AclRegs.cc
Go to the documentation of this file.
1/*
2 * Copyright (C) 1996-2022 The Squid Software Foundation and contributors
3 *
4 * Squid software is distributed under GPLv2+ license and includes
5 * contributions from numerous individuals and organizations.
6 * Please see the COPYING and CONTRIBUTORS files for details.
7 */
8
9#include "squid.h"
10
11#if USE_ADAPTATION
14#endif
15#include "acl/AllOf.h"
16#include "acl/AnnotateClient.h"
18#include "acl/AnnotationData.h"
19#include "acl/AnyOf.h"
20#if USE_SQUID_EUI
21#include "acl/Arp.h"
22#include "acl/Eui64.h"
23#endif
24#if USE_OPENSSL
25#include "acl/AtStep.h"
26#include "acl/AtStepData.h"
27#endif
28#include "acl/Asn.h"
29#include "acl/Checklist.h"
31#include "acl/Data.h"
32#include "acl/DestinationAsn.h"
34#include "acl/DestinationIp.h"
35#include "acl/DomainData.h"
36#if USE_LIBNETFILTERCONNTRACK
37#include "acl/ConnMark.h"
38#endif
39#if USE_AUTH
40#include "acl/ExtUser.h"
41#endif
42#include "acl/FilledChecklist.h"
43#include "acl/forward.h"
44#include "acl/Gadgets.h"
45#include "acl/HasComponent.h"
47#include "acl/HierCode.h"
48#include "acl/HierCodeData.h"
49#include "acl/HttpHeaderData.h"
50#include "acl/HttpRepHeader.h"
51#include "acl/HttpReqHeader.h"
52#include "acl/HttpStatus.h"
53#include "acl/IntRange.h"
54#include "acl/Ip.h"
55#include "acl/LocalIp.h"
56#include "acl/LocalPort.h"
57#include "acl/MaxConnection.h"
58#include "acl/Method.h"
59#include "acl/MethodData.h"
60#include "acl/MyPortName.h"
61#include "acl/Note.h"
62#include "acl/NoteData.h"
63#include "acl/PeerName.h"
64#include "acl/Protocol.h"
65#include "acl/ProtocolData.h"
66#include "acl/Random.h"
67#include "acl/RegexData.h"
69#include "acl/ReplyMimeType.h"
71#include "acl/RequestMimeType.h"
72#include "acl/SourceAsn.h"
73#include "acl/SourceDomain.h"
74#include "acl/SourceIp.h"
75#include "acl/SquidError.h"
76#include "acl/SquidErrorData.h"
77#if USE_OPENSSL
78#include "acl/Certificate.h"
79#include "acl/CertificateData.h"
80#include "acl/ServerName.h"
81#include "acl/SslError.h"
82#include "acl/SslErrorData.h"
83#endif
84#include "acl/Strategised.h"
85#include "acl/Strategy.h"
86#include "acl/StringData.h"
87#if USE_OPENSSL
89#endif
90#include "acl/Tag.h"
91#include "acl/Time.h"
92#include "acl/TimeData.h"
94#include "acl/Url.h"
95#include "acl/UrlLogin.h"
96#include "acl/UrlPath.h"
97#include "acl/UrlPort.h"
98#include "acl/UserData.h"
99#if USE_AUTH
100#include "auth/AclMaxUserIp.h"
101#include "auth/AclProxyAuth.h"
102#endif
103#include "base/RegexPattern.h"
104#include "ExternalACL.h"
105#if USE_IDENT
106#include "ident/AclIdent.h"
107#endif
108#if SQUID_SNMP
109#include "snmp_core.h"
110#endif
111
112// Not in src/acl/ because some of the ACLs it registers are not in src/acl/.
113void
115{
116 /* the registration order does not matter */
117
118 // The explicit return type (ACL*) for lambdas is needed because the type
119 // of the return expression inside lambda is not ACL* but AclFoo* while
120 // Acl::Maker is defined to return ACL*.
121
122 RegisterMaker("all-of", [](TypeName)->ACL* { return new Acl::AllOf; }); // XXX: Add name parameter to ctor
123 RegisterMaker("any-of", [](TypeName)->ACL* { return new Acl::AnyOf; }); // XXX: Add name parameter to ctor
124 RegisterMaker("random", [](TypeName name)->ACL* { return new ACLRandom(name); });
125 RegisterMaker("time", [](TypeName name)->ACL* { return new ACLStrategised<time_t>(new ACLTimeData, new ACLTimeStrategy, name); });
126 RegisterMaker("src_as", [](TypeName name)->ACL* { return new ACLStrategised<Ip::Address>(new ACLASN, new ACLSourceASNStrategy, name); });
127 RegisterMaker("dst_as", [](TypeName name)->ACL* { return new ACLStrategised<Ip::Address>(new ACLASN, new ACLDestinationASNStrategy, name); });
129 RegisterMaker("dstdomain", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLDomainData, new ACLDestinationDomainStrategy, name); });
130 RegisterMaker("dstdom_regex", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLRegexData, new ACLDestinationDomainStrategy, name); });
131 RegisterMaker("dst", [](TypeName)->ACL* { return new ACLDestinationIP; }); // XXX: Add name parameter to ctor
132 RegisterMaker("hier_code", [](TypeName name)->ACL* { return new ACLStrategised<hier_code>(new ACLHierCodeData, new ACLHierCodeStrategy, name); });
133 RegisterMaker("rep_header", [](TypeName name)->ACL* { return new ACLStrategised<HttpHeader*>(new ACLHTTPHeaderData, new ACLHTTPRepHeaderStrategy, name); });
134 RegisterMaker("req_header", [](TypeName name)->ACL* { return new ACLStrategised<HttpHeader*>(new ACLHTTPHeaderData, new ACLHTTPReqHeaderStrategy, name); });
135 RegisterMaker("http_status", [](TypeName name)->ACL* { return new ACLHTTPStatus(name); });
136 RegisterMaker("maxconn", [](TypeName name)->ACL* { return new ACLMaxConnection(name); });
137 RegisterMaker("method", [](TypeName name)->ACL* { return new ACLStrategised<HttpRequestMethod>(new ACLMethodData, new ACLMethodStrategy, name); });
138 RegisterMaker("localip", [](TypeName)->ACL* { return new ACLLocalIP; }); // XXX: Add name parameter to ctor
139 RegisterMaker("localport", [](TypeName name)->ACL* { return new ACLStrategised<int>(new ACLIntRange, new ACLLocalPortStrategy, name); });
140 RegisterMaker("myportname", [](TypeName name)->ACL* { return new ACLStrategised<const char *>(new ACLStringData, new ACLMyPortNameStrategy, name); });
141 RegisterMaker("peername", [](TypeName name)->ACL* { return new ACLStrategised<const char *>(new ACLStringData, new ACLPeerNameStrategy, name); });
142 RegisterMaker("peername_regex", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLRegexData, new ACLPeerNameStrategy, name); });
143 RegisterMaker("proto", [](TypeName name)->ACL* { return new ACLStrategised<AnyP::ProtocolType>(new ACLProtocolData, new ACLProtocolStrategy, name); });
147 RegisterMaker("srcdomain", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLDomainData, new ACLSourceDomainStrategy, name); });
148 RegisterMaker("srcdom_regex", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLRegexData, new ACLSourceDomainStrategy, name); });
149 RegisterMaker("src", [](TypeName)->ACL* { return new ACLSourceIP; }); // XXX: Add name parameter to ctor
150 RegisterMaker("url_regex", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLRegexData, new ACLUrlStrategy, name); });
151 RegisterMaker("urllogin", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLRegexData, new ACLUrlLoginStrategy, name); });
152 RegisterMaker("urlpath_regex", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLRegexData, new ACLUrlPathStrategy, name); });
153 RegisterMaker("port", [](TypeName name)->ACL* { return new ACLStrategised<int>(new ACLIntRange, new ACLUrlPortStrategy, name); });
154 RegisterMaker("external", [](TypeName name)->ACL* { return new ACLExternal(name); });
155 RegisterMaker("squid_error", [](TypeName name)->ACL* { return new ACLStrategised<err_type>(new ACLSquidErrorData, new ACLSquidErrorStrategy, name); });
156 RegisterMaker("connections_encrypted", [](TypeName name)->ACL* { return new Acl::ConnectionsEncrypted(name); });
157 RegisterMaker("tag", [](TypeName name)->ACL* { return new ACLStrategised<const char *>(new ACLStringData, new ACLTagStrategy, name); });
158 RegisterMaker("note", [](TypeName name)->ACL* { return new ACLStrategised<NotePairs::Entry*>(new ACLNoteData, new ACLNoteStrategy, name); });
159 RegisterMaker("annotate_client", [](TypeName name)->ACL* { return new ACLStrategised<NotePairs::Entry*>(new ACLAnnotationData, new ACLAnnotateClientStrategy, name); });
160 RegisterMaker("annotate_transaction", [](TypeName name)->ACL* { return new ACLStrategised<NotePairs::Entry*>(new ACLAnnotationData, new ACLAnnotateTransactionStrategy, name); });
162 RegisterMaker("transaction_initiator", [](TypeName name)->ACL* {return new TransactionInitiator(name);});
163
164#if USE_LIBNETFILTERCONNTRACK
165 RegisterMaker("clientside_mark", [](TypeName)->ACL* { return new Acl::ConnMark; }); // XXX: Add name parameter to ctor
166 RegisterMaker("client_connection_mark", [](TypeName)->ACL* { return new Acl::ConnMark; }); // XXX: Add name parameter to ctor
167#endif
168
169#if USE_OPENSSL
170 RegisterMaker("ssl_error", [](TypeName name)->ACL* { return new ACLStrategised<const Security::CertErrors *>(new ACLSslErrorData, new ACLSslErrorStrategy, name); });
171 RegisterMaker("user_cert", [](TypeName name)->ACL* { return new ACLStrategised<X509*>(new ACLCertificateData(Ssl::GetX509UserAttribute, "*"), new ACLCertificateStrategy, name); });
172 RegisterMaker("ca_cert", [](TypeName name)->ACL* { return new ACLStrategised<X509*>(new ACLCertificateData(Ssl::GetX509CAAttribute, "*"), new ACLCertificateStrategy, name); });
173 RegisterMaker("server_cert_fingerprint", [](TypeName name)->ACL* { return new ACLStrategised<X509*>(new ACLCertificateData(Ssl::GetX509Fingerprint, "-sha1", true), new ACLServerCertificateStrategy, name); });
174 RegisterMaker("at_step", [](TypeName name)->ACL* { return new ACLStrategised<XactionStep>(new ACLAtStepData, new ACLAtStepStrategy, name); });
175 RegisterMaker("ssl::server_name", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLServerNameData, new ACLServerNameStrategy, name); });
176 RegisterMaker("ssl::server_name_regex", [](TypeName name)->ACL* { return new ACLStrategised<char const *>(new ACLRegexData, new ACLServerNameStrategy, name); });
177#endif
178
179#if USE_SQUID_EUI
180 RegisterMaker("arp", [](TypeName name)->ACL* { return new ACLARP(name); });
181 RegisterMaker("eui64", [](TypeName name)->ACL* { return new ACLEui64(name); });
182#endif
183
184#if USE_IDENT
185 RegisterMaker("ident", [](TypeName name)->ACL* { return new ACLIdent(new ACLUserData, name); });
186 RegisterMaker("ident_regex", [](TypeName name)->ACL* { return new ACLIdent(new ACLRegexData, name); });
187#endif
188
189#if USE_AUTH
190 RegisterMaker("ext_user", [](TypeName name)->ACL* { return new ACLExtUser(new ACLUserData, name); });
191 RegisterMaker("ext_user_regex", [](TypeName name)->ACL* { return new ACLExtUser(new ACLRegexData, name); });
192 RegisterMaker("proxy_auth", [](TypeName name)->ACL* { return new ACLProxyAuth(new ACLUserData, name); });
193 RegisterMaker("proxy_auth_regex", [](TypeName name)->ACL* { return new ACLProxyAuth(new ACLRegexData, name); });
194 RegisterMaker("max_user_ip", [](TypeName name)->ACL* { return new ACLMaxUserIP(name); });
195#endif
196
197#if USE_ADAPTATION
198 RegisterMaker("adaptation_service", [](TypeName name)->ACL* { return new ACLStrategised<const char *>(new ACLAdaptationServiceData, new ACLAdaptationServiceStrategy, name); });
199#endif
200
201#if SQUID_SNMP
202 RegisterMaker("snmp_community", [](TypeName name)->ACL* { return new ACLStrategised<const char *>(new ACLStringData, new ACLSNMPCommunityStrategy, name); });
203#endif
204}
205
Definition: Arp.h:23
Definition: Asn.h:26
Definition: Eui64.h:22
Definition: Acl.h:40
Configurable any-of ACL. Each ACL line is a disjuction of ACLs.
Definition: AnyOf.h:19
transaction_initiator ACL
GETX509ATTRIBUTE GetX509UserAttribute
Definition: support.h:109
GETX509ATTRIBUTE GetX509CAAttribute
Definition: support.h:112
GETX509ATTRIBUTE GetX509Fingerprint
Definition: support.h:118
void Init(void)
prepares to parse ACLs configuration
Definition: AclRegs.cc:114
void RegisterMaker(TypeName typeName, Maker maker)
use the given ACL Maker for all ACLs of the named type
Definition: Acl.cc:71
const char * TypeName
the ACL type name known to admins
Definition: Acl.h:27

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors