AclIdent.cc
Go to the documentation of this file.
1 /*
2  * Copyright (C) 1996-2021 The Squid Software Foundation and contributors
3  *
4  * Squid software is distributed under GPLv2+ license and includes
5  * contributions from numerous individuals and organizations.
6  * Please see the COPYING and CONTRIBUTORS files for details.
7  */
8 
9 /* DEBUG: section 28 Access Control */
10 
11 #include "squid.h"
12 
13 #if USE_IDENT
14 
15 #include "acl/FilledChecklist.h"
16 #include "acl/RegexData.h"
17 #include "acl/UserData.h"
18 #include "client_side.h"
19 #include "comm/Connection.h"
20 #include "globals.h"
21 #include "http/Stream.h"
22 #include "ident/AclIdent.h"
23 #include "ident/Ident.h"
24 
26 {
27  delete data;
28 }
29 
30 ACLIdent::ACLIdent(ACLData<char const *> *newData, char const *newType) : data (newData), type_ (newType) {}
31 
32 char const *
34 {
35  return type_;
36 }
37 
38 const Acl::Options &
40 {
41  return data->lineOptions();
42 }
43 
44 void
46 {
47  if (!data) {
48  debugs(28, 3, HERE << "current is null. Creating");
49  data = new ACLUserData;
50  }
51 
52  data->parse();
53 }
54 
55 int
57 {
58  ACLFilledChecklist *checklist = Filled(cl);
59  if (checklist->rfc931[0]) {
60  return data->match(checklist->rfc931);
61  } else if (checklist->conn() != NULL && checklist->conn()->clientConnection != NULL && checklist->conn()->clientConnection->rfc931[0]) {
62  return data->match(checklist->conn()->clientConnection->rfc931);
63  } else if (checklist->conn() != NULL && Comm::IsConnOpen(checklist->conn()->clientConnection)) {
64  if (checklist->goAsync(IdentLookup::Instance())) {
65  debugs(28, 3, "switching to ident lookup state");
66  return -1;
67  }
68  // else fall through to ACCESS_DUNNO failure below
69  } else {
70  debugs(28, DBG_IMPORTANT, "ERROR: Cannot start ident lookup. No client connection" );
71  // fall through to ACCESS_DUNNO failure below
72  }
73 
74  checklist->markFinished(ACCESS_DUNNO, "cannot start ident lookup");
75  return -1;
76 }
77 
80 {
81  return data->dump();
82 }
83 
84 bool
86 {
87  return data->empty();
88 }
89 
91 
94 {
95  return &instance_;
96 }
97 
98 void
100 {
101  ACLFilledChecklist *checklist = Filled(cl);
102  const ConnStateData *conn = checklist->conn();
103  // check that ACLIdent::match() tested this lookup precondition
104  assert(conn && Comm::IsConnOpen(conn->clientConnection));
105  debugs(28, 3, HERE << "Doing ident lookup" );
106  Ident::Start(checklist->conn()->clientConnection, LookupDone, checklist);
107 }
108 
109 void
110 IdentLookup::LookupDone(const char *ident, void *data)
111 {
112  ACLFilledChecklist *checklist = Filled(static_cast<ACLChecklist*>(data));
113 
114  if (ident) {
115  xstrncpy(checklist->rfc931, ident, USER_IDENT_SZ);
116  } else {
117  xstrncpy(checklist->rfc931, dash_str, USER_IDENT_SZ);
118  }
119 
120  /*
121  * Cache the ident result in the connection, to avoid redoing ident lookup
122  * over and over on persistent connections
123  */
124  if (checklist->conn() != NULL && checklist->conn()->clientConnection != NULL && !checklist->conn()->clientConnection->rfc931[0])
125  xstrncpy(checklist->conn()->clientConnection->rfc931, checklist->rfc931, USER_IDENT_SZ);
126 
128 }
129 
130 #endif /* USE_IDENT */
131 
#define USER_IDENT_SZ
Definition: defines.h:37
virtual void checkForAsync(ACLChecklist *) const
Definition: AclIdent.cc:99
virtual const Acl::Options & lineOptions()
supported ACL "line" options (e.g., "-i")
Definition: Data.h:26
virtual bool empty() const
Definition: AclIdent.cc:85
std::vector< const Option * > Options
Definition: Options.h:214
ACLData< char const * > * data
Definition: AclIdent.h:53
std::list< SBuf > SBufList
Definition: forward.h:22
virtual const Acl::Options & lineOptions()
Definition: AclIdent.cc:39
virtual SBufList dump() const
Definition: AclIdent.cc:79
char * xstrncpy(char *dst, const char *src, size_t n)
Definition: xstring.cc:37
bool IsConnOpen(const Comm::ConnectionPointer &conn)
Definition: Connection.cc:27
static IdentLookup instance_
Definition: AclIdent.h:25
#define DBG_IMPORTANT
Definition: Debug.h:41
bool goAsync(AsyncState *)
Definition: Checklist.cc:114
ConnStateData * conn() const
The client connection manager.
char rfc931[USER_IDENT_SZ]
Definition: Connection.h:174
#define NULL
Definition: types.h:166
#define debugs(SECTION, LEVEL, CONTENT)
Definition: Debug.h:123
ACLFilledChecklist * Filled(ACLChecklist *checklist)
convenience and safety wrapper for dynamic_cast<ACLFilledChecklist*>
static void LookupDone(const char *ident, void *data)
Definition: AclIdent.cc:110
std::ostream & HERE(std::ostream &s)
Definition: Debug.h:152
void markFinished(const Acl::Answer &newAnswer, const char *reason)
Definition: Checklist.cc:57
int conn
the current server connection FD
Definition: Transport.cc:26
const char * dash_str
#define assert(EX)
Definition: assert.h:19
virtual int match(ACLChecklist *checklist)
Matches the actual data in checklist against this ACL.
Definition: AclIdent.cc:56
ACLIdent(ACLData< char const * > *newData, char const *)
Definition: AclIdent.cc:30
char rfc931[USER_IDENT_SZ]
virtual void parse()
parses node representation in squid.conf; dies on failures
Definition: AclIdent.cc:45
Comm::ConnectionPointer clientConnection
Definition: Server.h:98
~ACLIdent()
Definition: AclIdent.cc:25
char const * type_
Definition: AclIdent.h:54
virtual void parse()=0
void resumeNonBlockingCheck(AsyncState *state)
Definition: Checklist.cc:261
static IdentLookup * Instance()
Definition: AclIdent.cc:93
virtual bool match(M)=0
void Start(const Comm::ConnectionPointer &conn, IDCB *callback, void *cbdata)
Definition: Ident.cc:264
@ ACCESS_DUNNO
Definition: Acl.h:111
virtual bool empty() const =0
virtual char const * typeString() const
Definition: AclIdent.cc:33
virtual SBufList dump() const =0

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors