DomainData.cc
Go to the documentation of this file.
1 /*
2  * Copyright (C) 1996-2019 The Squid Software Foundation and contributors
3  *
4  * Squid software is distributed under GPLv2+ license and includes
5  * contributions from numerous individuals and organizations.
6  * Please see the COPYING and CONTRIBUTORS files for details.
7  */
8 
9 /* DEBUG: section 28 Access Control */
10 
11 #include "squid.h"
12 #include "acl/Checklist.h"
13 #include "acl/DomainData.h"
14 #include "anyp/Uri.h"
15 #include "cache_cf.h"
16 #include "ConfigParser.h"
17 #include "Debug.h"
18 #include "util.h"
19 
20 template<class T>
21 inline void
23 {
24  xfree (thing);
25 }
26 
28 {
29  if (domains) {
31  delete domains;
32  }
33 }
34 
35 template<class T>
36 inline int
37 splaystrcasecmp (T&l, T&r)
38 {
39  return strcasecmp ((char *)l,(char *)r);
40 }
41 
42 template<class T>
43 inline int
44 splaystrcmp (T&l, T&r)
45 {
46  return strcmp ((char *)l,(char *)r);
47 }
48 
49 /* general compare functions, these are used for tree search algorithms
50  * so they return <0, 0 or >0 */
51 
52 /* compare a host and a domain */
53 
54 static int
55 aclHostDomainCompare( char *const &a, char * const &b)
56 {
57  const char *h = static_cast<const char *>(a);
58  const char *d = static_cast<const char *>(b);
59  return matchDomainName(h, d);
60 }
61 
62 /* compare two domains */
63 
64 template<class T>
65 int
66 aclDomainCompare(T const &a, T const &b)
67 {
68  char * const d1 = static_cast<char *>(b);
69  char * const d2 = static_cast<char *>(a);
70  int ret;
71  ret = aclHostDomainCompare(d1, d2);
72 
73  if (ret != 0) {
74  char *const d3 = d2;
75  char *const d4 = d1;
76  ret = aclHostDomainCompare(d3, d4);
77  if (ret == 0) {
78  // When a.example.com comes after .example.com in an ACL
79  // sub-domain is ignored. That is okay. Just important
80  bool d3big = (strlen(d3) > strlen(d4)); // Always suggest removing the longer one.
81  debugs(28, DBG_IMPORTANT, "WARNING: '" << (d3big?d3:d4) << "' is a subdomain of '" << (d3big?d4:d3) << "'");
82  debugs(28, DBG_IMPORTANT, "WARNING: You should remove '" << (d3big?d3:d4) << "' from the ACL named '" << AclMatchedName << "'");
83  debugs(28, 2, HERE << "Ignore '" << d3 << "' to keep splay tree searching predictable");
84  }
85  } else if (ret == 0) {
86  // It may be an exact duplicate. No problem. Just drop.
87  if (strcmp(d1,d2)==0) {
88  debugs(28, 2, "WARNING: '" << d2 << "' is duplicated in the list.");
89  debugs(28, 2, "WARNING: You should remove one '" << d2 << "' from the ACL named '" << AclMatchedName << "'");
90  return ret;
91  }
92  // When a.example.com comes before .example.com in an ACL
93  // discarding the wildcard is critically bad.
94  // or Maybe even both are wildcards. Things are very weird in those cases.
95  bool d1big = (strlen(d1) > strlen(d2)); // Always suggest removing the longer one.
96  debugs(28, DBG_CRITICAL, "ERROR: '" << (d1big?d1:d2) << "' is a subdomain of '" << (d1big?d2:d1) << "'");
97  debugs(28, DBG_CRITICAL, "ERROR: You need to remove '" << (d1big?d1:d2) << "' from the ACL named '" << AclMatchedName << "'");
98  self_destruct();
99  }
100 
101  return ret;
102 }
103 
104 bool
105 ACLDomainData::match(char const *host)
106 {
107  if (host == NULL)
108  return 0;
109 
110  debugs(28, 3, "aclMatchDomainList: checking '" << host << "'");
111 
112  char *h = const_cast<char *>(host);
113  char const * const * result = domains->find(h, aclHostDomainCompare);
114 
115  debugs(28, 3, "aclMatchDomainList: '" << host << "' " << (result ? "found" : "NOT found"));
116 
117  return (result != NULL);
118 }
119 
122  void operator() (char * const & node_data) {
123  contents.push_back(SBuf(node_data));
124  }
125 };
126 
127 SBufList
129 {
130  AclDomainDataDumpVisitor visitor;
131  domains->visit(visitor);
132  return visitor.contents;
133 }
134 
135 void
137 {
138  if (!domains)
139  domains = new Splay<char *>();
140 
141  while (char *t = ConfigParser::strtokFile()) {
142  Tolower(t);
144  }
145 }
146 
147 bool
149 {
150  return domains->empty();
151 }
152 
155 {
156  /* Splay trees don't clone yet. */
157  assert (!domains);
158  return new ACLDomainData;
159 }
160 
void insert(Value const &, SPLAYCMP *compare)
Definition: splay.h:300
#define assert(EX)
Definition: assert.h:17
Definition: SBuf.h:86
void self_destruct(void)
Definition: cache_cf.cc:256
#define xstrdup
Definition: splay.h:56
#define DBG_CRITICAL
Definition: Debug.h:45
SQUIDCEXTERN void Tolower(char *)
Definition: util.c:28
Configured ACL parameter(s) (e.g., domain names in dstdomain ACL).
Definition: Data.h:17
virtual SBufList dump() const
Definition: DomainData.cc:128
void xRefFree(T &thing)
Definition: DomainData.cc:22
#define debugs(SECTION, LEVEL, CONTENT)
Definition: Debug.h:124
bool empty() const
Definition: DomainData.cc:148
#define DBG_IMPORTANT
Definition: Debug.h:46
virtual bool match(char const *)
Definition: DomainData.cc:105
virtual ACLData< char const * > * clone() const
Definition: DomainData.cc:154
const char * AclMatchedName
Definition: Acl.cc:30
Value const * find(FindValue const &, int(*compare)(FindValue const &a, Value const &b)) const
Definition: splay.h:285
bool empty() const
Definition: splay.h:80
std::list< SBuf > SBufList
Definition: forward.h:22
std::ostream & HERE(std::ostream &s)
Definition: Debug.h:153
int splaystrcmp(T &l, T &r)
Definition: DomainData.cc:44
int splaystrcasecmp(T &l, T &r)
Definition: DomainData.cc:37
static char * strtokFile()
Definition: ConfigParser.cc:84
void destroy(SPLAYFREE *=SplayNode< V >::DefaultFree)
Definition: splay.h:347
int a
Definition: membanger.c:50
void visit(Visitor &v) const
recursively visit all nodes, in left-to-right order
Definition: splay.h:276
virtual ~ACLDomainData()
Definition: DomainData.cc:27
Splay< char * > * domains
Definition: DomainData.h:29
int matchDomainName(const char *h, const char *d, uint8_t flags)
Definition: Uri.cc:660
#define xfree
#define NULL
Definition: types.h:166
int aclDomainCompare(T const &a, T const &b)
Definition: DomainData.cc:66
static int aclHostDomainCompare(char *const &a, char *const &b)
Definition: DomainData.cc:55

 

Introduction

Documentation

Support

Miscellaneous

Web Site Translations

Mirrors