AclRegs.cc
Go to the documentation of this file.
1 /*
2  * Copyright (C) 1996-2017 The Squid Software Foundation and contributors
3  *
4  * Squid software is distributed under GPLv2+ license and includes
5  * contributions from numerous individuals and organizations.
6  * Please see the COPYING and CONTRIBUTORS files for details.
7  */
8 
9 #include "squid.h"
10 
11 #if USE_ADAPTATION
12 #include "acl/AdaptationService.h"
14 #endif
15 #include "acl/AllOf.h"
16 #include "acl/AnnotateClient.h"
18 #include "acl/AnnotationData.h"
19 #include "acl/AnyOf.h"
20 #if USE_SQUID_EUI
21 #include "acl/Arp.h"
22 #include "acl/Eui64.h"
23 #endif
24 #if USE_OPENSSL
25 #include "acl/AtStep.h"
26 #include "acl/AtStepData.h"
27 #endif
28 #include "acl/Asn.h"
29 #include "acl/Checklist.h"
31 #include "acl/Data.h"
32 #include "acl/DestinationAsn.h"
33 #include "acl/DestinationDomain.h"
34 #include "acl/DestinationIp.h"
35 #include "acl/DomainData.h"
36 #if USE_AUTH
37 #include "acl/ExtUser.h"
38 #endif
39 #include "acl/FilledChecklist.h"
40 #include "acl/forward.h"
41 #include "acl/Gadgets.h"
42 #include "acl/HasComponent.h"
43 #include "acl/HasComponentData.h"
44 #include "acl/HierCode.h"
45 #include "acl/HierCodeData.h"
46 #include "acl/HttpHeaderData.h"
47 #include "acl/HttpRepHeader.h"
48 #include "acl/HttpReqHeader.h"
49 #include "acl/HttpStatus.h"
50 #include "acl/IntRange.h"
51 #include "acl/Ip.h"
52 #include "acl/LocalIp.h"
53 #include "acl/LocalPort.h"
54 #include "acl/MaxConnection.h"
55 #include "acl/Method.h"
56 #include "acl/MethodData.h"
57 #include "acl/MyPortName.h"
58 #include "acl/Note.h"
59 #include "acl/NoteData.h"
60 #include "acl/PeerName.h"
61 #include "acl/Protocol.h"
62 #include "acl/ProtocolData.h"
63 #include "acl/Random.h"
64 #include "acl/RegexData.h"
66 #include "acl/ReplyMimeType.h"
68 #include "acl/RequestMimeType.h"
69 #include "acl/SourceAsn.h"
70 #include "acl/SourceDomain.h"
71 #include "acl/SourceIp.h"
72 #include "acl/SquidError.h"
73 #include "acl/SquidErrorData.h"
74 #if USE_OPENSSL
75 #include "acl/Certificate.h"
76 #include "acl/CertificateData.h"
77 #include "acl/ServerName.h"
78 #include "acl/SslError.h"
79 #include "acl/SslErrorData.h"
80 #endif
81 #include "acl/Strategised.h"
82 #include "acl/Strategy.h"
83 #include "acl/StringData.h"
84 #if USE_OPENSSL
85 #include "acl/ServerCertificate.h"
86 #endif
87 #include "acl/Tag.h"
88 #include "acl/Time.h"
89 #include "acl/TimeData.h"
91 #include "acl/Url.h"
92 #include "acl/UrlLogin.h"
93 #include "acl/UrlPath.h"
94 #include "acl/UrlPort.h"
95 #include "acl/UserData.h"
96 #if USE_AUTH
97 #include "auth/AclMaxUserIp.h"
98 #include "auth/AclProxyAuth.h"
99 #endif
100 #include "base/RegexPattern.h"
101 #include "ExternalACL.h"
102 #if USE_IDENT
103 #include "ident/AclIdent.h"
104 #endif
105 #if SQUID_SNMP
106 #include "snmp_core.h"
107 #endif
108 
109 // Not in src/acl/ because some of the ACLs it registers are not in src/acl/.
110 void
112 {
113  /* the registration order does not matter */
114 
115  // The explicit return type (ACL*) for lambdas is needed because the type
116  // of the return expression inside lambda is not ACL* but AclFoo* while
117  // Acl::Maker is defined to return ACL*.
118 
119  RegisterMaker("all-of", [](TypeName)->ACL* { return new Acl::AllOf; }); // XXX: Add name parameter to ctor
120  RegisterMaker("any-of", [](TypeName)->ACL* { return new Acl::AnyOf; }); // XXX: Add name parameter to ctor
121  RegisterMaker("random", [](TypeName name)->ACL* { return new ACLRandom(name); });
122  RegisterMaker("time", [](TypeName name)->ACL* { return new ACLStrategised<time_t>(new ACLTimeData, new ACLTimeStrategy, name); });
123  RegisterMaker("src_as", [](TypeName name)->ACL* { return new ACLStrategised<Ip::Address>(new ACLASN, new ACLSourceASNStrategy, name); });
124  RegisterMaker("dst_as", [](TypeName name)->ACL* { return new ACLStrategised<Ip::Address>(new ACLASN, new ACLDestinationASNStrategy, name); });
126  RegisterMaker("dstdomain", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLDomainData, new ACLDestinationDomainStrategy, name); });
127  RegisterMaker("dstdom_regex", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLRegexData, new ACLDestinationDomainStrategy, name); });
128  RegisterMaker("dst", [](TypeName)->ACL* { return new ACLDestinationIP; }); // XXX: Add name parameter to ctor
129  RegisterMaker("hier_code", [](TypeName name)->ACL* { return new ACLStrategised<hier_code>(new ACLHierCodeData, new ACLHierCodeStrategy, name); });
130  RegisterMaker("rep_header", [](TypeName name)->ACL* { return new ACLStrategised<HttpHeader*>(new ACLHTTPHeaderData, new ACLHTTPRepHeaderStrategy, name); });
131  RegisterMaker("req_header", [](TypeName name)->ACL* { return new ACLStrategised<HttpHeader*>(new ACLHTTPHeaderData, new ACLHTTPReqHeaderStrategy, name); });
132  RegisterMaker("http_status", [](TypeName name)->ACL* { return new ACLHTTPStatus(name); });
133  RegisterMaker("maxconn", [](TypeName name)->ACL* { return new ACLMaxConnection(name); });
134  RegisterMaker("method", [](TypeName name)->ACL* { return new ACLStrategised<HttpRequestMethod>(new ACLMethodData, new ACLMethodStrategy, name); });
135  RegisterMaker("localip", [](TypeName)->ACL* { return new ACLLocalIP; }); // XXX: Add name parameter to ctor
136  RegisterMaker("localport", [](TypeName name)->ACL* { return new ACLStrategised<int>(new ACLIntRange, new ACLLocalPortStrategy, name); });
137  RegisterMaker("myportname", [](TypeName name)->ACL* { return new ACLStrategised<const char *>(new ACLStringData, new ACLMyPortNameStrategy, name); });
138  RegisterMaker("peername", [](TypeName name)->ACL* { return new ACLStrategised<const char *>(new ACLStringData, new ACLPeerNameStrategy, name); });
139  RegisterMaker("peername_regex", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLRegexData, new ACLPeerNameStrategy, name); });
140  RegisterMaker("proto", [](TypeName name)->ACL* { return new ACLStrategised<AnyP::ProtocolType>(new ACLProtocolData, new ACLProtocolStrategy, name); });
144  RegisterMaker("srcdomain", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLDomainData, new ACLSourceDomainStrategy, name); });
145  RegisterMaker("srcdom_regex", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLRegexData, new ACLSourceDomainStrategy, name); });
146  RegisterMaker("src", [](TypeName)->ACL* { return new ACLSourceIP; }); // XXX: Add name parameter to ctor
147  RegisterMaker("url_regex", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLRegexData, new ACLUrlStrategy, name); });
148  RegisterMaker("urllogin", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLRegexData, new ACLUrlLoginStrategy, name); });
149  RegisterMaker("urlpath_regex", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLRegexData, new ACLUrlPathStrategy, name); });
150  RegisterMaker("port", [](TypeName name)->ACL* { return new ACLStrategised<int>(new ACLIntRange, new ACLUrlPortStrategy, name); });
151  RegisterMaker("external", [](TypeName name)->ACL* { return new ACLExternal(name); });
152  RegisterMaker("squid_error", [](TypeName name)->ACL* { return new ACLStrategised<err_type>(new ACLSquidErrorData, new ACLSquidErrorStrategy, name); });
153  RegisterMaker("connections_encrypted", [](TypeName name)->ACL* { return new Acl::ConnectionsEncrypted(name); });
154  RegisterMaker("tag", [](TypeName name)->ACL* { return new ACLStrategised<const char *>(new ACLStringData, new ACLTagStrategy, name); });
155  RegisterMaker("note", [](TypeName name)->ACL* { return new ACLStrategised<NotePairs::Entry*>(new ACLNoteData, new ACLNoteStrategy, name); });
156  RegisterMaker("annotate_client", [](TypeName name)->ACL* { return new ACLStrategised<NotePairs::Entry*>(new ACLAnnotationData, new ACLAnnotateClientStrategy, name); });
157  RegisterMaker("annotate_transaction", [](TypeName name)->ACL* { return new ACLStrategised<NotePairs::Entry*>(new ACLAnnotationData, new ACLAnnotateTransactionStrategy, name); });
159  RegisterMaker("transaction_initiator", [](TypeName name)->ACL* {return new TransactionInitiator(name);});
160 
161 #if USE_OPENSSL
162  RegisterMaker("ssl_error", [](TypeName name)->ACL* { return new ACLStrategised<const Security::CertErrors *>(new ACLSslErrorData, new ACLSslErrorStrategy, name); });
163  RegisterMaker("user_cert", [](TypeName name)->ACL* { return new ACLStrategised<X509*>(new ACLCertificateData(Ssl::GetX509UserAttribute, "*"), new ACLCertificateStrategy, name); });
164  RegisterMaker("ca_cert", [](TypeName name)->ACL* { return new ACLStrategised<X509*>(new ACLCertificateData(Ssl::GetX509CAAttribute, "*"), new ACLCertificateStrategy, name); });
165  RegisterMaker("server_cert_fingerprint", [](TypeName name)->ACL* { return new ACLStrategised<X509*>(new ACLCertificateData(Ssl::GetX509Fingerprint, "-sha1", true), new ACLServerCertificateStrategy, name); });
166  RegisterMaker("at_step", [](TypeName name)->ACL* { return new ACLStrategised<Ssl::BumpStep>(new ACLAtStepData, new ACLAtStepStrategy, name); });
167  RegisterMaker("ssl::server_name", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLServerNameData, new ACLServerNameStrategy, name); });
168  RegisterMaker("ssl::server_name_regex", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLRegexData, new ACLServerNameStrategy, name); });
169 #endif
170 
171 #if USE_SQUID_EUI
172  RegisterMaker("arp", [](TypeName name)->ACL* { return new ACLARP(name); });
173  RegisterMaker("eui64", [](TypeName name)->ACL* { return new ACLEui64(name); });
174 #endif
175 
176 #if USE_IDENT
177  RegisterMaker("ident", [](TypeName name)->ACL* { return new ACLIdent(new ACLUserData, name); });
178  RegisterMaker("ident_regex", [](TypeName name)->ACL* { return new ACLIdent(new ACLRegexData, name); });
179 #endif
180 
181 #if USE_AUTH
182  RegisterMaker("ext_user", [](TypeName name)->ACL* { return new ACLExtUser(new ACLUserData, name); });
183  RegisterMaker("ext_user_regex", [](TypeName name)->ACL* { return new ACLExtUser(new ACLRegexData, name); });
184  RegisterMaker("proxy_auth", [](TypeName name)->ACL* { return new ACLProxyAuth(new ACLUserData, name); });
185  RegisterMaker("proxy_auth_regex", [](TypeName name)->ACL* { return new ACLProxyAuth(new ACLRegexData, name); });
186  RegisterMaker("max_user_ip", [](TypeName name)->ACL* { return new ACLMaxUserIP(name); });
187 #endif
188 
189 #if USE_ADAPTATION
190  RegisterMaker("adaptation_service", [](TypeName name)->ACL* { return new ACLStrategised<const char *>(new ACLAdaptationServiceData, new ACLAdaptationServiceStrategy, name); });
191 #endif
192 
193 #if SQUID_SNMP
194  RegisterMaker("snmp_community", [](TypeName name)->ACL* { return new ACLStrategised<const char *>(new ACLStringData, new ACLSNMPCommunityStrategy, name); });
195 #endif
196 }
197 
Definition: Asn.h:25
GETX509ATTRIBUTE GetX509UserAttribute
Definition: support.h:111
Definition: Arp.h:22
Definition: Acl.h:39
const char * TypeName
the ACL type name known to admins
Definition: Acl.h:27
GETX509ATTRIBUTE GetX509CAAttribute
Definition: support.h:114
void Init(void)
prepares to parse ACLs configuration
Definition: AclRegs.cc:111
Definition: Eui64.h:21
Configurable any-of ACL. Each ACL line is a disjuction of ACLs.
Definition: AnyOf.h:18
void RegisterMaker(TypeName typeName, Maker maker)
use the given ACL Maker for all ACLs of the named type
Definition: Acl.cc:72
transaction_initiator ACL
GETX509ATTRIBUTE GetX509Fingerprint
Definition: support.h:117

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors