreEntry * entry, const char *name, acl_access * head);
-IPH aclLookupDstIPforASNDone;
-#if USE_IDENT
-IDCB aclLookupIdentDone;
-#endif
-FQDNH aclLookupSrcFQDNDone;
-FQDNH aclLookupDstFQDNDone;
class ACL {
public:
--- /dev/null
+/*
+ * $Id: ACLASN.cc,v 1.1 2003/02/16 02:23:18 robertc Exp $
+ *
+ * DEBUG: section 28 Access Control
+ * AUTHOR: Robert Collins
+ *
+ * SQUID Web Proxy Cache http://www.squid-cache.org/
+ * ----------------------------------------------------------
+ *
+ * Squid is the result of efforts by numerous individuals from
+ * the Internet community; see the CONTRIBUTORS file for full
+ * details. Many organizations have provided support for Squid's
+ * development; see the SPONSORS file for full details. Squid is
+ * Copyrighted (C) 2001 by the Regents of the University of
+ * California; see the COPYRIGHT file for full details. Squid
+ * incorporates software developed and/or copyrighted by other
+ * sources; see the CREDITS file for full details.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
+ *
+ * Copyright (c) 2003, Robert Collins <robertc@squid-cache.org>
+ */
+
+#include "squid.h"
+#include "ACLASN.h"
+#include "ACLChecklist.h"
+
+ASNLookup ASNLookup::instance_;
+
+ASNLookup *
+ASNLookup::Instance()
+{
+ return &instance_;
+}
+
+void
+ASNLookup::checkForAsync(ACLChecklist *checklist)const
+{
+ checklist->asyncInProgress(true);
+ checklist->state[ACL_DST_ASN] = ACL_LOOKUP_PENDING;
+ ipcache_nbgethostbyname(checklist->request->host, LookupDone, checklist);
+}
+
+void
+ASNLookup::LookupDone(const ipcache_addrs * ia, void *data)
+{
+ ACLChecklist *checklist = (ACLChecklist *)data;
+ assert (checklist->asyncState() == ASNLookup::Instance());
+ checklist->request->flags.destinationIPLookupCompleted();
+ checklist->asyncInProgress(false);
+ checklist->changeState (ACLChecklist::NullState::Instance());
+ checklist->check();
+}
--- /dev/null
+
+/*
+ * $Id: ACLASN.h,v 1.1 2003/02/16 02:23:18 robertc Exp $
+ *
+ *
+ * SQUID Web Proxy Cache http://www.squid-cache.org/
+ * ----------------------------------------------------------
+ *
+ * Squid is the result of efforts by numerous individuals from
+ * the Internet community; see the CONTRIBUTORS file for full
+ * details. Many organizations have provided support for Squid's
+ * development; see the SPONSORS file for full details. Squid is
+ * Copyrighted (C) 2001 by the Regents of the University of
+ * California; see the COPYRIGHT file for full details. Squid
+ * incorporates software developed and/or copyrighted by other
+ * sources; see the CREDITS file for full details.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
+ *
+ *
+ * Copyright (c) 2003, Robert Collins <robertc@squid-cache.org>
+ */
+
+#ifndef SQUID_ACLASN_H
+#define SQUID_ACLASN_H
+#include "ACLChecklist.h"
+#include "ACLIP.h"
+
+class ASNLookup : public ACLChecklist::AsyncState {
+ public:
+ static ASNLookup *Instance();
+ virtual void checkForAsync(ACLChecklist *)const;
+ private:
+ static ASNLookup instance_;
+ static IPH LookupDone;
+};
+#endif /* SQUID_ACLASN_H */
--- /dev/null
+/*
+ * $Id: ACLCertificateData.cc,v 1.1 2003/02/16 02:23:18 robertc Exp $
+ *
+ * DEBUG: section 28 Access Control
+ * AUTHOR: Duane Wessels
+ *
+ * SQUID Web Proxy Cache http://www.squid-cache.org/
+ * ----------------------------------------------------------
+ *
+ * Squid is the result of efforts by numerous individuals from
+ * the Internet community; see the CONTRIBUTORS file for full
+ * details. Many organizations have provided support for Squid's
+ * development; see the SPONSORS file for full details. Squid is
+ * Copyrighted (C) 2001 by the Regents of the University of
+ * California; see the COPYRIGHT file for full details. Squid
+ * incorporates software developed and/or copyrighted by other
+ * sources; see the CREDITS file for full details.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
+ *
+ *
+ * Copyright (c) 2003, Robert Collins <robertc@squid-cache.org>
+ */
+
+#include "squid.h"
+#include "ACLCertificateData.h"
+#include "authenticate.h"
+#include "ACLChecklist.h"
+
+MemPool *ACLCertificateData::Pool(NULL);
+void *
+ACLCertificateData::operator new (size_t byteCount)
+{
+ /* derived classes with different sizes must implement their own new */
+ assert (byteCount == sizeof (ACLCertificateData));
+ if (!Pool)
+ Pool = memPoolCreate("ACLCertificateData", sizeof (ACLCertificateData));
+ return memPoolAlloc(Pool);
+}
+
+void
+ACLCertificateData::operator delete (void *address)
+{
+ memPoolFree (Pool, address);
+}
+
+void
+ACLCertificateData::deleteSelf() const
+{
+ delete this;
+}
+
+
+ACLCertificateData::ACLCertificateData() : attribute (NULL), values (NULL)
+{
+}
+
+template<class T>
+inline void
+xRefFree(T &thing)
+{
+ xfree (thing);
+}
+
+ACLCertificateData::~ACLCertificateData()
+{
+ if (values)
+ values->destroy(xRefFree);
+}
+
+template<class T>
+inline int
+splaystrcasecmp (T&l, T&r)
+{
+ return strcasecmp ((char *)l,(char *)r);
+}
+
+template<class T>
+inline int
+splaystrcmp (T&l, T&r)
+{
+ return strcmp ((char *)l,(char *)r);
+}
+
+/* general compare functions, these are used for tree search algorithms
+ * so they return <0, 0 or >0 */
+
+/* compare two values */
+
+template<class T>
+int
+aclDomainCompare(T const &a, T const &b)
+{
+ char * const d1 = (char *const)b;
+ char * const d2 = (char *const )a;
+ int ret;
+ ret = aclHostDomainCompare(d1, d2);
+ if (ret != 0) {
+ char *const d3 = d2;
+ char *const d4 = d1;
+ ret = aclHostDomainCompare(d3, d4);
+ }
+ /* FIXME this warning may display d1 and d2 when it should display d3 and d4 */
+ if (ret == 0) {
+ debug(28, 0) ("WARNING: '%s' is a subdomain of '%s'\n", d1, d2);
+ debug(28, 0) ("WARNING: because of this '%s' is ignored to keep splay tree searching predictable\n", (char *) a);
+ debug(28, 0) ("WARNING: You should probably remove '%s' from the ACL named '%s'\n", d1, AclMatchedName);
+ }
+ return ret;
+}
+
+/* compare a host and a domain */
+
+static int
+aclHostDomainCompare( char *const &a, char * const &b)
+{
+ const char *h = (const char *)a;
+ const char *d = (const char *)b;
+ return matchDomainName(h, d);
+}
+
+
+bool
+ACLCertificateData::match(char const *host)
+{
+ if (host == NULL)
+ return 0;
+ debug(28, 3) ("aclMatchCertificateList: checking '%s'\n", host);
+ values = values->splay((char *)host, aclHostDomainCompare);
+ debug(28, 3) ("aclMatchCertificateList: '%s' %s\n",
+ host, splayLastResult ? "NOT found" : "found");
+ return !splayLastResult;
+}
+
+static void
+aclDumpDomainListWalkee(char * const & node_data, void *outlist)
+{
+ /* outlist is really a wordlist ** */
+ wordlistAdd((wordlist **)outlist, (char const *)node_data);
+}
+
+wordlist *
+ACLCertificateData::dump()
+{
+ wordlist *wl = NULL;
+ /* damn this is VERY inefficient for long ACL lists... filling
+ * a wordlist this way costs Sum(1,N) iterations. For instance
+ * a 1000-elements list will be filled in 499500 iterations.
+ */
+ values->walk(aclDumpDomainListWalkee, &wl);
+ return wl;
+}
+
+void
+ACLCertificateData::parse()
+{
+ char *t = NULL;
+ while ((t = strtokFile())) {
+ Tolower(t);
+ values = values->insert(xstrdup(t), aclDomainCompare);
+ }
+}
+
+
+ACLData *
+ACLCertificateData::clone() const
+{
+ /* Splay trees don't clone yet. */
+ assert (!values);
+ return new ACLCertificateData;
+}
--- /dev/null
+
+/*
+ * $Id: ACLCertificateData.h,v 1.1 2003/02/16 02:23:18 robertc Exp $
+ *
+ *
+ * SQUID Web Proxy Cache http://www.squid-cache.org/
+ * ----------------------------------------------------------
+ *
+ * Squid is the result of efforts by numerous individuals from
+ * the Internet community; see the CONTRIBUTORS file for full
+ * details. Many organizations have provided support for Squid's
+ * development; see the SPONSORS file for full details. Squid is
+ * Copyrighted (C) 2001 by the Regents of the University of
+ * California; see the COPYRIGHT file for full details. Squid
+ * incorporates software developed and/or copyrighted by other
+ * sources; see the CREDITS file for full details.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
+ *
+ *
+ * Copyright (c) 2003, Robert Collins <robertc@squid-cache.org>
+ */
+
+#ifndef SQUID_ACLCERTIFICATEDATA_H
+#define SQUID_ACLCERTIFICATEDATA_H
+#include "splay.h"
+#include "ACL.h"
+#include "ACLData.h"
+
+class ACLCertificateData : public ACLData {
+ public:
+ void *operator new(size_t);
+ void operator delete(void *);
+ virtual void deleteSelf() const;
+
+ ACLCertificateData();
+ virtual ~ACLCertificateData();
+ bool match(char const *);
+ wordlist *dump();
+ void parse();
+ virtual ACLData *clone() const;
+
+ char *attribute;
+ SplayNode<char *> *values;
+// ACLDomainData *values;
+ private:
+ static MemPool *Pool;
+};
+
+#endif /* SQUID_ACLCERTIFICATEDATA_H */
/*
- * $Id: ACLChecklist.cc,v 1.2 2003/02/14 11:56:51 robertc Exp $
+ * $Id: ACLChecklist.cc,v 1.3 2003/02/16 02:23:18 robertc Exp $
*
* DEBUG: section 28 Access Control
* AUTHOR: Duane Wessels
#include "squid.h"
#include "ACLChecklist.h"
-/* TODO: trim this ! */
-#include "splay.h"
#include "HttpRequest.h"
#include "authenticate.h"
-#include "fde.h"
#include "ACLProxyAuth.h"
-#if USE_IDENT
-#include "ACLIdent.h"
-#endif
-#include "ACLUserData.h"
int
ACLChecklist::authenticated()
* We are done. Either the request
* is allowed, denied, requires authentication.
*/
- debug(28, 3) ("ACLChecklist::check: match found, returning %d\n", currentAnswer());
+ debug(28, 3) ("ACLChecklist::check: match found, calling back with %d\n", currentAnswer());
cbdataReferenceDone(accessList); /* A */
checkCallback(currentAnswer());
/* From here on in, this may be invalid */
void
ACLChecklist::asyncInProgress(bool const newAsync)
{
- assert (!finished());
+ assert (!finished() && !(asyncInProgress() && newAsync));
async_ = newAsync;
debug (28,3)("ACLChecklist::asyncInProgress: async set to %d\n",async_);
}
void
ACLChecklist::markFinished()
{
- assert (!finished());
+ assert (!finished() && !asyncInProgress());
finished_ = true;
debug (28,3)("checklist processing finished\n");
}
bool match = matchAclList(accessList->aclList);
if (match)
markFinished();
- /* Should be else, but keep the exact same flow as before */
- checkForAsync();
+ else
+ checkForAsync();
}
void
ACLChecklist::checkForAsync()
{
- /* check for async lookups needed. */
- if (asyncState() != NullState::Instance()) {
- /* If a state object is here, use it.
- * When all cases are converted, the if goes away and it
- * becomes unconditional.
- * RBC 02 2003
- */
- asyncState()->checkForAsync(this);
- } else if (state[ACL_DST_ASN] == ACL_LOOKUP_NEEDED) {
- state[ACL_DST_ASN] = ACL_LOOKUP_PENDING;
- ipcache_nbgethostbyname(request->host,
- aclLookupDstIPforASNDone, this);
- asyncInProgress(true);
- } else if (state[ACL_SRC_DOMAIN] == ACL_LOOKUP_NEEDED) {
- state[ACL_SRC_DOMAIN] = ACL_LOOKUP_PENDING;
- fqdncache_nbgethostbyaddr(src_addr,
- aclLookupSrcFQDNDone, this);
- asyncInProgress(true);
- } else if (state[ACL_DST_DOMAIN] == ACL_LOOKUP_NEEDED) {
- ipcache_addrs *ia;
- ia = ipcacheCheckNumeric(request->host);
- if (ia == NULL) {
- state[ACL_DST_DOMAIN] = ACL_LOOKUP_DONE;
- } else {
- dst_addr = ia->in_addrs[0];
- state[ACL_DST_DOMAIN] = ACL_LOOKUP_PENDING;
- fqdncache_nbgethostbyaddr(dst_addr,
- aclLookupDstFQDNDone, this);
- }
- asyncInProgress(true);
-#if USE_IDENT
- } else if (state[ACL_IDENT] == ACL_LOOKUP_NEEDED) {
- debug(28, 3) ("ACLChecklist::checkForAsync: Doing ident lookup\n");
- if (conn() && cbdataReferenceValid(conn())) {
- identStart(&conn()->me, &conn()->peer,
- aclLookupIdentDone, this);
- state[ACL_IDENT] = ACL_LOOKUP_PENDING;
- } else {
- debug(28, 1) ("ACLChecklist::checkForAsync: Can't start ident lookup. No client connection\n");
- currentAnswer(ACCESS_DENIED);
- markFinished();
- return;
- }
- asyncInProgress(true);
-#endif
- }
+ asyncState()->checkForAsync(this);
}
void
async_(false),
finished_(false),
allow_(ACCESS_DENIED),
- state_(NullState::Instance())
+ state_(NullState::Instance()),
+ destinationDomainChecked_(false),
+ sourceDomainChecked_(false)
{
memset (&src_addr, '\0', sizeof (struct in_addr));
memset (&dst_addr, '\0', sizeof (struct in_addr));
check();
}
+bool
+ACLChecklist::destinationDomainChecked() const
+{
+ return destinationDomainChecked_;
+}
+
+void
+ACLChecklist::markDestinationDomainChecked()
+{
+ assert (!finished() && !destinationDomainChecked());
+ destinationDomainChecked_ = true;
+}
+
+bool
+ACLChecklist::sourceDomainChecked() const
+{
+ return sourceDomainChecked_;
+}
+
+void
+ACLChecklist::markSourceDomainChecked()
+{
+ assert (!finished() && !sourceDomainChecked());
+ sourceDomainChecked_ = true;
+}
/*
- * $Id: ACLChecklist.h,v 1.3 2003/02/13 08:07:46 robertc Exp $
+ * $Id: ACLChecklist.h,v 1.4 2003/02/16 02:23:18 robertc Exp $
*
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
PF *callback;
void *callback_data;
external_acl_entry *extacl_entry;
+ bool destinationDomainChecked() const;
+ void markDestinationDomainChecked();
+ bool sourceDomainChecked() const;
+ void markSourceDomainChecked();
private:
CBDATA_CLASS(ACLChecklist);
ConnStateData *conn_; /* hack for ident and NTLM */
bool finished_;
allow_t allow_;
AsyncState *state_;
+ bool destinationDomainChecked_;
+ bool sourceDomainChecked_;
};
SQUIDCEXTERN ACLChecklist *aclChecklistCreate(const acl_access *,
--- /dev/null
+/*
+ * $Id: ACLDestinationDomain.cc,v 1.1 2003/02/16 02:23:18 robertc Exp $
+ *
+ * DEBUG: section 28 Access Control
+ * AUTHOR: Duane Wessels
+ *
+ * SQUID Web Proxy Cache http://www.squid-cache.org/
+ * ----------------------------------------------------------
+ *
+ * Squid is the result of efforts by numerous individuals from
+ * the Internet community; see the CONTRIBUTORS file for full
+ * details. Many organizations have provided support for Squid's
+ * development; see the SPONSORS file for full details. Squid is
+ * Copyrighted (C) 2001 by the Regents of the University of
+ * California; see the COPYRIGHT file for full details. Squid
+ * incorporates software developed and/or copyrighted by other
+ * sources; see the CREDITS file for full details.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
+ *
+ *
+ * Copyright (c) 2003, Robert Collins <robertc@squid-cache.org>
+ */
+
+#include "squid.h"
+#include "ACLDestinationDomain.h"
+#include "authenticate.h"
+#include "ACLChecklist.h"
+#include "ACLRegexData.h"
+#include "ACLDomainData.h"
+
+MemPool *ACLDestinationDomain::Pool(NULL);
+void *
+ACLDestinationDomain::operator new (size_t byteCount)
+{
+ /* derived classes with different sizes must implement their own new */
+ assert (byteCount == sizeof (ACLDestinationDomain));
+ if (!Pool)
+ Pool = memPoolCreate("ACLDestinationDomain", sizeof (ACLDestinationDomain));
+ return memPoolAlloc(Pool);
+}
+
+void
+ACLDestinationDomain::operator delete (void *address)
+{
+ memPoolFree (Pool, address);
+}
+
+void
+ACLDestinationDomain::deleteSelf() const
+{
+ delete this;
+}
+
+ACLDestinationDomain::~ACLDestinationDomain()
+{
+ data->deleteSelf();
+}
+
+ACLDestinationDomain::ACLDestinationDomain(ACLData *newData, char const *theType) : data (newData), type_(theType) {}
+ACLDestinationDomain::ACLDestinationDomain (ACLDestinationDomain const &old) : data (old.data->clone()), type_(old.type_)
+{
+}
+ACLDestinationDomain &
+ACLDestinationDomain::operator= (ACLDestinationDomain const &rhs)
+{
+ data = rhs.data->clone();
+ type_ = rhs.type_;
+ return *this;
+}
+
+char const *
+ACLDestinationDomain::typeString() const
+{
+ return type_;
+}
+
+void
+ACLDestinationDomain::parse()
+{
+ data->parse();
+}
+
+int
+ACLDestinationDomain::match(ACLChecklist *checklist)
+{
+ const ipcache_addrs *ia = NULL;
+ if ((ia = ipcacheCheckNumeric(checklist->request->host)) == NULL)
+ return data->match(checklist->request->host);
+ const char *fqdn = NULL;
+ fqdn = fqdncache_gethostbyaddr(ia->in_addrs[0], FQDN_LOOKUP_IF_MISS);
+ if (fqdn)
+ return data->match(fqdn);
+ if (!checklist->destinationDomainChecked()) {
+ debug(28, 3) ("aclMatchAcl: Can't yet compare '%s' ACL for '%s'\n",
+ name, inet_ntoa(ia->in_addrs[0]));
+ checklist->changeState(DestinationDomainLookup::Instance());
+ return 0;
+ }
+ return data->match("none");
+}
+
+wordlist *
+ACLDestinationDomain::dump() const
+{
+ return data->dump();
+}
+
+bool
+ACLDestinationDomain::valid () const
+{
+ return data != NULL;
+}
+
+DestinationDomainLookup DestinationDomainLookup::instance_;
+
+DestinationDomainLookup *
+DestinationDomainLookup::Instance()
+{
+ return &instance_;
+}
+
+void
+DestinationDomainLookup::checkForAsync(ACLChecklist *checklist)const
+{
+ checklist->asyncInProgress(true);
+
+ ipcache_addrs *ia;
+ ia = ipcacheCheckNumeric(checklist->request->host);
+ if (ia == NULL) {
+ /* Make fatal? XXX this is checked during match() */
+ checklist->markDestinationDomainChecked();
+ checklist->changeState (ACLChecklist::NullState::Instance());
+ } else {
+ checklist->dst_addr = ia->in_addrs[0];
+ fqdncache_nbgethostbyaddr(checklist->dst_addr,
+ LookupDone, checklist);
+ }
+}
+
+void
+DestinationDomainLookup::LookupDone(const char *fqdn, void *data)
+{
+ ACLChecklist *checklist = (ACLChecklist *)data;
+ assert (checklist->asyncState() == DestinationDomainLookup::Instance());
+
+ checklist->asyncInProgress(false);
+ checklist->changeState (ACLChecklist::NullState::Instance());
+ checklist->markDestinationDomainChecked();
+ checklist->check();
+}
+
+ACL::Prototype ACLDestinationDomain::LiteralRegistryProtoype(&ACLDestinationDomain::LiteralRegistryEntry_, "dstdomain");
+ACL::Prototype ACLDestinationDomain::LegacyRegistryProtoype(&ACLDestinationDomain::LiteralRegistryEntry_, "domain");
+ACLDestinationDomain ACLDestinationDomain::LiteralRegistryEntry_(new ACLDomainData, "dstdomain");
+ACL::Prototype ACLDestinationDomain::RegexRegistryProtoype(&ACLDestinationDomain::RegexRegistryEntry_, "dstdom_regex");
+ACLDestinationDomain ACLDestinationDomain::RegexRegistryEntry_(new ACLRegexData, "dstdom_regex");
+
+ACL *
+ACLDestinationDomain::clone() const
+{
+ return new ACLDestinationDomain(*this);
+}
--- /dev/null
+
+/*
+ * $Id: ACLDestinationDomain.h,v 1.1 2003/02/16 02:23:18 robertc Exp $
+ *
+ *
+ * SQUID Web Proxy Cache http://www.squid-cache.org/
+ * ----------------------------------------------------------
+ *
+ * Squid is the result of efforts by numerous individuals from
+ * the Internet community; see the CONTRIBUTORS file for full
+ * details. Many organizations have provided support for Squid's
+ * development; see the SPONSORS file for full details. Squid is
+ * Copyrighted (C) 2001 by the Regents of the University of
+ * California; see the COPYRIGHT file for full details. Squid
+ * incorporates software developed and/or copyrighted by other
+ * sources; see the CREDITS file for full details.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
+ *
+ *
+ * Copyright (c) 2003, Robert Collins <robertc@squid-cache.org>
+ */
+
+#ifndef SQUID_ACLDESTINATIONDOMAIN_H
+#define SQUID_ACLDESTINATIONDOMAIN_H
+#include "ACL.h"
+#include "ACLData.h"
+#include "ACLChecklist.h"
+
+class DestinationDomainLookup : public ACLChecklist::AsyncState {
+ public:
+ static DestinationDomainLookup *Instance();
+ virtual void checkForAsync(ACLChecklist *)const;
+ private:
+ static DestinationDomainLookup instance_;
+ static void LookupDone(const char *, void *);
+};
+
+class ACLDestinationDomain : public ACL {
+ public:
+ void *operator new(size_t);
+ void operator delete(void *);
+ virtual void deleteSelf() const;
+
+ ~ACLDestinationDomain();
+ ACLDestinationDomain(ACLData *, char const *);
+ ACLDestinationDomain (ACLDestinationDomain const &);
+ ACLDestinationDomain &operator= (ACLDestinationDomain const &);
+
+ virtual char const *typeString() const;
+ virtual squid_acl aclType() const { return ACL_DERIVED;}
+ virtual void parse();
+ virtual int match(ACLChecklist *checklist);
+ virtual wordlist *dump() const;
+ virtual bool valid () const;
+ virtual bool requiresRequest() const {return true;}
+ virtual ACL *clone()const;
+ private:
+ static MemPool *Pool;
+ static Prototype LiteralRegistryProtoype;
+ static Prototype LegacyRegistryProtoype;
+ static ACLDestinationDomain LiteralRegistryEntry_;
+ static Prototype RegexRegistryProtoype;
+ static ACLDestinationDomain RegexRegistryEntry_;
+ ACLData *data;
+ char const *type_;
+};
+
+#endif /* SQUID_ACLDESTINATIONDOMAIN_H */
--- /dev/null
+/*
+ * $Id: ACLDomainData.cc,v 1.1 2003/02/16 02:23:18 robertc Exp $
+ *
+ * DEBUG: section 28 Access Control
+ * AUTHOR: Duane Wessels
+ *
+ * SQUID Web Proxy Cache http://www.squid-cache.org/
+ * ----------------------------------------------------------
+ *
+ * Squid is the result of efforts by numerous individuals from
+ * the Internet community; see the CONTRIBUTORS file for full
+ * details. Many organizations have provided support for Squid's
+ * development; see the SPONSORS file for full details. Squid is
+ * Copyrighted (C) 2001 by the Regents of the University of
+ * California; see the COPYRIGHT file for full details. Squid
+ * incorporates software developed and/or copyrighted by other
+ * sources; see the CREDITS file for full details.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
+ *
+ *
+ * Copyright (c) 2003, Robert Collins <robertc@squid-cache.org>
+ */
+
+#include "squid.h"
+#include "ACLDomainData.h"
+#include "authenticate.h"
+#include "ACLChecklist.h"
+
+MemPool *ACLDomainData::Pool(NULL);
+void *
+ACLDomainData::operator new (size_t byteCount)
+{
+ /* derived classes with different sizes must implement their own new */
+ assert (byteCount == sizeof (ACLDomainData));
+ if (!Pool)
+ Pool = memPoolCreate("ACLDomainData", sizeof (ACLDomainData));
+ return memPoolAlloc(Pool);
+}
+
+void
+ACLDomainData::operator delete (void *address)
+{
+ memPoolFree (Pool, address);
+}
+
+void
+ACLDomainData::deleteSelf() const
+{
+ delete this;
+}
+
+template<class T>
+inline void
+xRefFree(T &thing)
+{
+ xfree (thing);
+}
+
+ACLDomainData::~ACLDomainData()
+{
+ if (domains)
+ domains->destroy(xRefFree);
+}
+
+template<class T>
+inline int
+splaystrcasecmp (T&l, T&r)
+{
+ return strcasecmp ((char *)l,(char *)r);
+}
+
+template<class T>
+inline int
+splaystrcmp (T&l, T&r)
+{
+ return strcmp ((char *)l,(char *)r);
+}
+
+/* general compare functions, these are used for tree search algorithms
+ * so they return <0, 0 or >0 */
+
+/* compare two domains */
+
+template<class T>
+int
+aclDomainCompare(T const &a, T const &b)
+{
+ char * const d1 = (char *const)b;
+ char * const d2 = (char *const )a;
+ int ret;
+ ret = aclHostDomainCompare(d1, d2);
+ if (ret != 0) {
+ char *const d3 = d2;
+ char *const d4 = d1;
+ ret = aclHostDomainCompare(d3, d4);
+ }
+ /* FIXME this warning may display d1 and d2 when it should display d3 and d4 */
+ if (ret == 0) {
+ debug(28, 0) ("WARNING: '%s' is a subdomain of '%s'\n", d1, d2);
+ debug(28, 0) ("WARNING: because of this '%s' is ignored to keep splay tree searching predictable\n", (char *) a);
+ debug(28, 0) ("WARNING: You should probably remove '%s' from the ACL named '%s'\n", d1, AclMatchedName);
+ }
+ return ret;
+}
+
+/* compare a host and a domain */
+
+static int
+aclHostDomainCompare( char *const &a, char * const &b)
+{
+ const char *h = (const char *)a;
+ const char *d = (const char *)b;
+ return matchDomainName(h, d);
+}
+
+
+bool
+ACLDomainData::match(char const *host)
+{
+ if (host == NULL)
+ return 0;
+ debug(28, 3) ("aclMatchDomainList: checking '%s'\n", host);
+ domains = domains->splay((char *)host, aclHostDomainCompare);
+ debug(28, 3) ("aclMatchDomainList: '%s' %s\n",
+ host, splayLastResult ? "NOT found" : "found");
+ return !splayLastResult;
+}
+
+static void
+aclDumpDomainListWalkee(char * const & node_data, void *outlist)
+{
+ /* outlist is really a wordlist ** */
+ wordlistAdd((wordlist **)outlist, (char const *)node_data);
+}
+
+wordlist *
+ACLDomainData::dump()
+{
+ wordlist *wl = NULL;
+ /* damn this is VERY inefficient for long ACL lists... filling
+ * a wordlist this way costs Sum(1,N) iterations. For instance
+ * a 1000-elements list will be filled in 499500 iterations.
+ */
+ domains->walk(aclDumpDomainListWalkee, &wl);
+ return wl;
+}
+
+void
+ACLDomainData::parse()
+{
+ char *t = NULL;
+ while ((t = strtokFile())) {
+ Tolower(t);
+ domains = domains->insert(xstrdup(t), aclDomainCompare);
+ }
+}
+
+
+ACLData *
+ACLDomainData::clone() const
+{
+ /* Splay trees don't clone yet. */
+ assert (!domains);
+ return new ACLDomainData;
+}
--- /dev/null
+
+/*
+ * $Id: ACLDomainData.h,v 1.1 2003/02/16 02:23:18 robertc Exp $
+ *
+ *
+ * SQUID Web Proxy Cache http://www.squid-cache.org/
+ * ----------------------------------------------------------
+ *
+ * Squid is the result of efforts by numerous individuals from
+ * the Internet community; see the CONTRIBUTORS file for full
+ * details. Many organizations have provided support for Squid's
+ * development; see the SPONSORS file for full details. Squid is
+ * Copyrighted (C) 2001 by the Regents of the University of
+ * California; see the COPYRIGHT file for full details. Squid
+ * incorporates software developed and/or copyrighted by other
+ * sources; see the CREDITS file for full details.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
+ *
+ *
+ * Copyright (c) 2003, Robert Collins <robertc@squid-cache.org>
+ */
+
+#ifndef SQUID_ACLDOMAINDATA_H
+#define SQUID_ACLDOMAINDATA_H
+#include "splay.h"
+#include "ACL.h"
+#include "ACLData.h"
+
+class ACLDomainData : public ACLData {
+ public:
+ void *operator new(size_t);
+ void operator delete(void *);
+ virtual void deleteSelf() const;
+
+ virtual ~ACLDomainData();
+ bool match(char const *);
+ wordlist *dump();
+ void parse();
+ virtual ACLData *clone() const;
+
+ SplayNode<char *> *domains;
+ private:
+ static MemPool *Pool;
+};
+
+#endif /* SQUID_ACLDOMAINDATA_H */
#include "ACLIdent.h"
#include "authenticate.h"
#include "ACLChecklist.h"
+#include "ACLRegexData.h"
+#include "ACLUserData.h"
MemPool *ACLIdent::Pool(NULL);
void *
ACLIdent::~ACLIdent()
{
- delete data;
+ data->deleteSelf();
+}
+
+ACLIdent::ACLIdent(ACLData *newData, char const *newType) : data (newData), type_ (newType) {}
+ACLIdent::ACLIdent (ACLIdent const &old) : data (old.data->clone()), type_ (old.type_)
+{
+}
+ACLIdent &
+ACLIdent::operator= (ACLIdent const &rhs)
+{
+ data = rhs.data->clone();
+ type_ = rhs.type_;
+ return *this;
}
char const *
ACLIdent::typeString() const
{
- return "ident";
+ return type_;
}
void
if (checklist->rfc931[0]) {
return data->match(checklist->rfc931);
} else {
- checklist->state[ACL_IDENT] = ACL_LOOKUP_NEEDED;
+ checklist->changeState(IdentLookup::Instance());
return 0;
}
}
{
return data != NULL;
}
+
+ACL *
+ACLIdent::clone() const
+{
+ return new ACLIdent(*this);
+}
+
+ACL::Prototype ACLIdent::UserRegistryProtoype(&ACLIdent::UserRegistryEntry_, "ident");
+ACLIdent ACLIdent::UserRegistryEntry_(new ACLUserData, "ident");
+ACL::Prototype ACLIdent::RegexRegistryProtoype(&ACLIdent::RegexRegistryEntry_, "ident_regex" );
+ACLIdent ACLIdent::RegexRegistryEntry_(new ACLRegexData, "ident_regex");
+
+IdentLookup IdentLookup::instance_;
+
+IdentLookup *
+IdentLookup::Instance()
+{
+ return &instance_;
+}
+
+void
+IdentLookup::checkForAsync(ACLChecklist *checklist)const
+{
+ checklist->asyncInProgress(true);
+ debug(28, 3) ("IdentLookup::checkForAsync: Doing ident lookup\n");
+ if (checklist->conn() && cbdataReferenceValid(checklist->conn())) {
+ identStart(&checklist->conn()->me, &checklist->conn()->peer,
+ LookupDone, checklist);
+ } else {
+ debug(28, 1) ("IdentLookup::checkForAsync: Can't start ident lookup. No client connection\n");
+ checklist->currentAnswer(ACCESS_DENIED);
+ checklist->markFinished();
+ }
+}
+
+void
+IdentLookup::LookupDone(const char *ident, void *data)
+{
+ ACLChecklist *checklist = (ACLChecklist *)data;
+ assert (checklist->asyncState() == IdentLookup::Instance());
+
+ if (ident) {
+ xstrncpy(checklist->rfc931, ident, USER_IDENT_SZ);
+ } else {
+ xstrncpy(checklist->rfc931, dash_str, USER_IDENT_SZ);
+ }
+ /*
+ * Cache the ident result in the connection, to avoid redoing ident lookup
+ * over and over on persistent connections
+ */
+ if (cbdataReferenceValid(checklist->conn()) && !checklist->conn()->rfc931[0])
+ xstrncpy(checklist->conn()->rfc931, checklist->rfc931, USER_IDENT_SZ);
+ checklist->asyncInProgress(false);
+ checklist->changeState (ACLChecklist::NullState::Instance());
+ checklist->check();
+}
#ifndef SQUID_ACLIDENT_H
#define SQUID_ACLIDENT_H
#include "ACL.h"
-#include "ACLUserData.h"
+#include "ACLChecklist.h"
+#include "ACLData.h"
+
+class IdentLookup : public ACLChecklist::AsyncState {
+ public:
+ static IdentLookup *Instance();
+ virtual void checkForAsync(ACLChecklist *)const;
+ private:
+ static IdentLookup instance_;
+ static void LookupDone(const char *ident, void *data);
+};
class ACLIdent : public ACL {
public:
void operator delete(void *);
virtual void deleteSelf() const;
+ ACLIdent(ACLData *newData, char const *);
+ ACLIdent (ACLIdent const &old);
+ ACLIdent & operator= (ACLIdent const &rhs);
~ACLIdent();
virtual char const *typeString() const;
- virtual squid_acl aclType() const { return ACL_IDENT;}
+ virtual squid_acl aclType() const { return ACL_DERIVED;}
virtual void parse();
virtual bool isProxyAuth() const {return true;}
virtual int match(ACLChecklist *checklist);
virtual wordlist *dump() const;
virtual bool valid () const;
+ virtual ACL *clone()const;
private:
static MemPool *Pool;
- ACLUserData *data;
+ static Prototype UserRegistryProtoype;
+ static ACLIdent UserRegistryEntry_;
+ static Prototype RegexRegistryProtoype;
+ static ACLIdent RegexRegistryEntry_;
+ ACLData *data;
+ char const *type_;
};
#endif /* SQUID_ACLIDENT_H */
data->deleteSelf();
}
-ACLProxyAuth::ACLProxyAuth(ACLData *newData) : data (newData) {}
-ACLProxyAuth::ACLProxyAuth (ACLProxyAuth const &old) : data (old.data->clone())
+ACLProxyAuth::ACLProxyAuth(ACLData *newData, char const *theType) : data (newData), type_(theType) {}
+ACLProxyAuth::ACLProxyAuth (ACLProxyAuth const &old) : data (old.data->clone()), type_(old.type_)
{
}
ACLProxyAuth &
ACLProxyAuth::operator= (ACLProxyAuth const &rhs)
{
data = rhs.data->clone();
+ type_ = rhs.type_;
return *this;
}
char const *
ACLProxyAuth::typeString() const
{
- return "proxy_auth";
+ return type_;
}
void
*/
debug(28, 6) ("ACLChecklist::checkForAsync: requiring Proxy Auth header.\n");
checklist->currentAnswer(ACCESS_REQ_PROXY_AUTH);
+ checklist->changeState (ACLChecklist::NullState::Instance());
checklist->markFinished();
}
ACL::Prototype ACLProxyAuth::UserRegistryProtoype(&ACLProxyAuth::UserRegistryEntry_, "proxy_auth");
-ACLProxyAuth ACLProxyAuth::UserRegistryEntry_(new ACLUserData);
-ACL::Prototype ACLProxyAuth::RegexRegistryProtoype(&ACLProxyAuth::RegexRegistryEntry_, "proxy_auth_regex");
-ACLProxyAuth ACLProxyAuth::RegexRegistryEntry_(new ACLRegexData);
+ACLProxyAuth ACLProxyAuth::UserRegistryEntry_(new ACLUserData, "proxy_auth");
+ACL::Prototype ACLProxyAuth::RegexRegistryProtoype(&ACLProxyAuth::RegexRegistryEntry_, "proxy_auth_regex" );
+ACLProxyAuth ACLProxyAuth::RegexRegistryEntry_(new ACLRegexData, "proxy_auth_regex");
ACL *
ACLProxyAuth::clone() const
virtual void deleteSelf() const;
~ACLProxyAuth();
- ACLProxyAuth(ACLData *);
+ ACLProxyAuth(ACLData *, char const *);
ACLProxyAuth (ACLProxyAuth const &);
ACLProxyAuth &operator= (ACLProxyAuth const &);
int matchProxyAuth(ACLChecklist *);
void checkAuthForCaching(ACLChecklist *) const;
ACLData *data;
+ char const *type_;
};
#endif /* SQUID_ACLPROXYAUTH_H */
--- /dev/null
+/*
+ * $Id: ACLSourceDomain.cc,v 1.1 2003/02/16 02:23:18 robertc Exp $
+ *
+ * DEBUG: section 28 Access Control
+ * AUTHOR: Duane Wessels
+ *
+ * SQUID Web Proxy Cache http://www.squid-cache.org/
+ * ----------------------------------------------------------
+ *
+ * Squid is the result of efforts by numerous individuals from
+ * the Internet community; see the CONTRIBUTORS file for full
+ * details. Many organizations have provided support for Squid's
+ * development; see the SPONSORS file for full details. Squid is
+ * Copyrighted (C) 2001 by the Regents of the University of
+ * California; see the COPYRIGHT file for full details. Squid
+ * incorporates software developed and/or copyrighted by other
+ * sources; see the CREDITS file for full details.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
+ *
+ *
+ * Copyright (c) 2003, Robert Collins <robertc@squid-cache.org>
+ */
+
+#include "squid.h"
+#include "ACLSourceDomain.h"
+#include "authenticate.h"
+#include "ACLChecklist.h"
+#include "ACLRegexData.h"
+#include "ACLDomainData.h"
+
+MemPool *ACLSourceDomain::Pool(NULL);
+void *
+ACLSourceDomain::operator new (size_t byteCount)
+{
+ /* derived classes with different sizes must implement their own new */
+ assert (byteCount == sizeof (ACLSourceDomain));
+ if (!Pool)
+ Pool = memPoolCreate("ACLSourceDomain", sizeof (ACLSourceDomain));
+ return memPoolAlloc(Pool);
+}
+
+void
+ACLSourceDomain::operator delete (void *address)
+{
+ memPoolFree (Pool, address);
+}
+
+void
+ACLSourceDomain::deleteSelf() const
+{
+ delete this;
+}
+
+ACLSourceDomain::~ACLSourceDomain()
+{
+ data->deleteSelf();
+}
+
+ACLSourceDomain::ACLSourceDomain(ACLData *newData, char const *theType) : data (newData), type_(theType) {}
+ACLSourceDomain::ACLSourceDomain (ACLSourceDomain const &old) : data (old.data->clone()), type_(old.type_)
+{
+}
+ACLSourceDomain &
+ACLSourceDomain::operator= (ACLSourceDomain const &rhs)
+{
+ data = rhs.data->clone();
+ type_ = rhs.type_;
+ return *this;
+}
+
+char const *
+ACLSourceDomain::typeString() const
+{
+ return type_;
+}
+
+void
+ACLSourceDomain::parse()
+{
+ data->parse();
+}
+
+int
+ACLSourceDomain::match(ACLChecklist *checklist)
+{
+ const char *fqdn = NULL;
+ fqdn = fqdncache_gethostbyaddr(checklist->src_addr, FQDN_LOOKUP_IF_MISS);
+ if (fqdn) {
+ return data->match(fqdn);
+ } else if (!checklist->sourceDomainChecked()) {
+ debug(28, 3) ("aclMatchAcl: Can't yet compare '%s' ACL for '%s'\n",
+ name, inet_ntoa(checklist->src_addr));
+ checklist->changeState(SourceDomainLookup::Instance());
+ return 0;
+ }
+ return data->match("none");
+}
+
+wordlist *
+ACLSourceDomain::dump() const
+{
+ return data->dump();
+}
+
+bool
+ACLSourceDomain::valid () const
+{
+ return data != NULL;
+}
+
+SourceDomainLookup SourceDomainLookup::instance_;
+
+SourceDomainLookup *
+SourceDomainLookup::Instance()
+{
+ return &instance_;
+}
+
+void
+SourceDomainLookup::checkForAsync(ACLChecklist *checklist)const
+{
+ checklist->asyncInProgress(true);
+ fqdncache_nbgethostbyaddr(checklist->src_addr, LookupDone, checklist);
+}
+
+void
+SourceDomainLookup::LookupDone(const char *fqdn, void *data)
+{
+ ACLChecklist *checklist = (ACLChecklist *)data;
+ assert (checklist->asyncState() == SourceDomainLookup::Instance());
+
+ checklist->asyncInProgress(false);
+ checklist->changeState (ACLChecklist::NullState::Instance());
+ checklist->markSourceDomainChecked();
+ checklist->check();
+}
+
+ACL::Prototype ACLSourceDomain::LiteralRegistryProtoype(&ACLSourceDomain::LiteralRegistryEntry_, "srcdomain");
+ACLSourceDomain ACLSourceDomain::LiteralRegistryEntry_(new ACLDomainData, "srcdomain");
+ACL::Prototype ACLSourceDomain::RegexRegistryProtoype(&ACLSourceDomain::RegexRegistryEntry_, "srcdom_regex");
+ACLSourceDomain ACLSourceDomain::RegexRegistryEntry_(new ACLRegexData, "srcdom_regex");
+
+ACL *
+ACLSourceDomain::clone() const
+{
+ return new ACLSourceDomain(*this);
+}
--- /dev/null
+
+/*
+ * $Id: ACLSourceDomain.h,v 1.1 2003/02/16 02:23:18 robertc Exp $
+ *
+ *
+ * SQUID Web Proxy Cache http://www.squid-cache.org/
+ * ----------------------------------------------------------
+ *
+ * Squid is the result of efforts by numerous individuals from
+ * the Internet community; see the CONTRIBUTORS file for full
+ * details. Many organizations have provided support for Squid's
+ * development; see the SPONSORS file for full details. Squid is
+ * Copyrighted (C) 2001 by the Regents of the University of
+ * California; see the COPYRIGHT file for full details. Squid
+ * incorporates software developed and/or copyrighted by other
+ * sources; see the CREDITS file for full details.
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111, USA.
+ *
+ *
+ * Copyright (c) 2003, Robert Collins <robertc@squid-cache.org>
+ */
+
+#ifndef SQUID_ACLSOURCEDOMAIN_H
+#define SQUID_ACLSOURCEDOMAIN_H
+#include "ACL.h"
+#include "ACLData.h"
+#include "ACLChecklist.h"
+
+class SourceDomainLookup : public ACLChecklist::AsyncState {
+ public:
+ static SourceDomainLookup *Instance();
+ virtual void checkForAsync(ACLChecklist *)const;
+ private:
+ static SourceDomainLookup instance_;
+ static void LookupDone(const char *, void *);
+};
+
+class ACLSourceDomain : public ACL {
+ public:
+ void *operator new(size_t);
+ void operator delete(void *);
+ virtual void deleteSelf() const;
+
+ ~ACLSourceDomain();
+ ACLSourceDomain(ACLData *, char const *);
+ ACLSourceDomain (ACLSourceDomain const &);
+ ACLSourceDomain &operator= (ACLSourceDomain const &);
+
+ virtual char const *typeString() const;
+ virtual squid_acl aclType() const { return ACL_DERIVED;}
+ virtual void parse();
+ virtual int match(ACLChecklist *checklist);
+ virtual wordlist *dump() const;
+ virtual bool valid () const;
+ virtual ACL *clone()const;
+ private:
+ static MemPool *Pool;
+ static Prototype LiteralRegistryProtoype;
+ static Prototype LegacyRegistryProtoype;
+ static ACLSourceDomain LiteralRegistryEntry_;
+ static Prototype RegexRegistryProtoype;
+ static ACLSourceDomain RegexRegistryEntry_;
+ ACLData *data;
+ char const *type_;
+};
+
+#endif /* SQUID_ACLSOURCEDOMAIN_H */
}
-ACLUserData *
+ACLData *
ACLUserData::clone() const
{
/* Splay trees don't clone yet. */
bool match(char const *user);
wordlist *dump();
void parse();
- virtual ACLUserData *clone() const;
+ virtual ACLData *clone() const;
SplayNode<char *> *names;
struct {
#
# Makefile for the Squid Object Cache server
#
-# $Id: Makefile.am,v 1.59 2003/02/14 13:59:50 robertc Exp $
+# $Id: Makefile.am,v 1.60 2003/02/16 02:23:18 robertc Exp $
#
# Uncomment and customize the following to suit your needs:
#
win32.cc
squid_ACLSOURCES = \
+ ACLCertificateData.cc \
+ ACLCertificateData.h \
ACLData.h \
+ ACLDestinationDomain.cc \
+ ACLDestinationDomain.h \
ACLDestinationIP.cc \
ACLDestinationIP.h \
+ ACLDomainData.h \
+ ACLDomainData.cc \
ACLIP.cc \
ACLIP.h \
ACLMyIP.cc \
ACLProxyAuth.h \
ACLRegexData.cc \
ACLRegexData.h \
+ ACLSourceDomain.cc \
+ ACLSourceDomain.h \
ACLSourceIP.cc \
ACLSourceIP.h \
ACLUserData.cc \
#
# Makefile for the Squid Object Cache server
#
-# $Id: Makefile.in,v 1.289 2003/02/14 14:04:01 robertc Exp $
+# $Id: Makefile.in,v 1.290 2003/02/16 02:23:18 robertc Exp $
#
# Uncomment and customize the following to suit your needs:
#
squid_ACLSOURCES = \
+ ACLCertificateData.cc \
+ ACLCertificateData.h \
ACLData.h \
+ ACLDestinationDomain.cc \
+ ACLDestinationDomain.h \
ACLDestinationIP.cc \
ACLDestinationIP.h \
+ ACLDomainData.h \
+ ACLDomainData.cc \
ACLIP.cc \
ACLIP.h \
ACLMyIP.cc \
ACLProxyAuth.h \
ACLRegexData.cc \
ACLRegexData.h \
+ ACLSourceDomain.cc \
+ ACLSourceDomain.h \
ACLSourceIP.cc \
ACLSourceIP.h \
ACLUserData.cc \
recv_announce_LDADD = $(LDADD)
recv_announce_DEPENDENCIES =
recv_announce_LDFLAGS =
-am__objects_4 = ACLDestinationIP.$(OBJEXT) ACLIP.$(OBJEXT) \
- ACLMyIP.$(OBJEXT) ACLProxyAuth.$(OBJEXT) ACLRegexData.$(OBJEXT) \
- ACLSourceIP.$(OBJEXT) ACLUserData.$(OBJEXT)
-@USE_DELAY_POOLS_FALSE@am__objects_5 =
-@USE_DELAY_POOLS_TRUE@am__objects_5 = delay_pools.$(OBJEXT) \
+am__objects_1 = ACLCertificateData.$(OBJEXT) \
+ ACLDestinationDomain.$(OBJEXT) ACLDestinationIP.$(OBJEXT) \
+ ACLDomainData.$(OBJEXT) ACLIP.$(OBJEXT) ACLMyIP.$(OBJEXT) \
+ ACLProxyAuth.$(OBJEXT) ACLRegexData.$(OBJEXT) \
+ ACLSourceDomain.$(OBJEXT) ACLSourceIP.$(OBJEXT) \
+ ACLUserData.$(OBJEXT)
+@USE_DELAY_POOLS_TRUE@am__objects_2 = delay_pools.$(OBJEXT) \
@USE_DELAY_POOLS_TRUE@ DelayId.$(OBJEXT) DelayBucket.$(OBJEXT) \
@USE_DELAY_POOLS_TRUE@ DelayConfig.$(OBJEXT) DelayPool.$(OBJEXT) \
@USE_DELAY_POOLS_TRUE@ DelaySpec.$(OBJEXT) DelayUser.$(OBJEXT) \
@USE_DELAY_POOLS_TRUE@ DelayVector.$(OBJEXT) \
@USE_DELAY_POOLS_TRUE@ NullDelayId.$(OBJEXT)
-@USE_DNSSERVER_FALSE@am__objects_6 = dns_internal.$(OBJEXT)
-@USE_DNSSERVER_TRUE@am__objects_6 = dns.$(OBJEXT)
-@ENABLE_HTCP_TRUE@am__objects_7 = htcp.$(OBJEXT)
-@ENABLE_IDENT_TRUE@am__objects_8 = ACLIdent.$(OBJEXT) ident.$(OBJEXT)
-@ENABLE_IDENT_FALSE@am__objects_8 =
-@MAKE_LEAKFINDER_TRUE@am__objects_9 = leakfinder.$(OBJEXT)
-@MAKE_LEAKFINDER_FALSE@am__objects_9 =
-@ENABLE_XPROF_STATS_TRUE@am__objects_3 = ProfStats.$(OBJEXT)
-@ENABLE_XPROF_STATS_FALSE@am__objects_3 =
-@USE_SNMP_TRUE@am__objects_10 = snmp_core.$(OBJEXT) snmp_agent.$(OBJEXT)
-@USE_SNMP_FALSE@am__objects_10 =
-@ENABLE_SSL_FALSE@am__objects_11 =
-@ENABLE_SSL_TRUE@am__objects_11 = ssl_support.$(OBJEXT)
-@ENABLE_UNLINKD_TRUE@am__objects_12 = unlinkd.$(OBJEXT)
-@ENABLE_UNLINKD_FALSE@am__objects_12 =
-@ENABLE_WIN32SPECIFIC_FALSE@am__objects_13 =
-@ENABLE_WIN32SPECIFIC_TRUE@am__objects_13 = win32.$(OBJEXT)
+@USE_DELAY_POOLS_FALSE@am__objects_2 =
+@USE_DNSSERVER_TRUE@am__objects_3 = dns.$(OBJEXT)
+@USE_DNSSERVER_FALSE@am__objects_3 = dns_internal.$(OBJEXT)
+@ENABLE_HTCP_TRUE@am__objects_4 = htcp.$(OBJEXT)
+@ENABLE_IDENT_TRUE@am__objects_5 = ACLIdent.$(OBJEXT) ident.$(OBJEXT)
+@ENABLE_IDENT_FALSE@am__objects_5 =
+@MAKE_LEAKFINDER_TRUE@am__objects_6 = leakfinder.$(OBJEXT)
+@MAKE_LEAKFINDER_FALSE@am__objects_6 =
+@ENABLE_XPROF_STATS_TRUE@am__objects_7 = ProfStats.$(OBJEXT)
+@ENABLE_XPROF_STATS_FALSE@am__objects_7 =
+@USE_SNMP_TRUE@am__objects_8 = snmp_core.$(OBJEXT) snmp_agent.$(OBJEXT)
+@USE_SNMP_FALSE@am__objects_8 =
+@ENABLE_SSL_TRUE@am__objects_9 = ssl_support.$(OBJEXT)
+@ENABLE_SSL_FALSE@am__objects_9 =
+@ENABLE_UNLINKD_TRUE@am__objects_10 = unlinkd.$(OBJEXT)
+@ENABLE_UNLINKD_FALSE@am__objects_10 =
+@ENABLE_WIN32SPECIFIC_TRUE@am__objects_11 = win32.$(OBJEXT)
+@ENABLE_WIN32SPECIFIC_FALSE@am__objects_11 =
am_squid_OBJECTS = access_log.$(OBJEXT) acl.$(OBJEXT) \
- ACLChecklist.$(OBJEXT) $(am__objects_4) asn.$(OBJEXT) \
+ ACLChecklist.$(OBJEXT) $(am__objects_1) asn.$(OBJEXT) \
authenticate.$(OBJEXT) cache_cf.$(OBJEXT) CacheDigest.$(OBJEXT) \
cache_manager.$(OBJEXT) carp.$(OBJEXT) cbdata.$(OBJEXT) \
client_db.$(OBJEXT) client_side.$(OBJEXT) \
client_side_reply.$(OBJEXT) client_side_request.$(OBJEXT) \
clientStream.$(OBJEXT) comm.$(OBJEXT) comm_select.$(OBJEXT) \
comm_poll.$(OBJEXT) comm_kqueue.$(OBJEXT) debug.$(OBJEXT) \
- $(am__objects_5) disk.$(OBJEXT) $(am__objects_6) \
+ $(am__objects_2) disk.$(OBJEXT) $(am__objects_3) \
errorpage.$(OBJEXT) ETag.$(OBJEXT) event.$(OBJEXT) \
external_acl.$(OBJEXT) fd.$(OBJEXT) fde.$(OBJEXT) \
filemap.$(OBJEXT) forward.$(OBJEXT) fqdncache.$(OBJEXT) \
ftp.$(OBJEXT) gopher.$(OBJEXT) helper.$(OBJEXT) \
- $(am__objects_7) http.$(OBJEXT) HttpStatusLine.$(OBJEXT) \
+ $(am__objects_4) http.$(OBJEXT) HttpStatusLine.$(OBJEXT) \
HttpHdrCc.$(OBJEXT) HttpHdrRange.$(OBJEXT) \
HttpHdrContRange.$(OBJEXT) HttpHeader.$(OBJEXT) \
HttpHeaderTools.$(OBJEXT) HttpBody.$(OBJEXT) HttpMsg.$(OBJEXT) \
HttpReply.$(OBJEXT) HttpRequest.$(OBJEXT) icmp.$(OBJEXT) \
- icp_v2.$(OBJEXT) icp_v3.$(OBJEXT) $(am__objects_8) \
+ icp_v2.$(OBJEXT) icp_v3.$(OBJEXT) $(am__objects_5) \
int.$(OBJEXT) internal.$(OBJEXT) ipc.$(OBJEXT) \
- ipcache.$(OBJEXT) IPInterception.$(OBJEXT) $(am__objects_9) \
+ ipcache.$(OBJEXT) IPInterception.$(OBJEXT) $(am__objects_6) \
logfile.$(OBJEXT) main.$(OBJEXT) mem.$(OBJEXT) \
mem_node.$(OBJEXT) MemBuf.$(OBJEXT) MemObject.$(OBJEXT) \
mime.$(OBJEXT) multicast.$(OBJEXT) neighbors.$(OBJEXT) \
- net_db.$(OBJEXT) Packer.$(OBJEXT) $(am__objects_3) \
+ net_db.$(OBJEXT) Packer.$(OBJEXT) $(am__objects_7) \
pconn.$(OBJEXT) peer_digest.$(OBJEXT) peer_select.$(OBJEXT) \
redirect.$(OBJEXT) referer.$(OBJEXT) refresh.$(OBJEXT) \
- send-announce.$(OBJEXT) $(am__objects_10) tunnel.$(OBJEXT) \
- $(am__objects_11) stat.$(OBJEXT) StatHist.$(OBJEXT) \
+ send-announce.$(OBJEXT) $(am__objects_8) tunnel.$(OBJEXT) \
+ $(am__objects_9) stat.$(OBJEXT) StatHist.$(OBJEXT) \
String.$(OBJEXT) stmem.$(OBJEXT) store.$(OBJEXT) \
store_io.$(OBJEXT) StoreIOState.$(OBJEXT) \
store_client.$(OBJEXT) store_digest.$(OBJEXT) \
LDFLAGS = @LDFLAGS@
LIBS = @LIBS@
depcomp = $(SHELL) $(top_srcdir)/cfgaux/depcomp
-@AMDEP_TRUE@DEP_FILES = $(DEPDIR)/ACLChecklist.Po \
-@AMDEP_TRUE@ $(DEPDIR)/ACLDestinationIP.Po $(DEPDIR)/ACLIP.Po \
-@AMDEP_TRUE@ $(DEPDIR)/ACLIdent.Po $(DEPDIR)/ACLMyIP.Po \
-@AMDEP_TRUE@ $(DEPDIR)/ACLProxyAuth.Po $(DEPDIR)/ACLRegexData.Po \
-@AMDEP_TRUE@ $(DEPDIR)/ACLSourceIP.Po $(DEPDIR)/ACLUserData.Po \
-@AMDEP_TRUE@ $(DEPDIR)/CacheDigest.Po $(DEPDIR)/DelayBucket.Po \
-@AMDEP_TRUE@ $(DEPDIR)/DelayConfig.Po $(DEPDIR)/DelayId.Po \
-@AMDEP_TRUE@ $(DEPDIR)/DelayPool.Po $(DEPDIR)/DelaySpec.Po \
-@AMDEP_TRUE@ $(DEPDIR)/DelayUser.Po $(DEPDIR)/DelayVector.Po \
-@AMDEP_TRUE@ $(DEPDIR)/ETag.Po $(DEPDIR)/HttpBody.Po \
-@AMDEP_TRUE@ $(DEPDIR)/HttpHdrCc.Po \
-@AMDEP_TRUE@ $(DEPDIR)/HttpHdrContRange.Po \
-@AMDEP_TRUE@ $(DEPDIR)/HttpHdrRange.Po $(DEPDIR)/HttpHeader.Po \
-@AMDEP_TRUE@ $(DEPDIR)/HttpHeaderTools.Po $(DEPDIR)/HttpMsg.Po \
-@AMDEP_TRUE@ $(DEPDIR)/HttpReply.Po $(DEPDIR)/HttpRequest.Po \
-@AMDEP_TRUE@ $(DEPDIR)/HttpStatusLine.Po \
-@AMDEP_TRUE@ $(DEPDIR)/IPInterception.Po $(DEPDIR)/MemBuf.Po \
-@AMDEP_TRUE@ $(DEPDIR)/MemObject.Po $(DEPDIR)/NullDelayId.Po \
-@AMDEP_TRUE@ $(DEPDIR)/Packer.Po $(DEPDIR)/ProfStats.Po \
-@AMDEP_TRUE@ $(DEPDIR)/StatHist.Po $(DEPDIR)/StoreIOState.Po \
-@AMDEP_TRUE@ $(DEPDIR)/StoreMeta.Po $(DEPDIR)/StoreMetaMD5.Po \
-@AMDEP_TRUE@ $(DEPDIR)/StoreMetaSTD.Po $(DEPDIR)/StoreMetaURL.Po \
-@AMDEP_TRUE@ $(DEPDIR)/StoreMetaUnpacker.Po \
-@AMDEP_TRUE@ $(DEPDIR)/StoreMetaVary.Po $(DEPDIR)/String.Po \
-@AMDEP_TRUE@ $(DEPDIR)/SwapDir.Po $(DEPDIR)/access_log.Po \
-@AMDEP_TRUE@ $(DEPDIR)/acl.Po $(DEPDIR)/asn.Po \
-@AMDEP_TRUE@ $(DEPDIR)/auth_modules.Po $(DEPDIR)/authenticate.Po \
-@AMDEP_TRUE@ $(DEPDIR)/cache_cf.Po $(DEPDIR)/cache_manager.Po \
-@AMDEP_TRUE@ $(DEPDIR)/cachemgr.Po $(DEPDIR)/carp.Po \
-@AMDEP_TRUE@ $(DEPDIR)/cbdata.Po $(DEPDIR)/cf_gen.Po \
-@AMDEP_TRUE@ $(DEPDIR)/client.Po $(DEPDIR)/clientStream.Po \
-@AMDEP_TRUE@ $(DEPDIR)/client_db.Po $(DEPDIR)/client_side.Po \
-@AMDEP_TRUE@ $(DEPDIR)/client_side_reply.Po \
-@AMDEP_TRUE@ $(DEPDIR)/client_side_request.Po $(DEPDIR)/comm.Po \
-@AMDEP_TRUE@ $(DEPDIR)/comm_kqueue.Po $(DEPDIR)/comm_poll.Po \
-@AMDEP_TRUE@ $(DEPDIR)/comm_select.Po $(DEPDIR)/debug.Po \
-@AMDEP_TRUE@ $(DEPDIR)/delay_pools.Po $(DEPDIR)/disk.Po \
-@AMDEP_TRUE@ $(DEPDIR)/dns.Po $(DEPDIR)/dns_internal.Po \
-@AMDEP_TRUE@ $(DEPDIR)/dnsserver.Po $(DEPDIR)/errorpage.Po \
-@AMDEP_TRUE@ $(DEPDIR)/event.Po $(DEPDIR)/external_acl.Po \
-@AMDEP_TRUE@ $(DEPDIR)/fd.Po $(DEPDIR)/fde.Po \
-@AMDEP_TRUE@ $(DEPDIR)/filemap.Po $(DEPDIR)/forward.Po \
-@AMDEP_TRUE@ $(DEPDIR)/fqdncache.Po $(DEPDIR)/ftp.Po \
-@AMDEP_TRUE@ $(DEPDIR)/globals.Po $(DEPDIR)/gopher.Po \
-@AMDEP_TRUE@ $(DEPDIR)/helper.Po $(DEPDIR)/htcp.Po \
-@AMDEP_TRUE@ $(DEPDIR)/http.Po $(DEPDIR)/icmp.Po \
-@AMDEP_TRUE@ $(DEPDIR)/icp_v2.Po $(DEPDIR)/icp_v3.Po \
-@AMDEP_TRUE@ $(DEPDIR)/ident.Po $(DEPDIR)/int.Po \
-@AMDEP_TRUE@ $(DEPDIR)/internal.Po $(DEPDIR)/ipc.Po \
-@AMDEP_TRUE@ $(DEPDIR)/ipcache.Po $(DEPDIR)/leakfinder.Po \
-@AMDEP_TRUE@ $(DEPDIR)/logfile.Po $(DEPDIR)/main.Po \
-@AMDEP_TRUE@ $(DEPDIR)/mem.Po $(DEPDIR)/mem_node.Po \
-@AMDEP_TRUE@ $(DEPDIR)/mime.Po $(DEPDIR)/multicast.Po \
-@AMDEP_TRUE@ $(DEPDIR)/neighbors.Po $(DEPDIR)/net_db.Po \
-@AMDEP_TRUE@ $(DEPDIR)/pconn.Po $(DEPDIR)/peer_digest.Po \
-@AMDEP_TRUE@ $(DEPDIR)/peer_select.Po $(DEPDIR)/pinger.Po \
-@AMDEP_TRUE@ $(DEPDIR)/recv-announce.Po $(DEPDIR)/redirect.Po \
-@AMDEP_TRUE@ $(DEPDIR)/referer.Po $(DEPDIR)/refresh.Po \
-@AMDEP_TRUE@ $(DEPDIR)/repl_modules.Po \
-@AMDEP_TRUE@ $(DEPDIR)/send-announce.Po $(DEPDIR)/snmp_agent.Po \
-@AMDEP_TRUE@ $(DEPDIR)/snmp_core.Po $(DEPDIR)/ssl_support.Po \
-@AMDEP_TRUE@ $(DEPDIR)/stat.Po $(DEPDIR)/stmem.Po \
-@AMDEP_TRUE@ $(DEPDIR)/store.Po $(DEPDIR)/store_client.Po \
-@AMDEP_TRUE@ $(DEPDIR)/store_digest.Po $(DEPDIR)/store_dir.Po \
-@AMDEP_TRUE@ $(DEPDIR)/store_io.Po $(DEPDIR)/store_key_md5.Po \
-@AMDEP_TRUE@ $(DEPDIR)/store_log.Po $(DEPDIR)/store_modules.Po \
-@AMDEP_TRUE@ $(DEPDIR)/store_rebuild.Po \
-@AMDEP_TRUE@ $(DEPDIR)/store_swapin.Po \
-@AMDEP_TRUE@ $(DEPDIR)/store_swapmeta.Po \
-@AMDEP_TRUE@ $(DEPDIR)/store_swapout.Po \
-@AMDEP_TRUE@ $(DEPDIR)/string_arrays.Po $(DEPDIR)/tools.Po \
-@AMDEP_TRUE@ $(DEPDIR)/tunnel.Po $(DEPDIR)/ufscommon.Po \
-@AMDEP_TRUE@ $(DEPDIR)/ufsdump.Po $(DEPDIR)/unlinkd-unlinkd.Po \
-@AMDEP_TRUE@ $(DEPDIR)/unlinkd.Po $(DEPDIR)/url.Po \
-@AMDEP_TRUE@ $(DEPDIR)/urn.Po $(DEPDIR)/useragent.Po \
-@AMDEP_TRUE@ $(DEPDIR)/wais.Po $(DEPDIR)/wccp.Po \
-@AMDEP_TRUE@ $(DEPDIR)/whois.Po $(DEPDIR)/win32.Po
+am__depfiles_maybe = depfiles
+@AMDEP_TRUE@DEP_FILES = ./$(DEPDIR)/ACLCertificateData.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/ACLChecklist.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/ACLDestinationDomain.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/ACLDestinationIP.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/ACLDomainData.Po ./$(DEPDIR)/ACLIP.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/ACLIdent.Po ./$(DEPDIR)/ACLMyIP.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/ACLProxyAuth.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/ACLRegexData.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/ACLSourceDomain.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/ACLSourceIP.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/ACLUserData.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/CacheDigest.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/DelayBucket.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/DelayConfig.Po ./$(DEPDIR)/DelayId.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/DelayPool.Po ./$(DEPDIR)/DelaySpec.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/DelayUser.Po ./$(DEPDIR)/DelayVector.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/ETag.Po ./$(DEPDIR)/HttpBody.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/HttpHdrCc.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/HttpHdrContRange.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/HttpHdrRange.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/HttpHeader.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/HttpHeaderTools.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/HttpMsg.Po ./$(DEPDIR)/HttpReply.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/HttpRequest.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/HttpStatusLine.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/IPInterception.Po ./$(DEPDIR)/MemBuf.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/MemObject.Po ./$(DEPDIR)/NullDelayId.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/Packer.Po ./$(DEPDIR)/ProfStats.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/StatHist.Po ./$(DEPDIR)/StoreIOState.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/StoreMeta.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/StoreMetaMD5.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/StoreMetaSTD.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/StoreMetaURL.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/StoreMetaUnpacker.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/StoreMetaVary.Po ./$(DEPDIR)/String.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/SwapDir.Po ./$(DEPDIR)/access_log.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/acl.Po ./$(DEPDIR)/asn.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/auth_modules.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/authenticate.Po ./$(DEPDIR)/cache_cf.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/cache_manager.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/cachemgr.Po ./$(DEPDIR)/carp.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/cbdata.Po ./$(DEPDIR)/cf_gen.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/client.Po ./$(DEPDIR)/clientStream.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/client_db.Po ./$(DEPDIR)/client_side.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/client_side_reply.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/client_side_request.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/comm.Po ./$(DEPDIR)/comm_kqueue.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/comm_poll.Po ./$(DEPDIR)/comm_select.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/debug.Po ./$(DEPDIR)/delay_pools.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/disk.Po ./$(DEPDIR)/dns.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/dns_internal.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/dnsserver.Po ./$(DEPDIR)/errorpage.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/event.Po ./$(DEPDIR)/external_acl.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/fd.Po ./$(DEPDIR)/fde.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/filemap.Po ./$(DEPDIR)/forward.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/fqdncache.Po ./$(DEPDIR)/ftp.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/globals.Po ./$(DEPDIR)/gopher.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/helper.Po ./$(DEPDIR)/htcp.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/http.Po ./$(DEPDIR)/icmp.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/icp_v2.Po ./$(DEPDIR)/icp_v3.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/ident.Po ./$(DEPDIR)/int.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/internal.Po ./$(DEPDIR)/ipc.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/ipcache.Po ./$(DEPDIR)/leakfinder.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/logfile.Po ./$(DEPDIR)/main.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/mem.Po ./$(DEPDIR)/mem_node.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/mime.Po ./$(DEPDIR)/multicast.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/neighbors.Po ./$(DEPDIR)/net_db.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/pconn.Po ./$(DEPDIR)/peer_digest.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/peer_select.Po ./$(DEPDIR)/pinger.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/recv-announce.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/redirect.Po ./$(DEPDIR)/referer.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/refresh.Po ./$(DEPDIR)/repl_modules.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/send-announce.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/snmp_agent.Po ./$(DEPDIR)/snmp_core.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/ssl_support.Po ./$(DEPDIR)/stat.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/stmem.Po ./$(DEPDIR)/store.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/store_client.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/store_digest.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/store_dir.Po ./$(DEPDIR)/store_io.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/store_key_md5.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/store_log.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/store_modules.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/store_rebuild.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/store_swapin.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/store_swapmeta.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/store_swapout.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/string_arrays.Po ./$(DEPDIR)/tools.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/tunnel.Po ./$(DEPDIR)/ufscommon.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/ufsdump.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/unlinkd-unlinkd.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/unlinkd.Po ./$(DEPDIR)/url.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/urn.Po ./$(DEPDIR)/useragent.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/wais.Po ./$(DEPDIR)/wccp.Po \
+@AMDEP_TRUE@ ./$(DEPDIR)/whois.Po ./$(DEPDIR)/win32.Po
COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \
$(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS)
CCLD = $(CC)
distclean-compile:
-rm -f *.tab.c
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/ACLChecklist.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/ACLDestinationIP.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/ACLIP.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/ACLIdent.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/ACLMyIP.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/ACLProxyAuth.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/ACLRegexData.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/ACLSourceIP.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/ACLUserData.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/CacheDigest.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/DelayBucket.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/DelayConfig.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/DelayId.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/DelayPool.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/DelaySpec.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/DelayUser.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/DelayVector.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/ETag.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/HttpBody.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/HttpHdrCc.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/HttpHdrContRange.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/HttpHdrRange.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/HttpHeader.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/HttpHeaderTools.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/HttpMsg.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/HttpReply.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/HttpRequest.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/HttpStatusLine.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/IPInterception.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/MemBuf.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/MemObject.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/NullDelayId.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/Packer.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/ProfStats.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/StatHist.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/StoreIOState.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/StoreMeta.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/StoreMetaMD5.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/StoreMetaSTD.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/StoreMetaURL.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/StoreMetaUnpacker.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/StoreMetaVary.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/String.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/SwapDir.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/access_log.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/acl.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/asn.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/auth_modules.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/authenticate.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/cache_cf.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/cache_manager.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/cachemgr.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/carp.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/cbdata.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/cf_gen.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/client.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/clientStream.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/client_db.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/client_side.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/client_side_reply.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/client_side_request.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/comm.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/comm_kqueue.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/comm_poll.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/comm_select.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/debug.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/delay_pools.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/disk.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/dns.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/dns_internal.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/dnsserver.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/errorpage.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/event.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/external_acl.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/fd.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/fde.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/filemap.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/forward.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/fqdncache.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/ftp.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/globals.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/gopher.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/helper.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/htcp.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/http.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icmp.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icp_v2.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/icp_v3.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/ident.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/int.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/internal.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/ipc.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/ipcache.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/leakfinder.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/logfile.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/main.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/mem.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/mem_node.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/mime.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/multicast.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/neighbors.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/net_db.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/pconn.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/peer_digest.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/peer_select.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/pinger.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/recv-announce.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/redirect.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/referer.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/refresh.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/repl_modules.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/send-announce.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/snmp_agent.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/snmp_core.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/ssl_support.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/stat.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/stmem.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/store.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/store_client.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/store_digest.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/store_dir.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/store_io.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/store_key_md5.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/store_log.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/store_modules.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/store_rebuild.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/store_swapin.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/store_swapmeta.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/store_swapout.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/string_arrays.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/tools.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/tunnel.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/ufscommon.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/ufsdump.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/unlinkd-unlinkd.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/unlinkd.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/url.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/urn.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/useragent.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/wais.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/wccp.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/whois.Po@am__quote@
-@AMDEP_TRUE@@am__include@ @am__quote@$(DEPDIR)/win32.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ACLCertificateData.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ACLChecklist.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ACLDestinationDomain.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ACLDestinationIP.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ACLDomainData.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ACLIP.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ACLIdent.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ACLMyIP.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ACLProxyAuth.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ACLRegexData.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ACLSourceDomain.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ACLSourceIP.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ACLUserData.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/CacheDigest.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DelayBucket.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DelayConfig.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DelayId.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DelayPool.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DelaySpec.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DelayUser.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/DelayVector.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ETag.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/HttpBody.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/HttpHdrCc.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/HttpHdrContRange.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/HttpHdrRange.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/HttpHeader.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/HttpHeaderTools.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/HttpMsg.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/HttpReply.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/HttpRequest.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/HttpStatusLine.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/IPInterception.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/MemBuf.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/MemObject.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/NullDelayId.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/Packer.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ProfStats.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/StatHist.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/StoreIOState.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/StoreMeta.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/StoreMetaMD5.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/StoreMetaSTD.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/StoreMetaURL.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/StoreMetaUnpacker.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/StoreMetaVary.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/String.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/SwapDir.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/access_log.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/acl.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/asn.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/auth_modules.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/authenticate.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cache_cf.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cache_manager.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cachemgr.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/carp.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cbdata.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/cf_gen.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/client.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/clientStream.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/client_db.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/client_side.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/client_side_reply.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/client_side_request.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/comm.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/comm_kqueue.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/comm_poll.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/comm_select.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/debug.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/delay_pools.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/disk.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dns.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dns_internal.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/dnsserver.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/errorpage.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/event.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/external_acl.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fd.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fde.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/filemap.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/forward.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/fqdncache.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ftp.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/globals.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/gopher.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/helper.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/htcp.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/http.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/icmp.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/icp_v2.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/icp_v3.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ident.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/int.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/internal.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ipc.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ipcache.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/leakfinder.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/logfile.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/main.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mem.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mem_node.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/mime.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/multicast.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/neighbors.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/net_db.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pconn.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/peer_digest.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/peer_select.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/pinger.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/recv-announce.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/redirect.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/referer.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/refresh.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/repl_modules.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/send-announce.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/snmp_agent.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/snmp_core.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ssl_support.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/stat.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/stmem.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/store.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/store_client.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/store_digest.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/store_dir.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/store_io.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/store_key_md5.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/store_log.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/store_modules.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/store_rebuild.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/store_swapin.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/store_swapmeta.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/store_swapout.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/string_arrays.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tools.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/tunnel.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ufscommon.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/ufsdump.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/unlinkd-unlinkd.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/unlinkd.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/url.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/urn.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/useragent.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/wais.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/wccp.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/whois.Po@am__quote@
+@AMDEP_TRUE@@am__include@ @am__quote@./$(DEPDIR)/win32.Po@am__quote@
distclean-depend:
- -rm -rf $(DEPDIR)
+ -rm -rf ./$(DEPDIR)
.c.o:
@AMDEP_TRUE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
@AMDEP_TRUE@ depfile='$(DEPDIR)/$*.Po' tmpdepfile='$(DEPDIR)/$*.TPo' @AMDEPBACKSLASH@
@AMDEP_TRUE@ $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@
- $(COMPILE) -c `test -f $< || echo '$(srcdir)/'`$<
+ $(COMPILE) -c `test -f '$<' || echo '$(srcdir)/'`$<
.c.obj:
@AMDEP_TRUE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@
/*
- * $Id: acl.cc,v 1.302 2003/02/13 08:07:47 robertc Exp $
+ * $Id: acl.cc,v 1.303 2003/02/16 02:23:19 robertc Exp $
*
* DEBUG: section 28 Access Control
* AUTHOR: Duane Wessels
#include "HttpRequest.h"
#include "authenticate.h"
#include "fde.h"
-#if USE_IDENT
-#include "ACLIdent.h"
-#endif
#include "ACLUserData.h"
#include "ExternalACL.h"
+#include "ACLDestinationIP.h"
+#if USE_SSL
+#include "ACLCertificateData.h"
+#endif
-static void aclParseDomainList(void *curlist);
static void aclParseIntlist(void *curlist);
#if SQUID_SNMP
static void aclParseWordList(void *curlist);
static void aclDestroyTimeList(acl_time_data * data);
static void aclDestroyIntRange(intrange *);
static int aclMatchTime(acl_time_data * data, time_t when);
-static int aclMatchDomainList(void *dataptr, const char *);
static int aclMatchIntegerRange(intrange * data, int i);
#if SQUID_SNMP
static int aclMatchWordList(wordlist *, const char *);
static wordlist *aclDumpUserMaxIP(void *data);
static int aclMatchUserMaxIP(void *, auth_user_request_t *, struct in_addr);
static squid_acl aclStrToType(const char *s);
-IPH aclLookupDstIPforASNDone;
-static wordlist *aclDumpDomainList(void *data);
static wordlist *aclDumpTimeSpecList(acl_time_data *);
static wordlist *aclDumpIntlistList(intlist * data);
static wordlist *aclDumpIntRangeList(intrange * data);
static wordlist *aclDumpMethodList(intlist * data);
static splayNode::SPLAYCMP aclHostDomainCompare;
template<class T> int aclDomainCompare(T const &a, T const &b);
-static splayNode::SPLAYWALKEE aclDumpDomainListWalkee;
#if USE_ARP_ACL
static squid_acl
aclStrToType(const char *s)
{
- if (!strcmp(s, "domain"))
- return ACL_DST_DOMAIN;
- if (!strcmp(s, "dstdomain"))
- return ACL_DST_DOMAIN;
- if (!strcmp(s, "srcdomain"))
- return ACL_SRC_DOMAIN;
- if (!strcmp(s, "dstdom_regex"))
- return ACL_DST_DOM_REGEX;
- if (!strcmp(s, "srcdom_regex"))
- return ACL_SRC_DOM_REGEX;
if (!strcmp(s, "time"))
return ACL_TIME;
if (!strcmp(s, "pattern"))
return ACL_MY_PORT;
if (!strcmp(s, "maxconn"))
return ACL_MAXCONN;
-#if USE_IDENT
- if (!strcmp(s, "ident"))
- return ACL_IDENT;
- if (!strcmp(s, "ident_regex"))
- return ACL_IDENT_REGEX;
-#endif
if (!strncmp(s, "proto", 5))
return ACL_PROTO;
if (!strcmp(s, "method"))
const char *
aclTypeToStr(squid_acl type)
{
- if (type == ACL_DST_DOMAIN)
- return "dstdomain";
- if (type == ACL_SRC_DOMAIN)
- return "srcdomain";
- if (type == ACL_DST_DOM_REGEX)
- return "dstdom_regex";
- if (type == ACL_SRC_DOM_REGEX)
- return "srcdom_regex";
if (type == ACL_TIME)
return "time";
if (type == ACL_URLPATH_REGEX)
return "myport";
if (type == ACL_MAXCONN)
return "maxconn";
-#if USE_IDENT
- if (type == ACL_IDENT_REGEX)
- return "ident_regex";
-#endif
if (type == ACL_PROTO)
return "proto";
if (type == ACL_METHOD)
}
#endif
-/**********************/
-/* aclParseDomainList */
-/**********************/
-
-static void
-aclParseDomainList(void *curlist)
-{
- char *t = NULL;
- splayNode **Top = (splayNode **)curlist;
- while ((t = strtokFile())) {
- Tolower(t);
- *Top = splay_insert(xstrdup(t), *Top, aclDomainCompare);
- }
-}
-
#if USE_SSL
static void
aclParseCertList(void *curlist)
{
- acl_cert_data **datap = (acl_cert_data **)curlist;
+ ACLCertificateData **datap = (ACLCertificateData **)curlist;
SplayNode<char *> **Top;
char *t;
char *attribute = strtokFile();
if (!attribute)
self_destruct();
if (*datap) {
+ /* an acl must use consistent attributes in all config lines */
if (strcasecmp((*datap)->attribute, attribute) != 0)
self_destruct();
} else {
- *datap = new acl_cert_data;
+ *datap = new ACLCertificateData;
(*datap)->attribute = xstrdup(attribute);
}
Top = &(*datap)->values;
static int
aclMatchUserCert(void *data, ACLChecklist * checklist)
{
- acl_cert_data *cert_data = (acl_cert_data *)data;
+ ACLCertificateData *cert_data = (ACLCertificateData *)data;
const char *value;
SSL *ssl = fd_table[checklist->conn()->fd].ssl;
static int
aclMatchCACert(void *data, ACLChecklist * checklist)
{
- acl_cert_data *cert_data = (acl_cert_data *)data;
+ ACLCertificateData *cert_data = (ACLCertificateData *)data;
const char *value;
SSL *ssl = fd_table[checklist->conn()->fd].ssl;
static void
aclDestroyCertList(void *curlist)
{
- acl_cert_data **datap = (acl_cert_data **)curlist;
+ ACLCertificateData **datap = (ACLCertificateData **)curlist;
if (!*datap)
return;
(*datap)->values->destroy(xRefFree);
static wordlist *
aclDumpCertList(void *curlist)
{
- acl_cert_data *data = (acl_cert_data *)curlist;
+ ACLCertificateData *data = (ACLCertificateData *)curlist;
wordlist *wl = NULL;
wordlistAdd(&wl, data->attribute);
data->values->walk(aclDumpCertListWalkee, &wl);
return result;
squid_acl const acltype = aclStrToType(type);
switch (acltype) {
-#if USE_IDENT
- case ACL_IDENT:
- result = new ACLIdent;
- break;
-#endif
- case ACL_DST_DOMAIN:
- case ACL_SRC_DOMAIN:
- case ACL_DST_DOM_REGEX:
- case ACL_SRC_DOM_REGEX:
case ACL_TIME:
case ACL_URLPATH_REGEX:
case ACL_URL_REGEX:
case ACL_URL_PORT:
case ACL_MY_PORT:
case ACL_MAXCONN:
-#if USE_IDENT
- case ACL_IDENT_REGEX:
-#endif
case ACL_PROTO:
case ACL_METHOD:
case ACL_BROWSER:
ACL::parse()
{
switch (aclType()) {
- case ACL_SRC_DOMAIN:
- case ACL_DST_DOMAIN:
- aclParseDomainList(&data);
- break;
case ACL_TIME:
aclParseTimeSpec(&data);
break;
case ACL_URLPATH_REGEX:
case ACL_BROWSER:
case ACL_REFERER_REGEX:
- case ACL_SRC_DOM_REGEX:
- case ACL_DST_DOM_REGEX:
case ACL_REQ_MIME_TYPE:
case ACL_REP_MIME_TYPE:
aclParseRegexList(&data);
case ACL_MY_PORT:
aclParseIntRange(&data);
break;
-#if USE_IDENT
- case ACL_IDENT_REGEX:
- aclParseRegexList(&data);
- break;
-#endif
case ACL_PROTO:
aclParseProtoList(&data);
break;
case ACL_METHOD:
aclParseMethodList(&data);
break;
-#if USE_IDENT
- case ACL_IDENT:
-#endif
case ACL_DERIVED:
fatal ("overriden");
break;
}
}
-/**********************/
-/* aclMatchDomainList */
-/**********************/
-
-static int
-aclMatchDomainList(void *dataptr, const char *host)
-{
- splayNode **Top = (splayNode **)dataptr;
- if (host == NULL)
- return 0;
- debug(28, 3) ("aclMatchDomainList: checking '%s'\n", host);
- const void * __host = host;
- *Top = splay_splay(&__host, *Top, aclHostDomainCompare);
- debug(28, 3) ("aclMatchDomainList: '%s' %s\n",
- host, splayLastResult ? "NOT found" : "found");
- return !splayLastResult;
-}
-
int
aclMatchRegex(relist * data, const char *word)
{
case ACL_BROWSER:
case ACL_REFERER_REGEX:
case ACL_DST_ASN:
- case ACL_DST_DOMAIN:
- case ACL_DST_DOM_REGEX:
case ACL_MAX_USER_IP:
case ACL_METHOD:
case ACL_PROTO:
{
request_t *r = checklist->request;
const ipcache_addrs *ia = NULL;
- const char *fqdn = NULL;
char *esc_buf;
const char *header;
const char *browser;
int k, ti;
switch (aclType()) {
- case ACL_DST_DOMAIN:
- if ((ia = ipcacheCheckNumeric(r->host)) == NULL)
- return aclMatchDomainList(&data, r->host);
- fqdn = fqdncache_gethostbyaddr(ia->in_addrs[0], FQDN_LOOKUP_IF_MISS);
- if (fqdn)
- return aclMatchDomainList(&data, fqdn);
- if (checklist->state[ACL_DST_DOMAIN] == ACL_LOOKUP_NONE) {
- debug(28, 3) ("aclMatchAcl: Can't yet compare '%s' ACL for '%s'\n",
- name, inet_ntoa(ia->in_addrs[0]));
- checklist->state[ACL_DST_DOMAIN] = ACL_LOOKUP_NEEDED;
- return 0;
- }
- return aclMatchDomainList(&data, "none");
- /* NOTREACHED */
- case ACL_SRC_DOMAIN:
- fqdn = fqdncache_gethostbyaddr(checklist->src_addr, FQDN_LOOKUP_IF_MISS);
- if (fqdn) {
- return aclMatchDomainList(&data, fqdn);
- } else if (checklist->state[ACL_SRC_DOMAIN] == ACL_LOOKUP_NONE) {
- debug(28, 3) ("aclMatchAcl: Can't yet compare '%s' ACL for '%s'\n",
- name, inet_ntoa(checklist->src_addr));
- checklist->state[ACL_SRC_DOMAIN] = ACL_LOOKUP_NEEDED;
- return 0;
- }
- return aclMatchDomainList(&data, "none");
- /* NOTREACHED */
- case ACL_DST_DOM_REGEX:
- if ((ia = ipcacheCheckNumeric(r->host)) == NULL)
- return aclMatchRegex((relist *)data, r->host);
- fqdn = fqdncache_gethostbyaddr(ia->in_addrs[0], FQDN_LOOKUP_IF_MISS);
- if (fqdn)
- return aclMatchRegex((relist *)data, fqdn);
- if (checklist->state[ACL_DST_DOMAIN] == ACL_LOOKUP_NONE) {
- debug(28, 3) ("aclMatchAcl: Can't yet compare '%s' ACL for '%s'\n",
- name, inet_ntoa(ia->in_addrs[0]));
- checklist->state[ACL_DST_DOMAIN] = ACL_LOOKUP_NEEDED;
- return 0;
- }
- return aclMatchRegex((relist *)data, "none");
- /* NOTREACHED */
- case ACL_SRC_DOM_REGEX:
- fqdn = fqdncache_gethostbyaddr(checklist->src_addr, FQDN_LOOKUP_IF_MISS);
- if (fqdn) {
- return aclMatchRegex((relist *)data, fqdn);
- } else if (checklist->state[ACL_SRC_DOMAIN] == ACL_LOOKUP_NONE) {
- debug(28, 3) ("aclMatchAcl: Can't yet compare '%s' ACL for '%s'\n",
- name, inet_ntoa(checklist->src_addr));
- checklist->state[ACL_SRC_DOMAIN] = ACL_LOOKUP_NEEDED;
- return 0;
- }
- return aclMatchRegex((relist *)data, "none");
- /* NOTREACHED */
case ACL_TIME:
return aclMatchTime((acl_time_data *)data, squid_curtime);
/* NOTREACHED */
case ACL_MY_PORT:
return aclMatchIntegerRange((intrange *)data, (int) checklist->my_port);
/* NOTREACHED */
-#if USE_IDENT
- case ACL_IDENT_REGEX:
- if (checklist->rfc931[0]) {
- return aclMatchRegex((relist *)data, checklist->rfc931);
- } else {
- checklist->state[ACL_IDENT] = ACL_LOOKUP_NEEDED;
- return 0;
- }
- /* NOTREACHED */
-#endif
case ACL_PROTO:
return aclMatchInteger((intlist *)data, r->protocol);
/* NOTREACHED */
} else if (checklist->state[ACL_DST_ASN] == ACL_LOOKUP_NONE) {
debug(28, 3) ("asnMatchAcl: Can't yet compare '%s' ACL for '%s'\n",
name, r->host);
- checklist->state[ACL_DST_ASN] = ACL_LOOKUP_NEEDED;
+ checklist->changeState (DestinationIPLookup::Instance());
} else {
return asnMatchIp(data, no_addr);
}
case ACL_NONE:
case ACL_ENUM_MAX:
break;
-#if USE_IDENT
- case ACL_IDENT:
-#endif
case ACL_DERIVED:
fatal ("overridden");
}
return allow == ACCESS_DENIED;
}
-#if USE_IDENT
-void
-aclLookupIdentDone(const char *ident, void *data)
-{
- ACLChecklist *checklist = (ACLChecklist *)data;
- if (ident) {
- xstrncpy(checklist->rfc931, ident, USER_IDENT_SZ);
-#if DONT
- xstrncpy(checklist->request->authuser, ident, USER_IDENT_SZ);
-#endif
- } else {
- xstrncpy(checklist->rfc931, dash_str, USER_IDENT_SZ);
- }
- /*
- * Cache the ident result in the connection, to avoid redoing ident lookup
- * over and over on persistent connections
- */
- if (cbdataReferenceValid(checklist->conn()) && !checklist->conn()->rfc931[0])
- xstrncpy(checklist->conn()->rfc931, checklist->rfc931, USER_IDENT_SZ);
- checklist->asyncInProgress(false);
- checklist->check();
-}
-#endif
-
-void
-aclLookupDstIPforASNDone(const ipcache_addrs * ia, void *data)
-{
- ACLChecklist *checklist = (ACLChecklist *)data;
- checklist->state[ACL_DST_ASN] = ACL_LOOKUP_DONE;
- checklist->asyncInProgress(false);
- checklist->check();
-}
-
-void
-aclLookupSrcFQDNDone(const char *fqdn, void *data)
-{
- ACLChecklist *checklist = (ACLChecklist *)data;
- checklist->state[ACL_SRC_DOMAIN] = ACL_LOOKUP_DONE;
- checklist->asyncInProgress(false);
- checklist->check();
-}
-
-void
-aclLookupDstFQDNDone(const char *fqdn, void *data)
-{
- ACLChecklist *checklist = (ACLChecklist *)data;
- checklist->state[ACL_DST_DOMAIN] = ACL_LOOKUP_DONE;
- checklist->asyncInProgress(false);
- checklist->check();
-}
-
/*
* Any ACLChecklist created by aclChecklistCreate() must eventually be
* freed by ACLChecklist::operator delete(). There are two common cases:
#if USE_ARP_ACL
case ACL_SRC_ARP:
#endif
- case ACL_DST_DOMAIN:
- case ACL_SRC_DOMAIN:
- splay_destroy((splayNode *)data, xRefFree);
- break;
#if SQUID_SNMP
case ACL_SNMP_COMMUNITY:
wordlistDestroy((wordlist **) & data);
break;
#endif
/* Destroyed in the children */
-#if USE_IDENT
- case ACL_IDENT:
-#endif
case ACL_DERIVED:
break;
case ACL_TIME:
aclDestroyTimeList((acl_time_data *)data);
break;
-#if USE_IDENT
- case ACL_IDENT_REGEX:
-#endif
case ACL_URL_REGEX:
case ACL_URLPATH_REGEX:
case ACL_BROWSER:
case ACL_REFERER_REGEX:
- case ACL_SRC_DOM_REGEX:
- case ACL_DST_DOM_REGEX:
case ACL_REP_MIME_TYPE:
case ACL_REQ_MIME_TYPE:
aclDestroyRegexList((relist *)data);
return matchDomainName(h, d);
}
-static void
-aclDumpDomainListWalkee(void * const &node, void *state)
-{
- char *domain = (char *)node;
- wordlistAdd((wordlist **)state, domain);
-}
-
-static wordlist *
-aclDumpDomainList(void *data)
-{
- wordlist *w = NULL;
- splay_walk((splayNode *)data, aclDumpDomainListWalkee, &w);
- return w;
-}
-
static wordlist *
aclDumpTimeSpecList(acl_time_data * t)
{
ACL::dump() const
{
switch (aclType()) {
- case ACL_SRC_DOMAIN:
- case ACL_DST_DOMAIN:
- return aclDumpDomainList(data);
#if SQUID_SNMP
case ACL_SNMP_COMMUNITY:
return wordlistDup((wordlist *)data);
-#endif
-#if USE_IDENT
- case ACL_IDENT_REGEX:
- return aclDumpRegexList((relist *)data);
-#endif
-#if USE_IDENT
- case ACL_IDENT:
#endif
case ACL_DERIVED:
fatal ("unused");
case ACL_URLPATH_REGEX:
case ACL_BROWSER:
case ACL_REFERER_REGEX:
- case ACL_SRC_DOM_REGEX:
- case ACL_DST_DOM_REGEX:
case ACL_REQ_MIME_TYPE:
case ACL_REP_MIME_TYPE:
return aclDumpRegexList((relist *)data);
/* to be split into separate files in the future */
-#if USE_SSL
-MemPool *acl_cert_data::Pool(NULL);
-void *
-acl_cert_data::operator new (size_t byteCount)
-{
- /* derived classes with different sizes must implement their own new */
- assert (byteCount == sizeof (acl_cert_data));
- if (!Pool)
- Pool = memPoolCreate("acl_cert_data", sizeof (acl_cert_data));
- return memPoolAlloc(Pool);
-}
-
-void
-acl_cert_data::operator delete (void *address)
-{
- memPoolFree (Pool, address);
-}
-
-void
-acl_cert_data::deleteSelf() const
-{
- delete this;
-}
-#endif /* USE_SSL */
-
MemPool *ACLList::Pool(NULL);
void *
ACLList::operator new (size_t byteCount)
/*
- * $Id: enums.h,v 1.224 2003/02/13 08:07:47 robertc Exp $
+ * $Id: enums.h,v 1.225 2003/02/16 02:23:19 robertc Exp $
*
*
* SQUID Web Proxy Cache http://www.squid-cache.org/
typedef enum {
ACL_NONE,
- ACL_SRC_DOMAIN,
- ACL_DST_DOMAIN,
- ACL_SRC_DOM_REGEX,
- ACL_DST_DOM_REGEX,
ACL_TIME,
ACL_URLPATH_REGEX,
ACL_URL_REGEX,
ACL_URL_PORT,
ACL_MY_PORT,
-#if USE_IDENT
- ACL_IDENT,
- ACL_IDENT_REGEX,
-#endif
ACL_PROTO,
ACL_METHOD,
ACL_BROWSER,
/*
- * $Id: external_acl.cc,v 1.27 2003/02/14 23:17:06 hno Exp $
+ * $Id: external_acl.cc,v 1.28 2003/02/16 02:23:19 robertc Exp $
*
* DEBUG: section 82 External ACL
* AUTHOR: Henrik Nordstrom, MARA Systems AB
#include "fde.h"
#include "ACLChecklist.h"
#include "ACL.h"
+#if USE_IDENT
+#include "ACLIdent.h"
+#endif
#ifndef DEFAULT_EXTERNAL_ACL_TTL
#define DEFAULT_EXTERNAL_ACL_TTL 1 * 60 * 60
case _external_acl_format::EXT_ACL_IDENT:
str = ch->rfc931;
if (!str) {
- ch->state[ACL_IDENT] = ACL_LOOKUP_NEEDED;
+ ch->changeState(IdentLookup::Instance());
return NULL;
}
break;
projects / thirdparty / squid.git / commitdiff
